From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.0 required=3.0 tests=BAYES_00,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B9D3DC07E9B for ; Mon, 19 Jul 2021 14:24:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9AE6B600CC for ; Mon, 19 Jul 2021 14:24:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240793AbhGSNn4 (ORCPT ); Mon, 19 Jul 2021 09:43:56 -0400 Received: from mail.kernel.org ([198.145.29.99]:58080 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232022AbhGSNnz (ORCPT ); Mon, 19 Jul 2021 09:43:55 -0400 Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 7476E60FE9; Mon, 19 Jul 2021 14:24:35 +0000 (UTC) Received: from sofa.misterjones.org ([185.219.108.64] helo=why.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1m5UC9-00EE2W-Ao; Mon, 19 Jul 2021 15:24:33 +0100 Date: Mon, 19 Jul 2021 15:24:32 +0100 Message-ID: <87h7gqjs9r.wl-maz@kernel.org> From: Marc Zyngier To: Quentin Perret Cc: james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, ardb@kernel.org, qwandor@google.com, tabba@google.com, dbrazdil@google.com, kernel-team@android.com Subject: Re: [PATCH 07/14] KVM: arm64: Enable forcing page-level stage-2 mappings In-Reply-To: <20210719104735.3681732-8-qperret@google.com> References: <20210719104735.3681732-1-qperret@google.com> <20210719104735.3681732-8-qperret@google.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: qperret@google.com, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, ardb@kernel.org, qwandor@google.com, tabba@google.com, dbrazdil@google.com, kernel-team@android.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 19 Jul 2021 11:47:28 +0100, Quentin Perret wrote: > > Much of the stage-2 manipulation logic relies on being able to destroy > block mappings if e.g. installing a smaller mapping in the range. The > rationale for this behaviour is that stage-2 mappings can always be > re-created lazily. However, this gets more complicated when the stage-2 > page-table is used to store metadata about the underlying pages. In such > a case, destroying a block mapping may lead to losing part of the > state, and confuse the user of those metadata (such as the hypervisor in > nVHE protected mode). > > To fix this, introduce a callback function in the pgtable struct which > is called during all map operations to determine whether the mappings > can us blocks, or should be forced to page-granularity level. This is nit: use? > used by the hypervisor when creating the host stage-2 to force > page-level mappings when using non-default protection attributes. > > Signed-off-by: Quentin Perret > --- > arch/arm64/include/asm/kvm_pgtable.h | 63 +++++++++++++++++---------- > arch/arm64/kvm/hyp/nvhe/mem_protect.c | 16 +++++-- > arch/arm64/kvm/hyp/pgtable.c | 20 +++++++-- > 3 files changed, 69 insertions(+), 30 deletions(-) > > diff --git a/arch/arm64/include/asm/kvm_pgtable.h b/arch/arm64/include/asm/kvm_pgtable.h > index af62203d2f7a..dd72653314c7 100644 > --- a/arch/arm64/include/asm/kvm_pgtable.h > +++ b/arch/arm64/include/asm/kvm_pgtable.h > @@ -75,25 +75,6 @@ enum kvm_pgtable_stage2_flags { > KVM_PGTABLE_S2_IDMAP = BIT(1), > }; > > -/** > - * struct kvm_pgtable - KVM page-table. > - * @ia_bits: Maximum input address size, in bits. > - * @start_level: Level at which the page-table walk starts. > - * @pgd: Pointer to the first top-level entry of the page-table. > - * @mm_ops: Memory management callbacks. > - * @mmu: Stage-2 KVM MMU struct. Unused for stage-1 page-tables. > - */ > -struct kvm_pgtable { > - u32 ia_bits; > - u32 start_level; > - kvm_pte_t *pgd; > - struct kvm_pgtable_mm_ops *mm_ops; > - > - /* Stage-2 only */ > - struct kvm_s2_mmu *mmu; > - enum kvm_pgtable_stage2_flags flags; > -}; > - > /** > * enum kvm_pgtable_prot - Page-table permissions and attributes. > * @KVM_PGTABLE_PROT_X: Execute permission. > @@ -109,11 +90,41 @@ enum kvm_pgtable_prot { > KVM_PGTABLE_PROT_DEVICE = BIT(3), > }; > > -#define PAGE_HYP (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W) > +#define KVM_PGTABLE_PROT_RW (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W) > +#define KVM_PGTABLE_PROT_RWX (KVM_PGTABLE_PROT_RW | KVM_PGTABLE_PROT_X) > + > +#define PAGE_HYP KVM_PGTABLE_PROT_RW > #define PAGE_HYP_EXEC (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_X) > #define PAGE_HYP_RO (KVM_PGTABLE_PROT_R) > #define PAGE_HYP_DEVICE (PAGE_HYP | KVM_PGTABLE_PROT_DEVICE) > > +typedef bool (*kvm_pgtable_want_pte_cb_t)(u64 addr, u64 end, > + enum kvm_pgtable_prot prot); > + > +/** > + * struct kvm_pgtable - KVM page-table. > + * @ia_bits: Maximum input address size, in bits. > + * @start_level: Level at which the page-table walk starts. > + * @pgd: Pointer to the first top-level entry of the page-table. > + * @mm_ops: Memory management callbacks. > + * @mmu: Stage-2 KVM MMU struct. Unused for stage-1 page-tables. > + * @flags: Stage-2 page-table flags. > + * @want_pte_cb: Callback function used during map operations to decide > + * whether block mappings can be used to map the given IPA > + * range. > + */ > +struct kvm_pgtable { > + u32 ia_bits; > + u32 start_level; > + kvm_pte_t *pgd; > + struct kvm_pgtable_mm_ops *mm_ops; > + > + /* Stage-2 only */ > + struct kvm_s2_mmu *mmu; > + enum kvm_pgtable_stage2_flags flags; > + kvm_pgtable_want_pte_cb_t want_pte_cb; > +}; nit: does this whole definition really need to move around? > + > /** > * struct kvm_mem_range - Range of Intermediate Physical Addresses > * @start: Start of the range. > @@ -216,21 +227,25 @@ int kvm_pgtable_hyp_map(struct kvm_pgtable *pgt, u64 addr, u64 size, u64 phys, > u64 kvm_get_vtcr(u64 mmfr0, u64 mmfr1, u32 phys_shift); > > /** > - * kvm_pgtable_stage2_init_flags() - Initialise a guest stage-2 page-table. > + * kvm_pgtable_stage2_init_full() - Initialise a guest stage-2 page-table. > * @pgt: Uninitialised page-table structure to initialise. > * @arch: Arch-specific KVM structure representing the guest virtual > * machine. > * @mm_ops: Memory management callbacks. > * @flags: Stage-2 configuration flags. > + * @want_pte_cb: Callback function used during map operations to decide > + * whether block mappings can be used to map the given IPA > + * range. > * > * Return: 0 on success, negative error code on failure. > */ > -int kvm_pgtable_stage2_init_flags(struct kvm_pgtable *pgt, struct kvm_arch *arch, > +int kvm_pgtable_stage2_init_full(struct kvm_pgtable *pgt, struct kvm_arch *arch, > struct kvm_pgtable_mm_ops *mm_ops, > - enum kvm_pgtable_stage2_flags flags); > + enum kvm_pgtable_stage2_flags flags, > + kvm_pgtable_want_pte_cb_t want_pte_cb); > > #define kvm_pgtable_stage2_init(pgt, arch, mm_ops) \ > - kvm_pgtable_stage2_init_flags(pgt, arch, mm_ops, 0) > + kvm_pgtable_stage2_init_full(pgt, arch, mm_ops, 0, NULL) nit: in general, we use __foo() as the primitive for foo(), rather than foo_with_icing_on_top(). > > /** > * kvm_pgtable_stage2_destroy() - Destroy an unused guest stage-2 page-table. > diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > index 58edc62be6f7..cdace80d3e28 100644 > --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c > +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > @@ -89,6 +89,7 @@ static void prepare_host_vtcr(void) > id_aa64mmfr1_el1_sys_val, phys_shift); > } > > +static bool host_stage2_want_pte_cb(u64 addr, u64 end, enum kvm_pgtable_prot prot); > int kvm_host_prepare_stage2(void *pgt_pool_base) > { > struct kvm_s2_mmu *mmu = &host_kvm.arch.mmu; > @@ -101,8 +102,9 @@ int kvm_host_prepare_stage2(void *pgt_pool_base) > if (ret) > return ret; > > - ret = kvm_pgtable_stage2_init_flags(&host_kvm.pgt, &host_kvm.arch, > - &host_kvm.mm_ops, KVM_HOST_S2_FLAGS); > + ret = kvm_pgtable_stage2_init_full(&host_kvm.pgt, &host_kvm.arch, > + &host_kvm.mm_ops, KVM_HOST_S2_FLAGS, > + host_stage2_want_pte_cb); > if (ret) > return ret; > > @@ -225,9 +227,17 @@ static inline int __host_stage2_idmap(u64 start, u64 end, > __ret; \ > }) > > +static bool host_stage2_want_pte_cb(u64 addr, u64 end, enum kvm_pgtable_prot prot) > +{ > + if (range_is_memory(addr, end)) > + return prot != KVM_PGTABLE_PROT_RWX; > + else > + return prot != KVM_PGTABLE_PROT_RW; > +} This really deserves a comment about *why* you make such decision. I also find it a bit odd that you use the permissions to decide whether to map a block or a not. It feels like the permission is more of a side effect than anything else. > + > static int host_stage2_idmap(u64 addr) > { > - enum kvm_pgtable_prot prot = KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W; > + enum kvm_pgtable_prot prot = KVM_PGTABLE_PROT_RW; > struct kvm_mem_range range; > bool is_memory = find_mem_range(addr, &range); > int ret; > diff --git a/arch/arm64/kvm/hyp/pgtable.c b/arch/arm64/kvm/hyp/pgtable.c > index 34cf67997a82..5bdbe7a31551 100644 > --- a/arch/arm64/kvm/hyp/pgtable.c > +++ b/arch/arm64/kvm/hyp/pgtable.c > @@ -452,6 +452,8 @@ int kvm_pgtable_hyp_init(struct kvm_pgtable *pgt, u32 va_bits, > pgt->start_level = KVM_PGTABLE_MAX_LEVELS - levels; > pgt->mm_ops = mm_ops; > pgt->mmu = NULL; > + pgt->want_pte_cb = NULL; > + > return 0; > } > > @@ -491,6 +493,7 @@ struct stage2_map_data { > struct kvm_pgtable_mm_ops *mm_ops; > > int ret; > + bool force_pte; OK, so you have *two* mechanisms here: once to decide if a range can be mapped as a block or not, and another one to remember the result while walking the S2 PTW. This probably deserves some documentation and/or patch splitting. > }; > > u64 kvm_get_vtcr(u64 mmfr0, u64 mmfr1, u32 phys_shift) > @@ -613,6 +616,9 @@ static int stage2_map_walker_try_leaf(u64 addr, u64 end, u32 level, > struct kvm_pgtable *pgt = data->mmu->pgt; > struct kvm_pgtable_mm_ops *mm_ops = data->mm_ops; > > + if (data->force_pte && (level < (KVM_PGTABLE_MAX_LEVELS - 1))) > + return -E2BIG; > + > if (!kvm_block_mapping_supported(addr, end, phys, level)) > return -E2BIG; > > @@ -660,6 +666,9 @@ static int stage2_map_walk_table_pre(u64 addr, u64 end, u32 level, > if (data->anchor) > return 0; > > + if (data->force_pte && (level < (KVM_PGTABLE_MAX_LEVELS - 1))) > + return 0; > + > if (!kvm_block_mapping_supported(addr, end, data->phys, level)) There is something in me screaming that kvm_block_mapping_supported() should be the point where we check for these things... Or at least a helper function that takes 'data' as a parameter. > return 0; > > @@ -791,6 +800,7 @@ int kvm_pgtable_stage2_map(struct kvm_pgtable *pgt, u64 addr, u64 size, > .memcache = mc, > .mm_ops = pgt->mm_ops, > .ret = 0, > + .force_pte = pgt->want_pte_cb && pgt->want_pte_cb(addr, addr + size, prot), Reading this makes me want to rename want_pte_cb() to force_pte_cb()... > }; > struct kvm_pgtable_walker walker = { > .cb = stage2_map_walker, > @@ -826,6 +836,7 @@ int kvm_pgtable_stage2_set_owner(struct kvm_pgtable *pgt, u64 addr, u64 size, > .mm_ops = pgt->mm_ops, > .owner_id = owner_id, > .ret = 0, > + .force_pte = true, > }; > struct kvm_pgtable_walker walker = { > .cb = stage2_map_walker, > @@ -1070,9 +1081,11 @@ int kvm_pgtable_stage2_flush(struct kvm_pgtable *pgt, u64 addr, u64 size) > return kvm_pgtable_walk(pgt, addr, size, &walker); > } > > -int kvm_pgtable_stage2_init_flags(struct kvm_pgtable *pgt, struct kvm_arch *arch, > - struct kvm_pgtable_mm_ops *mm_ops, > - enum kvm_pgtable_stage2_flags flags) > + > +int kvm_pgtable_stage2_init_full(struct kvm_pgtable *pgt, struct kvm_arch *arch, > + struct kvm_pgtable_mm_ops *mm_ops, > + enum kvm_pgtable_stage2_flags flags, > + kvm_pgtable_want_pte_cb_t want_pte_cb) > { > size_t pgd_sz; > u64 vtcr = arch->vtcr; > @@ -1090,6 +1103,7 @@ int kvm_pgtable_stage2_init_flags(struct kvm_pgtable *pgt, struct kvm_arch *arch > pgt->mm_ops = mm_ops; > pgt->mmu = &arch->mmu; > pgt->flags = flags; > + pgt->want_pte_cb = want_pte_cb; > > /* Ensure zeroed PGD pages are visible to the hardware walker */ > dsb(ishst); Thanks, M. -- Without deviation from the norm, progress is not possible. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.0 required=3.0 tests=BAYES_00,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A4863C07E95 for ; Mon, 19 Jul 2021 14:24:42 +0000 (UTC) Received: from mm01.cs.columbia.edu (mm01.cs.columbia.edu [128.59.11.253]) by mail.kernel.org (Postfix) with ESMTP id 1016C610D2 for ; Mon, 19 Jul 2021 14:24:40 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1016C610D2 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvmarm-bounces@lists.cs.columbia.edu Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 965654A5A0; Mon, 19 Jul 2021 10:24:40 -0400 (EDT) X-Virus-Scanned: at lists.cs.columbia.edu Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4rJN+phMn9u9; Mon, 19 Jul 2021 10:24:39 -0400 (EDT) Received: from mm01.cs.columbia.edu (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 241D749FB7; Mon, 19 Jul 2021 10:24:39 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 57E754A193 for ; Mon, 19 Jul 2021 10:24:38 -0400 (EDT) X-Virus-Scanned: at lists.cs.columbia.edu Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jxMcNrY3Kh1Z for ; Mon, 19 Jul 2021 10:24:36 -0400 (EDT) Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by mm01.cs.columbia.edu (Postfix) with ESMTPS id B8E64407A0 for ; Mon, 19 Jul 2021 10:24:36 -0400 (EDT) Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 7476E60FE9; Mon, 19 Jul 2021 14:24:35 +0000 (UTC) Received: from sofa.misterjones.org ([185.219.108.64] helo=why.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1m5UC9-00EE2W-Ao; Mon, 19 Jul 2021 15:24:33 +0100 Date: Mon, 19 Jul 2021 15:24:32 +0100 Message-ID: <87h7gqjs9r.wl-maz@kernel.org> From: Marc Zyngier To: Quentin Perret Subject: Re: [PATCH 07/14] KVM: arm64: Enable forcing page-level stage-2 mappings In-Reply-To: <20210719104735.3681732-8-qperret@google.com> References: <20210719104735.3681732-1-qperret@google.com> <20210719104735.3681732-8-qperret@google.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: qperret@google.com, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, ardb@kernel.org, qwandor@google.com, tabba@google.com, dbrazdil@google.com, kernel-team@android.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false Cc: kernel-team@android.com, qwandor@google.com, will@kernel.org, catalin.marinas@arm.com, linux-kernel@vger.kernel.org, kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org X-BeenThere: kvmarm@lists.cs.columbia.edu X-Mailman-Version: 2.1.14 Precedence: list List-Id: Where KVM/ARM decisions are made List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kvmarm-bounces@lists.cs.columbia.edu Sender: kvmarm-bounces@lists.cs.columbia.edu On Mon, 19 Jul 2021 11:47:28 +0100, Quentin Perret wrote: > > Much of the stage-2 manipulation logic relies on being able to destroy > block mappings if e.g. installing a smaller mapping in the range. The > rationale for this behaviour is that stage-2 mappings can always be > re-created lazily. However, this gets more complicated when the stage-2 > page-table is used to store metadata about the underlying pages. In such > a case, destroying a block mapping may lead to losing part of the > state, and confuse the user of those metadata (such as the hypervisor in > nVHE protected mode). > > To fix this, introduce a callback function in the pgtable struct which > is called during all map operations to determine whether the mappings > can us blocks, or should be forced to page-granularity level. This is nit: use? > used by the hypervisor when creating the host stage-2 to force > page-level mappings when using non-default protection attributes. > > Signed-off-by: Quentin Perret > --- > arch/arm64/include/asm/kvm_pgtable.h | 63 +++++++++++++++++---------- > arch/arm64/kvm/hyp/nvhe/mem_protect.c | 16 +++++-- > arch/arm64/kvm/hyp/pgtable.c | 20 +++++++-- > 3 files changed, 69 insertions(+), 30 deletions(-) > > diff --git a/arch/arm64/include/asm/kvm_pgtable.h b/arch/arm64/include/asm/kvm_pgtable.h > index af62203d2f7a..dd72653314c7 100644 > --- a/arch/arm64/include/asm/kvm_pgtable.h > +++ b/arch/arm64/include/asm/kvm_pgtable.h > @@ -75,25 +75,6 @@ enum kvm_pgtable_stage2_flags { > KVM_PGTABLE_S2_IDMAP = BIT(1), > }; > > -/** > - * struct kvm_pgtable - KVM page-table. > - * @ia_bits: Maximum input address size, in bits. > - * @start_level: Level at which the page-table walk starts. > - * @pgd: Pointer to the first top-level entry of the page-table. > - * @mm_ops: Memory management callbacks. > - * @mmu: Stage-2 KVM MMU struct. Unused for stage-1 page-tables. > - */ > -struct kvm_pgtable { > - u32 ia_bits; > - u32 start_level; > - kvm_pte_t *pgd; > - struct kvm_pgtable_mm_ops *mm_ops; > - > - /* Stage-2 only */ > - struct kvm_s2_mmu *mmu; > - enum kvm_pgtable_stage2_flags flags; > -}; > - > /** > * enum kvm_pgtable_prot - Page-table permissions and attributes. > * @KVM_PGTABLE_PROT_X: Execute permission. > @@ -109,11 +90,41 @@ enum kvm_pgtable_prot { > KVM_PGTABLE_PROT_DEVICE = BIT(3), > }; > > -#define PAGE_HYP (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W) > +#define KVM_PGTABLE_PROT_RW (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W) > +#define KVM_PGTABLE_PROT_RWX (KVM_PGTABLE_PROT_RW | KVM_PGTABLE_PROT_X) > + > +#define PAGE_HYP KVM_PGTABLE_PROT_RW > #define PAGE_HYP_EXEC (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_X) > #define PAGE_HYP_RO (KVM_PGTABLE_PROT_R) > #define PAGE_HYP_DEVICE (PAGE_HYP | KVM_PGTABLE_PROT_DEVICE) > > +typedef bool (*kvm_pgtable_want_pte_cb_t)(u64 addr, u64 end, > + enum kvm_pgtable_prot prot); > + > +/** > + * struct kvm_pgtable - KVM page-table. > + * @ia_bits: Maximum input address size, in bits. > + * @start_level: Level at which the page-table walk starts. > + * @pgd: Pointer to the first top-level entry of the page-table. > + * @mm_ops: Memory management callbacks. > + * @mmu: Stage-2 KVM MMU struct. Unused for stage-1 page-tables. > + * @flags: Stage-2 page-table flags. > + * @want_pte_cb: Callback function used during map operations to decide > + * whether block mappings can be used to map the given IPA > + * range. > + */ > +struct kvm_pgtable { > + u32 ia_bits; > + u32 start_level; > + kvm_pte_t *pgd; > + struct kvm_pgtable_mm_ops *mm_ops; > + > + /* Stage-2 only */ > + struct kvm_s2_mmu *mmu; > + enum kvm_pgtable_stage2_flags flags; > + kvm_pgtable_want_pte_cb_t want_pte_cb; > +}; nit: does this whole definition really need to move around? > + > /** > * struct kvm_mem_range - Range of Intermediate Physical Addresses > * @start: Start of the range. > @@ -216,21 +227,25 @@ int kvm_pgtable_hyp_map(struct kvm_pgtable *pgt, u64 addr, u64 size, u64 phys, > u64 kvm_get_vtcr(u64 mmfr0, u64 mmfr1, u32 phys_shift); > > /** > - * kvm_pgtable_stage2_init_flags() - Initialise a guest stage-2 page-table. > + * kvm_pgtable_stage2_init_full() - Initialise a guest stage-2 page-table. > * @pgt: Uninitialised page-table structure to initialise. > * @arch: Arch-specific KVM structure representing the guest virtual > * machine. > * @mm_ops: Memory management callbacks. > * @flags: Stage-2 configuration flags. > + * @want_pte_cb: Callback function used during map operations to decide > + * whether block mappings can be used to map the given IPA > + * range. > * > * Return: 0 on success, negative error code on failure. > */ > -int kvm_pgtable_stage2_init_flags(struct kvm_pgtable *pgt, struct kvm_arch *arch, > +int kvm_pgtable_stage2_init_full(struct kvm_pgtable *pgt, struct kvm_arch *arch, > struct kvm_pgtable_mm_ops *mm_ops, > - enum kvm_pgtable_stage2_flags flags); > + enum kvm_pgtable_stage2_flags flags, > + kvm_pgtable_want_pte_cb_t want_pte_cb); > > #define kvm_pgtable_stage2_init(pgt, arch, mm_ops) \ > - kvm_pgtable_stage2_init_flags(pgt, arch, mm_ops, 0) > + kvm_pgtable_stage2_init_full(pgt, arch, mm_ops, 0, NULL) nit: in general, we use __foo() as the primitive for foo(), rather than foo_with_icing_on_top(). > > /** > * kvm_pgtable_stage2_destroy() - Destroy an unused guest stage-2 page-table. > diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > index 58edc62be6f7..cdace80d3e28 100644 > --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c > +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > @@ -89,6 +89,7 @@ static void prepare_host_vtcr(void) > id_aa64mmfr1_el1_sys_val, phys_shift); > } > > +static bool host_stage2_want_pte_cb(u64 addr, u64 end, enum kvm_pgtable_prot prot); > int kvm_host_prepare_stage2(void *pgt_pool_base) > { > struct kvm_s2_mmu *mmu = &host_kvm.arch.mmu; > @@ -101,8 +102,9 @@ int kvm_host_prepare_stage2(void *pgt_pool_base) > if (ret) > return ret; > > - ret = kvm_pgtable_stage2_init_flags(&host_kvm.pgt, &host_kvm.arch, > - &host_kvm.mm_ops, KVM_HOST_S2_FLAGS); > + ret = kvm_pgtable_stage2_init_full(&host_kvm.pgt, &host_kvm.arch, > + &host_kvm.mm_ops, KVM_HOST_S2_FLAGS, > + host_stage2_want_pte_cb); > if (ret) > return ret; > > @@ -225,9 +227,17 @@ static inline int __host_stage2_idmap(u64 start, u64 end, > __ret; \ > }) > > +static bool host_stage2_want_pte_cb(u64 addr, u64 end, enum kvm_pgtable_prot prot) > +{ > + if (range_is_memory(addr, end)) > + return prot != KVM_PGTABLE_PROT_RWX; > + else > + return prot != KVM_PGTABLE_PROT_RW; > +} This really deserves a comment about *why* you make such decision. I also find it a bit odd that you use the permissions to decide whether to map a block or a not. It feels like the permission is more of a side effect than anything else. > + > static int host_stage2_idmap(u64 addr) > { > - enum kvm_pgtable_prot prot = KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W; > + enum kvm_pgtable_prot prot = KVM_PGTABLE_PROT_RW; > struct kvm_mem_range range; > bool is_memory = find_mem_range(addr, &range); > int ret; > diff --git a/arch/arm64/kvm/hyp/pgtable.c b/arch/arm64/kvm/hyp/pgtable.c > index 34cf67997a82..5bdbe7a31551 100644 > --- a/arch/arm64/kvm/hyp/pgtable.c > +++ b/arch/arm64/kvm/hyp/pgtable.c > @@ -452,6 +452,8 @@ int kvm_pgtable_hyp_init(struct kvm_pgtable *pgt, u32 va_bits, > pgt->start_level = KVM_PGTABLE_MAX_LEVELS - levels; > pgt->mm_ops = mm_ops; > pgt->mmu = NULL; > + pgt->want_pte_cb = NULL; > + > return 0; > } > > @@ -491,6 +493,7 @@ struct stage2_map_data { > struct kvm_pgtable_mm_ops *mm_ops; > > int ret; > + bool force_pte; OK, so you have *two* mechanisms here: once to decide if a range can be mapped as a block or not, and another one to remember the result while walking the S2 PTW. This probably deserves some documentation and/or patch splitting. > }; > > u64 kvm_get_vtcr(u64 mmfr0, u64 mmfr1, u32 phys_shift) > @@ -613,6 +616,9 @@ static int stage2_map_walker_try_leaf(u64 addr, u64 end, u32 level, > struct kvm_pgtable *pgt = data->mmu->pgt; > struct kvm_pgtable_mm_ops *mm_ops = data->mm_ops; > > + if (data->force_pte && (level < (KVM_PGTABLE_MAX_LEVELS - 1))) > + return -E2BIG; > + > if (!kvm_block_mapping_supported(addr, end, phys, level)) > return -E2BIG; > > @@ -660,6 +666,9 @@ static int stage2_map_walk_table_pre(u64 addr, u64 end, u32 level, > if (data->anchor) > return 0; > > + if (data->force_pte && (level < (KVM_PGTABLE_MAX_LEVELS - 1))) > + return 0; > + > if (!kvm_block_mapping_supported(addr, end, data->phys, level)) There is something in me screaming that kvm_block_mapping_supported() should be the point where we check for these things... Or at least a helper function that takes 'data' as a parameter. > return 0; > > @@ -791,6 +800,7 @@ int kvm_pgtable_stage2_map(struct kvm_pgtable *pgt, u64 addr, u64 size, > .memcache = mc, > .mm_ops = pgt->mm_ops, > .ret = 0, > + .force_pte = pgt->want_pte_cb && pgt->want_pte_cb(addr, addr + size, prot), Reading this makes me want to rename want_pte_cb() to force_pte_cb()... > }; > struct kvm_pgtable_walker walker = { > .cb = stage2_map_walker, > @@ -826,6 +836,7 @@ int kvm_pgtable_stage2_set_owner(struct kvm_pgtable *pgt, u64 addr, u64 size, > .mm_ops = pgt->mm_ops, > .owner_id = owner_id, > .ret = 0, > + .force_pte = true, > }; > struct kvm_pgtable_walker walker = { > .cb = stage2_map_walker, > @@ -1070,9 +1081,11 @@ int kvm_pgtable_stage2_flush(struct kvm_pgtable *pgt, u64 addr, u64 size) > return kvm_pgtable_walk(pgt, addr, size, &walker); > } > > -int kvm_pgtable_stage2_init_flags(struct kvm_pgtable *pgt, struct kvm_arch *arch, > - struct kvm_pgtable_mm_ops *mm_ops, > - enum kvm_pgtable_stage2_flags flags) > + > +int kvm_pgtable_stage2_init_full(struct kvm_pgtable *pgt, struct kvm_arch *arch, > + struct kvm_pgtable_mm_ops *mm_ops, > + enum kvm_pgtable_stage2_flags flags, > + kvm_pgtable_want_pte_cb_t want_pte_cb) > { > size_t pgd_sz; > u64 vtcr = arch->vtcr; > @@ -1090,6 +1103,7 @@ int kvm_pgtable_stage2_init_flags(struct kvm_pgtable *pgt, struct kvm_arch *arch > pgt->mm_ops = mm_ops; > pgt->mmu = &arch->mmu; > pgt->flags = flags; > + pgt->want_pte_cb = want_pte_cb; > > /* Ensure zeroed PGD pages are visible to the hardware walker */ > dsb(ishst); Thanks, M. -- Without deviation from the norm, progress is not possible. _______________________________________________ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.5 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E1FBCC07E95 for ; Mon, 19 Jul 2021 14:26:36 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A3FB8600CC for ; Mon, 19 Jul 2021 14:26:36 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A3FB8600CC Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Subject:Cc:To:From:Message-ID:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=vg58fq89JjRuNwZ1O41YFsHyMolwdLNdJnMiet1i4NA=; b=ekJV+I4SiLBVYR pZVNxfMcexiR5yWe8tkroCpf8GTAhAWOuEmr9MxAeaTacV7yQ773p9+9U1hYaYlPfX2srC4PhOygr t4PtEVoQjbB0UZoRo8yMxS2cOj0nI2y6fIW2Jmxpo6QvJ1LIltnlRSM2s4bFMh2WH9M3T1C67fmeX 47MXk6KLEGBIkhn3Y43w1cA99JxRPeckE0l3+2lSQeqeVtD7Gbv4+CQW2kNX5+5ZXuQRZsGJJHLzT sxyDEHA5gaIdotvY1NLTHelhqbL9T8FC+NzW0G1BnFQrljrRnxvAplpMp2QTSkpMzqZccTaP6iiPE jamZyGsOEuPsDYZk0ZYg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1m5UCG-009rq7-RY; Mon, 19 Jul 2021 14:24:41 +0000 Received: from mail.kernel.org ([198.145.29.99]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1m5UCC-009rp5-0u for linux-arm-kernel@lists.infradead.org; Mon, 19 Jul 2021 14:24:38 +0000 Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 7476E60FE9; Mon, 19 Jul 2021 14:24:35 +0000 (UTC) Received: from sofa.misterjones.org ([185.219.108.64] helo=why.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1m5UC9-00EE2W-Ao; Mon, 19 Jul 2021 15:24:33 +0100 Date: Mon, 19 Jul 2021 15:24:32 +0100 Message-ID: <87h7gqjs9r.wl-maz@kernel.org> From: Marc Zyngier To: Quentin Perret Cc: james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, ardb@kernel.org, qwandor@google.com, tabba@google.com, dbrazdil@google.com, kernel-team@android.com Subject: Re: [PATCH 07/14] KVM: arm64: Enable forcing page-level stage-2 mappings In-Reply-To: <20210719104735.3681732-8-qperret@google.com> References: <20210719104735.3681732-1-qperret@google.com> <20210719104735.3681732-8-qperret@google.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: qperret@google.com, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, ardb@kernel.org, qwandor@google.com, tabba@google.com, dbrazdil@google.com, kernel-team@android.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210719_072436_146702_4A890816 X-CRM114-Status: GOOD ( 40.96 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Mon, 19 Jul 2021 11:47:28 +0100, Quentin Perret wrote: > > Much of the stage-2 manipulation logic relies on being able to destroy > block mappings if e.g. installing a smaller mapping in the range. The > rationale for this behaviour is that stage-2 mappings can always be > re-created lazily. However, this gets more complicated when the stage-2 > page-table is used to store metadata about the underlying pages. In such > a case, destroying a block mapping may lead to losing part of the > state, and confuse the user of those metadata (such as the hypervisor in > nVHE protected mode). > > To fix this, introduce a callback function in the pgtable struct which > is called during all map operations to determine whether the mappings > can us blocks, or should be forced to page-granularity level. This is nit: use? > used by the hypervisor when creating the host stage-2 to force > page-level mappings when using non-default protection attributes. > > Signed-off-by: Quentin Perret > --- > arch/arm64/include/asm/kvm_pgtable.h | 63 +++++++++++++++++---------- > arch/arm64/kvm/hyp/nvhe/mem_protect.c | 16 +++++-- > arch/arm64/kvm/hyp/pgtable.c | 20 +++++++-- > 3 files changed, 69 insertions(+), 30 deletions(-) > > diff --git a/arch/arm64/include/asm/kvm_pgtable.h b/arch/arm64/include/asm/kvm_pgtable.h > index af62203d2f7a..dd72653314c7 100644 > --- a/arch/arm64/include/asm/kvm_pgtable.h > +++ b/arch/arm64/include/asm/kvm_pgtable.h > @@ -75,25 +75,6 @@ enum kvm_pgtable_stage2_flags { > KVM_PGTABLE_S2_IDMAP = BIT(1), > }; > > -/** > - * struct kvm_pgtable - KVM page-table. > - * @ia_bits: Maximum input address size, in bits. > - * @start_level: Level at which the page-table walk starts. > - * @pgd: Pointer to the first top-level entry of the page-table. > - * @mm_ops: Memory management callbacks. > - * @mmu: Stage-2 KVM MMU struct. Unused for stage-1 page-tables. > - */ > -struct kvm_pgtable { > - u32 ia_bits; > - u32 start_level; > - kvm_pte_t *pgd; > - struct kvm_pgtable_mm_ops *mm_ops; > - > - /* Stage-2 only */ > - struct kvm_s2_mmu *mmu; > - enum kvm_pgtable_stage2_flags flags; > -}; > - > /** > * enum kvm_pgtable_prot - Page-table permissions and attributes. > * @KVM_PGTABLE_PROT_X: Execute permission. > @@ -109,11 +90,41 @@ enum kvm_pgtable_prot { > KVM_PGTABLE_PROT_DEVICE = BIT(3), > }; > > -#define PAGE_HYP (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W) > +#define KVM_PGTABLE_PROT_RW (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W) > +#define KVM_PGTABLE_PROT_RWX (KVM_PGTABLE_PROT_RW | KVM_PGTABLE_PROT_X) > + > +#define PAGE_HYP KVM_PGTABLE_PROT_RW > #define PAGE_HYP_EXEC (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_X) > #define PAGE_HYP_RO (KVM_PGTABLE_PROT_R) > #define PAGE_HYP_DEVICE (PAGE_HYP | KVM_PGTABLE_PROT_DEVICE) > > +typedef bool (*kvm_pgtable_want_pte_cb_t)(u64 addr, u64 end, > + enum kvm_pgtable_prot prot); > + > +/** > + * struct kvm_pgtable - KVM page-table. > + * @ia_bits: Maximum input address size, in bits. > + * @start_level: Level at which the page-table walk starts. > + * @pgd: Pointer to the first top-level entry of the page-table. > + * @mm_ops: Memory management callbacks. > + * @mmu: Stage-2 KVM MMU struct. Unused for stage-1 page-tables. > + * @flags: Stage-2 page-table flags. > + * @want_pte_cb: Callback function used during map operations to decide > + * whether block mappings can be used to map the given IPA > + * range. > + */ > +struct kvm_pgtable { > + u32 ia_bits; > + u32 start_level; > + kvm_pte_t *pgd; > + struct kvm_pgtable_mm_ops *mm_ops; > + > + /* Stage-2 only */ > + struct kvm_s2_mmu *mmu; > + enum kvm_pgtable_stage2_flags flags; > + kvm_pgtable_want_pte_cb_t want_pte_cb; > +}; nit: does this whole definition really need to move around? > + > /** > * struct kvm_mem_range - Range of Intermediate Physical Addresses > * @start: Start of the range. > @@ -216,21 +227,25 @@ int kvm_pgtable_hyp_map(struct kvm_pgtable *pgt, u64 addr, u64 size, u64 phys, > u64 kvm_get_vtcr(u64 mmfr0, u64 mmfr1, u32 phys_shift); > > /** > - * kvm_pgtable_stage2_init_flags() - Initialise a guest stage-2 page-table. > + * kvm_pgtable_stage2_init_full() - Initialise a guest stage-2 page-table. > * @pgt: Uninitialised page-table structure to initialise. > * @arch: Arch-specific KVM structure representing the guest virtual > * machine. > * @mm_ops: Memory management callbacks. > * @flags: Stage-2 configuration flags. > + * @want_pte_cb: Callback function used during map operations to decide > + * whether block mappings can be used to map the given IPA > + * range. > * > * Return: 0 on success, negative error code on failure. > */ > -int kvm_pgtable_stage2_init_flags(struct kvm_pgtable *pgt, struct kvm_arch *arch, > +int kvm_pgtable_stage2_init_full(struct kvm_pgtable *pgt, struct kvm_arch *arch, > struct kvm_pgtable_mm_ops *mm_ops, > - enum kvm_pgtable_stage2_flags flags); > + enum kvm_pgtable_stage2_flags flags, > + kvm_pgtable_want_pte_cb_t want_pte_cb); > > #define kvm_pgtable_stage2_init(pgt, arch, mm_ops) \ > - kvm_pgtable_stage2_init_flags(pgt, arch, mm_ops, 0) > + kvm_pgtable_stage2_init_full(pgt, arch, mm_ops, 0, NULL) nit: in general, we use __foo() as the primitive for foo(), rather than foo_with_icing_on_top(). > > /** > * kvm_pgtable_stage2_destroy() - Destroy an unused guest stage-2 page-table. > diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > index 58edc62be6f7..cdace80d3e28 100644 > --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c > +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > @@ -89,6 +89,7 @@ static void prepare_host_vtcr(void) > id_aa64mmfr1_el1_sys_val, phys_shift); > } > > +static bool host_stage2_want_pte_cb(u64 addr, u64 end, enum kvm_pgtable_prot prot); > int kvm_host_prepare_stage2(void *pgt_pool_base) > { > struct kvm_s2_mmu *mmu = &host_kvm.arch.mmu; > @@ -101,8 +102,9 @@ int kvm_host_prepare_stage2(void *pgt_pool_base) > if (ret) > return ret; > > - ret = kvm_pgtable_stage2_init_flags(&host_kvm.pgt, &host_kvm.arch, > - &host_kvm.mm_ops, KVM_HOST_S2_FLAGS); > + ret = kvm_pgtable_stage2_init_full(&host_kvm.pgt, &host_kvm.arch, > + &host_kvm.mm_ops, KVM_HOST_S2_FLAGS, > + host_stage2_want_pte_cb); > if (ret) > return ret; > > @@ -225,9 +227,17 @@ static inline int __host_stage2_idmap(u64 start, u64 end, > __ret; \ > }) > > +static bool host_stage2_want_pte_cb(u64 addr, u64 end, enum kvm_pgtable_prot prot) > +{ > + if (range_is_memory(addr, end)) > + return prot != KVM_PGTABLE_PROT_RWX; > + else > + return prot != KVM_PGTABLE_PROT_RW; > +} This really deserves a comment about *why* you make such decision. I also find it a bit odd that you use the permissions to decide whether to map a block or a not. It feels like the permission is more of a side effect than anything else. > + > static int host_stage2_idmap(u64 addr) > { > - enum kvm_pgtable_prot prot = KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W; > + enum kvm_pgtable_prot prot = KVM_PGTABLE_PROT_RW; > struct kvm_mem_range range; > bool is_memory = find_mem_range(addr, &range); > int ret; > diff --git a/arch/arm64/kvm/hyp/pgtable.c b/arch/arm64/kvm/hyp/pgtable.c > index 34cf67997a82..5bdbe7a31551 100644 > --- a/arch/arm64/kvm/hyp/pgtable.c > +++ b/arch/arm64/kvm/hyp/pgtable.c > @@ -452,6 +452,8 @@ int kvm_pgtable_hyp_init(struct kvm_pgtable *pgt, u32 va_bits, > pgt->start_level = KVM_PGTABLE_MAX_LEVELS - levels; > pgt->mm_ops = mm_ops; > pgt->mmu = NULL; > + pgt->want_pte_cb = NULL; > + > return 0; > } > > @@ -491,6 +493,7 @@ struct stage2_map_data { > struct kvm_pgtable_mm_ops *mm_ops; > > int ret; > + bool force_pte; OK, so you have *two* mechanisms here: once to decide if a range can be mapped as a block or not, and another one to remember the result while walking the S2 PTW. This probably deserves some documentation and/or patch splitting. > }; > > u64 kvm_get_vtcr(u64 mmfr0, u64 mmfr1, u32 phys_shift) > @@ -613,6 +616,9 @@ static int stage2_map_walker_try_leaf(u64 addr, u64 end, u32 level, > struct kvm_pgtable *pgt = data->mmu->pgt; > struct kvm_pgtable_mm_ops *mm_ops = data->mm_ops; > > + if (data->force_pte && (level < (KVM_PGTABLE_MAX_LEVELS - 1))) > + return -E2BIG; > + > if (!kvm_block_mapping_supported(addr, end, phys, level)) > return -E2BIG; > > @@ -660,6 +666,9 @@ static int stage2_map_walk_table_pre(u64 addr, u64 end, u32 level, > if (data->anchor) > return 0; > > + if (data->force_pte && (level < (KVM_PGTABLE_MAX_LEVELS - 1))) > + return 0; > + > if (!kvm_block_mapping_supported(addr, end, data->phys, level)) There is something in me screaming that kvm_block_mapping_supported() should be the point where we check for these things... Or at least a helper function that takes 'data' as a parameter. > return 0; > > @@ -791,6 +800,7 @@ int kvm_pgtable_stage2_map(struct kvm_pgtable *pgt, u64 addr, u64 size, > .memcache = mc, > .mm_ops = pgt->mm_ops, > .ret = 0, > + .force_pte = pgt->want_pte_cb && pgt->want_pte_cb(addr, addr + size, prot), Reading this makes me want to rename want_pte_cb() to force_pte_cb()... > }; > struct kvm_pgtable_walker walker = { > .cb = stage2_map_walker, > @@ -826,6 +836,7 @@ int kvm_pgtable_stage2_set_owner(struct kvm_pgtable *pgt, u64 addr, u64 size, > .mm_ops = pgt->mm_ops, > .owner_id = owner_id, > .ret = 0, > + .force_pte = true, > }; > struct kvm_pgtable_walker walker = { > .cb = stage2_map_walker, > @@ -1070,9 +1081,11 @@ int kvm_pgtable_stage2_flush(struct kvm_pgtable *pgt, u64 addr, u64 size) > return kvm_pgtable_walk(pgt, addr, size, &walker); > } > > -int kvm_pgtable_stage2_init_flags(struct kvm_pgtable *pgt, struct kvm_arch *arch, > - struct kvm_pgtable_mm_ops *mm_ops, > - enum kvm_pgtable_stage2_flags flags) > + > +int kvm_pgtable_stage2_init_full(struct kvm_pgtable *pgt, struct kvm_arch *arch, > + struct kvm_pgtable_mm_ops *mm_ops, > + enum kvm_pgtable_stage2_flags flags, > + kvm_pgtable_want_pte_cb_t want_pte_cb) > { > size_t pgd_sz; > u64 vtcr = arch->vtcr; > @@ -1090,6 +1103,7 @@ int kvm_pgtable_stage2_init_flags(struct kvm_pgtable *pgt, struct kvm_arch *arch > pgt->mm_ops = mm_ops; > pgt->mmu = &arch->mmu; > pgt->flags = flags; > + pgt->want_pte_cb = want_pte_cb; > > /* Ensure zeroed PGD pages are visible to the hardware walker */ > dsb(ishst); Thanks, M. -- Without deviation from the norm, progress is not possible. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel