From: Andre Przywara <andre.przywara@arm.com>
To: Marc Zyngier <marc.zyngier@arm.com>,
Christoffer Dall <christoffer.dall@arm.com>
Cc: Dave Martin <dave.martin@arm.com>,
Steven Price <steven.price@arm.com>,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org
Subject: [PATCH v4 0/2] KVM: arm/arm64: Add VCPU workarounds firmware register
Date: Thu, 28 Feb 2019 17:43:32 -0600 [thread overview]
Message-ID: <20190228234334.20456-1-andre.przywara@arm.com> (raw)
Hi,
a minor update compared to v3, addressing the comments from the diligent
reviewers, regarding value checking and the API documentation.
See below for the changelog.
Cheers,
Andre
-----------------------------
Workarounds for Spectre variant 2 or 4 vulnerabilities require some help
from the firmware, so KVM implements an interface to provide that for
guests. When such a guest is migrated, we want to make sure we don't
loose the protection the guest relies on.
This introduces two new firmware registers in KVM's GET/SET_ONE_REG
interface, so userland can save the level of protection implemented by
the hypervisor and used by the guest. Upon restoring these registers,
we make sure we don't downgrade and reject any values that would mean
weaker protection.
The protection level is encoded in the lower 4 bits, with smaller
values indicating weaker protection.
Patch 1 implements the two firmware registers, patch 2 adds the
documentation.
ARM(32) is a bit of a pain (again), as the firmware register interface
is shared, but 32-bit does not implement all the workarounds.
For now I stuffed two wrappers into kvm_emulate.h, which doesn't sound
like the best solution. Happy to hear about better solutions.
This has been tested with migration between two Juno systems. Out of the
box they advertise identical workaround levels, and migration succeeds.
However when disabling the A57 cluster on one system, WORKAROUND_1 is
not needed and the host kernel disables this. Migration between the two
now fails, as expected.
Please have a look and comment!
Cheers,
Andre
[1] http://lists.infradead.org/pipermail/linux-arm-kernel/2019-February/635694.html
Changelog:
v3 .. v4:
- clarify API documentation for WORKAROUND_1
- check for unknown bits in userland provided register values
- report proper -ENOENT when register ID is unknown
v2 .. v3:
- rebase against latest kvm-arm/next
- introduce UNAFFECTED value for WORKAROUND_1
- require exact match for WORKAROUND_1 levels
v1 .. v2:
- complete rework of WORKAROUND_2 presentation to use a linear scale,
dropping the complicated comparison routine
*** BLURB HERE ***
Andre Przywara (2):
KVM: arm/arm64: Add save/restore support for firmware workaround state
KVM: doc: add API documentation on the KVM_REG_ARM_WORKAROUNDS
register
Documentation/virtual/kvm/arm/psci.txt | 25 +++++
arch/arm/include/asm/kvm_emulate.h | 10 ++
arch/arm/include/uapi/asm/kvm.h | 10 ++
arch/arm64/include/asm/kvm_emulate.h | 14 +++
arch/arm64/include/uapi/asm/kvm.h | 9 ++
virt/kvm/arm/psci.c | 128 +++++++++++++++++++++----
6 files changed, 180 insertions(+), 16 deletions(-)
--
2.17.1
WARNING: multiple messages have this Message-ID (diff)
From: Andre Przywara <andre.przywara@arm.com>
To: Marc Zyngier <marc.zyngier@arm.com>,
Christoffer Dall <christoffer.dall@arm.com>
Cc: Dave Martin <dave.martin@arm.com>,
Steven Price <steven.price@arm.com>,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org
Subject: [PATCH v4 0/2] KVM: arm/arm64: Add VCPU workarounds firmware register
Date: Thu, 28 Feb 2019 17:43:32 -0600 [thread overview]
Message-ID: <20190228234334.20456-1-andre.przywara@arm.com> (raw)
Hi,
a minor update compared to v3, addressing the comments from the diligent
reviewers, regarding value checking and the API documentation.
See below for the changelog.
Cheers,
Andre
-----------------------------
Workarounds for Spectre variant 2 or 4 vulnerabilities require some help
from the firmware, so KVM implements an interface to provide that for
guests. When such a guest is migrated, we want to make sure we don't
loose the protection the guest relies on.
This introduces two new firmware registers in KVM's GET/SET_ONE_REG
interface, so userland can save the level of protection implemented by
the hypervisor and used by the guest. Upon restoring these registers,
we make sure we don't downgrade and reject any values that would mean
weaker protection.
The protection level is encoded in the lower 4 bits, with smaller
values indicating weaker protection.
Patch 1 implements the two firmware registers, patch 2 adds the
documentation.
ARM(32) is a bit of a pain (again), as the firmware register interface
is shared, but 32-bit does not implement all the workarounds.
For now I stuffed two wrappers into kvm_emulate.h, which doesn't sound
like the best solution. Happy to hear about better solutions.
This has been tested with migration between two Juno systems. Out of the
box they advertise identical workaround levels, and migration succeeds.
However when disabling the A57 cluster on one system, WORKAROUND_1 is
not needed and the host kernel disables this. Migration between the two
now fails, as expected.
Please have a look and comment!
Cheers,
Andre
[1] http://lists.infradead.org/pipermail/linux-arm-kernel/2019-February/635694.html
Changelog:
v3 .. v4:
- clarify API documentation for WORKAROUND_1
- check for unknown bits in userland provided register values
- report proper -ENOENT when register ID is unknown
v2 .. v3:
- rebase against latest kvm-arm/next
- introduce UNAFFECTED value for WORKAROUND_1
- require exact match for WORKAROUND_1 levels
v1 .. v2:
- complete rework of WORKAROUND_2 presentation to use a linear scale,
dropping the complicated comparison routine
*** BLURB HERE ***
Andre Przywara (2):
KVM: arm/arm64: Add save/restore support for firmware workaround state
KVM: doc: add API documentation on the KVM_REG_ARM_WORKAROUNDS
register
Documentation/virtual/kvm/arm/psci.txt | 25 +++++
arch/arm/include/asm/kvm_emulate.h | 10 ++
arch/arm/include/uapi/asm/kvm.h | 10 ++
arch/arm64/include/asm/kvm_emulate.h | 14 +++
arch/arm64/include/uapi/asm/kvm.h | 9 ++
virt/kvm/arm/psci.c | 128 +++++++++++++++++++++----
6 files changed, 180 insertions(+), 16 deletions(-)
--
2.17.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next reply other threads:[~2019-02-28 23:43 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-28 23:43 Andre Przywara [this message]
2019-02-28 23:43 ` [PATCH v4 0/2] KVM: arm/arm64: Add VCPU workarounds firmware register Andre Przywara
2019-02-28 23:43 ` [PATCH v4 1/2] KVM: arm/arm64: Add save/restore support for firmware workaround state Andre Przywara
2019-02-28 23:43 ` Andre Przywara
2019-03-01 14:57 ` Steven Price
2019-03-01 14:57 ` Steven Price
2019-03-21 12:54 ` Auger Eric
2019-03-21 12:54 ` Auger Eric
2019-03-21 17:35 ` Andre Przywara
2019-03-21 17:35 ` Andre Przywara
2019-03-21 18:03 ` Auger Eric
2019-03-21 18:03 ` Auger Eric
2019-04-26 15:07 ` Auger Eric
2019-04-26 15:07 ` Auger Eric
2019-04-26 15:07 ` Auger Eric
2019-04-26 15:07 ` Auger Eric
2019-04-15 12:33 ` Andre Przywara
2019-04-15 12:33 ` Andre Przywara
2019-04-15 12:33 ` Andre Przywara
2019-04-15 12:33 ` Andre Przywara
2019-02-28 23:43 ` [PATCH v4 2/2] KVM: doc: add API documentation on the KVM_REG_ARM_WORKAROUNDS register Andre Przywara
2019-02-28 23:43 ` Andre Przywara
2019-03-01 15:19 ` Steven Price
2019-03-01 15:19 ` Steven Price
2019-03-21 12:33 ` Auger Eric
2019-03-21 12:33 ` Auger Eric
2019-04-15 12:34 ` Andre Przywara
2019-04-15 12:34 ` Andre Przywara
2019-04-15 12:34 ` Andre Przywara
2019-04-15 12:34 ` Andre Przywara
2019-04-26 15:02 ` Auger Eric
2019-04-26 15:02 ` Auger Eric
2019-04-26 15:02 ` Auger Eric
2019-04-26 15:02 ` Auger Eric
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190228234334.20456-1-andre.przywara@arm.com \
--to=andre.przywara@arm.com \
--cc=christoffer.dall@arm.com \
--cc=dave.martin@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=marc.zyngier@arm.com \
--cc=steven.price@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.