[PATCH v2 0/2] KVM: arm64: Uphold 64bit-only behavior on asymmetric systems

[PATCH v2 0/2] KVM: arm64: Uphold 64bit-only behavior on asymmetric systems

[Oliver Upton]

Small series to fix a couple issues around when 64bit-only behavior is
applied. As KVM is more restrictive than the kernel in terms of 32bit
support (no asymmetry), we really needed our own predicate when the
meaning of system_supports_32bit_el0() changed in commit 2122a833316f
("arm64: Allow mismatched 32-bit EL0 support").

Lightly tested as I do not have any asymmetric systems on hand at the
moment. Attention on patch 2 would be appreciated as it affects ABI.

Applies to 6.0-rc1.

v1 -> v2:
 - Fix a silly logic inversion in vcpu_mode_is_bad_32bit()
 - Rebase to 6.0-rc1

Oliver Upton (2):
  KVM: arm64: Treat PMCR_EL1.LC as RES1 on asymmetric systems
  KVM: arm64: Reject 32bit user PSTATE on asymmetric systems

 arch/arm64/include/asm/kvm_host.h | 4 ++++
 arch/arm64/kvm/arm.c              | 3 +--
 arch/arm64/kvm/guest.c            | 2 +-
 arch/arm64/kvm/sys_regs.c         | 4 ++--
 4 files changed, 8 insertions(+), 5 deletions(-)


base-commit: 568035b01cfb107af8d2e4bd2fb9aea22cf5b868
-- 
2.37.1.595.g718a3a8f04-goog


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH v2 1/2] KVM: arm64: Treat PMCR_EL1.LC as RES1 on asymmetric systems

[Oliver Upton]

KVM does not support AArch32 on asymmetric systems. To that end, enforce
AArch64-only behavior on PMCR_EL1.LC when on an asymmetric system.

Fixes: 2122a833316f ("arm64: Allow mismatched 32-bit EL0 support")
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>
---
 arch/arm64/include/asm/kvm_host.h | 4 ++++
 arch/arm64/kvm/arm.c              | 3 +--
 arch/arm64/kvm/sys_regs.c         | 4 ++--
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
index f38ef299f13b..e9c9388ccc02 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -929,6 +929,10 @@ bool kvm_arm_vcpu_is_finalized(struct kvm_vcpu *vcpu);
 	(system_supports_mte() &&				\
 	 test_bit(KVM_ARCH_FLAG_MTE_ENABLED, &(kvm)->arch.flags))
 
+#define kvm_supports_32bit_el0()				\
+	(system_supports_32bit_el0() &&				\
+	 !static_branch_unlikely(&arm64_mismatched_32bit_el0))
+
 int kvm_trng_call(struct kvm_vcpu *vcpu);
 #ifdef CONFIG_KVM
 extern phys_addr_t hyp_mem_base;
diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c
index 986cee6fbc7f..2ff0ef62abad 100644
--- a/arch/arm64/kvm/arm.c
+++ b/arch/arm64/kvm/arm.c
@@ -757,8 +757,7 @@ static bool vcpu_mode_is_bad_32bit(struct kvm_vcpu *vcpu)
 	if (likely(!vcpu_mode_is_32bit(vcpu)))
 		return false;
 
-	return !system_supports_32bit_el0() ||
-		static_branch_unlikely(&arm64_mismatched_32bit_el0);
+	return !kvm_supports_32bit_el0();
 }
 
 /**
diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index c059b259aea6..3234f50b8c4b 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -652,7 +652,7 @@ static void reset_pmcr(struct kvm_vcpu *vcpu, const struct sys_reg_desc *r)
 	 */
 	val = ((pmcr & ~ARMV8_PMU_PMCR_MASK)
 	       | (ARMV8_PMU_PMCR_MASK & 0xdecafbad)) & (~ARMV8_PMU_PMCR_E);
-	if (!system_supports_32bit_el0())
+	if (!kvm_supports_32bit_el0())
 		val |= ARMV8_PMU_PMCR_LC;
 	__vcpu_sys_reg(vcpu, r->reg) = val;
 }
@@ -701,7 +701,7 @@ static bool access_pmcr(struct kvm_vcpu *vcpu, struct sys_reg_params *p,
 		val = __vcpu_sys_reg(vcpu, PMCR_EL0);
 		val &= ~ARMV8_PMU_PMCR_MASK;
 		val |= p->regval & ARMV8_PMU_PMCR_MASK;
-		if (!system_supports_32bit_el0())
+		if (!kvm_supports_32bit_el0())
 			val |= ARMV8_PMU_PMCR_LC;
 		__vcpu_sys_reg(vcpu, PMCR_EL0) = val;
 		kvm_pmu_handle_pmcr(vcpu, val);
-- 
2.37.1.595.g718a3a8f04-goog


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

[PATCH v2 2/2] KVM: arm64: Reject 32bit user PSTATE on asymmetric systems

[Oliver Upton]

KVM does not support AArch32 EL0 on asymmetric systems. To that end,
prevent userspace from configuring a vCPU in such a state through
setting PSTATE.

It is already ABI that KVM rejects such a write on a system where
AArch32 EL0 is unsupported. Though the kernel's definition of a 32bit
system changed in commit 2122a833316f ("arm64: Allow mismatched
32-bit EL0 support"), KVM's did not.

Fixes: 2122a833316f ("arm64: Allow mismatched 32-bit EL0 support")
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>
---
 arch/arm64/kvm/guest.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/kvm/guest.c b/arch/arm64/kvm/guest.c
index 8c607199cad1..f802a3b3f8db 100644
--- a/arch/arm64/kvm/guest.c
+++ b/arch/arm64/kvm/guest.c
@@ -242,7 +242,7 @@ static int set_core_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)
 		u64 mode = (*(u64 *)valp) & PSR_AA32_MODE_MASK;
 		switch (mode) {
 		case PSR_AA32_MODE_USR:
-			if (!system_supports_32bit_el0())
+			if (!kvm_supports_32bit_el0())
 				return -EINVAL;
 			break;
 		case PSR_AA32_MODE_FIQ:
-- 
2.37.1.595.g718a3a8f04-goog


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH v2 0/2] KVM: arm64: Uphold 64bit-only behavior on asymmetric systems

[Marc Zyngier]

On Tue, 16 Aug 2022 19:25:52 +0000, Oliver Upton wrote:
> Small series to fix a couple issues around when 64bit-only behavior is
> applied. As KVM is more restrictive than the kernel in terms of 32bit
> support (no asymmetry), we really needed our own predicate when the
> meaning of system_supports_32bit_el0() changed in commit 2122a833316f
> ("arm64: Allow mismatched 32-bit EL0 support").
> 
> Lightly tested as I do not have any asymmetric systems on hand at the
> moment. Attention on patch 2 would be appreciated as it affects ABI.
> 
> [...]

Applied to fixes, thanks!

[1/2] KVM: arm64: Treat PMCR_EL1.LC as RES1 on asymmetric systems
      commit: f3c6efc72f3b20ec23566e768979802f0a398f04
[2/2] KVM: arm64: Reject 32bit user PSTATE on asymmetric systems
      commit: b10d86fb8e46cc812171728bcd326df2f34e9ed5

Cheers,

	M.
-- 
Marc Zyngier <maz@kernel.org>


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH v2 0/2] KVM: arm64: Uphold 64bit-only behavior on asymmetric systems

[Marc Zyngier]

On Tue, 16 Aug 2022 20:25:52 +0100,
Oliver Upton <oliver.upton@linux.dev> wrote:
> 
> Small series to fix a couple issues around when 64bit-only behavior is
> applied. As KVM is more restrictive than the kernel in terms of 32bit
> support (no asymmetry), we really needed our own predicate when the
> meaning of system_supports_32bit_el0() changed in commit 2122a833316f
> ("arm64: Allow mismatched 32-bit EL0 support").
> 
> Lightly tested as I do not have any asymmetric systems on hand at the
> moment. Attention on patch 2 would be appreciated as it affects ABI.

I don't think this significantly affect the ABI, as it is pretty
unlikely that you'd have been able to execute the result, at least on
VM creation (set PSTATE.M=USR, start executing, get the page fault on
the first instruction... bang).

You could have tricked it in other ways, but at the end of the day
you're running a broken hypervisor on an even more broken system...

Anyway, I've applied this to fixes.

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH v2 0/2] KVM: arm64: Uphold 64bit-only behavior on asymmetric systems

[Alexandru Elisei]

Hi,

On Wed, Aug 17, 2022 at 11:07:10AM +0100, Marc Zyngier wrote:
> On Tue, 16 Aug 2022 20:25:52 +0100,
> Oliver Upton <oliver.upton@linux.dev> wrote:
> > 
> > Small series to fix a couple issues around when 64bit-only behavior is
> > applied. As KVM is more restrictive than the kernel in terms of 32bit
> > support (no asymmetry), we really needed our own predicate when the
> > meaning of system_supports_32bit_el0() changed in commit 2122a833316f
> > ("arm64: Allow mismatched 32-bit EL0 support").
> > 
> > Lightly tested as I do not have any asymmetric systems on hand at the
> > moment. Attention on patch 2 would be appreciated as it affects ABI.
> 
> I don't think this significantly affect the ABI, as it is pretty
> unlikely that you'd have been able to execute the result, at least on
> VM creation (set PSTATE.M=USR, start executing, get the page fault on
> the first instruction... bang).
> 
> You could have tricked it in other ways, but at the end of the day
> you're running a broken hypervisor on an even more broken system...

Just FYI, you can create such a system on models, by running two clusters
and setting clusterX.max_32bit_el=-1. Or you can have even crazier
configurations, where AArch32 support is present on only one cluster, and
only for EL0.

Thanks,
Alex

> 
> Anyway, I've applied this to fixes.
> 
> Thanks,
> 
> 	M.
> 
> -- 
> Without deviation from the norm, progress is not possible.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH v2 0/2] KVM: arm64: Uphold 64bit-only behavior on asymmetric systems

[Marc Zyngier]

On Wed, 17 Aug 2022 11:52:06 +0100,
Alexandru Elisei <alexandru.elisei@arm.com> wrote:
> 
> Hi,
> 
> On Wed, Aug 17, 2022 at 11:07:10AM +0100, Marc Zyngier wrote:
> > On Tue, 16 Aug 2022 20:25:52 +0100,
> > Oliver Upton <oliver.upton@linux.dev> wrote:
> > > 
> > > Small series to fix a couple issues around when 64bit-only behavior is
> > > applied. As KVM is more restrictive than the kernel in terms of 32bit
> > > support (no asymmetry), we really needed our own predicate when the
> > > meaning of system_supports_32bit_el0() changed in commit 2122a833316f
> > > ("arm64: Allow mismatched 32-bit EL0 support").
> > > 
> > > Lightly tested as I do not have any asymmetric systems on hand at the
> > > moment. Attention on patch 2 would be appreciated as it affects ABI.
> > 
> > I don't think this significantly affect the ABI, as it is pretty
> > unlikely that you'd have been able to execute the result, at least on
> > VM creation (set PSTATE.M=USR, start executing, get the page fault on
> > the first instruction... bang).
> > 
> > You could have tricked it in other ways, but at the end of the day
> > you're running a broken hypervisor on an even more broken system...
> 
> Just FYI, you can create such a system on models, by running two clusters
> and setting clusterX.max_32bit_el=-1. Or you can have even crazier
> configurations, where AArch32 support is present on only one cluster, and
> only for EL0.

You mean, just as crazy as some of the systems out there? :D

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH v2 0/2] KVM: arm64: Uphold 64bit-only behavior on asymmetric systems

[Oliver Upton]

On Wed, Aug 17, 2022 at 11:56:50AM +0100, Marc Zyngier wrote:
> On Wed, 17 Aug 2022 11:52:06 +0100,
> Alexandru Elisei <alexandru.elisei@arm.com> wrote:
> > 
> > Hi,
> > 
> > On Wed, Aug 17, 2022 at 11:07:10AM +0100, Marc Zyngier wrote:
> > > On Tue, 16 Aug 2022 20:25:52 +0100,
> > > Oliver Upton <oliver.upton@linux.dev> wrote:
> > > > 
> > > > Small series to fix a couple issues around when 64bit-only behavior is
> > > > applied. As KVM is more restrictive than the kernel in terms of 32bit
> > > > support (no asymmetry), we really needed our own predicate when the
> > > > meaning of system_supports_32bit_el0() changed in commit 2122a833316f
> > > > ("arm64: Allow mismatched 32-bit EL0 support").
> > > > 
> > > > Lightly tested as I do not have any asymmetric systems on hand at the
> > > > moment. Attention on patch 2 would be appreciated as it affects ABI.
> > > 
> > > I don't think this significantly affect the ABI, as it is pretty
> > > unlikely that you'd have been able to execute the result, at least on
> > > VM creation (set PSTATE.M=USR, start executing, get the page fault on
> > > the first instruction... bang).
> > > 
> > > You could have tricked it in other ways, but at the end of the day
> > > you're running a broken hypervisor on an even more broken system...

Lol, fair enough. Just wanted to make sure we're all happy with how we
turn the guest into rubble on the other end :)

> > Just FYI, you can create such a system on models, by running two clusters
> > and setting clusterX.max_32bit_el=-1. Or you can have even crazier
> > configurations, where AArch32 support is present on only one cluster, and
> > only for EL0.

Doh! Forgot about the fast model.

--
Thanks,
Oliver

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel