Hi Marz, I'm trying to learn pKVM and have a question. Why pKVM developed on E2H=0 firstly? It tried to avoid host access guest memory with stage2 translation, and it seems not necessarily rely on HCR_EL2.E2H=0. Is hVHE an alternative plan of pKVM ? To allow pKVM run on E2H res1 system ? Thanks for your help. Nianyao Tang. On 6/10/2023 0:21, Marc Zyngier wrote: > KVM (on ARMv8.0) and pKVM (on all revisions of the architecture) use > the split hypervisor model that makes the EL2 code more or less > standalone. In the later case, we totally ignore the VHE mode and > stick with the good old v8.0 EL2 setup. > > This is all good, but means that the EL2 code is limited in what it > can do with its own address space. This series proposes to remove this > limitation and to allow VHE to be used even with the split hypervisor > model. This has some potential isolation benefits[1], and eventually > allow systems that do not support HCR_EL2.E2H==0 to run pKVM. > > We introduce a new "mode" for KVM called hVHE, in reference to the > nVHE mode, and indicating that only the hypervisor is using VHE. Note > that this is all this series does. No effort is made to improve the VA > space management, which will be the subject of another series if this > one ever makes it. > > This has been tested on a M1 box (bare metal) as well as as a nested > guest on M2, both with the standard nVHE and protected modes, with no > measurable change in performance. > > Note: the last patch of this series is not a merge candidate. > > Thanks, > > M. > > [1] https://www.youtube.com/watch?v=1F_Mf2j9eIo&list=PLbzoR-pLrL6qWL3v2KOcvwZ54-w0z5uXV&index=11 > > * From v2: > - Use BUILD_BUG_ON() to prevent the use of is_kernel_in_hyp_mode() > form hypervisor context > - Validate that all CPUs are VHE-capable before flipping the > capability > > * From v1: > - Fixed CNTHCTL_EL2 setup when switching from E2H=0 to E2H=1 > Amusingly, this was found on NV... > - Rebased on 6.4-rc2 > > Marc Zyngier (17): > KVM: arm64: Drop is_kernel_in_hyp_mode() from > __invalidate_icache_guest_page() > arm64: Prevent the use of is_kernel_in_hyp_mode() in hypervisor code > arm64: Turn kaslr_feature_override into a generic SW feature override > arm64: Add KVM_HVHE capability and has_hvhe() predicate > arm64: Don't enable VHE for the kernel if OVERRIDE_HVHE is set > arm64: Allow EL1 physical timer access when running VHE > arm64: Use CPACR_EL1 format to set CPTR_EL2 when E2H is set > KVM: arm64: Remove alternatives from sysreg accessors in VHE > hypervisor context > KVM: arm64: Key use of VHE instructions in nVHE code off > ARM64_KVM_HVHE > KVM: arm64: Force HCR_EL2.E2H when ARM64_KVM_HVHE is set > KVM: arm64: Disable TTBR1_EL2 when using ARM64_KVM_HVHE > KVM: arm64: Adjust EL2 stage-1 leaf AP bits when ARM64_KVM_HVHE is set > KVM: arm64: Rework CPTR_EL2 programming for HVHE configuration > KVM: arm64: Program the timer traps with VHE layout in hVHE mode > KVM: arm64: Force HCR_E2H in guest context when ARM64_KVM_HVHE is set > arm64: Allow arm64_sw.hvhe on command line > KVM: arm64: Terrible timer hack for M1 with hVHE > > arch/arm64/include/asm/arch_timer.h | 8 ++++ > arch/arm64/include/asm/cpufeature.h | 5 +++ > arch/arm64/include/asm/el2_setup.h | 26 ++++++++++++- > arch/arm64/include/asm/kvm_arm.h | 4 +- > arch/arm64/include/asm/kvm_asm.h | 1 + > arch/arm64/include/asm/kvm_emulate.h | 33 +++++++++++++++- > arch/arm64/include/asm/kvm_hyp.h | 37 +++++++++++++----- > arch/arm64/include/asm/kvm_mmu.h | 3 +- > arch/arm64/include/asm/virt.h | 12 +++++- > arch/arm64/kernel/cpufeature.c | 21 +++++++++++ > arch/arm64/kernel/hyp-stub.S | 10 ++++- > arch/arm64/kernel/idreg-override.c | 25 ++++++++----- > arch/arm64/kernel/image-vars.h | 3 ++ > arch/arm64/kernel/kaslr.c | 6 +-- > arch/arm64/kvm/arch_timer.c | 5 +++ > arch/arm64/kvm/arm.c | 12 +++++- > arch/arm64/kvm/fpsimd.c | 4 +- > arch/arm64/kvm/hyp/include/hyp/switch.h | 2 +- > arch/arm64/kvm/hyp/nvhe/hyp-init.S | 9 +++++ > arch/arm64/kvm/hyp/nvhe/hyp-main.c | 17 ++++++++- > arch/arm64/kvm/hyp/nvhe/pkvm.c | 27 ++++++++++--- > arch/arm64/kvm/hyp/nvhe/switch.c | 28 ++++++++------ > arch/arm64/kvm/hyp/nvhe/timer-sr.c | 25 +++++++++++-- > arch/arm64/kvm/hyp/pgtable.c | 6 ++- > arch/arm64/kvm/hyp/vhe/switch.c | 2 +- > arch/arm64/kvm/sys_regs.c | 2 +- > arch/arm64/tools/cpucaps | 1 + > drivers/irqchip/irq-apple-aic.c | 50 ++++++++++++++++++++++++- > 28 files changed, 320 insertions(+), 64 deletions(-) >
