From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D3141C433EF
	for <linux-kernel@archiver.kernel.org>; Thu,  7 Oct 2021 14:22:50 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id BCBCC60F3A
	for <linux-kernel@archiver.kernel.org>; Thu,  7 Oct 2021 14:22:50 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S242063AbhJGOYm (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Thu, 7 Oct 2021 10:24:42 -0400
Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:39899 "EHLO
        us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S241688AbhJGOYj (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 7 Oct 2021 10:24:39 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1633616565;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=NwNhkSSQVfpndEjPuTcMmPnedcfNAU7hCSOfVfmZyQw=;
        b=esYsEikkXKzqjy0BB8SxKHpLnOSFF7AIF8iGUXolNeGCfpg7lVD/mNnpv5ZczsphVaEcAI
        prlHTFqSIam5cHbX0JC7sY9LUFqmWuxANx/h5DpIzhdZhDW8FFB0/ZY/imK4fIs3GTq4l1
        2NRIBqju94rh33upEmDCcVFJgHlsVTY=
Received: from mail-qv1-f71.google.com (mail-qv1-f71.google.com
 [209.85.219.71]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-549-PGh8JcakPKWRvPf7OWsTgA-1; Thu, 07 Oct 2021 10:22:44 -0400
X-MC-Unique: PGh8JcakPKWRvPf7OWsTgA-1
Received: by mail-qv1-f71.google.com with SMTP id a16-20020a0ccdd0000000b003830ff134ccso5827442qvn.6
        for <linux-kernel@vger.kernel.org>; Thu, 07 Oct 2021 07:22:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to;
        bh=NwNhkSSQVfpndEjPuTcMmPnedcfNAU7hCSOfVfmZyQw=;
        b=Vswr/LuRclUzQACaS98A0CrGY0ja3kTlgdI2flRahz1izIINl/Lg2Dpan2T53pURqP
         dK8evaMosgxdgC7+Ixn4CrOqrkS9T9MX73YpN374nnTJhOArqJ4IPlLscsylbBBUHX9I
         bGAXLhLoj3TQNj9UXtDtnBombpIdJJFvwQoXGHLs0xxFFD604R2IfOs4kAjtGX5Vv0Q7
         epMMnXv2e7BL+zbx1r8QsPkBg5qfeJT6jd5lSRJr9fXr5ZXv8JAcRxJDQl3bm2fhQppX
         Dah/N9mWzQRAVMsIBMLarUjjXbUyyVTOKNuqggXjxVRBW9FNJwJj4+9cSOTT7ndsjIRO
         Igeg==
X-Gm-Message-State: AOAM532GZTqFntmRMOSKlfz9QlAjeXbDXNlZfuTqy8KpM+uRqpmTrbWG
        6+hmZ6S1rgfAUGux/b807dMqdPofsjNo1es+za8XhYYxcrQ10+f3eQxqi7iWgq4BOkVZl9bWGg/
        1XeyOdCU7z7tS/EQYj2DYoV4N
X-Received: by 2002:ac8:42da:: with SMTP id g26mr5084724qtm.368.1633616564372;
        Thu, 07 Oct 2021 07:22:44 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJznlZpzS7BocFG+jBouZSO4VwuwGiZhZ+UBcXSThzQVFxaLLFDyXzL3bSYYFQIwgrEoqpSV7g==
X-Received: by 2002:ac8:42da:: with SMTP id g26mr5084691qtm.368.1633616564116;
        Thu, 07 Oct 2021 07:22:44 -0700 (PDT)
Received: from gator (nat-pool-brq-u.redhat.com. [213.175.37.12])
        by smtp.gmail.com with ESMTPSA id b20sm521782qtx.89.2021.10.07.07.22.41
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 07 Oct 2021 07:22:43 -0700 (PDT)
Date:   Thu, 7 Oct 2021 16:22:39 +0200
From:   Andrew Jones <drjones@redhat.com>
To:     Marc Zyngier <maz@kernel.org>
Cc:     linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu,
        kvm@vger.kernel.org, linux-kernel@vger.kernel.org, will@kernel.org,
        qperret@google.com, dbrazdil@google.com,
        Steven Price <steven.price@arm.com>,
        Fuad Tabba <tabba@google.com>,
        Srivatsa Vaddagiri <vatsa@codeaurora.org>,
        Shanker R Donthineni <sdonthineni@nvidia.com>,
        James Morse <james.morse@arm.com>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        Alexandru Elisei <alexandru.elisei@arm.com>,
        kernel-team@android.com
Subject: Re: [PATCH v2 09/16] KVM: arm64: Advertise a capability for MMIO
 guard
Message-ID: <20211007142239.4ryz4thzgpilphya@gator>
References: <20211004174849.2831548-1-maz@kernel.org>
 <20211004174849.2831548-10-maz@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20211004174849.2831548-10-maz@kernel.org>
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Oct 04, 2021 at 06:48:42PM +0100, Marc Zyngier wrote:
> In order for userspace to find out whether the MMIO guard is
> exposed to a guest, expose a capability that says so.
> 
> We take this opportunity to make it incompatible with the NISV
> option, as that would be rather counter-productive!
> 
> Signed-off-by: Marc Zyngier <maz@kernel.org>
> ---
>  arch/arm64/kvm/arm.c        | 29 ++++++++++++++++++-----------
>  arch/arm64/kvm/hypercalls.c | 14 ++++++++++++--
>  include/uapi/linux/kvm.h    |  1 +
>  3 files changed, 31 insertions(+), 13 deletions(-)
> 
> diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c
> index ed9c89ec0b4f..1c9a7abe2728 100644
> --- a/arch/arm64/kvm/arm.c
> +++ b/arch/arm64/kvm/arm.c
> @@ -81,32 +81,33 @@ int kvm_arch_check_processor_compat(void *opaque)
>  int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
>  			    struct kvm_enable_cap *cap)
>  {
> -	int r;
> +	int r = -EINVAL;
>  
>  	if (cap->flags)
>  		return -EINVAL;
>  
> +	mutex_lock(&kvm->lock);
> +
>  	switch (cap->cap) {
>  	case KVM_CAP_ARM_NISV_TO_USER:
> -		r = 0;
> -		set_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> -			&kvm->arch.flags);
> +		/* This is incompatible with MMIO guard */
> +		if (!test_bit(KVM_ARCH_FLAG_MMIO_GUARD, &kvm->arch.flags)) {

But KVM_ARCH_FLAG_MMIO_GUARD will never be set at VM creation time, which
is the traditional time to probe and enable capabilities, because the
guest hasn't run yet, so it hasn't had a chance to issue the hypercall to
enable the mmio guard yet.

> +			r = 0;
> +			set_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> +				&kvm->arch.flags);
> +		}
>  		break;
>  	case KVM_CAP_ARM_MTE:
> -		mutex_lock(&kvm->lock);
> -		if (!system_supports_mte() || kvm->created_vcpus) {
> -			r = -EINVAL;
> -		} else {
> +		if (system_supports_mte() && !kvm->created_vcpus) {
>  			r = 0;
>  			set_bit(KVM_ARCH_FLAG_MTE_ENABLED, &kvm->arch.flags);
>  		}
> -		mutex_unlock(&kvm->lock);
>  		break;
>  	default:
> -		r = -EINVAL;
>  		break;
>  	}
>  
> +	mutex_unlock(&kvm->lock);
>  	return r;
>  }
>  
> @@ -211,13 +212,19 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
>  	case KVM_CAP_IMMEDIATE_EXIT:
>  	case KVM_CAP_VCPU_EVENTS:
>  	case KVM_CAP_ARM_IRQ_LINE_LAYOUT_2:
> -	case KVM_CAP_ARM_NISV_TO_USER:
>  	case KVM_CAP_ARM_INJECT_EXT_DABT:
>  	case KVM_CAP_SET_GUEST_DEBUG:
>  	case KVM_CAP_VCPU_ATTRIBUTES:
>  	case KVM_CAP_PTP_KVM:
>  		r = 1;
>  		break;
> +	case KVM_CAP_ARM_NISV_TO_USER:
> +		r = !test_bit(KVM_ARCH_FLAG_MMIO_GUARD, &kvm->arch.flags);
> +		break;
> +	case KVM_CAP_ARM_MMIO_GUARD:
> +		r = !test_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> +			      &kvm->arch.flags);
> +		break;
>  	case KVM_CAP_SET_GUEST_DEBUG2:
>  		return KVM_GUESTDBG_VALID_MASK;
>  	case KVM_CAP_ARM_SET_DEVICE_ADDR:
> diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c
> index c39aab55ecae..e4fade6a96f6 100644
> --- a/arch/arm64/kvm/hypercalls.c
> +++ b/arch/arm64/kvm/hypercalls.c
> @@ -59,6 +59,14 @@ static void kvm_ptp_get_time(struct kvm_vcpu *vcpu, u64 *val)
>  	val[3] = lower_32_bits(cycles);
>  }
>  
> +static bool mmio_guard_allowed(struct kvm_vcpu *vcpu)
> +{
> +	return (!test_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> +			  &vcpu->kvm->arch.flags) &&
> +		!vcpu_mode_is_32bit(vcpu));
> +
> +}
> +
>  int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  {
>  	u32 func_id = smccc_get_function(vcpu);
> @@ -131,7 +139,7 @@ int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  		val[0] = BIT(ARM_SMCCC_KVM_FUNC_FEATURES);
>  		val[0] |= BIT(ARM_SMCCC_KVM_FUNC_PTP);
>  		/* Only advertise MMIO guard to 64bit guests */
> -		if (!vcpu_mode_is_32bit(vcpu)) {
> +		if (mmio_guard_allowed(vcpu)) {
>  			val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MMIO_GUARD_INFO);
>  			val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MMIO_GUARD_ENROLL);
>  			val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MMIO_GUARD_MAP);
> @@ -146,10 +154,12 @@ int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  			val[0] = PAGE_SIZE;
>  		break;
>  	case ARM_SMCCC_VENDOR_HYP_KVM_MMIO_GUARD_ENROLL_FUNC_ID:
> -		if (!vcpu_mode_is_32bit(vcpu)) {
> +		mutex_lock(&vcpu->kvm->lock);
> +		if (mmio_guard_allowed(vcpu)) {
>  			set_bit(KVM_ARCH_FLAG_MMIO_GUARD, &vcpu->kvm->arch.flags);
>  			val[0] = SMCCC_RET_SUCCESS;
>  		}
> +		mutex_unlock(&vcpu->kvm->lock);
>  		break;
>  	case ARM_SMCCC_VENDOR_HYP_KVM_MMIO_GUARD_MAP_FUNC_ID:
>  		if (!vcpu_mode_is_32bit(vcpu) &&
> diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
> index a067410ebea5..ef171186e7be 100644
> --- a/include/uapi/linux/kvm.h
> +++ b/include/uapi/linux/kvm.h
> @@ -1112,6 +1112,7 @@ struct kvm_ppc_resize_hpt {
>  #define KVM_CAP_BINARY_STATS_FD 203
>  #define KVM_CAP_EXIT_ON_EMULATION_FAILURE 204
>  #define KVM_CAP_ARM_MTE 205
> +#define KVM_CAP_ARM_MMIO_GUARD 206
>  
>  #ifdef KVM_CAP_IRQ_ROUTING
>  
> -- 
> 2.30.2
>

Thanks,
drew


From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=Cc05=O3=lists.cs.columbia.edu=kvmarm-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 61062C433F5
	for <kvmarm@archiver.kernel.org>; Thu,  7 Oct 2021 14:22:51 +0000 (UTC)
Received: from mm01.cs.columbia.edu (mm01.cs.columbia.edu [128.59.11.253])
	by mail.kernel.org (Postfix) with ESMTP id D27A061108
	for <kvmarm@archiver.kernel.org>; Thu,  7 Oct 2021 14:22:50 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org D27A061108
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.cs.columbia.edu
Received: from localhost (localhost [127.0.0.1])
	by mm01.cs.columbia.edu (Postfix) with ESMTP id 51A344B319;
	Thu,  7 Oct 2021 10:22:50 -0400 (EDT)
X-Virus-Scanned: at lists.cs.columbia.edu
Authentication-Results: mm01.cs.columbia.edu (amavisd-new); dkim=softfail
	(fail, message has been altered) header.i=@redhat.com
Received: from mm01.cs.columbia.edu ([127.0.0.1])
	by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 3QR1Req0Q8ih; Thu,  7 Oct 2021 10:22:49 -0400 (EDT)
Received: from mm01.cs.columbia.edu (localhost [127.0.0.1])
	by mm01.cs.columbia.edu (Postfix) with ESMTP id 0E7DC4B2EA;
	Thu,  7 Oct 2021 10:22:49 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])
 by mm01.cs.columbia.edu (Postfix) with ESMTP id 43AE94B2E1
 for <kvmarm@lists.cs.columbia.edu>; Thu,  7 Oct 2021 10:22:47 -0400 (EDT)
X-Virus-Scanned: at lists.cs.columbia.edu
Received: from mm01.cs.columbia.edu ([127.0.0.1])
 by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id b7p90hGLuckI for <kvmarm@lists.cs.columbia.edu>;
 Thu,  7 Oct 2021 10:22:46 -0400 (EDT)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
 by mm01.cs.columbia.edu (Postfix) with ESMTP id 174204B2D9
 for <kvmarm@lists.cs.columbia.edu>; Thu,  7 Oct 2021 10:22:46 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1633616565;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=NwNhkSSQVfpndEjPuTcMmPnedcfNAU7hCSOfVfmZyQw=;
 b=esYsEikkXKzqjy0BB8SxKHpLnOSFF7AIF8iGUXolNeGCfpg7lVD/mNnpv5ZczsphVaEcAI
 prlHTFqSIam5cHbX0JC7sY9LUFqmWuxANx/h5DpIzhdZhDW8FFB0/ZY/imK4fIs3GTq4l1
 2NRIBqju94rh33upEmDCcVFJgHlsVTY=
Received: from mail-qk1-f199.google.com (mail-qk1-f199.google.com
 [209.85.222.199]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-554-LT4YiZy-MKO6VvgwhCmYkA-1; Thu, 07 Oct 2021 10:22:44 -0400
X-MC-Unique: LT4YiZy-MKO6VvgwhCmYkA-1
Received: by mail-qk1-f199.google.com with SMTP id
 i16-20020a05620a249000b004558dcb5663so5278762qkn.9
 for <kvmarm@lists.cs.columbia.edu>; Thu, 07 Oct 2021 07:22:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:references
 :mime-version:content-disposition:in-reply-to;
 bh=NwNhkSSQVfpndEjPuTcMmPnedcfNAU7hCSOfVfmZyQw=;
 b=W8gTT1rpps55pj17rNUgyhawigOjN8w9CABja2isjkP/mDZ+lMgsrPxqTe8aK4K6S9
 oW7QfaX7Rqn8wu2gsHK2Uw9L9iFXgksXKj3BhwMxN2of6+D5Bwl6Gec2ayhe+kCrAdE4
 DuR6osqKp5En2ElEek8kC8e+TVfNqxMAm+VIMBRtBpvfGsaMjKFTI+y8Y7zz/vydMYIo
 62gIVbql6UhgtUsdux+CEJnQpsHpeGnQX0a2LBd2ioCk6zDdKb5hL/DBkIyAGHO9EbuX
 cjvGN2NxPTF+MRKbNNcEnFrNnfP158fML/A9H05lCzmj1A1z4m0v6WnU60FR9KT7H60g
 S5Sg==
X-Gm-Message-State: AOAM532DWW8aENwqCnOveoUuF0ershqntC+ltuFutbYXiVGOMcU8a2I+
 usCldUFxqD0sYT51iCIjo2p8xKkYSGZf4qmwF0oNK9Q7s6ZWjsHiie1ElJk9+1SGRtVmX3LaTsZ
 aRemo/1CeVi0W4qqUZ+iiTSG+
X-Received: by 2002:ac8:42da:: with SMTP id g26mr5084725qtm.368.1633616564372; 
 Thu, 07 Oct 2021 07:22:44 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJznlZpzS7BocFG+jBouZSO4VwuwGiZhZ+UBcXSThzQVFxaLLFDyXzL3bSYYFQIwgrEoqpSV7g==
X-Received: by 2002:ac8:42da:: with SMTP id g26mr5084691qtm.368.1633616564116; 
 Thu, 07 Oct 2021 07:22:44 -0700 (PDT)
Received: from gator (nat-pool-brq-u.redhat.com. [213.175.37.12])
 by smtp.gmail.com with ESMTPSA id b20sm521782qtx.89.2021.10.07.07.22.41
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 07 Oct 2021 07:22:43 -0700 (PDT)
Date: Thu, 7 Oct 2021 16:22:39 +0200
From: Andrew Jones <drjones@redhat.com>
To: Marc Zyngier <maz@kernel.org>
Subject: Re: [PATCH v2 09/16] KVM: arm64: Advertise a capability for MMIO guard
Message-ID: <20211007142239.4ryz4thzgpilphya@gator>
References: <20211004174849.2831548-1-maz@kernel.org>
 <20211004174849.2831548-10-maz@kernel.org>
MIME-Version: 1.0
In-Reply-To: <20211004174849.2831548-10-maz@kernel.org>
Authentication-Results: relay.mimecast.com;
 auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=drjones@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Disposition: inline
Cc: kernel-team@android.com, kvm@vger.kernel.org,
 Srivatsa Vaddagiri <vatsa@codeaurora.org>, linux-kernel@vger.kernel.org,
 Steven Price <steven.price@arm.com>,
 Shanker R Donthineni <sdonthineni@nvidia.com>, will@kernel.org,
 kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org
X-BeenThere: kvmarm@lists.cs.columbia.edu
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Where KVM/ARM decisions are made <kvmarm.lists.cs.columbia.edu>
List-Unsubscribe: <https://lists.cs.columbia.edu/mailman/options/kvmarm>,
 <mailto:kvmarm-request@lists.cs.columbia.edu?subject=unsubscribe>
List-Archive: <https://lists.cs.columbia.edu/pipermail/kvmarm>
List-Post: <mailto:kvmarm@lists.cs.columbia.edu>
List-Help: <mailto:kvmarm-request@lists.cs.columbia.edu?subject=help>
List-Subscribe: <https://lists.cs.columbia.edu/mailman/listinfo/kvmarm>,
 <mailto:kvmarm-request@lists.cs.columbia.edu?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kvmarm-bounces@lists.cs.columbia.edu
Sender: kvmarm-bounces@lists.cs.columbia.edu

On Mon, Oct 04, 2021 at 06:48:42PM +0100, Marc Zyngier wrote:
> In order for userspace to find out whether the MMIO guard is
> exposed to a guest, expose a capability that says so.
> 
> We take this opportunity to make it incompatible with the NISV
> option, as that would be rather counter-productive!
> 
> Signed-off-by: Marc Zyngier <maz@kernel.org>
> ---
>  arch/arm64/kvm/arm.c        | 29 ++++++++++++++++++-----------
>  arch/arm64/kvm/hypercalls.c | 14 ++++++++++++--
>  include/uapi/linux/kvm.h    |  1 +
>  3 files changed, 31 insertions(+), 13 deletions(-)
> 
> diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c
> index ed9c89ec0b4f..1c9a7abe2728 100644
> --- a/arch/arm64/kvm/arm.c
> +++ b/arch/arm64/kvm/arm.c
> @@ -81,32 +81,33 @@ int kvm_arch_check_processor_compat(void *opaque)
>  int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
>  			    struct kvm_enable_cap *cap)
>  {
> -	int r;
> +	int r = -EINVAL;
>  
>  	if (cap->flags)
>  		return -EINVAL;
>  
> +	mutex_lock(&kvm->lock);
> +
>  	switch (cap->cap) {
>  	case KVM_CAP_ARM_NISV_TO_USER:
> -		r = 0;
> -		set_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> -			&kvm->arch.flags);
> +		/* This is incompatible with MMIO guard */
> +		if (!test_bit(KVM_ARCH_FLAG_MMIO_GUARD, &kvm->arch.flags)) {

But KVM_ARCH_FLAG_MMIO_GUARD will never be set at VM creation time, which
is the traditional time to probe and enable capabilities, because the
guest hasn't run yet, so it hasn't had a chance to issue the hypercall to
enable the mmio guard yet.

> +			r = 0;
> +			set_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> +				&kvm->arch.flags);
> +		}
>  		break;
>  	case KVM_CAP_ARM_MTE:
> -		mutex_lock(&kvm->lock);
> -		if (!system_supports_mte() || kvm->created_vcpus) {
> -			r = -EINVAL;
> -		} else {
> +		if (system_supports_mte() && !kvm->created_vcpus) {
>  			r = 0;
>  			set_bit(KVM_ARCH_FLAG_MTE_ENABLED, &kvm->arch.flags);
>  		}
> -		mutex_unlock(&kvm->lock);
>  		break;
>  	default:
> -		r = -EINVAL;
>  		break;
>  	}
>  
> +	mutex_unlock(&kvm->lock);
>  	return r;
>  }
>  
> @@ -211,13 +212,19 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
>  	case KVM_CAP_IMMEDIATE_EXIT:
>  	case KVM_CAP_VCPU_EVENTS:
>  	case KVM_CAP_ARM_IRQ_LINE_LAYOUT_2:
> -	case KVM_CAP_ARM_NISV_TO_USER:
>  	case KVM_CAP_ARM_INJECT_EXT_DABT:
>  	case KVM_CAP_SET_GUEST_DEBUG:
>  	case KVM_CAP_VCPU_ATTRIBUTES:
>  	case KVM_CAP_PTP_KVM:
>  		r = 1;
>  		break;
> +	case KVM_CAP_ARM_NISV_TO_USER:
> +		r = !test_bit(KVM_ARCH_FLAG_MMIO_GUARD, &kvm->arch.flags);
> +		break;
> +	case KVM_CAP_ARM_MMIO_GUARD:
> +		r = !test_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> +			      &kvm->arch.flags);
> +		break;
>  	case KVM_CAP_SET_GUEST_DEBUG2:
>  		return KVM_GUESTDBG_VALID_MASK;
>  	case KVM_CAP_ARM_SET_DEVICE_ADDR:
> diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c
> index c39aab55ecae..e4fade6a96f6 100644
> --- a/arch/arm64/kvm/hypercalls.c
> +++ b/arch/arm64/kvm/hypercalls.c
> @@ -59,6 +59,14 @@ static void kvm_ptp_get_time(struct kvm_vcpu *vcpu, u64 *val)
>  	val[3] = lower_32_bits(cycles);
>  }
>  
> +static bool mmio_guard_allowed(struct kvm_vcpu *vcpu)
> +{
> +	return (!test_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> +			  &vcpu->kvm->arch.flags) &&
> +		!vcpu_mode_is_32bit(vcpu));
> +
> +}
> +
>  int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  {
>  	u32 func_id = smccc_get_function(vcpu);
> @@ -131,7 +139,7 @@ int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  		val[0] = BIT(ARM_SMCCC_KVM_FUNC_FEATURES);
>  		val[0] |= BIT(ARM_SMCCC_KVM_FUNC_PTP);
>  		/* Only advertise MMIO guard to 64bit guests */
> -		if (!vcpu_mode_is_32bit(vcpu)) {
> +		if (mmio_guard_allowed(vcpu)) {
>  			val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MMIO_GUARD_INFO);
>  			val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MMIO_GUARD_ENROLL);
>  			val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MMIO_GUARD_MAP);
> @@ -146,10 +154,12 @@ int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  			val[0] = PAGE_SIZE;
>  		break;
>  	case ARM_SMCCC_VENDOR_HYP_KVM_MMIO_GUARD_ENROLL_FUNC_ID:
> -		if (!vcpu_mode_is_32bit(vcpu)) {
> +		mutex_lock(&vcpu->kvm->lock);
> +		if (mmio_guard_allowed(vcpu)) {
>  			set_bit(KVM_ARCH_FLAG_MMIO_GUARD, &vcpu->kvm->arch.flags);
>  			val[0] = SMCCC_RET_SUCCESS;
>  		}
> +		mutex_unlock(&vcpu->kvm->lock);
>  		break;
>  	case ARM_SMCCC_VENDOR_HYP_KVM_MMIO_GUARD_MAP_FUNC_ID:
>  		if (!vcpu_mode_is_32bit(vcpu) &&
> diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
> index a067410ebea5..ef171186e7be 100644
> --- a/include/uapi/linux/kvm.h
> +++ b/include/uapi/linux/kvm.h
> @@ -1112,6 +1112,7 @@ struct kvm_ppc_resize_hpt {
>  #define KVM_CAP_BINARY_STATS_FD 203
>  #define KVM_CAP_EXIT_ON_EMULATION_FAILURE 204
>  #define KVM_CAP_ARM_MTE 205
> +#define KVM_CAP_ARM_MMIO_GUARD 206
>  
>  #ifdef KVM_CAP_IRQ_ROUTING
>  
> -- 
> 2.30.2
>

Thanks,
drew

_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=FMRd=O3=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 62340C433F5
	for <linux-arm-kernel@archiver.kernel.org>; Thu,  7 Oct 2021 14:24:59 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 27D2D60F3A
	for <linux-arm-kernel@archiver.kernel.org>; Thu,  7 Oct 2021 14:24:59 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 27D2D60F3A
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References:
	Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=SGIAe3HMEWUaLggm0FaQXJU1PlXaiuID8vMGRqd29oM=; b=4bJk536EXbgaJW
	6M7SHJyRWpNv2o+g6d5iVZMR8NzVp4XnNIrnW4KyfYarI0L7lYw70UC/V3BBLPO+BC4waCrTrWv+9
	rlhxEP5p79DUQpR/1YNgpqPW8Fn3IO5i/0f6NpoonYZcHWxZu028Dt1Chs04HGw3IirWOAnCHuRyH
	QuVC4fm3e7/bsFx1TGtx5prpjPgkzjaCXQefJNUYZiFE2P+j8AEyCmRlUKldNbcvD8H8wDHF83mCQ
	rtnF6rM5nQ42PzlE+efo/eO/3yVHJ+MZjCfbCovsnHp/25Yx1R0U7KyavTkQZ+u/XF9jKnvaoj5pf
	7qeQfDtsGVr/yTN6O00A==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux))
	id 1mYUIN-00HaKO-Dl; Thu, 07 Oct 2021 14:22:51 +0000
Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124])
 by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux))
 id 1mYUIJ-00HaJM-91
 for linux-arm-kernel@lists.infradead.org; Thu, 07 Oct 2021 14:22:48 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1633616565;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=NwNhkSSQVfpndEjPuTcMmPnedcfNAU7hCSOfVfmZyQw=;
 b=esYsEikkXKzqjy0BB8SxKHpLnOSFF7AIF8iGUXolNeGCfpg7lVD/mNnpv5ZczsphVaEcAI
 prlHTFqSIam5cHbX0JC7sY9LUFqmWuxANx/h5DpIzhdZhDW8FFB0/ZY/imK4fIs3GTq4l1
 2NRIBqju94rh33upEmDCcVFJgHlsVTY=
Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com
 [209.85.160.198]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-53-9e7W7sywNqGA6DD-kpT6ig-1; Thu, 07 Oct 2021 10:22:44 -0400
X-MC-Unique: 9e7W7sywNqGA6DD-kpT6ig-1
Received: by mail-qt1-f198.google.com with SMTP id
 s10-20020ac80d8a000000b002a753776238so5271177qti.15
 for <linux-arm-kernel@lists.infradead.org>;
 Thu, 07 Oct 2021 07:22:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:references
 :mime-version:content-disposition:in-reply-to;
 bh=NwNhkSSQVfpndEjPuTcMmPnedcfNAU7hCSOfVfmZyQw=;
 b=HAXKOGtxJjutYHsH22MCDWdze9PA5V0eM74OotC7r0oO4ub9tY55v26wUxK13LYRu2
 fRY4uAa+pW0TnKrLso/N1F0qlS3WUgLcbAOFp3hibfQwuLzzOFjNzr/MdOsTMBoq9ltj
 9NDPpmdVv6P0HlQaBRK2iDM9pvTpA1d11J5fTuIaK73FL+oi1x/ADWLbgZMyYp0gzblR
 gCQGRgzCSpFF+sV66YmoJQIZveH2SY/hC7MpreDbpRKV3XvF0mO8/2xVj8Mk/JTqZXot
 Bj9qPQ2CSaDynR8mZU/7nM2PHSARkhJ0nnEEfRQNsg2wa7c+MAmhTAzqe3vZJDm1mP5l
 eu/Q==
X-Gm-Message-State: AOAM533yy/lUgs1jrdMn96GGBaFs44FUq9Ky1oyO5qRugXdFM93zPXuG
 R+wS9g6w2asYVdoKAjOVYyA0Ur/RFpAQifAbw8QzqIpO98PwapxmT5pxKL2KZZrNOmNTCSDRcWE
 sBF+uDBXW7niUqRikElQPUKs3R4JCyLQVDc4=
X-Received: by 2002:ac8:42da:: with SMTP id g26mr5084717qtm.368.1633616564370; 
 Thu, 07 Oct 2021 07:22:44 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJznlZpzS7BocFG+jBouZSO4VwuwGiZhZ+UBcXSThzQVFxaLLFDyXzL3bSYYFQIwgrEoqpSV7g==
X-Received: by 2002:ac8:42da:: with SMTP id g26mr5084691qtm.368.1633616564116; 
 Thu, 07 Oct 2021 07:22:44 -0700 (PDT)
Received: from gator (nat-pool-brq-u.redhat.com. [213.175.37.12])
 by smtp.gmail.com with ESMTPSA id b20sm521782qtx.89.2021.10.07.07.22.41
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 07 Oct 2021 07:22:43 -0700 (PDT)
Date: Thu, 7 Oct 2021 16:22:39 +0200
From: Andrew Jones <drjones@redhat.com>
To: Marc Zyngier <maz@kernel.org>
Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu,
 kvm@vger.kernel.org, linux-kernel@vger.kernel.org, will@kernel.org,
 qperret@google.com, dbrazdil@google.com,
 Steven Price <steven.price@arm.com>, Fuad Tabba <tabba@google.com>,
 Srivatsa Vaddagiri <vatsa@codeaurora.org>,
 Shanker R Donthineni <sdonthineni@nvidia.com>,
 James Morse <james.morse@arm.com>,
 Suzuki K Poulose <suzuki.poulose@arm.com>,
 Alexandru Elisei <alexandru.elisei@arm.com>, kernel-team@android.com
Subject: Re: [PATCH v2 09/16] KVM: arm64: Advertise a capability for MMIO guard
Message-ID: <20211007142239.4ryz4thzgpilphya@gator>
References: <20211004174849.2831548-1-maz@kernel.org>
 <20211004174849.2831548-10-maz@kernel.org>
MIME-Version: 1.0
In-Reply-To: <20211004174849.2831548-10-maz@kernel.org>
Authentication-Results: relay.mimecast.com;
 auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=drjones@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Disposition: inline
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20211007_072247_419460_476AF66B 
X-CRM114-Status: GOOD (  26.38  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

On Mon, Oct 04, 2021 at 06:48:42PM +0100, Marc Zyngier wrote:
> In order for userspace to find out whether the MMIO guard is
> exposed to a guest, expose a capability that says so.
> 
> We take this opportunity to make it incompatible with the NISV
> option, as that would be rather counter-productive!
> 
> Signed-off-by: Marc Zyngier <maz@kernel.org>
> ---
>  arch/arm64/kvm/arm.c        | 29 ++++++++++++++++++-----------
>  arch/arm64/kvm/hypercalls.c | 14 ++++++++++++--
>  include/uapi/linux/kvm.h    |  1 +
>  3 files changed, 31 insertions(+), 13 deletions(-)
> 
> diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c
> index ed9c89ec0b4f..1c9a7abe2728 100644
> --- a/arch/arm64/kvm/arm.c
> +++ b/arch/arm64/kvm/arm.c
> @@ -81,32 +81,33 @@ int kvm_arch_check_processor_compat(void *opaque)
>  int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
>  			    struct kvm_enable_cap *cap)
>  {
> -	int r;
> +	int r = -EINVAL;
>  
>  	if (cap->flags)
>  		return -EINVAL;
>  
> +	mutex_lock(&kvm->lock);
> +
>  	switch (cap->cap) {
>  	case KVM_CAP_ARM_NISV_TO_USER:
> -		r = 0;
> -		set_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> -			&kvm->arch.flags);
> +		/* This is incompatible with MMIO guard */
> +		if (!test_bit(KVM_ARCH_FLAG_MMIO_GUARD, &kvm->arch.flags)) {

But KVM_ARCH_FLAG_MMIO_GUARD will never be set at VM creation time, which
is the traditional time to probe and enable capabilities, because the
guest hasn't run yet, so it hasn't had a chance to issue the hypercall to
enable the mmio guard yet.

> +			r = 0;
> +			set_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> +				&kvm->arch.flags);
> +		}
>  		break;
>  	case KVM_CAP_ARM_MTE:
> -		mutex_lock(&kvm->lock);
> -		if (!system_supports_mte() || kvm->created_vcpus) {
> -			r = -EINVAL;
> -		} else {
> +		if (system_supports_mte() && !kvm->created_vcpus) {
>  			r = 0;
>  			set_bit(KVM_ARCH_FLAG_MTE_ENABLED, &kvm->arch.flags);
>  		}
> -		mutex_unlock(&kvm->lock);
>  		break;
>  	default:
> -		r = -EINVAL;
>  		break;
>  	}
>  
> +	mutex_unlock(&kvm->lock);
>  	return r;
>  }
>  
> @@ -211,13 +212,19 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
>  	case KVM_CAP_IMMEDIATE_EXIT:
>  	case KVM_CAP_VCPU_EVENTS:
>  	case KVM_CAP_ARM_IRQ_LINE_LAYOUT_2:
> -	case KVM_CAP_ARM_NISV_TO_USER:
>  	case KVM_CAP_ARM_INJECT_EXT_DABT:
>  	case KVM_CAP_SET_GUEST_DEBUG:
>  	case KVM_CAP_VCPU_ATTRIBUTES:
>  	case KVM_CAP_PTP_KVM:
>  		r = 1;
>  		break;
> +	case KVM_CAP_ARM_NISV_TO_USER:
> +		r = !test_bit(KVM_ARCH_FLAG_MMIO_GUARD, &kvm->arch.flags);
> +		break;
> +	case KVM_CAP_ARM_MMIO_GUARD:
> +		r = !test_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> +			      &kvm->arch.flags);
> +		break;
>  	case KVM_CAP_SET_GUEST_DEBUG2:
>  		return KVM_GUESTDBG_VALID_MASK;
>  	case KVM_CAP_ARM_SET_DEVICE_ADDR:
> diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c
> index c39aab55ecae..e4fade6a96f6 100644
> --- a/arch/arm64/kvm/hypercalls.c
> +++ b/arch/arm64/kvm/hypercalls.c
> @@ -59,6 +59,14 @@ static void kvm_ptp_get_time(struct kvm_vcpu *vcpu, u64 *val)
>  	val[3] = lower_32_bits(cycles);
>  }
>  
> +static bool mmio_guard_allowed(struct kvm_vcpu *vcpu)
> +{
> +	return (!test_bit(KVM_ARCH_FLAG_RETURN_NISV_IO_ABORT_TO_USER,
> +			  &vcpu->kvm->arch.flags) &&
> +		!vcpu_mode_is_32bit(vcpu));
> +
> +}
> +
>  int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  {
>  	u32 func_id = smccc_get_function(vcpu);
> @@ -131,7 +139,7 @@ int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  		val[0] = BIT(ARM_SMCCC_KVM_FUNC_FEATURES);
>  		val[0] |= BIT(ARM_SMCCC_KVM_FUNC_PTP);
>  		/* Only advertise MMIO guard to 64bit guests */
> -		if (!vcpu_mode_is_32bit(vcpu)) {
> +		if (mmio_guard_allowed(vcpu)) {
>  			val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MMIO_GUARD_INFO);
>  			val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MMIO_GUARD_ENROLL);
>  			val[0] |= BIT(ARM_SMCCC_KVM_FUNC_MMIO_GUARD_MAP);
> @@ -146,10 +154,12 @@ int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
>  			val[0] = PAGE_SIZE;
>  		break;
>  	case ARM_SMCCC_VENDOR_HYP_KVM_MMIO_GUARD_ENROLL_FUNC_ID:
> -		if (!vcpu_mode_is_32bit(vcpu)) {
> +		mutex_lock(&vcpu->kvm->lock);
> +		if (mmio_guard_allowed(vcpu)) {
>  			set_bit(KVM_ARCH_FLAG_MMIO_GUARD, &vcpu->kvm->arch.flags);
>  			val[0] = SMCCC_RET_SUCCESS;
>  		}
> +		mutex_unlock(&vcpu->kvm->lock);
>  		break;
>  	case ARM_SMCCC_VENDOR_HYP_KVM_MMIO_GUARD_MAP_FUNC_ID:
>  		if (!vcpu_mode_is_32bit(vcpu) &&
> diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
> index a067410ebea5..ef171186e7be 100644
> --- a/include/uapi/linux/kvm.h
> +++ b/include/uapi/linux/kvm.h
> @@ -1112,6 +1112,7 @@ struct kvm_ppc_resize_hpt {
>  #define KVM_CAP_BINARY_STATS_FD 203
>  #define KVM_CAP_EXIT_ON_EMULATION_FAILURE 204
>  #define KVM_CAP_ARM_MTE 205
> +#define KVM_CAP_ARM_MMIO_GUARD 206
>  
>  #ifdef KVM_CAP_IRQ_ROUTING
>  
> -- 
> 2.30.2
>

Thanks,
drew


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel