From nobody Sun May 10 19:51:57 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7C996C43217 for ; Mon, 25 Apr 2022 23:53:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238476AbiDYX44 (ORCPT ); Mon, 25 Apr 2022 19:56:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33446 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235888AbiDYX4w (ORCPT ); Mon, 25 Apr 2022 19:56:52 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2214246666 for ; Mon, 25 Apr 2022 16:53:47 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-2f7cfa34245so51173867b3.11 for ; Mon, 25 Apr 2022 16:53:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=7I/ymirdAiT7TDA2OEpHDGEYZgcTkJFO31W7cy5XbpM=; b=GIEXDRW1lPHYxJDlewu1cQeA6Q+QhOYQG/Xg8+PRoE5TU9K+EszCSi+GS/y1yYdqKQ k/hrOFfkpq5XjEnBTx1gg0IKP9CD+wqs+KYV8IBKykKdf6qgUHxeHd55YceasrVFn9mw o9HKcPVnYwI3o4aMI2OPjArD2rckzGSvUFmrO9xNvkgk8klD1nMq/kohI2CdazTjq5Jf Ak0UhNEI4w4AqZKNdd5wNvgAXTUDy724YE2e5d8zmzpUkKbcZxng8IF+DponlhaL7c8x LL6EDVRikFw7s5dE77bM9YkXLHYb5Nfbwh93Bes5BL+1D2/4yHIP4wXj4e8Sme3DIay7 twfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=7I/ymirdAiT7TDA2OEpHDGEYZgcTkJFO31W7cy5XbpM=; b=3eYXWsRuRU8+DaSqsj/OuXMBG+aiQmM67SSD4bc/1+fFMhieTQBo++oLXE9vfSMKED +2itPxxCf01blQj5sCy5Z8Tj0109SeJtbE1LGHoTHvPm3mFQ3LCcqVvzdQrGj+YHw1os GZZyJKu8kYKAvC3QymrqeKUKNvgFbrEETubQvtYqdqcRDoz68WV12sOQZv/bMzjCEeQe +TMFCWOvSe5nWUbjzpohAa6brE4jlOekBU4cfEJQXANH4qIdVXrGvTUyuBMkL9X9Ds0e KZsfwtNxrZKDg4vPSYAE0wBfs4DZLpLeCk6aOg2kinV1UxoQFMnD3s4ZC/Ij7ps7V2mn mNXQ== X-Gm-Message-State: AOAM531WTr9PCjXpD20HjLoQR/15sSPpfIuLLNRbb3+1Ag/mYXoC6qQ4 qdDqf4+qHu73oDeq2hbv2ONFm1jbWqU= X-Google-Smtp-Source: ABdhPJyjGc04tDLhhnCLskCP5jrH+A6ez9JfIN9/o5bxHFb6wiRVScPynPJ1gA3GO95ctuwxRLPE7a7ohO0= X-Received: from oupton3.c.googlers.com ([fda3:e722:ac3:cc00:24:72f4:c0a8:21eb]) (user=oupton job=sendgmr) by 2002:a25:240c:0:b0:645:d54e:830f with SMTP id k12-20020a25240c000000b00645d54e830fmr16918344ybk.34.1650930826367; Mon, 25 Apr 2022 16:53:46 -0700 (PDT) Date: Mon, 25 Apr 2022 23:53:38 +0000 In-Reply-To: <20220425235342.3210912-1-oupton@google.com> Message-Id: <20220425235342.3210912-2-oupton@google.com> Mime-Version: 1.0 References: <20220425235342.3210912-1-oupton@google.com> X-Mailer: git-send-email 2.36.0.rc2.479.g8af0fa9b8e-goog Subject: [PATCH v3 1/5] KVM: arm64: Return a bool from emulate_cp() From: Oliver Upton To: kvmarm@lists.cs.columbia.edu Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, maz@kernel.org, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, reijiw@google.com, ricarkol@google.com, Oliver Upton Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" KVM indicates success/failure in several ways, but generally an integer is used when conditionally bouncing to userspace is involved. That is not the case from emulate_cp(); just use a bool instead. No functional change intended. Signed-off-by: Oliver Upton --- arch/arm64/kvm/sys_regs.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index 7b45c040cc27..36895c163eae 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2246,27 +2246,27 @@ static void perform_access(struct kvm_vcpu *vcpu, * @table: array of trap descriptors * @num: size of the trap descriptor array * - * Return 0 if the access has been handled, and -1 if not. + * Return true if the access has been handled, false if not. */ -static int emulate_cp(struct kvm_vcpu *vcpu, - struct sys_reg_params *params, - const struct sys_reg_desc *table, - size_t num) +static bool emulate_cp(struct kvm_vcpu *vcpu, + struct sys_reg_params *params, + const struct sys_reg_desc *table, + size_t num) { const struct sys_reg_desc *r; =20 if (!table) - return -1; /* Not handled */ + return false; /* Not handled */ =20 r =3D find_reg(params, table, num); =20 if (r) { perform_access(vcpu, params, r); - return 0; + return true; } =20 /* Not handled */ - return -1; + return false; } =20 static void unhandled_cp_access(struct kvm_vcpu *vcpu, @@ -2330,7 +2330,7 @@ static int kvm_handle_cp_64(struct kvm_vcpu *vcpu, * potential register operation in the case of a read and return * with success. */ - if (!emulate_cp(vcpu, ¶ms, global, nr_global)) { + if (emulate_cp(vcpu, ¶ms, global, nr_global)) { /* Split up the value between registers for the read side */ if (!params.is_write) { vcpu_set_reg(vcpu, Rt, lower_32_bits(params.regval)); @@ -2365,7 +2365,7 @@ static int kvm_handle_cp_32(struct kvm_vcpu *vcpu, params.Op1 =3D (esr >> 14) & 0x7; params.Op2 =3D (esr >> 17) & 0x7; =20 - if (!emulate_cp(vcpu, ¶ms, global, nr_global)) { + if (emulate_cp(vcpu, ¶ms, global, nr_global)) { if (!params.is_write) vcpu_set_reg(vcpu, Rt, params.regval); return 1; --=20 2.36.0.rc2.479.g8af0fa9b8e-goog From nobody Sun May 10 19:51:57 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29486C4332F for ; Mon, 25 Apr 2022 23:53:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238494AbiDYX47 (ORCPT ); Mon, 25 Apr 2022 19:56:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33526 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232433AbiDYX4y (ORCPT ); Mon, 25 Apr 2022 19:56:54 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5AF1F65D12 for ; Mon, 25 Apr 2022 16:53:48 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id mm2-20020a17090b358200b001bf529127dfso264661pjb.6 for ; Mon, 25 Apr 2022 16:53:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=QZV9K9pshxsZaFz07eLh3A0iu/mpSkO/sGN/L0MnWRg=; b=BGaHIHlNvrPvSybSjzu/EsScWWrF5JLyW44N9iVFpCsDI4RdR4s5jaapPfFEF051xW uEl4LqPlnkp/TPbtE9AfoBR2OdWBduFArF5HPtPGq5pheLGAnnSS5+TJsEG3ax6YQLwx P0TPB928oo6rvMj5jIBdctRMs49ipSURFvV/E3nDJp5V90u6hvooBa1Om8DpZMBl0S4+ NX+Soe17zx7HmGHAEcWZddf4lXIveePE6XBo68a7E0rDwhmR70ISpml+9N0JgZDTfnDu wYXK49IqiRFEpyEx6EoYdf/DQhVkPfW0AgNYPYqMHLa3siDY+/k0AIEagxJQzOSK0jwa RYig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=QZV9K9pshxsZaFz07eLh3A0iu/mpSkO/sGN/L0MnWRg=; b=LxiG3NSSYQgJFZe3zLrLPrN4gvuO5SkZ6TdmtatES6ewm5aQVUMLxVn+PcRwYM4BxG lgrfHfrQSfg9OGqymeqfTvUNGgVURiQEsnceqDkXiP6eShb3n/cwo+F5uI92/Y15IE0u hQnV62hBkYsbuk1zxa8DVgxZfPbbEH3d1dHv3LvB8FtLxlBxHw4i0FKhXwfcjJzRcQ1U MqAK796TFHZBhPmUcKeDuL1nIQpHO1U5WoyPSXmjM7zpUho+cNICJU7E7AXydd2t1RsT HTqcGZ4x/8pzgI9RwoDJieMoohnzSTiOEKXFvsHE7sxBLI+LpYoeLkUGX1h16/z0BP05 85CQ== X-Gm-Message-State: AOAM531f68vi4OTlbQsw0nlZ10257dmDu4Zx4xDyaCsG6B+TxGA5P2H8 RhmaqZau6MYjnG5SV2DiUUT8JtvBBsw= X-Google-Smtp-Source: ABdhPJz3d1qm5YaR40k8hHxXiIU3PFGNzDxiDIEVI2CGNmaGlbR+i/rQymo4a2m1+vruLE2lWlAKZfM3Z2c= X-Received: from oupton3.c.googlers.com ([fda3:e722:ac3:cc00:24:72f4:c0a8:21eb]) (user=oupton job=sendgmr) by 2002:a17:90b:2249:b0:1d9:859e:59ad with SMTP id hk9-20020a17090b224900b001d9859e59admr5995203pjb.16.1650930827793; Mon, 25 Apr 2022 16:53:47 -0700 (PDT) Date: Mon, 25 Apr 2022 23:53:39 +0000 In-Reply-To: <20220425235342.3210912-1-oupton@google.com> Message-Id: <20220425235342.3210912-3-oupton@google.com> Mime-Version: 1.0 References: <20220425235342.3210912-1-oupton@google.com> X-Mailer: git-send-email 2.36.0.rc2.479.g8af0fa9b8e-goog Subject: [PATCH v3 2/5] KVM: arm64: Don't write to Rt unless sys_reg emulation succeeds From: Oliver Upton To: kvmarm@lists.cs.columbia.edu Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, maz@kernel.org, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, reijiw@google.com, ricarkol@google.com, Oliver Upton Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" emulate_sys_reg() returns 1 unconditionally, even though a a system register access can fail. Furthermore, kvm_handle_sys_reg() writes to Rt for every register read, regardless of if it actually succeeded. Though this pattern is safe (as params.regval is initialized with the current value of Rt) it is a bit ugly. Indicate failure if the register access could not be emulated and only write to Rt on success. Signed-off-by: Oliver Upton --- arch/arm64/kvm/sys_regs.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index 36895c163eae..f0a076e5cc1c 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2401,7 +2401,14 @@ static bool is_imp_def_sys_reg(struct sys_reg_params= *params) return params->Op0 =3D=3D 3 && (params->CRn & 0b1011) =3D=3D 0b1011; } =20 -static int emulate_sys_reg(struct kvm_vcpu *vcpu, +/** + * emulate_sys_reg - Emulate a guest access to an AArch64 system register + * @vcpu: The VCPU pointer + * @params: Decoded system register parameters + * + * Return: true if the system register access was successful, false otherw= ise. + */ +static bool emulate_sys_reg(struct kvm_vcpu *vcpu, struct sys_reg_params *params) { const struct sys_reg_desc *r; @@ -2410,7 +2417,10 @@ static int emulate_sys_reg(struct kvm_vcpu *vcpu, =20 if (likely(r)) { perform_access(vcpu, params, r); - } else if (is_imp_def_sys_reg(params)) { + return true; + } + + if (is_imp_def_sys_reg(params)) { kvm_inject_undefined(vcpu); } else { print_sys_reg_msg(params, @@ -2418,7 +2428,7 @@ static int emulate_sys_reg(struct kvm_vcpu *vcpu, *vcpu_pc(vcpu), *vcpu_cpsr(vcpu)); kvm_inject_undefined(vcpu); } - return 1; + return false; } =20 /** @@ -2446,18 +2456,18 @@ int kvm_handle_sys_reg(struct kvm_vcpu *vcpu) struct sys_reg_params params; unsigned long esr =3D kvm_vcpu_get_esr(vcpu); int Rt =3D kvm_vcpu_sys_get_rt(vcpu); - int ret; =20 trace_kvm_handle_sys_reg(esr); =20 params =3D esr_sys64_to_params(esr); params.regval =3D vcpu_get_reg(vcpu, Rt); =20 - ret =3D emulate_sys_reg(vcpu, ¶ms); + if (!emulate_sys_reg(vcpu, ¶ms)) + return 1; =20 if (!params.is_write) vcpu_set_reg(vcpu, Rt, params.regval); - return ret; + return 1; } =20 /*************************************************************************= ***** --=20 2.36.0.rc2.479.g8af0fa9b8e-goog From nobody Sun May 10 19:51:57 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0CCC4C433EF for ; Mon, 25 Apr 2022 23:53:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238584AbiDYX5B (ORCPT ); Mon, 25 Apr 2022 19:57:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33686 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238428AbiDYX4z (ORCPT ); Mon, 25 Apr 2022 19:56:55 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0048F65D12 for ; Mon, 25 Apr 2022 16:53:49 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id l2-20020a17090ad10200b001ca56de815aso490645pju.0 for ; Mon, 25 Apr 2022 16:53:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=RSo1O8l0KZ0BjKyBF8w0ZUdatjRfiYLVU+ogq1UksZY=; b=PZpyheBdEtEoIHiPU+z+c7WbcPa7baVdZeNrYNSOmGhQxFlBpy/8MzW/5AkrH8ZsgT +8rQ757o8mnsqytfFbZSkT4BKc/BT9noHclHo9zhUe0Hr+ICxgN1VwmjjWLTT33tFhvk KSWpg71Zy4+Xn4N/FTvUXtc6J6xVJGHHqhH8uxMWeMxopjK1fiinCgk5Cx7QpgHcFQk0 LvNW4hKTBbq7ZP9uW+khzOaE0D2w96Om99A+p6Ho7AIZqsW+wKHyBHtUVwaZBVZLXGtr 5/YkNeXsY5gYwGRVtMYaa6lVb/wqy/1ape29jjoeKhgmSFOij5/l1wP5yCuBlQYBjiis NwIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=RSo1O8l0KZ0BjKyBF8w0ZUdatjRfiYLVU+ogq1UksZY=; b=eGS7pyGVosXeXwQXEy7NKGMsgLvojLFmhWSRKDiVcsSFORxnu7Uf24XCzJZerHzY1s fIomoI71BI3gg4w3iFfBzTjWVGONV/yWhZ9ts1XjMxyyU5lwKcA3GwAzkfK8yXfKlY60 0r1+Y2BJ+R9GUoH27VbizM9TR3Ycsk44YkuUeQRXsgcZ24T55mrl3hfwJ5m01nb9CJEB shdyRG9bbwxsAqe5X6Njk7n8E1OJWahApnhEEPKW/GgNGpy+bVDVHimbuz0AJIubRO8H eZSo0Id86yzRBAQYFys8jUkFhnVE+CxqQwpLhMKEYwN0FkjFzpWkShgbwJvcMOaW6ewk 0iFw== X-Gm-Message-State: AOAM530SYNeBKnaKrkHcm1Eo4/i3G85oGfYB3qolsj3YCKhfrTbZFIPA AMm+sPH7djenZZEGweOobkjJv4EqpuA= X-Google-Smtp-Source: ABdhPJzZmqXGoZUtGGTEFinr9iJkoUQzeNw8btB349945VEO/tmWZLWv1Z9jsdcVCJlYFRe5dKEYUCEFz5g= X-Received: from oupton3.c.googlers.com ([fda3:e722:ac3:cc00:24:72f4:c0a8:21eb]) (user=oupton job=sendgmr) by 2002:a05:6a00:10cc:b0:506:e0:d6c3 with SMTP id d12-20020a056a0010cc00b0050600e0d6c3mr21351782pfu.33.1650930829404; Mon, 25 Apr 2022 16:53:49 -0700 (PDT) Date: Mon, 25 Apr 2022 23:53:40 +0000 In-Reply-To: <20220425235342.3210912-1-oupton@google.com> Message-Id: <20220425235342.3210912-4-oupton@google.com> Mime-Version: 1.0 References: <20220425235342.3210912-1-oupton@google.com> X-Mailer: git-send-email 2.36.0.rc2.479.g8af0fa9b8e-goog Subject: [PATCH v3 3/5] KVM: arm64: Wire up CP15 feature registers to their AArch64 equivalents From: Oliver Upton To: kvmarm@lists.cs.columbia.edu Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, maz@kernel.org, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, reijiw@google.com, ricarkol@google.com, Oliver Upton Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" KVM currently does not trap ID register accesses from an AArch32 EL1. This is painful for a couple of reasons. Certain unimplemented features are visible to AArch32 EL1, as we limit PMU to version 3 and the debug architecture to v8.0. Additionally, we attempt to paper over heterogeneous systems by using register values that are safe system-wide. All this hard work is completely sidestepped because KVM does not set TID3 for AArch32 guests. Fix up handling of CP15 feature registers by simply rerouting to their AArch64 aliases. Punt setting HCR_EL2.TID3 to a later change, as we need to fix up the oddball CP10 feature registers still. Signed-off-by: Oliver Upton Reviewed-by: Reiji Watanabe --- arch/arm64/kvm/sys_regs.c | 86 ++++++++++++++++++++++++++++++++------- arch/arm64/kvm/sys_regs.h | 7 ++++ 2 files changed, 78 insertions(+), 15 deletions(-) diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index f0a076e5cc1c..f403ea47b8a3 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2344,34 +2344,73 @@ static int kvm_handle_cp_64(struct kvm_vcpu *vcpu, return 1; } =20 +static bool emulate_sys_reg(struct kvm_vcpu *vcpu, struct sys_reg_params *= params); + +/** + * kvm_emulate_cp15_id_reg() - Handles an MRC trap on a guest CP15 access = where + * CRn=3D0, which corresponds to the AArch32 feature + * registers. + * @vcpu: the vCPU pointer + * @params: the system register access parameters. + * + * Our cp15 system register tables do not enumerate the AArch32 feature + * registers. Conveniently, our AArch64 table does, and the AArch32 system + * register encoding can be trivially remapped into the AArch64 for the fe= ature + * registers: Append op0=3D3, leaving op1, CRn, CRm, and op2 the same. + * + * According to DDI0487G.b G7.3.1, paragraph "Behavior of VMSAv8-32 32-bit + * System registers with (coproc=3D0b1111, CRn=3D=3Dc0)", read accesses fr= om this + * range are either UNKNOWN or RES0. Rerouting remains architectural as we + * treat undefined registers in this range as RAZ. + */ +static int kvm_emulate_cp15_id_reg(struct kvm_vcpu *vcpu, + struct sys_reg_params *params) +{ + int Rt =3D kvm_vcpu_sys_get_rt(vcpu); + + /* Treat impossible writes to RO registers as UNDEFINED */ + if (params->is_write) { + unhandled_cp_access(vcpu, params); + return 1; + } + + params->Op0 =3D 3; + + /* + * All registers where CRm > 3 are known to be UNKNOWN/RAZ from AArch32. + * Avoid conflicting with future expansion of AArch64 feature registers + * and simply treat them as RAZ here. + */ + if (params->CRm > 3) + params->regval =3D 0; + else if (!emulate_sys_reg(vcpu, params)) + return 1; + + vcpu_set_reg(vcpu, Rt, params->regval); + return 1; +} + /** * kvm_handle_cp_32 -- handles a mrc/mcr trap on a guest CP14/CP15 access * @vcpu: The VCPU pointer * @run: The kvm_run struct */ static int kvm_handle_cp_32(struct kvm_vcpu *vcpu, + struct sys_reg_params *params, const struct sys_reg_desc *global, size_t nr_global) { - struct sys_reg_params params; - u32 esr =3D kvm_vcpu_get_esr(vcpu); int Rt =3D kvm_vcpu_sys_get_rt(vcpu); =20 - params.CRm =3D (esr >> 1) & 0xf; - params.regval =3D vcpu_get_reg(vcpu, Rt); - params.is_write =3D ((esr & 1) =3D=3D 0); - params.CRn =3D (esr >> 10) & 0xf; - params.Op0 =3D 0; - params.Op1 =3D (esr >> 14) & 0x7; - params.Op2 =3D (esr >> 17) & 0x7; + params->regval =3D vcpu_get_reg(vcpu, Rt); =20 - if (emulate_cp(vcpu, ¶ms, global, nr_global)) { - if (!params.is_write) - vcpu_set_reg(vcpu, Rt, params.regval); + if (emulate_cp(vcpu, params, global, nr_global)) { + if (!params->is_write) + vcpu_set_reg(vcpu, Rt, params->regval); return 1; } =20 - unhandled_cp_access(vcpu, ¶ms); + unhandled_cp_access(vcpu, params); return 1; } =20 @@ -2382,7 +2421,20 @@ int kvm_handle_cp15_64(struct kvm_vcpu *vcpu) =20 int kvm_handle_cp15_32(struct kvm_vcpu *vcpu) { - return kvm_handle_cp_32(vcpu, cp15_regs, ARRAY_SIZE(cp15_regs)); + struct sys_reg_params params; + + params =3D esr_cp1x_32_to_params(kvm_vcpu_get_esr(vcpu)); + + /* + * Certain AArch32 ID registers are handled by rerouting to the AArch64 + * system register table. Registers in the ID range where CRm=3D0 are + * excluded from this scheme as they do not trivially map into AArch64 + * system register encodings. + */ + if (params.Op1 =3D=3D 0 && params.CRn =3D=3D 0 && params.CRm) + return kvm_emulate_cp15_id_reg(vcpu, ¶ms); + + return kvm_handle_cp_32(vcpu, ¶ms, cp15_regs, ARRAY_SIZE(cp15_regs)); } =20 int kvm_handle_cp14_64(struct kvm_vcpu *vcpu) @@ -2392,7 +2444,11 @@ int kvm_handle_cp14_64(struct kvm_vcpu *vcpu) =20 int kvm_handle_cp14_32(struct kvm_vcpu *vcpu) { - return kvm_handle_cp_32(vcpu, cp14_regs, ARRAY_SIZE(cp14_regs)); + struct sys_reg_params params; + + params =3D esr_cp1x_32_to_params(kvm_vcpu_get_esr(vcpu)); + + return kvm_handle_cp_32(vcpu, ¶ms, cp14_regs, ARRAY_SIZE(cp14_regs)); } =20 static bool is_imp_def_sys_reg(struct sys_reg_params *params) diff --git a/arch/arm64/kvm/sys_regs.h b/arch/arm64/kvm/sys_regs.h index cc0cc95a0280..0d31a12b640c 100644 --- a/arch/arm64/kvm/sys_regs.h +++ b/arch/arm64/kvm/sys_regs.h @@ -35,6 +35,13 @@ struct sys_reg_params { .Op2 =3D ((esr) >> 17) & 0x7, \ .is_write =3D !((esr) & 1) }) =20 +#define esr_cp1x_32_to_params(esr) \ + ((struct sys_reg_params){ .Op1 =3D ((esr) >> 14) & 0x7, \ + .CRn =3D ((esr) >> 10) & 0xf, \ + .CRm =3D ((esr) >> 1) & 0xf, \ + .Op2 =3D ((esr) >> 17) & 0x7, \ + .is_write =3D !((esr) & 1) }) + struct sys_reg_desc { /* Sysreg string for debug */ const char *name; --=20 2.36.0.rc2.479.g8af0fa9b8e-goog From nobody Sun May 10 19:51:57 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 80DC1C4332F for ; Mon, 25 Apr 2022 23:54:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238580AbiDYX5J (ORCPT ); Mon, 25 Apr 2022 19:57:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34190 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238600AbiDYX5B (ORCPT ); Mon, 25 Apr 2022 19:57:01 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0F0AE1102AC for ; Mon, 25 Apr 2022 16:53:52 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-2dc7bdd666fso140482857b3.7 for ; Mon, 25 Apr 2022 16:53:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=wr+Rt5L1fqDdNsPuVYqckLa+loKYmG6z4kIr1v4ZOZY=; b=EeDwVIDEftJAHw+7lFAJyKPjIUdU/YIlyW0SNBlS/QT4grmabJllnVJuEP6Mv1O8Wf rKjf/TucTNU9jNcODbVYpgc+yl4hBVu7ybByuUwdC6M+1KSQcIpFK8Re8vB4feQSiX2v LQWB+GTdFjxxojybDofWu/ldjrv0xOQQhlxloyfCsHTFGaaWBXqCXoCN8myGejr56xT0 cnfvu/rX7PwroYhTHswVjeL4VLmRbHyoj5xQDg0I+gE5kAPwMxy0sprCcqP674JJCAej fmFx5Q8N4HCU2hSvne48aTtwwaf6HWyOZsZJxjX/SGPV81iuzkFUcZz7NNlN8IoxH1m0 +wgQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=wr+Rt5L1fqDdNsPuVYqckLa+loKYmG6z4kIr1v4ZOZY=; b=iW07uGWXFq1B7WpX+A/NyX73vB8otADCg+S1VdsIKrgv4FdfuDKu08gKjQiS/yu/Co Ggm3wlBdj/5NcXzfF0tlzGUJ7R0J+xXLw6HMdMb7VgJIilRFHMUodeQ7ecCTWXJbVTqc DmAxByV/FuTGvQ6/sI4b1/DS4Y4iOyDsQe7Otaau14G3DUg6N5okCeYxPBeN/QCeNVek RawdbNA6rGHMsMkmLFRM5UAuFRKJgHPpSQz9cjGOZRr09kPoP8SvP3Mh+oOLwO/qau/j htQ1B+v8rz2GtnkUyXqeoGMgxtIKNu3Qj3PjQla2mZAZoJTq4/0qlLknh5IA/pWNDb58 w2vQ== X-Gm-Message-State: AOAM532+Hbj8ycoN3M+1mn5nJBxEbiWJmAR5x+LYLtzLzpkeyK4H2tQ2 tEiQ1mA9DZzsiDPnseya5U/pe2/9DUU= X-Google-Smtp-Source: ABdhPJxBErIBYNvwXwNCxTHUviYLMLxthYdrHWKFrj3kf90D9/VOIBMyU80/pjUfCacWFKLe8trGOzrMsP4= X-Received: from oupton3.c.googlers.com ([fda3:e722:ac3:cc00:24:72f4:c0a8:21eb]) (user=oupton job=sendgmr) by 2002:a81:6642:0:b0:2eb:c364:b8e1 with SMTP id a63-20020a816642000000b002ebc364b8e1mr19066493ywc.64.1650930831272; Mon, 25 Apr 2022 16:53:51 -0700 (PDT) Date: Mon, 25 Apr 2022 23:53:41 +0000 In-Reply-To: <20220425235342.3210912-1-oupton@google.com> Message-Id: <20220425235342.3210912-5-oupton@google.com> Mime-Version: 1.0 References: <20220425235342.3210912-1-oupton@google.com> X-Mailer: git-send-email 2.36.0.rc2.479.g8af0fa9b8e-goog Subject: [PATCH v3 4/5] KVM: arm64: Plumb cp10 ID traps through the AArch64 sysreg handler From: Oliver Upton To: kvmarm@lists.cs.columbia.edu Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, maz@kernel.org, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, reijiw@google.com, ricarkol@google.com, Oliver Upton Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" In order to enable HCR_EL2.TID3 for AArch32 guests KVM needs to handle traps where ESR_EL2.EC=3D0x8, which corresponds to an attempted VMRS access from an ID group register. Specifically, the MVFR{0-2} registers are accessed this way from AArch32. Conveniently, these registers are architecturally mapped to MVFR{0-2}_EL1 in AArch64. Furthermore, KVM already handles reads to these aliases in AArch64. Plumb VMRS read traps through to the general AArch64 system register handler. Signed-off-by: Oliver Upton Reviewed-by: Reiji Watanabe --- arch/arm64/include/asm/kvm_host.h | 1 + arch/arm64/kvm/handle_exit.c | 1 + arch/arm64/kvm/sys_regs.c | 71 +++++++++++++++++++++++++++++++ 3 files changed, 73 insertions(+) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm= _host.h index 94a27a7520f4..05081b9b7369 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -683,6 +683,7 @@ int kvm_handle_cp14_64(struct kvm_vcpu *vcpu); int kvm_handle_cp15_32(struct kvm_vcpu *vcpu); int kvm_handle_cp15_64(struct kvm_vcpu *vcpu); int kvm_handle_sys_reg(struct kvm_vcpu *vcpu); +int kvm_handle_cp10_id(struct kvm_vcpu *vcpu); =20 void kvm_reset_sys_regs(struct kvm_vcpu *vcpu); =20 diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c index 97fe14aab1a3..5088a86ace5b 100644 --- a/arch/arm64/kvm/handle_exit.c +++ b/arch/arm64/kvm/handle_exit.c @@ -167,6 +167,7 @@ static exit_handle_fn arm_exit_handlers[] =3D { [ESR_ELx_EC_CP15_64] =3D kvm_handle_cp15_64, [ESR_ELx_EC_CP14_MR] =3D kvm_handle_cp14_32, [ESR_ELx_EC_CP14_LS] =3D kvm_handle_cp14_load_store, + [ESR_ELx_EC_CP10_ID] =3D kvm_handle_cp10_id, [ESR_ELx_EC_CP14_64] =3D kvm_handle_cp14_64, [ESR_ELx_EC_HVC32] =3D handle_hvc, [ESR_ELx_EC_SMC32] =3D handle_smc, diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index f403ea47b8a3..586b292ca94f 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -2346,6 +2346,77 @@ static int kvm_handle_cp_64(struct kvm_vcpu *vcpu, =20 static bool emulate_sys_reg(struct kvm_vcpu *vcpu, struct sys_reg_params *= params); =20 +/* + * The CP10 ID registers are architecturally mapped to AArch64 feature + * registers. Abuse that fact so we can rely on the AArch64 handler for ac= cesses + * from AArch32. + */ +static bool kvm_esr_cp10_id_to_sys64(u32 esr, struct sys_reg_params *param= s) +{ + u8 reg_id =3D (esr >> 10) & 0xf; + bool valid; + + params->is_write =3D ((esr & 1) =3D=3D 0); + params->Op0 =3D 3; + params->Op1 =3D 0; + params->CRn =3D 0; + params->CRm =3D 3; + + /* CP10 ID registers are read-only */ + valid =3D !params->is_write; + + switch (reg_id) { + /* MVFR0 */ + case 0b0111: + params->Op2 =3D 0; + break; + /* MVFR1 */ + case 0b0110: + params->Op2 =3D 1; + break; + /* MVFR2 */ + case 0b0101: + params->Op2 =3D 2; + break; + default: + valid =3D false; + } + + if (valid) + return true; + + kvm_pr_unimpl("Unhandled cp10 register %s: %u\n", + params->is_write ? "write" : "read", reg_id); + return false; +} + +/** + * kvm_handle_cp10_id() - Handles a VMRS trap on guest access to a 'Media = and + * VFP Register' from AArch32. + * @vcpu: The vCPU pointer + * + * MVFR{0-2} are architecturally mapped to the AArch64 MVFR{0-2}_EL1 regis= ters. + * Work out the correct AArch64 system register encoding and reroute to the + * AArch64 system register emulation. + */ +int kvm_handle_cp10_id(struct kvm_vcpu *vcpu) +{ + int Rt =3D kvm_vcpu_sys_get_rt(vcpu); + u32 esr =3D kvm_vcpu_get_esr(vcpu); + struct sys_reg_params params; + + /* UNDEF on any unhandled register access */ + if (!kvm_esr_cp10_id_to_sys64(esr, ¶ms)) { + kvm_inject_undefined(vcpu); + return 1; + } + + if (emulate_sys_reg(vcpu, ¶ms)) + vcpu_set_reg(vcpu, Rt, params.regval); + + return 1; +} + /** * kvm_emulate_cp15_id_reg() - Handles an MRC trap on a guest CP15 access = where * CRn=3D0, which corresponds to the AArch32 feature --=20 2.36.0.rc2.479.g8af0fa9b8e-goog From nobody Sun May 10 19:51:57 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 837C2C433FE for ; Mon, 25 Apr 2022 23:54:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238644AbiDYX5L (ORCPT ); Mon, 25 Apr 2022 19:57:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238633AbiDYX5G (ORCPT ); Mon, 25 Apr 2022 19:57:06 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D0C2F814A0 for ; Mon, 25 Apr 2022 16:53:53 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id h9-20020a631209000000b0039cc31b22aeso10000879pgl.9 for ; Mon, 25 Apr 2022 16:53:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=IxHNHx5wJBVm+rn+jgN7nIqGaCqRxbvwWyLEAglKnWI=; b=BO1aKVrSqDD9Ar0XuW9GCnstLd6dqzKgozWJIYb2AWXq+i9HInlKJW+JM8QQ7DwNfq BzCri9AGFee+/Cg03nTnxQknM85IOpD1VLlaks2DOYHxTnDc0GDUtxrn8jFmyoc7Iwya LrB+PzlU7uNFxxEbFBLUDx5GqzUBM7Du2WHaUmp1uEqjJpahl6fY2OEUueuS+fJmFePz a6GUInOaDxJD1otn6Q5byCPbTRs090t5DzYKPvMKlUexwbyBZUActCjMi/Rb70jJQGGo AnZYlz5v/iyJreScwHMG3OgX0zXV7QcvUfaDMbRUc+hIMqqSyjWDHX4b1AwE+Ci//r06 uqfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=IxHNHx5wJBVm+rn+jgN7nIqGaCqRxbvwWyLEAglKnWI=; b=GCp9Ptmy1193MfYusiScOI5ud+eFuJoZUe3EyhVwezk1VLoFhEyYEZnolX5FphWL15 sthghjo3FDxqogqbaE8eqMbingnhNamntFdXaq0WqiscbxxSvQxAFwncV7RgcVXZbfX4 wL202dZq8YXWlMpyDNTT+XnaYMpFMTjzo5FoxPPiPx6DL4fSQE4o+SNSE16TtgioR4fz RtcKnVoVEwUFqdlHBQcGUAYnaMkrZWb9xGqeu5Fu2bsQg9B/Xm3a/ypL8k6L8ee1Dzi6 iHfxtsxtlamnHUAFCSEzUF3NBn0WsKlpO+RJrk/dXLFJg/ZkUkVzcz+5mcF94uhneH+g 977g== X-Gm-Message-State: AOAM530GnXHeSukf75edqTwmvNeLFk6+7j0IFJZh9aDj/UTs9kwg0Mp5 0oOjNc3G47cBvAnOZI+/hfqf04QzFNs= X-Google-Smtp-Source: ABdhPJy8VMFMNE9Q7UkBKYVM4qUrLDosnMII9dPPPSbr5WKYB/hKuYfHo0mtNOfXwW2DsxYsAqekF2bfA/Q= X-Received: from oupton3.c.googlers.com ([fda3:e722:ac3:cc00:24:72f4:c0a8:21eb]) (user=oupton job=sendgmr) by 2002:a17:90a:9105:b0:1d2:9e98:7e1e with SMTP id k5-20020a17090a910500b001d29e987e1emr1694934pjo.0.1650930832927; Mon, 25 Apr 2022 16:53:52 -0700 (PDT) Date: Mon, 25 Apr 2022 23:53:42 +0000 In-Reply-To: <20220425235342.3210912-1-oupton@google.com> Message-Id: <20220425235342.3210912-6-oupton@google.com> Mime-Version: 1.0 References: <20220425235342.3210912-1-oupton@google.com> X-Mailer: git-send-email 2.36.0.rc2.479.g8af0fa9b8e-goog Subject: [PATCH v3 5/5] KVM: arm64: Start trapping ID registers for 32 bit guests From: Oliver Upton To: kvmarm@lists.cs.columbia.edu Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, maz@kernel.org, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, reijiw@google.com, ricarkol@google.com, Oliver Upton Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" To date KVM has not trapped ID register accesses from AArch32, meaning that guests get an unconstrained view of what hardware supports. This can be a serious problem because we try to base the guest's feature registers on values that are safe system-wide. Furthermore, KVM does not implement the latest ISA in the PMU and Debug architecture, so we constrain these fields to supported values. Since KVM now correctly handles CP15 and CP10 register traps, we no longer need to clear HCR_EL2.TID3 for 32 bit guests and will instead emulate reads with their safe values. Signed-off-by: Oliver Upton Reviewed-by: Reiji Watanabe --- arch/arm64/include/asm/kvm_arm.h | 3 ++- arch/arm64/include/asm/kvm_emulate.h | 7 ------- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_= arm.h index 1767ded83888..b5de102928d8 100644 --- a/arch/arm64/include/asm/kvm_arm.h +++ b/arch/arm64/include/asm/kvm_arm.h @@ -80,11 +80,12 @@ * FMO: Override CPSR.F and enable signaling with VF * SWIO: Turn set/way invalidates into set/way clean+invalidate * PTW: Take a stage2 fault if a stage1 walk steps in device memory + * TID3: Trap EL1 reads of group 3 ID registers */ #define HCR_GUEST_FLAGS (HCR_TSC | HCR_TSW | HCR_TWE | HCR_TWI | HCR_VM | \ HCR_BSU_IS | HCR_FB | HCR_TACR | \ HCR_AMO | HCR_SWIO | HCR_TIDCP | HCR_RW | HCR_TLOR | \ - HCR_FMO | HCR_IMO | HCR_PTW ) + HCR_FMO | HCR_IMO | HCR_PTW | HCR_TID3 ) #define HCR_VIRT_EXCP_MASK (HCR_VSE | HCR_VI | HCR_VF) #define HCR_HOST_NVHE_FLAGS (HCR_RW | HCR_API | HCR_APK | HCR_ATA) #define HCR_HOST_NVHE_PROTECTED_FLAGS (HCR_HOST_NVHE_FLAGS | HCR_TSC) diff --git a/arch/arm64/include/asm/kvm_emulate.h b/arch/arm64/include/asm/= kvm_emulate.h index 7496deab025a..ab5c66b77bb0 100644 --- a/arch/arm64/include/asm/kvm_emulate.h +++ b/arch/arm64/include/asm/kvm_emulate.h @@ -86,13 +86,6 @@ static inline void vcpu_reset_hcr(struct kvm_vcpu *vcpu) =20 if (vcpu_el1_is_32bit(vcpu)) vcpu->arch.hcr_el2 &=3D ~HCR_RW; - else - /* - * TID3: trap feature register accesses that we virtualise. - * For now this is conditional, since no AArch32 feature regs - * are currently virtualised. - */ - vcpu->arch.hcr_el2 |=3D HCR_TID3; =20 if (cpus_have_const_cap(ARM64_MISMATCHED_CACHE_TYPE) || vcpu_el1_is_32bit(vcpu)) --=20 2.36.0.rc2.479.g8af0fa9b8e-goog