From: Marc Zyngier <maz@kernel.org>
To: James Morse <james.morse@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>
Cc: linux-arm-kernel@lists.infradead.org,
kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org,
Mark Rutland <mark.rutland@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Julien Thierry <julien.thierry.kdev@gmail.com>
Subject: Re: [PATCH v2 4/5] arm64: KVM: Prevent speculative S1 PTW when restoring vcpu context
Date: Sat, 26 Oct 2019 11:20:35 +0100 [thread overview]
Message-ID: <8636ffzu30.wl-maz@kernel.org> (raw)
In-Reply-To: <151fc868-6709-3017-e34d-649ec0e1812c@arm.com>
On Thu, 24 Oct 2019 17:10:44 +0100,
James Morse <james.morse@arm.com> wrote:
Hi James,
> Hi Marc,
>
> On 19/10/2019 10:55, Marc Zyngier wrote:
> > When handling erratum 1319367, we must ensure that the page table
> > walker cannot parse the S1 page tables while the guest is in an
> > inconsistent state. This is done as follows:
> >
> > On guest entry:
> > - TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur
> > - all system registers are restored, except for TCR_EL1 and SCTLR_EL1
> > - stage-2 is restored
> > - SCTLR_EL1 and TCR_EL1 are restored
> >
> > On guest exit:
> > - SCTLR_EL1.M and TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur
> > - stage-2 is disabled
> > - All host system registers are restored
>
> Reviewed-by: James Morse <james.morse@arm.com>
>
> (whitespace nit below)
>
>
> > diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c
> > index 69e10b29cbd0..5765b17c38c7 100644
> > --- a/arch/arm64/kvm/hyp/switch.c
> > +++ b/arch/arm64/kvm/hyp/switch.c
> > @@ -118,6 +118,20 @@ static void __hyp_text __activate_traps_nvhe(struct kvm_vcpu *vcpu)
> > }
> >
> > write_sysreg(val, cptr_el2);
> > +
> > + if (cpus_have_const_cap(ARM64_WORKAROUND_1319367)) {
> > + struct kvm_cpu_context *ctxt = &vcpu->arch.ctxt;
> > +
> > + isb();
> > + /*
> > + * At this stage, and thanks to the above isb(), S2 is
> > + * configured and enabled. We can now restore the guest's S1
> > + * configuration: SCTLR, and only then TCR.
> > + */
>
> (note for my future self: because the guest may have had M=0 and rubbish in the TTBRs)
>
> > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR);
> > + isb();
> > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR);
> > + }
> > }
> >
>
>
> > diff --git a/arch/arm64/kvm/hyp/sysreg-sr.c b/arch/arm64/kvm/hyp/sysreg-sr.c
> > index 7ddbc849b580..fb97547bfa79 100644
> > --- a/arch/arm64/kvm/hyp/sysreg-sr.c
> > +++ b/arch/arm64/kvm/hyp/sysreg-sr.c
> > @@ -117,12 +117,26 @@ static void __hyp_text __sysreg_restore_el1_state(struct kvm_cpu_context *ctxt)
> > {
> > write_sysreg(ctxt->sys_regs[MPIDR_EL1], vmpidr_el2);
> > write_sysreg(ctxt->sys_regs[CSSELR_EL1], csselr_el1);
> > - write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR);
> > +
> > + if (!cpus_have_const_cap(ARM64_WORKAROUND_1319367)) {
> > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR);
> > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR);
> > + } else if (!ctxt->__hyp_running_vcpu) {
> > + /*
> > + * Must only be done for guest registers, hence the context
> > + * test. We'recoming from the host, so SCTLR.M is already
>
> (Nit: We'recoming?)
Well spotted, now fixed. And thanks for the reviewing, much appreciated.
Catalin, Will: given that this series conflicts with the workaround for
erratum 1542419, do you mind taking it via the arm64 tree?
To make things a bit simpler, I've updated the series with James' tags at
[1], and pushed out a resolution of the merge with arm64/for-next/core [2].
Thanks,
M.
[1] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367
[2] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367-resolved
--
Jazz is not dead, it just smells funny.
WARNING: multiple messages have this Message-ID (diff)
From: Marc Zyngier <maz@kernel.org>
To: James Morse <james.morse@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>
Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
kvmarm@lists.cs.columbia.edu
Subject: Re: [PATCH v2 4/5] arm64: KVM: Prevent speculative S1 PTW when restoring vcpu context
Date: Sat, 26 Oct 2019 11:20:35 +0100 [thread overview]
Message-ID: <8636ffzu30.wl-maz@kernel.org> (raw)
In-Reply-To: <151fc868-6709-3017-e34d-649ec0e1812c@arm.com>
On Thu, 24 Oct 2019 17:10:44 +0100,
James Morse <james.morse@arm.com> wrote:
Hi James,
> Hi Marc,
>
> On 19/10/2019 10:55, Marc Zyngier wrote:
> > When handling erratum 1319367, we must ensure that the page table
> > walker cannot parse the S1 page tables while the guest is in an
> > inconsistent state. This is done as follows:
> >
> > On guest entry:
> > - TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur
> > - all system registers are restored, except for TCR_EL1 and SCTLR_EL1
> > - stage-2 is restored
> > - SCTLR_EL1 and TCR_EL1 are restored
> >
> > On guest exit:
> > - SCTLR_EL1.M and TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur
> > - stage-2 is disabled
> > - All host system registers are restored
>
> Reviewed-by: James Morse <james.morse@arm.com>
>
> (whitespace nit below)
>
>
> > diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c
> > index 69e10b29cbd0..5765b17c38c7 100644
> > --- a/arch/arm64/kvm/hyp/switch.c
> > +++ b/arch/arm64/kvm/hyp/switch.c
> > @@ -118,6 +118,20 @@ static void __hyp_text __activate_traps_nvhe(struct kvm_vcpu *vcpu)
> > }
> >
> > write_sysreg(val, cptr_el2);
> > +
> > + if (cpus_have_const_cap(ARM64_WORKAROUND_1319367)) {
> > + struct kvm_cpu_context *ctxt = &vcpu->arch.ctxt;
> > +
> > + isb();
> > + /*
> > + * At this stage, and thanks to the above isb(), S2 is
> > + * configured and enabled. We can now restore the guest's S1
> > + * configuration: SCTLR, and only then TCR.
> > + */
>
> (note for my future self: because the guest may have had M=0 and rubbish in the TTBRs)
>
> > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR);
> > + isb();
> > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR);
> > + }
> > }
> >
>
>
> > diff --git a/arch/arm64/kvm/hyp/sysreg-sr.c b/arch/arm64/kvm/hyp/sysreg-sr.c
> > index 7ddbc849b580..fb97547bfa79 100644
> > --- a/arch/arm64/kvm/hyp/sysreg-sr.c
> > +++ b/arch/arm64/kvm/hyp/sysreg-sr.c
> > @@ -117,12 +117,26 @@ static void __hyp_text __sysreg_restore_el1_state(struct kvm_cpu_context *ctxt)
> > {
> > write_sysreg(ctxt->sys_regs[MPIDR_EL1], vmpidr_el2);
> > write_sysreg(ctxt->sys_regs[CSSELR_EL1], csselr_el1);
> > - write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR);
> > +
> > + if (!cpus_have_const_cap(ARM64_WORKAROUND_1319367)) {
> > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR);
> > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR);
> > + } else if (!ctxt->__hyp_running_vcpu) {
> > + /*
> > + * Must only be done for guest registers, hence the context
> > + * test. We'recoming from the host, so SCTLR.M is already
>
> (Nit: We'recoming?)
Well spotted, now fixed. And thanks for the reviewing, much appreciated.
Catalin, Will: given that this series conflicts with the workaround for
erratum 1542419, do you mind taking it via the arm64 tree?
To make things a bit simpler, I've updated the series with James' tags at
[1], and pushed out a resolution of the merge with arm64/for-next/core [2].
Thanks,
M.
[1] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367
[2] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367-resolved
--
Jazz is not dead, it just smells funny.
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
WARNING: multiple messages have this Message-ID (diff)
From: Marc Zyngier <maz@kernel.org>
To: James Morse <james.morse@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>,
kvm@vger.kernel.org, Suzuki K Poulose <suzuki.poulose@arm.com>,
linux-arm-kernel@lists.infradead.org,
kvmarm@lists.cs.columbia.edu,
Julien Thierry <julien.thierry.kdev@gmail.com>
Subject: Re: [PATCH v2 4/5] arm64: KVM: Prevent speculative S1 PTW when restoring vcpu context
Date: Sat, 26 Oct 2019 11:20:35 +0100 [thread overview]
Message-ID: <8636ffzu30.wl-maz@kernel.org> (raw)
In-Reply-To: <151fc868-6709-3017-e34d-649ec0e1812c@arm.com>
On Thu, 24 Oct 2019 17:10:44 +0100,
James Morse <james.morse@arm.com> wrote:
Hi James,
> Hi Marc,
>
> On 19/10/2019 10:55, Marc Zyngier wrote:
> > When handling erratum 1319367, we must ensure that the page table
> > walker cannot parse the S1 page tables while the guest is in an
> > inconsistent state. This is done as follows:
> >
> > On guest entry:
> > - TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur
> > - all system registers are restored, except for TCR_EL1 and SCTLR_EL1
> > - stage-2 is restored
> > - SCTLR_EL1 and TCR_EL1 are restored
> >
> > On guest exit:
> > - SCTLR_EL1.M and TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur
> > - stage-2 is disabled
> > - All host system registers are restored
>
> Reviewed-by: James Morse <james.morse@arm.com>
>
> (whitespace nit below)
>
>
> > diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c
> > index 69e10b29cbd0..5765b17c38c7 100644
> > --- a/arch/arm64/kvm/hyp/switch.c
> > +++ b/arch/arm64/kvm/hyp/switch.c
> > @@ -118,6 +118,20 @@ static void __hyp_text __activate_traps_nvhe(struct kvm_vcpu *vcpu)
> > }
> >
> > write_sysreg(val, cptr_el2);
> > +
> > + if (cpus_have_const_cap(ARM64_WORKAROUND_1319367)) {
> > + struct kvm_cpu_context *ctxt = &vcpu->arch.ctxt;
> > +
> > + isb();
> > + /*
> > + * At this stage, and thanks to the above isb(), S2 is
> > + * configured and enabled. We can now restore the guest's S1
> > + * configuration: SCTLR, and only then TCR.
> > + */
>
> (note for my future self: because the guest may have had M=0 and rubbish in the TTBRs)
>
> > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR);
> > + isb();
> > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR);
> > + }
> > }
> >
>
>
> > diff --git a/arch/arm64/kvm/hyp/sysreg-sr.c b/arch/arm64/kvm/hyp/sysreg-sr.c
> > index 7ddbc849b580..fb97547bfa79 100644
> > --- a/arch/arm64/kvm/hyp/sysreg-sr.c
> > +++ b/arch/arm64/kvm/hyp/sysreg-sr.c
> > @@ -117,12 +117,26 @@ static void __hyp_text __sysreg_restore_el1_state(struct kvm_cpu_context *ctxt)
> > {
> > write_sysreg(ctxt->sys_regs[MPIDR_EL1], vmpidr_el2);
> > write_sysreg(ctxt->sys_regs[CSSELR_EL1], csselr_el1);
> > - write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR);
> > +
> > + if (!cpus_have_const_cap(ARM64_WORKAROUND_1319367)) {
> > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR);
> > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR);
> > + } else if (!ctxt->__hyp_running_vcpu) {
> > + /*
> > + * Must only be done for guest registers, hence the context
> > + * test. We'recoming from the host, so SCTLR.M is already
>
> (Nit: We'recoming?)
Well spotted, now fixed. And thanks for the reviewing, much appreciated.
Catalin, Will: given that this series conflicts with the workaround for
erratum 1542419, do you mind taking it via the arm64 tree?
To make things a bit simpler, I've updated the series with James' tags at
[1], and pushed out a resolution of the merge with arm64/for-next/core [2].
Thanks,
M.
[1] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367
[2] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367-resolved
--
Jazz is not dead, it just smells funny.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-10-26 10:20 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-19 9:55 [PATCH v2 0/5] arm64: KVM: Add workaround for errata 1319367 and 1319537 Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-19 9:55 ` [PATCH v2 1/5] arm64: Add ARM64_WORKAROUND_1319367 for all A57 and A72 versions Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-19 9:55 ` [PATCH v2 2/5] arm64: KVM: Reorder system register restoration and stage-2 activation Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-24 16:09 ` James Morse
2019-10-24 16:09 ` James Morse
2019-10-24 16:09 ` James Morse
2019-10-19 9:55 ` [PATCH v2 3/5] arm64: KVM: Disable EL1 PTW when invalidating S2 TLBs Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-24 16:10 ` James Morse
2019-10-24 16:10 ` James Morse
2019-10-24 16:10 ` James Morse
2019-10-19 9:55 ` [PATCH v2 4/5] arm64: KVM: Prevent speculative S1 PTW when restoring vcpu context Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-24 16:10 ` James Morse
2019-10-24 16:10 ` James Morse
2019-10-24 16:10 ` James Morse
2019-10-26 10:20 ` Marc Zyngier [this message]
2019-10-26 10:20 ` Marc Zyngier
2019-10-26 10:20 ` Marc Zyngier
2019-10-28 10:32 ` Catalin Marinas
2019-10-28 10:32 ` Catalin Marinas
2019-10-28 10:32 ` Catalin Marinas
2019-10-28 10:49 ` Marc Zyngier
2019-10-28 10:49 ` Marc Zyngier
2019-10-28 10:49 ` Marc Zyngier
2019-10-28 11:06 ` Catalin Marinas
2019-10-28 11:06 ` Catalin Marinas
2019-10-28 11:06 ` Catalin Marinas
2019-10-19 9:55 ` [PATCH v2 5/5] arm64: Enable and document ARM errata 1319367 and 1319537 Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
2019-10-19 9:55 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8636ffzu30.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=julien.thierry.kdev@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.