[GIT PULL] KVM/arm64 updates for 6.5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Paolo,

Here are the KVM/arm64 updates for 6.5. Note that the for-next/module-alloc
branch was merged to resolve a nontrivial conflict with the arm64 tree.

There is still an outstanding conflict with the arm64 tree with a rather
straightforward resolution, I've included mine in the diff at the end.

I will be handling fixes for 6.5, so please expect subsequent pulls to
be coming from me. Marc will take over starting with the 6.6 merge
window.

--
Thanks,
Oliver

The following changes since commit 44c026a73be8038f03dbdeef028b642880cf1511:

  Linux 6.4-rc3 (2023-05-21 14:05:48 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git tags/kvmarm-6.5

for you to fetch changes up to 192df2aa0113ddddee2a93e453ff46610807b425:

  KVM: arm64: Fix misuse of KVM_ARM_VCPU_POWER_OFF bit index (2023-06-22 17:17:14 +0000)

----------------------------------------------------------------
KVM/arm64 updates for 6.5

 - Eager page splitting optimization for dirty logging, optionally
   allowing for a VM to avoid the cost of block splitting in the stage-2
   fault path.

 - Arm FF-A proxy for pKVM, allowing a pKVM host to safely interact with
   services that live in the Secure world. pKVM intervenes on FF-A calls
   to guarantee the host doesn't misuse memory donated to the hyp or a
   pKVM guest.

 - Support for running the split hypervisor with VHE enabled, known as
   'hVHE' mode. This is extremely useful for testing the split
   hypervisor on VHE-only systems, and paves the way for new use cases
   that depend on having two TTBRs available at EL2.

 - Generalized framework for configurable ID registers from userspace.
   KVM/arm64 currently prevents arbitrary CPU feature set configuration
   from userspace, but the intent is to relax this limitation and allow
   userspace to select a feature set consistent with the CPU.

 - Enable the use of Branch Target Identification (FEAT_BTI) in the
   hypervisor.

 - Use a separate set of pointer authentication keys for the hypervisor
   when running in protected mode, as the host is untrusted at runtime.

 - Ensure timer IRQs are consistently released in the init failure
   paths.

 - Avoid trapping CTR_EL0 on systems with Enhanced Virtualization Traps
   (FEAT_EVT), as it is a register commonly read from userspace.

 - Erratum workaround for the upcoming AmpereOne part, which has broken
   hardware A/D state management.

As a consequence of the hVHE series reworking the arm64 software
features framework, the for-next/module-alloc branch from the arm64 tree
comes along for the ride.

----------------------------------------------------------------
Arnd Bergmann (1):
      arm64: kvm: avoid overflow in integer division

Dan Carpenter (1):
      KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init()

Fuad Tabba (1):
      KVM: arm64: Handle FFA_FEATURES call from the host

Jing Zhang (5):
      KVM: arm64: Reuse fields of sys_reg_desc for idreg
      KVM: arm64: Save ID registers' sanitized value per guest
      KVM: arm64: Use arm64_ftr_bits to sanitise ID register writes
      KVM: arm64: Use generic sanitisation for ID_(AA64)DFR0_EL1
      KVM: arm64: Use generic sanitisation for ID_AA64PFR0_EL1

Marc Zyngier (19):
      KVM: arm64: Use local TLBI on permission relaxation
      KVM: arm64: Relax trapping of CTR_EL0 when FEAT_EVT is available
      KVM: arm64: Drop is_kernel_in_hyp_mode() from __invalidate_icache_guest_page()
      arm64: Prevent the use of is_kernel_in_hyp_mode() in hypervisor code
      arm64: Turn kaslr_feature_override into a generic SW feature override
      arm64: Add KVM_HVHE capability and has_hvhe() predicate
      arm64: Don't enable VHE for the kernel if OVERRIDE_HVHE is set
      arm64: Allow EL1 physical timer access when running VHE
      arm64: Use CPACR_EL1 format to set CPTR_EL2 when E2H is set
      KVM: arm64: Remove alternatives from sysreg accessors in VHE hypervisor context
      KVM: arm64: Key use of VHE instructions in nVHE code off ARM64_KVM_HVHE
      KVM: arm64: Force HCR_EL2.E2H when ARM64_KVM_HVHE is set
      KVM: arm64: Disable TTBR1_EL2 when using ARM64_KVM_HVHE
      KVM: arm64: Adjust EL2 stage-1 leaf AP bits when ARM64_KVM_HVHE is set
      KVM: arm64: Rework CPTR_EL2 programming for HVHE configuration
      KVM: arm64: Program the timer traps with VHE layout in hVHE mode
      KVM: arm64: Force HCR_E2H in guest context when ARM64_KVM_HVHE is set
      arm64: Allow arm64_sw.hvhe on command line
      KVM: arm64: Fix hVHE init on CPUs where HCR_EL2.E2H is not RES1

Mark Rutland (6):
      arm64: module: remove old !KASAN_VMALLOC logic
      arm64: kasan: remove !KASAN_VMALLOC remnants
      arm64: kaslr: split kaslr/module initialization
      arm64: module: move module randomization to module.c
      arm64: module: mandate MODULE_PLTS
      arm64: module: rework module VA range selection

Mostafa Saleh (2):
      KVM: arm64: Use BTI for nvhe
      KVM: arm64: Use different pointer authentication keys for pKVM

Oliver Upton (17):
      KVM: arm64: Separate out feature sanitisation and initialisation
      KVM: arm64: Relax invariance of KVM_ARM_VCPU_POWER_OFF
      KVM: arm64: Make vCPU feature flags consistent VM-wide
      KVM: arm64: Rewrite IMPDEF PMU version as NI
      KVM: arm64: Handle ID register reads using the VM-wide values
      KVM: arm64: Rip out the vestiges of the 'old' ID register scheme
      Merge branch kvm-arm64/eager-page-splitting into kvmarm/next
      Merge branch kvm-arm64/ffa-proxy into kvmarm/next
      Merge branch kvm-arm64/hvhe into kvmarm/next
      Merge branch for-next/module-alloc into kvmarm/next
      Merge branch kvm-arm64/configurable-id-regs into kvmarm/next
      Merge branch kvm-arm64/misc into kvmarm/next
      arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2
      KVM: arm64: Refactor HFGxTR configuration into separate helpers
      KVM: arm64: Prevent guests from enabling HA/HD on Ampere1
      Merge branch kvm-arm64/ampere1-hafdbs-mitigation into kvmarm/next
      KVM: arm64: Fix misuse of KVM_ARM_VCPU_POWER_OFF bit index

Quentin Perret (1):
      KVM: arm64: pkvm: Add support for fragmented FF-A descriptors

Ricardo Koller (11):
      KVM: arm64: Rename free_removed to free_unlinked
      KVM: arm64: Add KVM_PGTABLE_WALK flags for skipping CMOs and BBM TLBIs
      KVM: arm64: Add helper for creating unlinked stage2 subtrees
      KVM: arm64: Export kvm_are_all_memslots_empty()
      KVM: arm64: Add KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE
      KVM: arm64: Add kvm_pgtable_stage2_split()
      KVM: arm64: Refactor kvm_arch_commit_memory_region()
      KVM: arm64: Add kvm_uninit_stage2_mmu()
      KVM: arm64: Split huge pages when dirty logging is enabled
      KVM: arm64: Open-code kvm_mmu_write_protect_pt_masked()
      KVM: arm64: Split huge pages during KVM_CLEAR_DIRTY_LOG

Will Deacon (8):
      KVM: arm64: Block unsafe FF-A calls from the host
      KVM: arm64: Probe FF-A version and host/hyp partition ID during init
      KVM: arm64: Allocate pages for hypervisor FF-A mailboxes
      KVM: arm64: Handle FFA_RXTX_MAP and FFA_RXTX_UNMAP calls from the host
      KVM: arm64: Add FF-A helpers to share/unshare memory with secure world
      KVM: arm64: Handle FFA_MEM_SHARE calls from the host
      KVM: arm64: Handle FFA_MEM_RECLAIM calls from the host
      KVM: arm64: Handle FFA_MEM_LEND calls from the host

 Documentation/arm64/memory.rst                |   8 +-
 Documentation/arm64/silicon-errata.rst        |   3 +
 Documentation/virt/kvm/api.rst                |  27 +
 arch/arm64/Kconfig                            |  47 +-
 arch/arm64/include/asm/cpufeature.h           |   6 +
 arch/arm64/include/asm/el2_setup.h            |  27 +-
 arch/arm64/include/asm/kvm_arm.h              |   7 +-
 arch/arm64/include/asm/kvm_asm.h              |   4 +
 arch/arm64/include/asm/kvm_emulate.h          |  46 +-
 arch/arm64/include/asm/kvm_host.h             |  61 ++-
 arch/arm64/include/asm/kvm_hyp.h              |  37 +-
 arch/arm64/include/asm/kvm_mmu.h              |   4 +-
 arch/arm64/include/asm/kvm_pgtable.h          |  79 ++-
 arch/arm64/include/asm/kvm_pkvm.h             |  21 +
 arch/arm64/include/asm/memory.h               |  16 +-
 arch/arm64/include/asm/module.h               |   8 -
 arch/arm64/include/asm/module.lds.h           |   2 -
 arch/arm64/include/asm/sysreg.h               |   1 +
 arch/arm64/include/asm/virt.h                 |  12 +-
 arch/arm64/kernel/Makefile                    |   3 +-
 arch/arm64/kernel/cpu_errata.c                |   7 +
 arch/arm64/kernel/cpufeature.c                |  34 +-
 arch/arm64/kernel/ftrace.c                    |   8 +-
 arch/arm64/kernel/head.S                      |   2 +
 arch/arm64/kernel/hyp-stub.S                  |  10 +-
 arch/arm64/kernel/idreg-override.c            |  25 +-
 arch/arm64/kernel/kaslr.c                     |  87 +--
 arch/arm64/kernel/module.c                    | 159 ++++--
 arch/arm64/kernel/setup.c                     |   2 +
 arch/arm64/kvm/arch_timer.c                   |  14 +-
 arch/arm64/kvm/arm.c                          | 201 +++++--
 arch/arm64/kvm/fpsimd.c                       |   4 +-
 arch/arm64/kvm/hyp/include/hyp/switch.h       | 101 +++-
 arch/arm64/kvm/hyp/include/nvhe/ffa.h         |  17 +
 arch/arm64/kvm/hyp/include/nvhe/mem_protect.h |   3 +
 arch/arm64/kvm/hyp/nvhe/Makefile              |   2 +-
 arch/arm64/kvm/hyp/nvhe/ffa.c                 | 762 ++++++++++++++++++++++++++
 arch/arm64/kvm/hyp/nvhe/host.S                |  36 +-
 arch/arm64/kvm/hyp/nvhe/hyp-init.S            |  32 +-
 arch/arm64/kvm/hyp/nvhe/hyp-main.c            |  19 +-
 arch/arm64/kvm/hyp/nvhe/mem_protect.c         |  74 ++-
 arch/arm64/kvm/hyp/nvhe/pkvm.c                |  27 +-
 arch/arm64/kvm/hyp/nvhe/setup.c               |  11 +
 arch/arm64/kvm/hyp/nvhe/switch.c              |  28 +-
 arch/arm64/kvm/hyp/nvhe/timer-sr.c            |  16 +-
 arch/arm64/kvm/hyp/nvhe/tlb.c                 |  52 ++
 arch/arm64/kvm/hyp/pgtable.c                  | 228 +++++++-
 arch/arm64/kvm/hyp/vhe/switch.c               |   2 +-
 arch/arm64/kvm/hyp/vhe/tlb.c                  |  32 ++
 arch/arm64/kvm/mmu.c                          | 207 +++++--
 arch/arm64/kvm/pkvm.c                         |   1 +
 arch/arm64/kvm/reset.c                        |  58 --
 arch/arm64/kvm/sys_regs.c                     | 505 ++++++++++++-----
 arch/arm64/kvm/sys_regs.h                     |  22 +-
 arch/arm64/mm/kasan_init.c                    |  17 +-
 arch/arm64/tools/cpucaps                      |   3 +
 include/kvm/arm_pmu.h                         |   8 +-
 include/linux/arm_ffa.h                       |   8 +
 include/linux/kvm_host.h                      |   2 +
 include/uapi/linux/kvm.h                      |   2 +
 virt/kvm/kvm_main.c                           |   3 +-
 61 files changed, 2631 insertions(+), 619 deletions(-)
 create mode 100644 arch/arm64/kvm/hyp/include/nvhe/ffa.h
 create mode 100644 arch/arm64/kvm/hyp/nvhe/ffa.c

--
diff --cc arch/arm64/kernel/cpufeature.c
index 3d93147179a0,6ea7f23b1287..000000000000
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@@ -2656,23 -2662,27 +2677,44 @@@ static const struct arm64_cpu_capabilit
  		.cpu_enable = cpu_enable_dit,
  		ARM64_CPUID_FIELDS(ID_AA64PFR0_EL1, DIT, IMP)
  	},
+ 	{
+ 		.desc = "Memory Copy and Memory Set instructions",
+ 		.capability = ARM64_HAS_MOPS,
+ 		.type = ARM64_CPUCAP_SYSTEM_FEATURE,
+ 		.matches = has_cpuid_feature,
+ 		.cpu_enable = cpu_enable_mops,
+ 		ARM64_CPUID_FIELDS(ID_AA64ISAR2_EL1, MOPS, IMP)
+ 	},
+ 	{
+ 		.capability = ARM64_HAS_TCR2,
+ 		.type = ARM64_CPUCAP_SYSTEM_FEATURE,
+ 		.matches = has_cpuid_feature,
+ 		ARM64_CPUID_FIELDS(ID_AA64MMFR3_EL1, TCRX, IMP)
+ 	},
+ 	{
+ 		.desc = "Stage-1 Permission Indirection Extension (S1PIE)",
+ 		.capability = ARM64_HAS_S1PIE,
+ 		.type = ARM64_CPUCAP_BOOT_CPU_FEATURE,
+ 		.matches = has_cpuid_feature,
+ 		ARM64_CPUID_FIELDS(ID_AA64MMFR3_EL1, S1PIE, IMP)
+ 	},
 +	{
 +		.desc = "VHE for hypervisor only",
 +		.capability = ARM64_KVM_HVHE,
 +		.type = ARM64_CPUCAP_SYSTEM_FEATURE,
 +		.matches = hvhe_possible,
 +	},
 +	{
 +		.desc = "Enhanced Virtualization Traps",
 +		.capability = ARM64_HAS_EVT,
 +		.type = ARM64_CPUCAP_SYSTEM_FEATURE,
 +		.sys_reg = SYS_ID_AA64MMFR2_EL1,
 +		.sign = FTR_UNSIGNED,
 +		.field_pos = ID_AA64MMFR2_EL1_EVT_SHIFT,
 +		.field_width = 4,
 +		.min_field_value = ID_AA64MMFR2_EL1_EVT_IMP,
 +		.matches = has_cpuid_feature,
 +	},
  	{},
  };
  



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux