On 6/21/19 10:38 AM, Marc Zyngier wrote:
> From: Jintack Lim <jintack.lim@xxxxxxxxxx>
>
> Exposing memory management support to the virtual EL2 as is exposed to
> the host hypervisor would make the implementation too complex and
> inefficient. Therefore expose limited memory management support for the
> following two cases.
>
> We expose same or larger page granules than the one host uses. We can
> theoretically support a guest hypervisor having smaller-than-host
> granularities but it is not worth it since it makes the implementation
> complicated and it would waste memory.
>
> We expose 40 bits of physical address range to the virtual EL2, because
> we only support a 40bit IPA for the guest. Eventually, this will change.
>
> [ This was only trapping on the 32-bit encoding, also using the
> current target register value as a base for the sanitisation.
>
> Use as the handler for the 64-bit sysreg as well, also load the
> sanitised version of the sysreg before clearing and setting bits.
>
> -- Andre Przywara ]
>
> Signed-off-by: Jintack Lim <jintack.lim@xxxxxxxxxx>
> Signed-off-by: Andre Przywara <andre.przywara@xxxxxxx>
> Signed-off-by: Marc Zyngier <marc.zyngier@xxxxxxx>
> ---
> arch/arm64/kvm/sys_regs.c | 50 ++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 49 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
> index ec34b81da936..cc994ec3c121 100644
> --- a/arch/arm64/kvm/sys_regs.c
> +++ b/arch/arm64/kvm/sys_regs.c
> @@ -1710,6 +1710,54 @@ static bool access_spsr_el2(struct kvm_vcpu *vcpu,
> return true;
> }
>
> +static bool access_id_aa64mmfr0_el1(struct kvm_vcpu *v,
> + struct sys_reg_params *p,
> + const struct sys_reg_desc *r)
> +{
> + u64 val;
> +
> + if (p->is_write)
> + return write_to_read_only(v, p, r);
> +
> + val = read_id_reg(v, r, false);
> +
> + if (!nested_virt_in_use(v))
> + goto out;
> +
> + /*
> + * Don't expose granules smaller than the host's granule to the guest.
> + * We can theoretically support a guest hypervisor having
> + * smaller-than-host granularities but it is not worth it since it
> + * makes the implementation complicated and it would waste memory.
> + */
> + switch (PAGE_SIZE) {
> + case SZ_64K:
> + /* 16KB granule not supported */
> + val &= ~(0xf << ID_AA64MMFR0_TGRAN16_SHIFT);
> + val |= (ID_AA64MMFR0_TGRAN16_NI << ID_AA64MMFR0_TGRAN16_SHIFT);
> + /* fall through */
> + case SZ_16K:
> + /* 4KB granule not supported */
> + val &= ~(0xf << ID_AA64MMFR0_TGRAN4_SHIFT);
> + val |= (ID_AA64MMFR0_TGRAN4_NI << ID_AA64MMFR0_TGRAN4_SHIFT);
> + break;
> + case SZ_4K:
> + /* All granule sizes are supported */
> + break;
> + default:
> + unreachable();
> + }
> +
> + /* Expose only 40 bits physical address range to the guest hypervisor */
> + val &= ~(0xf << ID_AA64MMFR0_PARANGE_SHIFT);
> + val |= (0x2 << ID_AA64MMFR0_PARANGE_SHIFT); /* 40 bits */
There are already defines for ID_AA64MMFR0_PARANGE_48 and
ID_AA64MMFR0_PARANGE_52 in sysreg.h, perhaps a similar define for
ID_AA64MMFR0_PARANGE_40 would be appropriate?
> +
> +out:
> + p->regval = val;
> +
> + return true;
> +}
> +
> static bool access_id_aa64pfr0_el1(struct kvm_vcpu *v,
> struct sys_reg_params *p,
> const struct sys_reg_desc *r)
> @@ -1846,7 +1894,7 @@ static const struct sys_reg_desc sys_reg_descs[] = {
> ID_UNALLOCATED(6,7),
>
> /* CRm=7 */
> - ID_SANITISED(ID_AA64MMFR0_EL1),
> + ID_SANITISED_FN(ID_AA64MMFR0_EL1, access_id_aa64mmfr0_el1),
> ID_SANITISED(ID_AA64MMFR1_EL1),
> ID_SANITISED(ID_AA64MMFR2_EL1),
> ID_UNALLOCATED(7,3),
