From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.1 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,INCLUDES_PATCH,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 36390CA9EB9 for ; Sat, 26 Oct 2019 10:20:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id ED3AF2070B for ; Sat, 26 Oct 2019 10:20:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1572085246; bh=znNEH+wcQYhZhCNEzzdhkGeRmGpZHyEt56Hkwbg/cds=; h=Date:From:To:Cc:Subject:In-Reply-To:References:List-ID:From; b=KlinvojRl6WZ4LRsM2E+JUuogtniVtgnFRUd+TVCBw85YLflNZM1k9AB5CS1XMyC8 eEyoyR/R+kDP4T+YVRXsDQXd10DhqAfl+L7OM21ds9+/QKWflj01N8dc7OUgf8vK2M NDfEBMS/1QQfs3iM0vP2oAhWrWBVExAak2ZrLbs8= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726139AbfJZKUo (ORCPT ); Sat, 26 Oct 2019 06:20:44 -0400 Received: from inca-roads.misterjones.org ([213.251.177.50]:34308 "EHLO inca-roads.misterjones.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726098AbfJZKUo (ORCPT ); Sat, 26 Oct 2019 06:20:44 -0400 Received: from 78.163-31-62.static.virginmediabusiness.co.uk ([62.31.163.78] helo=big-swifty.misterjones.org) by cheepnis.misterjones.org with esmtpsa (TLSv1.2:AES256-GCM-SHA384:256) (Exim 4.80) (envelope-from ) id 1iOJBU-0003Pg-TZ; Sat, 26 Oct 2019 12:20:37 +0200 Date: Sat, 26 Oct 2019 11:20:35 +0100 Message-ID: <8636ffzu30.wl-maz@kernel.org> From: Marc Zyngier To: James Morse , Catalin Marinas , Will Deacon Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org, Mark Rutland , Suzuki K Poulose , Julien Thierry Subject: Re: [PATCH v2 4/5] arm64: KVM: Prevent speculative S1 PTW when restoring vcpu context In-Reply-To: <151fc868-6709-3017-e34d-649ec0e1812c@arm.com> References: <20191019095521.31722-1-maz@kernel.org> <20191019095521.31722-5-maz@kernel.org> <151fc868-6709-3017-e34d-649ec0e1812c@arm.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 EasyPG/1.0.0 Emacs/26 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 62.31.163.78 X-SA-Exim-Rcpt-To: james.morse@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org, mark.rutland@arm.com, suzuki.poulose@arm.com, julien.thierry.kdev@gmail.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on cheepnis.misterjones.org); SAEximRunCond expanded to false Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org On Thu, 24 Oct 2019 17:10:44 +0100, James Morse wrote: Hi James, > Hi Marc, > > On 19/10/2019 10:55, Marc Zyngier wrote: > > When handling erratum 1319367, we must ensure that the page table > > walker cannot parse the S1 page tables while the guest is in an > > inconsistent state. This is done as follows: > > > > On guest entry: > > - TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur > > - all system registers are restored, except for TCR_EL1 and SCTLR_EL1 > > - stage-2 is restored > > - SCTLR_EL1 and TCR_EL1 are restored > > > > On guest exit: > > - SCTLR_EL1.M and TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur > > - stage-2 is disabled > > - All host system registers are restored > > Reviewed-by: James Morse > > (whitespace nit below) > > > > diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c > > index 69e10b29cbd0..5765b17c38c7 100644 > > --- a/arch/arm64/kvm/hyp/switch.c > > +++ b/arch/arm64/kvm/hyp/switch.c > > @@ -118,6 +118,20 @@ static void __hyp_text __activate_traps_nvhe(struct kvm_vcpu *vcpu) > > } > > > > write_sysreg(val, cptr_el2); > > + > > + if (cpus_have_const_cap(ARM64_WORKAROUND_1319367)) { > > + struct kvm_cpu_context *ctxt = &vcpu->arch.ctxt; > > + > > + isb(); > > + /* > > + * At this stage, and thanks to the above isb(), S2 is > > + * configured and enabled. We can now restore the guest's S1 > > + * configuration: SCTLR, and only then TCR. > > + */ > > (note for my future self: because the guest may have had M=0 and rubbish in the TTBRs) > > > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR); > > + isb(); > > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR); > > + } > > } > > > > > > diff --git a/arch/arm64/kvm/hyp/sysreg-sr.c b/arch/arm64/kvm/hyp/sysreg-sr.c > > index 7ddbc849b580..fb97547bfa79 100644 > > --- a/arch/arm64/kvm/hyp/sysreg-sr.c > > +++ b/arch/arm64/kvm/hyp/sysreg-sr.c > > @@ -117,12 +117,26 @@ static void __hyp_text __sysreg_restore_el1_state(struct kvm_cpu_context *ctxt) > > { > > write_sysreg(ctxt->sys_regs[MPIDR_EL1], vmpidr_el2); > > write_sysreg(ctxt->sys_regs[CSSELR_EL1], csselr_el1); > > - write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR); > > + > > + if (!cpus_have_const_cap(ARM64_WORKAROUND_1319367)) { > > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR); > > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR); > > + } else if (!ctxt->__hyp_running_vcpu) { > > + /* > > + * Must only be done for guest registers, hence the context > > + * test. We'recoming from the host, so SCTLR.M is already > > (Nit: We'recoming?) Well spotted, now fixed. And thanks for the reviewing, much appreciated. Catalin, Will: given that this series conflicts with the workaround for erratum 1542419, do you mind taking it via the arm64 tree? To make things a bit simpler, I've updated the series with James' tags at [1], and pushed out a resolution of the merge with arm64/for-next/core [2]. Thanks, M. [1] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367 [2] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367-resolved -- Jazz is not dead, it just smells funny. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.0 required=3.0 tests=INCLUDES_PATCH, MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3A74CCA9EBD for ; Sat, 26 Oct 2019 10:20:47 +0000 (UTC) Received: from mm01.cs.columbia.edu (mm01.cs.columbia.edu [128.59.11.253]) by mail.kernel.org (Postfix) with ESMTP id B6ADE2070B for ; Sat, 26 Oct 2019 10:20:46 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B6ADE2070B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvmarm-bounces@lists.cs.columbia.edu Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 111CB4A651; Sat, 26 Oct 2019 06:20:46 -0400 (EDT) X-Virus-Scanned: at lists.cs.columbia.edu Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ShMo8FeGX-sP; Sat, 26 Oct 2019 06:20:45 -0400 (EDT) Received: from mm01.cs.columbia.edu (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 029934A534; Sat, 26 Oct 2019 06:20:45 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id BE2ED4A4E8 for ; Sat, 26 Oct 2019 06:20:43 -0400 (EDT) X-Virus-Scanned: at lists.cs.columbia.edu Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lqd07A32Snlg for ; Sat, 26 Oct 2019 06:20:42 -0400 (EDT) Received: from inca-roads.misterjones.org (inca-roads.misterjones.org [213.251.177.50]) by mm01.cs.columbia.edu (Postfix) with ESMTPS id 8E7B74A4E5 for ; Sat, 26 Oct 2019 06:20:42 -0400 (EDT) Received: from 78.163-31-62.static.virginmediabusiness.co.uk ([62.31.163.78] helo=big-swifty.misterjones.org) by cheepnis.misterjones.org with esmtpsa (TLSv1.2:AES256-GCM-SHA384:256) (Exim 4.80) (envelope-from ) id 1iOJBU-0003Pg-TZ; Sat, 26 Oct 2019 12:20:37 +0200 Date: Sat, 26 Oct 2019 11:20:35 +0100 Message-ID: <8636ffzu30.wl-maz@kernel.org> From: Marc Zyngier To: James Morse , Catalin Marinas , Will Deacon Subject: Re: [PATCH v2 4/5] arm64: KVM: Prevent speculative S1 PTW when restoring vcpu context In-Reply-To: <151fc868-6709-3017-e34d-649ec0e1812c@arm.com> References: <20191019095521.31722-1-maz@kernel.org> <20191019095521.31722-5-maz@kernel.org> <151fc868-6709-3017-e34d-649ec0e1812c@arm.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 EasyPG/1.0.0 Emacs/26 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") X-SA-Exim-Connect-IP: 62.31.163.78 X-SA-Exim-Rcpt-To: james.morse@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org, mark.rutland@arm.com, suzuki.poulose@arm.com, julien.thierry.kdev@gmail.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on cheepnis.misterjones.org); SAEximRunCond expanded to false Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu X-BeenThere: kvmarm@lists.cs.columbia.edu X-Mailman-Version: 2.1.14 Precedence: list List-Id: Where KVM/ARM decisions are made List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kvmarm-bounces@lists.cs.columbia.edu Sender: kvmarm-bounces@lists.cs.columbia.edu On Thu, 24 Oct 2019 17:10:44 +0100, James Morse wrote: Hi James, > Hi Marc, > > On 19/10/2019 10:55, Marc Zyngier wrote: > > When handling erratum 1319367, we must ensure that the page table > > walker cannot parse the S1 page tables while the guest is in an > > inconsistent state. This is done as follows: > > > > On guest entry: > > - TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur > > - all system registers are restored, except for TCR_EL1 and SCTLR_EL1 > > - stage-2 is restored > > - SCTLR_EL1 and TCR_EL1 are restored > > > > On guest exit: > > - SCTLR_EL1.M and TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur > > - stage-2 is disabled > > - All host system registers are restored > > Reviewed-by: James Morse > > (whitespace nit below) > > > > diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c > > index 69e10b29cbd0..5765b17c38c7 100644 > > --- a/arch/arm64/kvm/hyp/switch.c > > +++ b/arch/arm64/kvm/hyp/switch.c > > @@ -118,6 +118,20 @@ static void __hyp_text __activate_traps_nvhe(struct kvm_vcpu *vcpu) > > } > > > > write_sysreg(val, cptr_el2); > > + > > + if (cpus_have_const_cap(ARM64_WORKAROUND_1319367)) { > > + struct kvm_cpu_context *ctxt = &vcpu->arch.ctxt; > > + > > + isb(); > > + /* > > + * At this stage, and thanks to the above isb(), S2 is > > + * configured and enabled. We can now restore the guest's S1 > > + * configuration: SCTLR, and only then TCR. > > + */ > > (note for my future self: because the guest may have had M=0 and rubbish in the TTBRs) > > > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR); > > + isb(); > > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR); > > + } > > } > > > > > > diff --git a/arch/arm64/kvm/hyp/sysreg-sr.c b/arch/arm64/kvm/hyp/sysreg-sr.c > > index 7ddbc849b580..fb97547bfa79 100644 > > --- a/arch/arm64/kvm/hyp/sysreg-sr.c > > +++ b/arch/arm64/kvm/hyp/sysreg-sr.c > > @@ -117,12 +117,26 @@ static void __hyp_text __sysreg_restore_el1_state(struct kvm_cpu_context *ctxt) > > { > > write_sysreg(ctxt->sys_regs[MPIDR_EL1], vmpidr_el2); > > write_sysreg(ctxt->sys_regs[CSSELR_EL1], csselr_el1); > > - write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR); > > + > > + if (!cpus_have_const_cap(ARM64_WORKAROUND_1319367)) { > > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR); > > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR); > > + } else if (!ctxt->__hyp_running_vcpu) { > > + /* > > + * Must only be done for guest registers, hence the context > > + * test. We'recoming from the host, so SCTLR.M is already > > (Nit: We'recoming?) Well spotted, now fixed. And thanks for the reviewing, much appreciated. Catalin, Will: given that this series conflicts with the workaround for erratum 1542419, do you mind taking it via the arm64 tree? To make things a bit simpler, I've updated the series with James' tags at [1], and pushed out a resolution of the merge with arm64/for-next/core [2]. Thanks, M. [1] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367 [2] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367-resolved -- Jazz is not dead, it just smells funny. _______________________________________________ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.0 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,INCLUDES_PATCH,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C8A8ACA9EB9 for ; Sat, 26 Oct 2019 10:20:48 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9DE552070B for ; Sat, 26 Oct 2019 10:20:48 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Nh41T/oM" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9DE552070B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Subject:To:From:Message-ID:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=QVqE1XWvbpQDvxblZcV9fI/v5NNtaDaL1ai+w4ejXgw=; b=Nh41T/oMlOwXMT 8GPu4fDc11T/hcaZMPkTElBIKSm9EQcpZ9ZjfLMcWZHF0uO+Ep5mSRUJQ3hHLrdAr3LR/z3HqwMB+ tbIvQ1bJxF8s0ufmt7ZfGhktB1F3zL2Xj5phOYn7U6SJBzPZU128SF/ws3J6y6+xys0CMFrM/pEMx B89z1NtTgsFRGX312OFq+CVIgLI+v6gg2h/aE7e2TWnjEwnLYAcNiEQ+DxFjEafSMQkZtrS1ZSi3w ZhQdaBTuaY2SOSVq/6PoaszUVTvQ02oY+EvwlTUCWs0umoO10zr9IYsCdLCSAWD31CJtIbXIv3Rzd k8k3tLpz+1/95gevcBiA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iOJBe-0004WN-H3; Sat, 26 Oct 2019 10:20:46 +0000 Received: from inca-roads.misterjones.org ([213.251.177.50]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iOJBb-0004Vh-Hh for linux-arm-kernel@lists.infradead.org; Sat, 26 Oct 2019 10:20:45 +0000 Received: from 78.163-31-62.static.virginmediabusiness.co.uk ([62.31.163.78] helo=big-swifty.misterjones.org) by cheepnis.misterjones.org with esmtpsa (TLSv1.2:AES256-GCM-SHA384:256) (Exim 4.80) (envelope-from ) id 1iOJBU-0003Pg-TZ; Sat, 26 Oct 2019 12:20:37 +0200 Date: Sat, 26 Oct 2019 11:20:35 +0100 Message-ID: <8636ffzu30.wl-maz@kernel.org> From: Marc Zyngier To: James Morse , Catalin Marinas , Will Deacon Subject: Re: [PATCH v2 4/5] arm64: KVM: Prevent speculative S1 PTW when restoring vcpu context In-Reply-To: <151fc868-6709-3017-e34d-649ec0e1812c@arm.com> References: <20191019095521.31722-1-maz@kernel.org> <20191019095521.31722-5-maz@kernel.org> <151fc868-6709-3017-e34d-649ec0e1812c@arm.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 EasyPG/1.0.0 Emacs/26 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") X-SA-Exim-Connect-IP: 62.31.163.78 X-SA-Exim-Rcpt-To: james.morse@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org, mark.rutland@arm.com, suzuki.poulose@arm.com, julien.thierry.kdev@gmail.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on cheepnis.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20191026_032043_732356_F749596F X-CRM114-Status: GOOD ( 18.14 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , kvm@vger.kernel.org, Suzuki K Poulose , linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, Julien Thierry Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+infradead-linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Thu, 24 Oct 2019 17:10:44 +0100, James Morse wrote: Hi James, > Hi Marc, > > On 19/10/2019 10:55, Marc Zyngier wrote: > > When handling erratum 1319367, we must ensure that the page table > > walker cannot parse the S1 page tables while the guest is in an > > inconsistent state. This is done as follows: > > > > On guest entry: > > - TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur > > - all system registers are restored, except for TCR_EL1 and SCTLR_EL1 > > - stage-2 is restored > > - SCTLR_EL1 and TCR_EL1 are restored > > > > On guest exit: > > - SCTLR_EL1.M and TCR_EL1.EPD{0,1} are set, ensuring that no PTW can occur > > - stage-2 is disabled > > - All host system registers are restored > > Reviewed-by: James Morse > > (whitespace nit below) > > > > diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c > > index 69e10b29cbd0..5765b17c38c7 100644 > > --- a/arch/arm64/kvm/hyp/switch.c > > +++ b/arch/arm64/kvm/hyp/switch.c > > @@ -118,6 +118,20 @@ static void __hyp_text __activate_traps_nvhe(struct kvm_vcpu *vcpu) > > } > > > > write_sysreg(val, cptr_el2); > > + > > + if (cpus_have_const_cap(ARM64_WORKAROUND_1319367)) { > > + struct kvm_cpu_context *ctxt = &vcpu->arch.ctxt; > > + > > + isb(); > > + /* > > + * At this stage, and thanks to the above isb(), S2 is > > + * configured and enabled. We can now restore the guest's S1 > > + * configuration: SCTLR, and only then TCR. > > + */ > > (note for my future self: because the guest may have had M=0 and rubbish in the TTBRs) > > > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR); > > + isb(); > > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR); > > + } > > } > > > > > > diff --git a/arch/arm64/kvm/hyp/sysreg-sr.c b/arch/arm64/kvm/hyp/sysreg-sr.c > > index 7ddbc849b580..fb97547bfa79 100644 > > --- a/arch/arm64/kvm/hyp/sysreg-sr.c > > +++ b/arch/arm64/kvm/hyp/sysreg-sr.c > > @@ -117,12 +117,26 @@ static void __hyp_text __sysreg_restore_el1_state(struct kvm_cpu_context *ctxt) > > { > > write_sysreg(ctxt->sys_regs[MPIDR_EL1], vmpidr_el2); > > write_sysreg(ctxt->sys_regs[CSSELR_EL1], csselr_el1); > > - write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR); > > + > > + if (!cpus_have_const_cap(ARM64_WORKAROUND_1319367)) { > > + write_sysreg_el1(ctxt->sys_regs[SCTLR_EL1], SYS_SCTLR); > > + write_sysreg_el1(ctxt->sys_regs[TCR_EL1], SYS_TCR); > > + } else if (!ctxt->__hyp_running_vcpu) { > > + /* > > + * Must only be done for guest registers, hence the context > > + * test. We'recoming from the host, so SCTLR.M is already > > (Nit: We'recoming?) Well spotted, now fixed. And thanks for the reviewing, much appreciated. Catalin, Will: given that this series conflicts with the workaround for erratum 1542419, do you mind taking it via the arm64 tree? To make things a bit simpler, I've updated the series with James' tags at [1], and pushed out a resolution of the merge with arm64/for-next/core [2]. Thanks, M. [1] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367 [2] git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git kvm-arm64/erratum-1319367-resolved -- Jazz is not dead, it just smells funny. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel