Hi Paolo, Here are the KVM/arm64 updates for 6.5. Note that the for-next/module-alloc branch was merged to resolve a nontrivial conflict with the arm64 tree. There is still an outstanding conflict with the arm64 tree with a rather straightforward resolution, I've included mine in the diff at the end. I will be handling fixes for 6.5, so please expect subsequent pulls to be coming from me. Marc will take over starting with the 6.6 merge window. -- Thanks, Oliver The following changes since commit 44c026a73be8038f03dbdeef028b642880cf1511: Linux 6.4-rc3 (2023-05-21 14:05:48 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git tags/kvmarm-6.5 for you to fetch changes up to 192df2aa0113ddddee2a93e453ff46610807b425: KVM: arm64: Fix misuse of KVM_ARM_VCPU_POWER_OFF bit index (2023-06-22 17:17:14 +0000) ---------------------------------------------------------------- KVM/arm64 updates for 6.5 - Eager page splitting optimization for dirty logging, optionally allowing for a VM to avoid the cost of block splitting in the stage-2 fault path. - Arm FF-A proxy for pKVM, allowing a pKVM host to safely interact with services that live in the Secure world. pKVM intervenes on FF-A calls to guarantee the host doesn't misuse memory donated to the hyp or a pKVM guest. - Support for running the split hypervisor with VHE enabled, known as 'hVHE' mode. This is extremely useful for testing the split hypervisor on VHE-only systems, and paves the way for new use cases that depend on having two TTBRs available at EL2. - Generalized framework for configurable ID registers from userspace. KVM/arm64 currently prevents arbitrary CPU feature set configuration from userspace, but the intent is to relax this limitation and allow userspace to select a feature set consistent with the CPU. - Enable the use of Branch Target Identification (FEAT_BTI) in the hypervisor. - Use a separate set of pointer authentication keys for the hypervisor when running in protected mode, as the host is untrusted at runtime. - Ensure timer IRQs are consistently released in the init failure paths. - Avoid trapping CTR_EL0 on systems with Enhanced Virtualization Traps (FEAT_EVT), as it is a register commonly read from userspace. - Erratum workaround for the upcoming AmpereOne part, which has broken hardware A/D state management. As a consequence of the hVHE series reworking the arm64 software features framework, the for-next/module-alloc branch from the arm64 tree comes along for the ride. ---------------------------------------------------------------- Arnd Bergmann (1): arm64: kvm: avoid overflow in integer division Dan Carpenter (1): KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init() Fuad Tabba (1): KVM: arm64: Handle FFA_FEATURES call from the host Jing Zhang (5): KVM: arm64: Reuse fields of sys_reg_desc for idreg KVM: arm64: Save ID registers' sanitized value per guest KVM: arm64: Use arm64_ftr_bits to sanitise ID register writes KVM: arm64: Use generic sanitisation for ID_(AA64)DFR0_EL1 KVM: arm64: Use generic sanitisation for ID_AA64PFR0_EL1 Marc Zyngier (19): KVM: arm64: Use local TLBI on permission relaxation KVM: arm64: Relax trapping of CTR_EL0 when FEAT_EVT is available KVM: arm64: Drop is_kernel_in_hyp_mode() from __invalidate_icache_guest_page() arm64: Prevent the use of is_kernel_in_hyp_mode() in hypervisor code arm64: Turn kaslr_feature_override into a generic SW feature override arm64: Add KVM_HVHE capability and has_hvhe() predicate arm64: Don't enable VHE for the kernel if OVERRIDE_HVHE is set arm64: Allow EL1 physical timer access when running VHE arm64: Use CPACR_EL1 format to set CPTR_EL2 when E2H is set KVM: arm64: Remove alternatives from sysreg accessors in VHE hypervisor context KVM: arm64: Key use of VHE instructions in nVHE code off ARM64_KVM_HVHE KVM: arm64: Force HCR_EL2.E2H when ARM64_KVM_HVHE is set KVM: arm64: Disable TTBR1_EL2 when using ARM64_KVM_HVHE KVM: arm64: Adjust EL2 stage-1 leaf AP bits when ARM64_KVM_HVHE is set KVM: arm64: Rework CPTR_EL2 programming for HVHE configuration KVM: arm64: Program the timer traps with VHE layout in hVHE mode KVM: arm64: Force HCR_E2H in guest context when ARM64_KVM_HVHE is set arm64: Allow arm64_sw.hvhe on command line KVM: arm64: Fix hVHE init on CPUs where HCR_EL2.E2H is not RES1 Mark Rutland (6): arm64: module: remove old !KASAN_VMALLOC logic arm64: kasan: remove !KASAN_VMALLOC remnants arm64: kaslr: split kaslr/module initialization arm64: module: move module randomization to module.c arm64: module: mandate MODULE_PLTS arm64: module: rework module VA range selection Mostafa Saleh (2): KVM: arm64: Use BTI for nvhe KVM: arm64: Use different pointer authentication keys for pKVM Oliver Upton (17): KVM: arm64: Separate out feature sanitisation and initialisation KVM: arm64: Relax invariance of KVM_ARM_VCPU_POWER_OFF KVM: arm64: Make vCPU feature flags consistent VM-wide KVM: arm64: Rewrite IMPDEF PMU version as NI KVM: arm64: Handle ID register reads using the VM-wide values KVM: arm64: Rip out the vestiges of the 'old' ID register scheme Merge branch kvm-arm64/eager-page-splitting into kvmarm/next Merge branch kvm-arm64/ffa-proxy into kvmarm/next Merge branch kvm-arm64/hvhe into kvmarm/next Merge branch for-next/module-alloc into kvmarm/next Merge branch kvm-arm64/configurable-id-regs into kvmarm/next Merge branch kvm-arm64/misc into kvmarm/next arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2 KVM: arm64: Refactor HFGxTR configuration into separate helpers KVM: arm64: Prevent guests from enabling HA/HD on Ampere1 Merge branch kvm-arm64/ampere1-hafdbs-mitigation into kvmarm/next KVM: arm64: Fix misuse of KVM_ARM_VCPU_POWER_OFF bit index Quentin Perret (1): KVM: arm64: pkvm: Add support for fragmented FF-A descriptors Ricardo Koller (11): KVM: arm64: Rename free_removed to free_unlinked KVM: arm64: Add KVM_PGTABLE_WALK flags for skipping CMOs and BBM TLBIs KVM: arm64: Add helper for creating unlinked stage2 subtrees KVM: arm64: Export kvm_are_all_memslots_empty() KVM: arm64: Add KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE KVM: arm64: Add kvm_pgtable_stage2_split() KVM: arm64: Refactor kvm_arch_commit_memory_region() KVM: arm64: Add kvm_uninit_stage2_mmu() KVM: arm64: Split huge pages when dirty logging is enabled KVM: arm64: Open-code kvm_mmu_write_protect_pt_masked() KVM: arm64: Split huge pages during KVM_CLEAR_DIRTY_LOG Will Deacon (8): KVM: arm64: Block unsafe FF-A calls from the host KVM: arm64: Probe FF-A version and host/hyp partition ID during init KVM: arm64: Allocate pages for hypervisor FF-A mailboxes KVM: arm64: Handle FFA_RXTX_MAP and FFA_RXTX_UNMAP calls from the host KVM: arm64: Add FF-A helpers to share/unshare memory with secure world KVM: arm64: Handle FFA_MEM_SHARE calls from the host KVM: arm64: Handle FFA_MEM_RECLAIM calls from the host KVM: arm64: Handle FFA_MEM_LEND calls from the host Documentation/arm64/memory.rst | 8 +- Documentation/arm64/silicon-errata.rst | 3 + Documentation/virt/kvm/api.rst | 27 + arch/arm64/Kconfig | 47 +- arch/arm64/include/asm/cpufeature.h | 6 + arch/arm64/include/asm/el2_setup.h | 27 +- arch/arm64/include/asm/kvm_arm.h | 7 +- arch/arm64/include/asm/kvm_asm.h | 4 + arch/arm64/include/asm/kvm_emulate.h | 46 +- arch/arm64/include/asm/kvm_host.h | 61 ++- arch/arm64/include/asm/kvm_hyp.h | 37 +- arch/arm64/include/asm/kvm_mmu.h | 4 +- arch/arm64/include/asm/kvm_pgtable.h | 79 ++- arch/arm64/include/asm/kvm_pkvm.h | 21 + arch/arm64/include/asm/memory.h | 16 +- arch/arm64/include/asm/module.h | 8 - arch/arm64/include/asm/module.lds.h | 2 - arch/arm64/include/asm/sysreg.h | 1 + arch/arm64/include/asm/virt.h | 12 +- arch/arm64/kernel/Makefile | 3 +- arch/arm64/kernel/cpu_errata.c | 7 + arch/arm64/kernel/cpufeature.c | 34 +- arch/arm64/kernel/ftrace.c | 8 +- arch/arm64/kernel/head.S | 2 + arch/arm64/kernel/hyp-stub.S | 10 +- arch/arm64/kernel/idreg-override.c | 25 +- arch/arm64/kernel/kaslr.c | 87 +-- arch/arm64/kernel/module.c | 159 ++++-- arch/arm64/kernel/setup.c | 2 + arch/arm64/kvm/arch_timer.c | 14 +- arch/arm64/kvm/arm.c | 201 +++++-- arch/arm64/kvm/fpsimd.c | 4 +- arch/arm64/kvm/hyp/include/hyp/switch.h | 101 +++- arch/arm64/kvm/hyp/include/nvhe/ffa.h | 17 + arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 3 + arch/arm64/kvm/hyp/nvhe/Makefile | 2 +- arch/arm64/kvm/hyp/nvhe/ffa.c | 762 ++++++++++++++++++++++++++ arch/arm64/kvm/hyp/nvhe/host.S | 36 +- arch/arm64/kvm/hyp/nvhe/hyp-init.S | 32 +- arch/arm64/kvm/hyp/nvhe/hyp-main.c | 19 +- arch/arm64/kvm/hyp/nvhe/mem_protect.c | 74 ++- arch/arm64/kvm/hyp/nvhe/pkvm.c | 27 +- arch/arm64/kvm/hyp/nvhe/setup.c | 11 + arch/arm64/kvm/hyp/nvhe/switch.c | 28 +- arch/arm64/kvm/hyp/nvhe/timer-sr.c | 16 +- arch/arm64/kvm/hyp/nvhe/tlb.c | 52 ++ arch/arm64/kvm/hyp/pgtable.c | 228 +++++++- arch/arm64/kvm/hyp/vhe/switch.c | 2 +- arch/arm64/kvm/hyp/vhe/tlb.c | 32 ++ arch/arm64/kvm/mmu.c | 207 +++++-- arch/arm64/kvm/pkvm.c | 1 + arch/arm64/kvm/reset.c | 58 -- arch/arm64/kvm/sys_regs.c | 505 ++++++++++++----- arch/arm64/kvm/sys_regs.h | 22 +- arch/arm64/mm/kasan_init.c | 17 +- arch/arm64/tools/cpucaps | 3 + include/kvm/arm_pmu.h | 8 +- include/linux/arm_ffa.h | 8 + include/linux/kvm_host.h | 2 + include/uapi/linux/kvm.h | 2 + virt/kvm/kvm_main.c | 3 +- 61 files changed, 2631 insertions(+), 619 deletions(-) create mode 100644 arch/arm64/kvm/hyp/include/nvhe/ffa.h create mode 100644 arch/arm64/kvm/hyp/nvhe/ffa.c -- diff --cc arch/arm64/kernel/cpufeature.c index 3d93147179a0,6ea7f23b1287..000000000000 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@@ -2656,23 -2662,27 +2677,44 @@@ static const struct arm64_cpu_capabilit .cpu_enable = cpu_enable_dit, ARM64_CPUID_FIELDS(ID_AA64PFR0_EL1, DIT, IMP) }, + { + .desc = "Memory Copy and Memory Set instructions", + .capability = ARM64_HAS_MOPS, + .type = ARM64_CPUCAP_SYSTEM_FEATURE, + .matches = has_cpuid_feature, + .cpu_enable = cpu_enable_mops, + ARM64_CPUID_FIELDS(ID_AA64ISAR2_EL1, MOPS, IMP) + }, + { + .capability = ARM64_HAS_TCR2, + .type = ARM64_CPUCAP_SYSTEM_FEATURE, + .matches = has_cpuid_feature, + ARM64_CPUID_FIELDS(ID_AA64MMFR3_EL1, TCRX, IMP) + }, + { + .desc = "Stage-1 Permission Indirection Extension (S1PIE)", + .capability = ARM64_HAS_S1PIE, + .type = ARM64_CPUCAP_BOOT_CPU_FEATURE, + .matches = has_cpuid_feature, + ARM64_CPUID_FIELDS(ID_AA64MMFR3_EL1, S1PIE, IMP) + }, + { + .desc = "VHE for hypervisor only", + .capability = ARM64_KVM_HVHE, + .type = ARM64_CPUCAP_SYSTEM_FEATURE, + .matches = hvhe_possible, + }, + { + .desc = "Enhanced Virtualization Traps", + .capability = ARM64_HAS_EVT, + .type = ARM64_CPUCAP_SYSTEM_FEATURE, + .sys_reg = SYS_ID_AA64MMFR2_EL1, + .sign = FTR_UNSIGNED, + .field_pos = ID_AA64MMFR2_EL1_EVT_SHIFT, + .field_width = 4, + .min_field_value = ID_AA64MMFR2_EL1_EVT_IMP, + .matches = has_cpuid_feature, + }, {}, };