From nobody Tue Oct 7 21:28:44 2025 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2084.outbound.protection.outlook.com [40.107.237.84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 215CE1F5437 for ; Sat, 5 Jul 2025 07:17:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.84 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699858; cv=fail; b=XgLlB4DOhbr5E1wjdUjmbX7dzFGf2A3hOJkxg3bqphxok0mK4nGeaIlsotLGaZdZRbgXnxNdK3UwU3RK+q1yUo+Mo16WFMUp9Lf3et7LkemE6DwIWTp5RHkwVAO2AcWKAXHj6cZQ0TTtNRhSl5p8yp0hUjsUUlsbnpztr98Sc3g= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699858; c=relaxed/simple; bh=vqdRqK2v8g9Wqwe80KHYkdnepr2zUBwTsdVKu1Iyb8o=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=gj505CLi1qi43oAcvj/CRsN6Ad8KFTLrWX29xfruHKuUuYvZTQ0bZ4lI5b0N0R5Z5fMTZ6PUIBeJ+dP58SHGQG5KPyGpuBifXU5X1h93uhEoIIbmf9KFp6kQhWUu+F6NwB+2zoueHGsfVsFJySp9WgSgbR8LWceEfohHpK1+kPQ= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=gXx6CGCK; arc=fail smtp.client-ip=40.107.237.84 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="gXx6CGCK" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ccO82VbCKpMqbiPEK05jr4pMoadJFXMmFH+sKcP6ocCE+SCGaFGTQXqIuVNnQuDEfZEPV6udyev6TvHEmYJsLgTToEkmCbluqxiFe1T6Xbkt90XlmwbWWC7w0tec04oZxTjchTNjMKGMwDzgQuXnKvVIvG+tmF6tJrPV7uh9qhr066LSv2EJeyk1DLyMIN7nJEnh+XXQYZD9pVk90SCjEp9G1nFFPjBagr4docZIAgxEk/4d+BA2J3Hp4GkC9vLrnyFEPde7KEdTP7CgD5Jx+e73xIbDBS0CP4DZyj3pe5G6yKlaj8Is8x+Ux+N3cumNIIoQ8EpH5fUhdsgrUyrBJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Bpm0bXsRM9yInaQMDqYb4M1DHhKTk0ZdmS+96+3Jjcc=; b=KsqFhtyPPm8e13PgbiY23mamNdakxjkChrSdmD5uRn4oujXsIAnNNK94/nKHH3EkVQC+O0QAZgquKFXMDDcg6nvhmBfQ0fZSi5R77c2964WhTyzMG1Wt6xkqmEHRpEQCsvLkiQR82QLgml0krhvVz4El1quqvmrG5zRUA31Pf2fOeRiSGDUGI7pv9zWhC31MxiElQX5C91eJ8R4O3/apodUK/C/LYnTd5feraua4Xja3i6gxhBDKaV84KZhMyEcyfdY1SWknlVD0gRz0nh78AD2zglZIPsZ1zIjbYRrT6b3f9Jg8PETtYocZm77olVcwWz43Wq0MAU72a6WNKP8T7w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=redhat.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bpm0bXsRM9yInaQMDqYb4M1DHhKTk0ZdmS+96+3Jjcc=; b=gXx6CGCKhZPOrpnDyDtr9NWcKnZrq80mpsCH4hD+ciIv7QM6a5TFgJ31LiDLow5FM3opPTozdnPZcOIQQQv3+pwXCTaMilK9hQc98EBxOjNhcW7h+/f7spDBM4woee2lqs6DJsfG/Ybn6U2Zh90cnxkcMrhdhjPiZyBcEAcqZVHFCejlG9eJQneWiI7oqiFiUV1zQ78BWAUkT9cHssL4GAdZcL2IjUx5fcU7WvsYP5KBQnlVppk6PTgTVOKD8EkPSIPR1bwOu1hWFAjzB6BMiJUKsQTAg6edcZdt5v2ndje6iFMCBbz+c678ipLZyC1NK5XvvCnrYPeGTIiC74ZWAg== Received: from SN1PR12CA0056.namprd12.prod.outlook.com (2603:10b6:802:20::27) by DS5PPFD22966BE3.namprd12.prod.outlook.com (2603:10b6:f:fc00::662) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8835.28; Sat, 5 Jul 2025 07:17:29 +0000 Received: from SA2PEPF00001505.namprd04.prod.outlook.com (2603:10b6:802:20:cafe::39) by SN1PR12CA0056.outlook.office365.com (2603:10b6:802:20::27) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8901.23 via Frontend Transport; Sat, 5 Jul 2025 07:17:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by SA2PEPF00001505.mail.protection.outlook.com (10.167.242.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8901.15 via Frontend Transport; Sat, 5 Jul 2025 07:17:29 +0000 Received: from rnnvmail205.nvidia.com (10.129.68.10) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Sat, 5 Jul 2025 00:17:21 -0700 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail205.nvidia.com (10.129.68.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Sat, 5 Jul 2025 00:17:20 -0700 Received: from localhost.nvidia.com (10.127.8.12) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14 via Frontend Transport; Sat, 5 Jul 2025 00:17:19 -0700 From: To: , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 1/6] KVM: arm64: Rename the device variable to s2_force_noncacheable Date: Sat, 5 Jul 2025 07:17:12 +0000 Message-ID: <20250705071717.5062-2-ankita@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250705071717.5062-1-ankita@nvidia.com> References: <20250705071717.5062-1-ankita@nvidia.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-NV-OnPremToCloud: AnonymousSubmission X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SA2PEPF00001505:EE_|DS5PPFD22966BE3:EE_ X-MS-Office365-Filtering-Correlation-Id: 97f8a7fe-d668-4354-2e2b-08ddbb940053 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|1800799024|82310400026|36860700013|921020; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?T/EBLtb42Jcz1rEBuSNKBHqPpg4u6adNAnA36kzit6Yd6sd/QWenycMswQD3?= =?us-ascii?Q?riIlSkOCuXFOrivi3tKrkSXw/E0v0HaNLwbs6dk/vuOUuqBX0CtYFB0cW+QY?= =?us-ascii?Q?+yAuauHj3gmo2QHQOCP7Puy+S+VTZCTZHZrMJS7sNiF+a6N+AFA9euMNN1qe?= =?us-ascii?Q?Wbdwn3dYsgLpLqwgthoiUSZUgPWOm++CKofCze0sC3fWIbVs7Uv5TQ5FFvTs?= =?us-ascii?Q?vjEN7bGDrNGBesRfRlnJb0I+zM6s5zPmvEcVngFoKfWFtLYo+PTvD48D2zz1?= =?us-ascii?Q?AADUVbxV94VSyU9vkUDd8v+yExD8vHdxkIkrXs+5owMz+jTFHKWt+jxoeHdB?= =?us-ascii?Q?uHdLdZQ7lxV9MI2VApr4tk2UoyKvYbKy+D/arvYaE1lW0N40J9IStE2c4U6F?= =?us-ascii?Q?4rSzIllE+adDScMPOx4r4g0AgTbSaHjWFh6zju0bq4oSVVnEDqdm1N05ogn3?= =?us-ascii?Q?VduDEz7pa3CXpWAvaexVBwvFdaePX/GVrNuzzQwwok0PA1JiCHwXLSUyT2mE?= =?us-ascii?Q?mqkGMrwdkGNiRBquESjkr7YkRmTK9ft44QSEhg0JGkdHmByCucNpA0SQwSOW?= =?us-ascii?Q?jLwtqJ9WxomageR7mpavGOe+dQFZOC7w/7oPnyx1ZKo6wqC1G/efNM0+mxYU?= =?us-ascii?Q?cVyg10aIu/95Jm875b2Q0rZzZd1dqAcTZiM4PBTNmbohRCDWNbaOjM+5+iB/?= =?us-ascii?Q?3RrMU6QD6wELmW0SqarHjKakiorcHVd3T0cQC6/lB5nrf5Vx2Brk2XGtgxlS?= =?us-ascii?Q?wl7QINYoSaGCbXSSxeodu2dZtdGvqI8fN7BRAlQFmGKYAJGvektOq9y/272c?= =?us-ascii?Q?jNCRbxyDs3zD1rmCxqdBe7nh7JapD53bzoVkWqvH2pbtDWi/h+FeOTmkMDDG?= =?us-ascii?Q?4JA0L6fXSayXCcsYcMwfRyDE0YsNArVJEULLNrqcbiRMt2uMOJbK7L4NT+K0?= =?us-ascii?Q?h9Uoh3tgzqtYtJUpCej1G7J4msj9ZcBx2iXzz+S6Rv1IMBdsw6XK2W6wd12H?= =?us-ascii?Q?tu8E8EzjXMVzl+Ups0VP655S5V2KWmmnm6Z4MHnc8H4kKjxjyWqLYEMPl6mA?= =?us-ascii?Q?CNSSmWj7MaftXAt9wMK43Gc5Dt2CmBlyuj46e4780qKTIm74tDVZw9GlHVg6?= =?us-ascii?Q?YTQXUtbQfPtIUsl6rnWfpfSgRM3IyDmgZyevDim1UtDJeuMMkQa2t9eT9atF?= =?us-ascii?Q?0Yay95nHepsMtxjyIERBpIYbrNjTo7aQIs4j6uHEymP6xCZSLmuHPzaa64Dp?= =?us-ascii?Q?oJo7l5N8E+2XiB3709vpL54JKOIZetDnq+8SGYdKHPhEQ+sqSQLJJIRV46/p?= =?us-ascii?Q?ji4qOR/vyXiJGrFYRVdromqdX274S3GLTmW/uOqAef9ByU9DrK4q7lHRdnqq?= =?us-ascii?Q?0d2OKSmKG14YsIc1AQn3ohAwgB6qEtUl1zQliHQEQu9dTmqDbNDnl1T2yksE?= =?us-ascii?Q?hpDjoiyHMyw/E3HCGXiEKv1Er+u0+djlR2x8e1pZ2xeej78x1g4EcbEWvKzM?= =?us-ascii?Q?USVVSn7Z6o2aqQMp8vdUJ8jukMIlRKkfYok/D29IcB3SdmZ0zqztTZvycw?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(7416014)(376014)(1800799024)(82310400026)(36860700013)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jul 2025 07:17:29.0833 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 97f8a7fe-d668-4354-2e2b-08ddbb940053 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: SA2PEPF00001505.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS5PPFD22966BE3 Content-Type: text/plain; charset="utf-8" From: Ankit Agrawal For cache maintenance on a region, ARM KVM relies on that region to be mapped to the Kernal virtual address as CMOs operate on VA. Currently the device variable is effectively trying to setup the S2 mapping as non cacheable for memory regions that are not mapped in the Kernel VA. This could be either device or Normal_NC depending on the VM_ALLOW_ANY_UNCACHED flag in the VMA. Thus "device" could be better renamed to s2_force_noncacheable which implies that it is ensuring that region be mapped as non-cacheable. CC: Catalin Marinas Suggested-by: Jason Gunthorpe Reviewed-by: Jason Gunthorpe Reviewed-by: David Hildenbrand Tested-by: Donald Dutile Signed-off-by: Ankit Agrawal Reviewed-by: Catalin Marinas --- arch/arm64/kvm/mmu.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 2942ec92c5a4..1601ab9527d4 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1478,7 +1478,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, int ret =3D 0; bool write_fault, writable, force_pte =3D false; bool exec_fault, mte_allowed; - bool device =3D false, vfio_allow_any_uc =3D false; + bool s2_force_noncacheable =3D false, vfio_allow_any_uc =3D false; unsigned long mmu_seq; phys_addr_t ipa =3D fault_ipa; struct kvm *kvm =3D vcpu->kvm; @@ -1653,7 +1653,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, * In both cases, we don't let transparent_hugepage_adjust() * change things at the last minute. */ - device =3D true; + s2_force_noncacheable =3D true; } else if (logging_active && !write_fault) { /* * Only actually map the page as writable if this was a write @@ -1662,7 +1662,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, writable =3D false; } =20 - if (exec_fault && device) + if (exec_fault && s2_force_noncacheable) return -ENOEXEC; =20 /* @@ -1695,7 +1695,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, * If we are not forced to use page mapping, check if we are * backed by a THP and thus use block mapping if possible. */ - if (vma_pagesize =3D=3D PAGE_SIZE && !(force_pte || device)) { + if (vma_pagesize =3D=3D PAGE_SIZE && !(force_pte || s2_force_noncacheable= )) { if (fault_is_perm && fault_granule > PAGE_SIZE) vma_pagesize =3D fault_granule; else @@ -1709,7 +1709,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, } } =20 - if (!fault_is_perm && !device && kvm_has_mte(kvm)) { + if (!fault_is_perm && !s2_force_noncacheable && kvm_has_mte(kvm)) { /* Check the VMM hasn't introduced a new disallowed VMA */ if (mte_allowed) { sanitise_mte_tags(kvm, pfn, vma_pagesize); @@ -1725,7 +1725,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, if (exec_fault) prot |=3D KVM_PGTABLE_PROT_X; =20 - if (device) { + if (s2_force_noncacheable) { if (vfio_allow_any_uc) prot |=3D KVM_PGTABLE_PROT_NORMAL_NC; else --=20 2.34.1 From nobody Tue Oct 7 21:28:44 2025 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2057.outbound.protection.outlook.com [40.107.212.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6FB47276022 for ; Sat, 5 Jul 2025 07:17:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.212.57 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699862; cv=fail; b=NWjWBLxdQZZtZA/nChJRGVr6KQ4hc6pZr+Fem6Ty58qU0Z2qsOlU5f6QRyM+CwDpcjDWJk+FZHl7bbsJx/IALY8lxnqmQV1B3TseP6ATfoNEwMeeWKW7ibifLypiBEV+3UN/bqQz49piQ+f0vnGFMv6GLKiDrdCv7q0I6csnKxQ= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699862; c=relaxed/simple; bh=jW0OheQ9UTQ8cQvKh/lDSXMp3WJB1B1A2JVNsH5jTkE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=kz3y1jaPt6YKzFeZNbTddPYif3WT1ghRYLNqbsmc+IR/lDNOz9rsWYvm4cTujGTzFXLe1lSVEl3CdH0vliqTMIUIyfsyfJE99ppqj3lgPzFrWnV02nKF1Srgqq/trfVcQDuGYWYFpEMxgVlU/y3lW0dl8IGW+FWUo993nCDtiZM= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=a8HLwxcT; arc=fail smtp.client-ip=40.107.212.57 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="a8HLwxcT" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=L0bqQ3okTpPyKaUg48g9249coO9l+T3RCOYsyYSfmsFM44PsQ+JrVo7VFbxNG+RBx0Fsyf58fXDU1Zpb8YJaK4UDhjfv5LSgsTd1uKR6lrUm3xaUJ5SY9376TEwLi7j+DBqMTNVFgK5r0da5+QuE+0kR4TLZv5Lem/m0Ph9eYI+dYnu4iaWq0yWvHxKZJBd8qfLy9m5PSJ2KzUgP+PUMYSuC15qlyn7nW9T58a5paFwzbhnEXIWoIFgEjIV5S+PUx0bOMDBLvOYAUB5zu7HGRfvUA87bYOCugK41aTPHxK9TiqYmYQQeZ10OOO+do3Z5WMMroKKMrgOYsz6a9nEioA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=f0Cvkf2sp+kRgbkTK47mDMPpUm9D+BoyXCyZWjlpiO0=; b=n0R6JAK5GdqrSqJ0Jh//ZlwCoNh3dPBhxdwl3D6fXwN7U87vsJbiTuLDm7aztwlV5xFLrActQ6o+Jf7GH+DrjZx+gzY/rEpLtazMkHOdaM26ae8HA6nNXX+yOgZxiWEdPqz9wpZoCzpK+uq7gWBDPCj0Xekpz69NxQx7+8xt4etzW6edZ3y+AdEYEzagoR5YMGvR9OabbZn/368QkG9xd6xD7wihmoYhPkQdCjKQuCbYXsw1K1LBE+pyoedAjWr1oebhw9Hc9HYAE/sILYSjSNwVkSnSkxfEcOGz0xxVWCHF8Wh7grufqV1amvPXpiHSQTEJMqWmTQ0boO7SsMVLbA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=redhat.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=f0Cvkf2sp+kRgbkTK47mDMPpUm9D+BoyXCyZWjlpiO0=; b=a8HLwxcTEWISdCQ4/AuKZkiENiMKVdaT9G4NBwzoyrjHx9as2PmBbb2npe/HYXWWDa0WQo7YyDZX+XZOS/IvOktJaOu05XUBUJw84+V2soeAfStT3JvaSUcFPDnvqc1i9L0lFCrYWhua9NNkdMOySx0xdgvy8K67M7Yuv62ZBA8DkSRVrT8f3JQApuD7nv5EnhbqOCYTCqyT2Z1D3w3pGV5AuKycv8D4iIp7nfYc9BdgMVxVrq20mCWjwr0ZlF7rcdGbWYgNqH/rHIZ2yqvGuAYB7x9m0RY1/aZy4aWHr1jRqpxOe7WYH13tV8a6P2Yy88AU4sCXWoOr51jBQCSD4Q== Received: from PH8PR02CA0028.namprd02.prod.outlook.com (2603:10b6:510:2da::29) by LV2PR12MB6014.namprd12.prod.outlook.com (2603:10b6:408:170::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8880.25; Sat, 5 Jul 2025 07:17:35 +0000 Received: from CY4PEPF0000FCBE.namprd03.prod.outlook.com (2603:10b6:510:2da:cafe::8c) by PH8PR02CA0028.outlook.office365.com (2603:10b6:510:2da::29) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8901.24 via Frontend Transport; Sat, 5 Jul 2025 07:17:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by CY4PEPF0000FCBE.mail.protection.outlook.com (10.167.242.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8901.15 via Frontend Transport; Sat, 5 Jul 2025 07:17:34 +0000 Received: from rnnvmail205.nvidia.com (10.129.68.10) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Sat, 5 Jul 2025 00:17:22 -0700 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail205.nvidia.com (10.129.68.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Sat, 5 Jul 2025 00:17:21 -0700 Received: from localhost.nvidia.com (10.127.8.12) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14 via Frontend Transport; Sat, 5 Jul 2025 00:17:20 -0700 From: To: , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 2/6] KVM: arm64: Update the check to detect device memory Date: Sat, 5 Jul 2025 07:17:13 +0000 Message-ID: <20250705071717.5062-3-ankita@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250705071717.5062-1-ankita@nvidia.com> References: <20250705071717.5062-1-ankita@nvidia.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-NV-OnPremToCloud: AnonymousSubmission X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCBE:EE_|LV2PR12MB6014:EE_ X-MS-Office365-Filtering-Correlation-Id: c89a6c5e-7447-43ae-4047-08ddbb94037d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|82310400026|1800799024|36860700013|921020; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?n/Pk61f9jY3EWwqvMSiVb8K4g3oFyzEDvc+kvpKbaLdJTPajVBIxEkLqDoX7?= =?us-ascii?Q?0vCPe4haSUTR3Uu6PlPyYLGU1lvXkQn8zei7akoToSKuFOHW62gLHGxWYHyw?= =?us-ascii?Q?iFgr410RMCAMneKmyQw+AQpUrBWNKuGqcsEuRfCBnFAS2z1u/2v0EZ9VaVQD?= =?us-ascii?Q?SBfBFmLwWLYcaoy9NrpOwd3JY142yN6/pPe2bb0+QRBkYojdiflqZ1X+jz1p?= =?us-ascii?Q?bFiTbXig0r4Eu2NSSMawUi4NOXu0vNtM5mdLnX7oWxAo23BlOORDkdZ88kwT?= =?us-ascii?Q?HhxHRev3gW5uo+nz7fyE9+Ikm4pRt4Fa3UEECAYJPnpyKHVhwDdFzrOzAOQC?= =?us-ascii?Q?uw5D7hNUz316UYJlkaDFXHlr9g+/bk1ReOF3mGr6PbBot0IhCD2m/he6O4TZ?= =?us-ascii?Q?CQFVBMAOTe5qeFKUvA3XCfYdLJG4OJHU1RR7PEXVqa0dsXL0dejRZPhVKT7W?= =?us-ascii?Q?nBRA1QNDILdR+hC/AunoE3dIkmn7HsBk2adt3jMiRxgNHptGRY5/gGUwu6k3?= =?us-ascii?Q?pShDjjh4Q1eKWZ1PhXbYeSsLywmY3RkxLTDqv3/Cy4/MnB+zxpoppXTPqwVq?= =?us-ascii?Q?x5j2nHbLxT6jryHMpn3kVF8bLj1rsmn/RDBP+5BGxV0PA04XcWxiMc1xlo5T?= =?us-ascii?Q?UY83qG1L0o5Oh/xYvVHu+vWDIgNz48D8zgyl3cYOx6FMk1mwXF4JbSvS3BHz?= =?us-ascii?Q?FfHPGMewDm4kTNnl2c/ZqlW4qIcgf5rpx985+ONivaa68Hk9HLve3/eSeZFa?= =?us-ascii?Q?RfjfyM/vs3aew5IjYm1rBoRS7isdhnFBKN51ezdz5UJN3Pa3/LgVzAGCGAJ6?= =?us-ascii?Q?US28PkvCu2Ku+U4CWf9PvyTdp22AtRbFKYxkZUv3OkUfSwLULDOWHD+usxqZ?= =?us-ascii?Q?aR5Han5JsizfrW/earPpkrXsSFHd5sw4ENtjzEVpWhkqs+gBzIY/YjFT7B4n?= =?us-ascii?Q?yYLmUxgIZdo++Jr5a5L2tovjWrvfcBCXszavOrY9kxS8GqJOn/ucRcqrT/oR?= =?us-ascii?Q?EA5sauBfu2PpRY5NT8+qERs9lszs1rSlrOekVhWDqgGxlHWxda2ISY664BJA?= =?us-ascii?Q?r65hzJ4lH/b9nW6qUuWtPqgHbT5jPqCmVKSSOHjzfwNxOPkMaobaAFDmofK8?= =?us-ascii?Q?cQKq05n33Yo/jPj9PoyBS3kC7DShevK8/fx4utDicv8WU5xAg1DGzItrDQaQ?= =?us-ascii?Q?aIMxpkgylt77S0BrjCKLQXxjptbU2muH8WQQ9AGD7OIzaQaEFPrQ4V8MJ6E6?= =?us-ascii?Q?S9Ja6/m9IUms84743+fdqibpbgojNVMu95DojvcIuiVP9v2J2Cmv5oVIDhUT?= =?us-ascii?Q?c7bgmlJNMDWNQB9Pf9BYG8x9viQHsokt5e6UE5K5y6kkrsfNTyPqsSlmfoNu?= =?us-ascii?Q?+rZ4vOe4wP8x/IrhZi144A3D6DM5VJL/vB5VAVC4LU+DxqfPD5mZ1pvoBa/o?= =?us-ascii?Q?Ig6ef5bIE6tKk2/gWkSwtqNtM+zmnitS6mpBFaxFLm2HMD1UYK61KFIlmY15?= =?us-ascii?Q?RsEmaIVYJCk4Ln2xOWQJvD4PR0hjCN9ESCwFoEV3T37X9HdVScXUTUeYVg?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230040)(376014)(7416014)(82310400026)(1800799024)(36860700013)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jul 2025 07:17:34.4001 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c89a6c5e-7447-43ae-4047-08ddbb94037d X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCBE.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB6014 Content-Type: text/plain; charset="utf-8" From: Ankit Agrawal Currently, the kvm_is_device_pfn() detects if the memory is kernel mapped through pfn_is_map_memory. It thus implies whether KVM can use Cache Maintenance Operations (CMOs) on that PFN. It is a bit of a misnomer as it does not necessarily detect whether a PFN is for a device memory. Moreover, the function is only used at one place. It would be better to directly call pfn_is_map_memory. Moreover we should restrict this call to VM_PFNMAP or VM_MIXEDMAP. Non PFMAP or MIXEDMAP VMA's must always contain normal pages which are struct page backed, have KVA's and are cachable. So we should always be able to go from phys to KVA to do a CMO. Suggested-by: Jason Gunthorpe Reviewed-by: Jason Gunthorpe Reviewed-by: David Hildenbrand Tested-by: Donald Dutile Signed-off-by: Ankit Agrawal Reviewed-by: Catalin Marinas --- arch/arm64/kvm/mmu.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 1601ab9527d4..5fe24f30999d 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -193,11 +193,6 @@ int kvm_arch_flush_remote_tlbs_range(struct kvm *kvm, return 0; } =20 -static bool kvm_is_device_pfn(unsigned long pfn) -{ - return !pfn_is_map_memory(pfn); -} - static void *stage2_memcache_zalloc_page(void *arg) { struct kvm_mmu_memory_cache *mc =3D arg; @@ -1492,6 +1487,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, enum kvm_pgtable_prot prot =3D KVM_PGTABLE_PROT_R; struct kvm_pgtable *pgt; struct page *page; + vm_flags_t vm_flags; enum kvm_pgtable_walk_flags flags =3D KVM_PGTABLE_WALK_HANDLE_FAULT | KVM= _PGTABLE_WALK_SHARED; =20 if (fault_is_perm) @@ -1619,6 +1615,8 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, =20 vfio_allow_any_uc =3D vma->vm_flags & VM_ALLOW_ANY_UNCACHED; =20 + vm_flags =3D vma->vm_flags; + /* Don't use the VMA after the unlock -- it may have vanished */ vma =3D NULL; =20 @@ -1642,7 +1640,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, if (is_error_noslot_pfn(pfn)) return -EFAULT; =20 - if (kvm_is_device_pfn(pfn)) { + if (vm_flags & (VM_PFNMAP | VM_MIXEDMAP) && !pfn_is_map_memory(pfn)) { /* * If the page was identified as device early by looking at * the VMA flags, vma_pagesize is already representing the --=20 2.34.1 From nobody Tue Oct 7 21:28:44 2025 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2062.outbound.protection.outlook.com [40.107.243.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 657FB2749E3 for ; Sat, 5 Jul 2025 07:17:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.62 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699858; cv=fail; b=NnfjSNgIHcVPADOjqwP+si+ZaeExb+gkuVzsfPHlrbl6yRFXXhwBVN2juUaqLMLImzgnQbTv0JHekIF85s3uGbxaN6eOowQ7sKRnytTczpshqCVtEPW/IC8fKaJqESqH7y/Q8gZEujn/3pdC73CxPfYRuC9iW49RppsmTLgtgYY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699858; c=relaxed/simple; bh=FH2JLqejtFxeqB7YVRoihcKTXyT3fOxNyWQDQ87oHm0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=qUxQrIQrNG4xjDSBMIIk4d+RExNtOaTBDqnSAyESwjm/l9ewNK7aqCWKCx0fYWSYjNdFXTNgVzElKPGyNAM4lHB18ynxNfkKOSaBBJIngBPZZYXRzvU1dlyP5mVqdFC6i9yGS8zR79qAsjHsFCH38HhANwzg9GeAyOhuSle0HPk= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=hAHS5QY/; arc=fail smtp.client-ip=40.107.243.62 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="hAHS5QY/" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=r3ArfPyVtS1l0P0zwFNlbFZ02gntYSsx1ftaag9shu+efqXO4dQjfEmAUqrK0xGeNCku9RCemK5HXJ8CoU8ACCmi2CeIy05HmzfFxz7+RYwMK/N07CLN3DyWv1vlezxGxJMZSx13SnX+XUjAaf+rY0zH5kyozZt5L+B4HWvl45dnGasiMXhTKGL5Tommu3/WPEF2VWOwuIa8FpPW5+jakPXfByLR4Su0OWskt+CPK7ANgxpiLwQbnDgow4xjp1/Rp6qpOVTwn9hZiG0vdyn1Q2pKc+SwVw0gtiLqlyey3j5rJsm2IiHXDZn1Eg6iDkdw0WVwMqfuws7WsYvcq1A2tA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ko9vd6j/0qKN54o7ihcloidDlMzCnnWiCiPRuP5Cc4o=; b=wX8q/F/nDQSZiWf9jtyD7nasOr6+CZrTP0rViRF9nJm1qRSkeEDSVYAoZZfmf+7rv6ZbR6ma0W1mYimro6Dy9BpQjQkkd2HoHqcTgY5T05Aps4goDrxlPAt/mF7bjoFMk1HGXs7oggvmj18GG8dmNaU4xoc5XlDJXyAbEQE+FnaQIsDdIO24F6H+E6xZCRNZ7AG9HSG8DafjfC+u2S6bkgCaZFjEBO9rdCwzcyuhW1BmhHCPnaOfmC8KOKqj85dfI2e4Y54SdxAB5AhQ/TuflQyhJc+sGhX7+a5mGEc3+22KxD4j4Dt+KIDAbUASHwMGRMTwDZmz5KjSU+xSDcsYuw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=redhat.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ko9vd6j/0qKN54o7ihcloidDlMzCnnWiCiPRuP5Cc4o=; b=hAHS5QY/RXZtWVR+a/P96pofKF0VZeuG5Qi365KduMVAElyrlHYJkoSmUUwaxmCuPndlNHq/J1nZstzi1nzHoH1m/xkJ/LzeIAXC/JYnfdFELgGkvrZnot856nhOXIFDMfuzN4Wo9xGVxEtErgpD6/UtqhzhB7R+B8kJnH+CVgeeMQJXOptSQ5VAA8GGirtpRKROydSlom+yXe4k0nyWXImI5/8V2UBJAzB+Yw+jOF4DWwx76PjUI3FQBfR5eDUufF1ji3TfOH6Y3Ijx+n+uI1+0kyvMYsp67ZVSLQ/nbADu8EDscs6CxFLz03ggpTYdXTOXfpr1A76iuibmcJAPoQ== Received: from SN6PR01CA0008.prod.exchangelabs.com (2603:10b6:805:b6::21) by SA1PR12MB8948.namprd12.prod.outlook.com (2603:10b6:806:38e::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8901.22; Sat, 5 Jul 2025 07:17:32 +0000 Received: from SA2PEPF00001506.namprd04.prod.outlook.com (2603:10b6:805:b6:cafe::99) by SN6PR01CA0008.outlook.office365.com (2603:10b6:805:b6::21) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8901.23 via Frontend Transport; Sat, 5 Jul 2025 07:17:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by SA2PEPF00001506.mail.protection.outlook.com (10.167.242.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8901.15 via Frontend Transport; Sat, 5 Jul 2025 07:17:32 +0000 Received: from rnnvmail205.nvidia.com (10.129.68.10) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Sat, 5 Jul 2025 00:17:23 -0700 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail205.nvidia.com (10.129.68.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Sat, 5 Jul 2025 00:17:23 -0700 Received: from localhost.nvidia.com (10.127.8.12) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14 via Frontend Transport; Sat, 5 Jul 2025 00:17:22 -0700 From: To: , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 3/6] KVM: arm64: Block cacheable PFNMAP mapping Date: Sat, 5 Jul 2025 07:17:14 +0000 Message-ID: <20250705071717.5062-4-ankita@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250705071717.5062-1-ankita@nvidia.com> References: <20250705071717.5062-1-ankita@nvidia.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-NV-OnPremToCloud: AnonymousSubmission X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SA2PEPF00001506:EE_|SA1PR12MB8948:EE_ X-MS-Office365-Filtering-Correlation-Id: 39c6db1e-3b23-455c-0d71-08ddbb940220 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|1800799024|36860700013|7416014|376014|921020; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?5iEEpl0vLfVfREmxUkX1loE6n94TBbRHtElJ7ULFbxmejvoE/FiQXqISiFgG?= =?us-ascii?Q?FWKfSoriA7gbS6olnZ78phFko39zL2jxbVxkNRqolJCHN39vpqm/jfdVf/A1?= =?us-ascii?Q?SKjmg7A4UMwq8z7DpEcxc//lFuzJIVO5BFl6t+nEew+ThZI94Rd9Xh0LA7HQ?= =?us-ascii?Q?sKSL1TLTJW58CI40H3U/aMd0KIuN9lUwt/tpBi1c7d6zdt3xohtfMo4SPh8E?= =?us-ascii?Q?LVbc2KGCC0hqZU3TKA21o7Q1dOJ3HVOtAINaMUY5FxAOmZ3q0E8nmlJ4patx?= =?us-ascii?Q?KZWnyylhg5xf7YJLpuyqo81hfsz6H1JROnjhCQTIbsDAo4AP5A3hCuVYN04P?= =?us-ascii?Q?n27zW6yXFbSN+oQ/xDHBTaDksFTa/4fA49j3rlItWDS4Fp+wSqUAwqEnLfF0?= =?us-ascii?Q?TIPqJBWriPA8s1c8fJ/PQi+xLl39L7yUxOYH+vfHLqcE+YaqnO+f2D/VD/Rw?= =?us-ascii?Q?XnTZO7XZitD0JFqjEyKpBFtoZa+vlH9zlfx7qZ2xvUSV6wrlp/HOs7aiSxwt?= =?us-ascii?Q?m4n/TNL9ZkgXbEhgZYsTqkvTT10gFwEvpbSuEdLxpmfqovmtqVQgDj9OklWU?= =?us-ascii?Q?pKAd3nu+4bSZfCqB3Yd1BtFrKtRp88AQWOYhEKtzUqrM2bwmwOrPZBN+JUFS?= =?us-ascii?Q?JCWhGbgo9ygqAsk3o1zWdyXk3Tlm+J/1UA95fm69r7E+bTrt3uQmjVWyx6Wp?= =?us-ascii?Q?3A16SAp6tDVFPxesH7bG79/Ekfn0XU/G59psev9M6F9Mfkz4n2LdrDVdv3AN?= =?us-ascii?Q?NgNG0X7jbHJAsF80kQkCiyylbrCKTPT+JI+QcwVM7oLzOdhjJ7dz5NJxz9s8?= =?us-ascii?Q?Uj80CvPPwMmLN6HnDCZVFPBYyf+7VkKt7H5W5hA9fEPk564x/VUcfJ9OgQDj?= =?us-ascii?Q?aRPTCDnTJnrBrsQGwaCwtAeH5nUKHnSSTztQQCBPPXxapVqabYXvrUS0q7YS?= =?us-ascii?Q?h6Z96A6haF4TwyJIHbzJrqIX8H9LQNkcd7dqWYq5YFXfS9leBJQkSVY+pbAA?= =?us-ascii?Q?75BFPpomgN8xggusc/PlUtqKLkcnT7+7ZHXeMQO07tgALpihXvvPb9w31/xV?= =?us-ascii?Q?0rdbmGVCueNTxsTfRgaecHMZFNulDgc0DDH5pPXKj1iR29brqIACobH7PnYx?= =?us-ascii?Q?ys9zlAerdwPJJcjnCSWWuq1lCz8A4edxHfSyG1a6N1ddl+ULpsgw5Lp7uYhl?= =?us-ascii?Q?qW29qYpywPeUS2B7COaLgYdzn/LATogpZfpFG8X4Mqo9eMs6XcBaq06HQu6c?= =?us-ascii?Q?4ppGDwK1obiZya1YCHC06k+2zlobMSuPI8sQ9bhUgXHHmqcTY7gITL+bd109?= =?us-ascii?Q?MUGU/cKJQRbJOHx718R+A7Ap3AhKttw4OGvbrXcFuxxGxMpcepUkq3u8Tnvn?= =?us-ascii?Q?uflTbCFkHw8Go55vByJMlJCgbQp0OSoova2r+e7zLWEnh2kEN60Y5kwbmUjG?= =?us-ascii?Q?Ea+iLaNmJ1vIjm/anBU/hEjHv8t20yYkuLAXf5cR/x2r6d7JSwOTTxVu34vn?= =?us-ascii?Q?TYqhiSQpIvgvMa17Nh1P2S77Q3vF95fRuHD5dd3GsoGTRJLfDv79xXaAPw?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(82310400026)(1800799024)(36860700013)(7416014)(376014)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jul 2025 07:17:32.1053 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 39c6db1e-3b23-455c-0d71-08ddbb940220 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: SA2PEPF00001506.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8948 Content-Type: text/plain; charset="utf-8" From: Ankit Agrawal Fixes a security bug due to mismatched attributes between S1 and S2 mapping. Currently, it is possible for a region to be cacheable in the userspace VMA, but mapped non cached in S2. This creates a potential issue where the VMM may sanitize cacheable memory across VMs using cacheable stores, ensuring it is zeroed. However, if KVM subsequently assigns this memory to a VM as uncached, the VM could end up accessing stale, non-zeroed data from a previous VM, leading to unintended data exposure. This is a security risk. Block such mismatch attributes case by returning EINVAL when userspace try to map PFNMAP cacheable. Only allow NORMAL_NC and DEVICE_*. CC: Oliver Upton CC: Catalin Marinas CC: Sean Christopherson Suggested-by: Jason Gunthorpe Reviewed-by: Jason Gunthorpe Reviewed-by: David Hildenbrand Tested-by: Donald Dutile Signed-off-by: Ankit Agrawal Reviewed-by: Catalin Marinas --- arch/arm64/kvm/mmu.c | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 5fe24f30999d..68c0f1c25dec 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1465,6 +1465,22 @@ static bool kvm_vma_mte_allowed(struct vm_area_struc= t *vma) return vma->vm_flags & VM_MTE_ALLOWED; } =20 +/* + * Determine the memory region cacheability from VMA's pgprot. This + * is used to set the stage 2 PTEs. + */ +static bool kvm_vma_is_cacheable(struct vm_area_struct *vma) +{ + switch (FIELD_GET(PTE_ATTRINDX_MASK, pgprot_val(vma->vm_page_prot))) { + case MT_NORMAL_NC: + case MT_DEVICE_nGnRnE: + case MT_DEVICE_nGnRE: + return false; + default: + return true; + } +} + static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, struct kvm_s2_trans *nested, struct kvm_memory_slot *memslot, unsigned long hva, @@ -1472,7 +1488,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, { int ret =3D 0; bool write_fault, writable, force_pte =3D false; - bool exec_fault, mte_allowed; + bool exec_fault, mte_allowed, is_vma_cacheable; bool s2_force_noncacheable =3D false, vfio_allow_any_uc =3D false; unsigned long mmu_seq; phys_addr_t ipa =3D fault_ipa; @@ -1617,6 +1633,8 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, =20 vm_flags =3D vma->vm_flags; =20 + is_vma_cacheable =3D kvm_vma_is_cacheable(vma); + /* Don't use the VMA after the unlock -- it may have vanished */ vma =3D NULL; =20 @@ -1660,6 +1678,14 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phy= s_addr_t fault_ipa, writable =3D false; } =20 + /* + * Prohibit a region to be mapped non cacheable in S2 and marked as + * cacheabled in the userspace VMA. Such mismatched mapping is a + * security risk. + */ + if (is_vma_cacheable && s2_force_noncacheable) + return -EINVAL; + if (exec_fault && s2_force_noncacheable) return -ENOEXEC; =20 @@ -2219,6 +2245,12 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, ret =3D -EINVAL; break; } + + /* Cacheable PFNMAP is not allowed */ + if (kvm_vma_is_cacheable(vma)) { + ret =3D -EINVAL; + break; + } } hva =3D min(reg_end, vma->vm_end); } while (hva < reg_end); --=20 2.34.1 From nobody Tue Oct 7 21:28:44 2025 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2044.outbound.protection.outlook.com [40.107.220.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 06787289362 for ; Sat, 5 Jul 2025 07:17:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.44 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699866; cv=fail; b=isy9wbk9adBy9YehRpe4beAHFnabmxchGUM3s9GVXZsQMvNQ0bNV01+cuEOjuqsDExC0C3sl+jcf13U2gmQfbK/5EUBI6+bJrP7wp/P/FlaRqFhPTeEQzwTNtVgx9OqHBHaxPHVDYUIu5pUmqIPLWIpmwiSeWe5ka+Es1lBz5FA= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699866; c=relaxed/simple; bh=caAI5RvBrpCbzu5oifxN1D6XhDhiMDImLC4X82fvg60=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=StJJ1E7Cj4V1S0X1lECoiO+3JwSoqbNMksgH9UvkiZw82eoGOtfKh4j7iDFREcTvhxNLIbIYo0i40ShFyIvWqPz2BWjL0/1pzWaBs8UPNvdn8Fa+SNzFwIzHVhtxnnrk1ILpIt9o/q2IhmcXrVmN+iUFdg4SNdAoSoiqk996VY8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=JcD8Jkyt; arc=fail smtp.client-ip=40.107.220.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="JcD8Jkyt" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=W7Is6OZx2Ty0bnZJ51atR1CO69DN7IwstiCXYwfSMgROXLOG2a+SowW/ODbOFgLqpbz3ZZT52R8/sOOx3H+JjrOXJB4HNwkT/mqJbidqVd5h39vMnhUQaYcJ7J2IsNvMeaMznZkdAIVOuwr1x/Z8O+mO6mAtWEYv6AGG/KuKVSuAfBO+9h9AI6Nrr4n3MHHJigRipqGWIMY83dy9MkT7Q3ljTwUUezqJBWUiCdLeBBBsdO4NGWzfdFrU5WU6L1me9MiDHWTxTrdOLqV9tqkzobE3SyMy8U86/5sW7VCkEklAxp3EJVgacHrUZXZEs/5RgJyMlKe3i7EWPxtYWNwkAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Uhyk0WS7NJEGskL2nmwEjBuVp3P+Ge77e5+erWJeAeY=; b=C/9+55yYZNjMVCFmhe8vQbmlkw1VNTWNkkqCiQIEgFmkGiZ6GAT7sOg/dGV3YxGZoF28UkwVGEXvLEisMx/7xFa1odkdLQKSOikTa9YbLhcMVgCqu5PigrkibareEHuNuoFNFpToD95rt70wsZyTE4tpI2EU3gKHN/4bHEeGpyMcRNUBdU2O9VACV8FeJFC6z+06+BD6+bA5QVgDALK53yIR85O8bTvo+23NLnHtAGpgazenLzMSdPfYE7s5yoTAyZaYzKj+6d8VuL8OCR+BvNYbYkUOTY52b1a0uRWPvf2vAUuLHvgRmYKr553J1ZD9QclsvrPecjurzD8kBUADqQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=redhat.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Uhyk0WS7NJEGskL2nmwEjBuVp3P+Ge77e5+erWJeAeY=; b=JcD8JkytsWzqLuG+SwTyBu7nht+bOLAtxDZOlYWC0YMtD9J4pPIZFT01lw1Dh9eQCLpoGQaADLTZn6yk2KLa5t6ejU4xlvvkthCY770hgBAbo1Xi098PT49JEW/XXCXQLdKh+yFeVvbCVulGxUs/tiqyKBWiqi9GdeSqClj4DrDJEFakqs7sW1mUduDm6LIl4JfP0hkoOw7P0cQT/KflfACKK2aeHrPgnqNtLW39pWL19RlCSgveoDLOT67tonZnCaM+azPkLhBMYKx+Mevd6idwbR7vrAFm22bXAgqONwbI0v8iCJ0GErVTyR6sdQI8j/i4u0XoRREt7H00NfcZBg== Received: from PH7P222CA0024.NAMP222.PROD.OUTLOOK.COM (2603:10b6:510:33a::24) by IA0PPF12042BF6F.namprd12.prod.outlook.com (2603:10b6:20f:fc04::bc8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8835.28; Sat, 5 Jul 2025 07:17:39 +0000 Received: from CY4PEPF0000FCC1.namprd03.prod.outlook.com (2603:10b6:510:33a:cafe::e0) by PH7P222CA0024.outlook.office365.com (2603:10b6:510:33a::24) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8901.24 via Frontend Transport; Sat, 5 Jul 2025 07:17:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by CY4PEPF0000FCC1.mail.protection.outlook.com (10.167.242.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8901.15 via Frontend Transport; Sat, 5 Jul 2025 07:17:38 +0000 Received: from rnnvmail205.nvidia.com (10.129.68.10) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Sat, 5 Jul 2025 00:17:25 -0700 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail205.nvidia.com (10.129.68.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Sat, 5 Jul 2025 00:17:24 -0700 Received: from localhost.nvidia.com (10.127.8.12) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14 via Frontend Transport; Sat, 5 Jul 2025 00:17:23 -0700 From: To: , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 4/6] KVM: arm64: New function to determine hardware cache management support Date: Sat, 5 Jul 2025 07:17:15 +0000 Message-ID: <20250705071717.5062-5-ankita@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250705071717.5062-1-ankita@nvidia.com> References: <20250705071717.5062-1-ankita@nvidia.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-NV-OnPremToCloud: AnonymousSubmission X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC1:EE_|IA0PPF12042BF6F:EE_ X-MS-Office365-Filtering-Correlation-Id: 9b3353f2-8691-43b7-9329-08ddbb9405d6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|1800799024|82310400026|376014|7416014|921020; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?3i3dsep6nqb/EzRuB/Zzkko2A2eq5TUe5bVmthox8QsX9kLYmF7bfXN9P/kl?= =?us-ascii?Q?Ak8nne2GhyW/vxQ2KNLkzRpzWTv5do8+rLohRTephi0apvpXE2mukeO4xVVu?= =?us-ascii?Q?pl1FMFNjBWgtc9G1he6oRXqCXWC3I08MjSN+N5ZHqyH6rzIJo+8L/L3lo3Q+?= =?us-ascii?Q?sKmlMlUMfEhOTmHwU2ZbMIid552Jdwz9RVzjhb1ifOxTWc9/dw4lgnNGXG3I?= =?us-ascii?Q?Wxyezhf8hbRaDUBqSd+1zxu43pmKYpp5UWr5pJ6twH4dSdAm0h9tdaPy7a5C?= =?us-ascii?Q?4wJ1u//Xm6KDxavG+dfyVnLDW7wF/p8wxiUeusFOhKLVepYx/+VM2/B8FI3I?= =?us-ascii?Q?nUuWIF+vmHUh2dEgkhjE8mN8x5gNMJYC+cjbRI4rkRd/0Uj6F1/6E06/MrOb?= =?us-ascii?Q?cSEUcorjjnkV22aKHz1QmuqBe9j6PXXV3+TY+i2DO50kvsKQBdUJEoer8V9J?= =?us-ascii?Q?gC79n9o/78t/JS2TFAq3kqMl5A4NM3Ts987ZZ+Xq6Qd8JH/ft9Mu9TxvpuBG?= =?us-ascii?Q?3N9RVQR8JK/4GBH2JCVy8YpeiSerfZa6QI1ozcbyvwnTfcOMSggDAqgo7HxP?= =?us-ascii?Q?vyAZAEEpQjnR3kzHm9H3DvXKDjz/69qmYgxqPHz8Wsm/vP0dwCLMFai45V/V?= =?us-ascii?Q?RcTWfPpgji4rjptXwqXFZVCKCcDyM6sKs+Si2dsUrHCMMkCXffRaX+KyItj7?= =?us-ascii?Q?FWgiE/e8EY+5DL/RYeCvfng+0xOetxvNRouA14XiUs84ucTr3D0aGsoEDAz4?= =?us-ascii?Q?AhKkruWqcPtR5cIS+MMJjsMCQJxEj41CukJ65nRE3LgaVtIerW9xdtJTl/8Y?= =?us-ascii?Q?hLZO3hesOLxrf50DAcMA6lmiood6+dMbx37niMEX8DXQnwOAnw8tEoYkwaI7?= =?us-ascii?Q?ReHqwReEpQ6RMfcfQM6o7P9BbiRM+BJAgM7xwu1fhddUXogmr+SaNV12A7/X?= =?us-ascii?Q?J+bbnWA+C6z6Fx8QfrGPCWXjG+BPzvfKOQ7t8wncglj8+gj+vmI9uIZJGRPT?= =?us-ascii?Q?iIF00nnXLRdHq9x1IWKQ5G67e2k23/aQmBRiIo3ylQw/e5mQ7j132cvTZ2fg?= =?us-ascii?Q?GhoZLqrP4G926kQlR8qXYMYA2QPVtbeRHb2lBb6My2sNnHbHfa88CXvbwymi?= =?us-ascii?Q?Z+d824zqnXRKR6ZNjwLRJFX4lqaByNWAfL61nAXAj6zg4Hu0TZIoJCVGrw5N?= =?us-ascii?Q?fYpw69d96CiSKC+83ld1a11+g56ScjXphmq9cKYVIhxvaESpWdhu7BfAdMNg?= =?us-ascii?Q?4K/icCGBKGTvhTlYKxouK9qXE29gSJEmRe3J5faoXbrB1JErTtHne8l+erBd?= =?us-ascii?Q?dtaUsq3M0TW+3ziHps++iabTAoUBJmmV/98yiBeVccq1loY30P3Q6gyG7Xdy?= =?us-ascii?Q?/CZdh5XlVB/aWfKyxMIeFAc+IFFAkBhL6YzoLIhnriLIh0iX5jex7w9weozh?= =?us-ascii?Q?VBp9e0JSMYl9N4tByReLV1HFBYz0uhxyPvltyKroX1dH19TwzwfxJUZbHL0y?= =?us-ascii?Q?qL0u6PH6uDgCuqe6W+pn1O0QWNiQHgV8yaCWHiIlA+3aIgruEyT689/1ew?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230040)(36860700013)(1800799024)(82310400026)(376014)(7416014)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jul 2025 07:17:38.3418 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9b3353f2-8691-43b7-9329-08ddbb9405d6 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC1.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PPF12042BF6F Content-Type: text/plain; charset="utf-8" From: Ankit Agrawal VM_PFNMAP VMA's are allowed to contain PTE's which point to physical addresses that does not have a struct page and may not be in the kernel direct map. However ARM64 KVM relies on a simple conversion from physaddr to a kernel virtual address when it does cache maintenance as the CMO instructions work on virtual addresses. This simple approach does not work for physical addresses from VM_PFNMAP since those addresses may not have a kernel virtual address, or it may be difficult to find it. Fortunately if the ARM64 CPU has two features, S2FWB and CACHE DIC, then KVM no longer needs to do cache flushing and NOP's all the CMOs. This has the effect of no longer requiring a KVA for addresses mapped into the S2. Add a new function, kvm_arch_supports_cacheable_pfnmap(), to report this capability. From a core prespective it means the arch can accept a cachable VM_PFNMAP as a memslot. From an ARM64 perspective it means that no KVA is required. CC: Jason Gunthorpe CC: David Hildenbrand CC: Donald Dutile Reviewed-by: Catalin Marinas Reviewed-by: Jason Gunthorpe Reviewed-by: David Hildenbrand Tested-by: Donald Dutile Signed-off-by: Ankit Agrawal --- arch/arm64/kvm/mmu.c | 23 +++++++++++++++++++++++ include/linux/kvm_host.h | 2 ++ virt/kvm/kvm_main.c | 5 +++++ 3 files changed, 30 insertions(+) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 68c0f1c25dec..d8d2eb8a409e 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1282,6 +1282,29 @@ void kvm_arch_mmu_enable_log_dirty_pt_masked(struct = kvm *kvm, kvm_nested_s2_wp(kvm); } =20 +/** + * kvm_arch_supports_cacheable_pfnmap() - Determine whether hardware + * supports cache management. + * + * ARM64 KVM relies on a simple conversion from physaddr to a kernel + * virtual address (KVA) when it does cache maintenance as the CMO + * instructions work on virtual addresses. This is incompatible with + * VM_PFNMAP VMAs which may not have a kernel direct mapping to a + * virtual address. + * + * With S2FWB and CACHE DIC features, KVM need not do cache flushing + * and CMOs are NOP'd. This has the effect of no longer requiring a + * KVA for addresses mapped into the S2. The presence of these features + * are thus necessary to support cacheable S2 mapping of VM_PFNMAP. + * + * Return: True if FWB and DIC is supported. + */ +bool kvm_arch_supports_cacheable_pfnmap(void) +{ + return cpus_have_final_cap(ARM64_HAS_STAGE2_FWB) && + cpus_have_final_cap(ARM64_HAS_CACHE_DIC); +} + static void kvm_send_hwpoison_signal(unsigned long address, short lsb) { send_sig_mceerr(BUS_MCEERR_AR, (void __user *)address, lsb, current); diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 3bde4fb5c6aa..c91d5b5f8c39 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -1235,6 +1235,8 @@ void kvm_arch_flush_shadow_all(struct kvm *kvm); /* flush memory translations pointing to 'slot' */ void kvm_arch_flush_shadow_memslot(struct kvm *kvm, struct kvm_memory_slot *slot); +/* hardware supports cache management */ +bool kvm_arch_supports_cacheable_pfnmap(void); =20 int kvm_prefetch_pages(struct kvm_memory_slot *slot, gfn_t gfn, struct page **pages, int nr_pages); diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index eec82775c5bf..feacfb203a70 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -1583,6 +1583,11 @@ static void kvm_replace_memslot(struct kvm *kvm, #define KVM_SET_USER_MEMORY_REGION_V1_FLAGS \ (KVM_MEM_LOG_DIRTY_PAGES | KVM_MEM_READONLY) =20 +bool __weak kvm_arch_supports_cacheable_pfnmap(void) +{ + return false; +} + static int check_memory_region_flags(struct kvm *kvm, const struct kvm_userspace_memory_region2 *mem) { --=20 2.34.1 From nobody Tue Oct 7 21:28:44 2025 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2050.outbound.protection.outlook.com [40.107.212.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE12E27511F for ; Sat, 5 Jul 2025 07:17:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.212.50 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699861; cv=fail; b=Nh7HGyt4W+pzDur8zaCPoQJPS6DCej8QNfYXaBsjabvCY330f6aRVy2nBIADDUeiMU0TzoEeFkSxNACOj3062RqsessqORi4SPnV+7ay3j/nxucMfe8UM/AUj9wRJDEWRSI/1YJGvB7+toYjdYNhuAfbyZIgFGG3ur7YgCF0h9A= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699861; c=relaxed/simple; bh=2pCrzMcCdN5phsPFBwyEDw71xHT5h9bzVvbwiqu030E=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=DjHgJ/gBjF2FW6jhD/vj5ZbObkciKtfcTdq6YifjNXlYKj2kk73DcIIEbujACk0yt2hQoaZjTWZCT3aHHVH5a6CmkJoID6rGyYMtfRe7xOkhN0VTiqIhnJrKy9VYXO+0svherbnJYWmK/nELm0E7Pe/aHno6yoUPsCZMZa1h6r8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=jhry3IhW; arc=fail smtp.client-ip=40.107.212.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="jhry3IhW" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=M1AnEL3CRfMQIDq3dh0ZneU31ZtV16YYLovD8e8RM/jgj5bsQzqUvrnkWisQ0F4z2+44TXqyLhLE5TrO/sRKtvAOAna7Xq1v/+a8e59nEzQcNzWN0k6af73wLsqsVMRNwbvWqtQkTkTaPZg7M36nOUNchfmLvPTKpKlzx+IagXGCqWD/6OkgB1avYejDn1A7fhZP4petMejWRTbmsR5msF0WGa6FMCRMDZkF8uzJnvm25d5SEECNzi5bp076jvKGrZBMknqeRn0wKtDCDd1sHAxQap3isfmJG0Tp4/37RetGJHoaa1mjroYbzkMsBxfKCvMT/NUddTd17QNxj8RvgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FBmnrsp6+8doKQaEX8/P420Kb2au+JtSOIq0MVEuhI8=; b=mjdXcCDz5KD9jrgtFjNDYIyIkv0khRfZSMRLl+a1nwBfr/9RZQX09zeK9dCfRIwpCWvfsEBeMUJBkhnyy1+rw+uW1uecbG4nIVGXEqblmvPtBwf57/wKhkArk3N+VdBX4LSJnXhjDEA4XYF1s1Ht2dPIatJ2ORj4aH7iiLLmZJXluVH4IFKsvE5zBvv5JLzRu8luIaVcTJqXv7PzHmmL0oKAU4HbEL3kwrmsJHz1KKWWMKIjYazFSHOePPT7PDYBNJqf9iMcy6wsOoTUKipylHiu6XtFgjcEZ7HvcoLTy3/uZOmXzYM0dbEm6ZDJk5xY6ye4j5R6j/vcl20Fwbh+zQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=redhat.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FBmnrsp6+8doKQaEX8/P420Kb2au+JtSOIq0MVEuhI8=; b=jhry3IhWCncQmYh72EiqRaVS9vkVt74Kt6dCmDxlHJFUWWbXNCDHtvnaeU/OEox/hRGdztrxoS+6rl2JgffyggydbBtRtyGXqZQ+3Ek9CFAkZhdlfe4lIxn+RQ+RlQAPlsfqVUnxrWGPMUh4xLcznc3URgqoheJDrHHkUIgwDVhqGE4aJ57naHZWP2Q3WnlYsIdjSwPeuY8+1ZrE0DROdtzukB/2Sqw8zp+R6/6KEgIZIyw6Wk+WLXl98GIzskGkFaT2ez26HNvQsIzwsG75C8nEcq608iPQ+VXzTOqKYK22QZQRHKzoKtUTjZwG5lE2x0od8KmICzEeeikrhFz5aA== Received: from SN1PR12CA0063.namprd12.prod.outlook.com (2603:10b6:802:20::34) by CH3PR12MB8877.namprd12.prod.outlook.com (2603:10b6:610:170::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8880.29; Sat, 5 Jul 2025 07:17:35 +0000 Received: from SA2PEPF00001505.namprd04.prod.outlook.com (2603:10b6:802:20::4) by SN1PR12CA0063.outlook.office365.com (2603:10b6:802:20::34) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8901.23 via Frontend Transport; Sat, 5 Jul 2025 07:17:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by SA2PEPF00001505.mail.protection.outlook.com (10.167.242.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8901.15 via Frontend Transport; Sat, 5 Jul 2025 07:17:35 +0000 Received: from rnnvmail205.nvidia.com (10.129.68.10) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Sat, 5 Jul 2025 00:17:26 -0700 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail205.nvidia.com (10.129.68.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Sat, 5 Jul 2025 00:17:25 -0700 Received: from localhost.nvidia.com (10.127.8.12) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14 via Frontend Transport; Sat, 5 Jul 2025 00:17:24 -0700 From: To: , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 5/6] KVM: arm64: Allow cacheable stage 2 mapping using VMA flags Date: Sat, 5 Jul 2025 07:17:16 +0000 Message-ID: <20250705071717.5062-6-ankita@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250705071717.5062-1-ankita@nvidia.com> References: <20250705071717.5062-1-ankita@nvidia.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-NV-OnPremToCloud: AnonymousSubmission X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SA2PEPF00001505:EE_|CH3PR12MB8877:EE_ X-MS-Office365-Filtering-Correlation-Id: 079ba6f3-b99a-4735-4ebf-08ddbb940425 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|82310400026|7416014|36860700013|376014|921020; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?vnW4WbQoss3Qsk+Q3H9BjVgxYhW+Wh8rv/Eh7osuIvnw4vaw5l5lWvkxYO2M?= =?us-ascii?Q?0UW24DderNX3OPUQE+1Fse6QKkW0XOBwJI6bazCEY7hpBEjv4Bqa0fbBzAk8?= =?us-ascii?Q?vY9MwCY02oz2ULa2ZQIaIUkLybDp8yLbtppKgcjzNom3PtBDi/1ysDdPuHHj?= =?us-ascii?Q?fQfvB7TWFoib1dXPcn3gb7AWGl57jBwq+GheaB10OujIlzS3qoJaeR5J6Aey?= =?us-ascii?Q?j3k3hgK93x9Q/BEsnmeXJhNhtys3hJodmnnJB/0/OMZ7cgUQK2jrD/CLODVE?= =?us-ascii?Q?D3pffbL7TnWbRlfppR3mohs6j1xbYcnNjjnkQmfKPgfDiAbHzKkj5MNn87kq?= =?us-ascii?Q?7qMwb3dBoQPrT3mXEwg+6cdRSnDogn2ELXPK/v628r3tq9HV2rQf0wxNy8XX?= =?us-ascii?Q?St0IMJaiZRPjyjcggCa8q2Tizu5JHBywRE8yC4+nhOdkNQCnmPwvF8jd5GWf?= =?us-ascii?Q?hJrcYnzNBgcHt8z7MBfez0IC4TbBRNX9Ku1YMOwAKB4ybCjp+FSe/0xAr3bm?= =?us-ascii?Q?GNApmYHbx18W1q4hAnxtZ5cj9J3gHwQvgz+pbT24pCkr+UEpRAmgIeY9JsIq?= =?us-ascii?Q?jEhfDONkQRHKcJJ1rWwaxycVmiyjDIwmNlKMcgt9ImXRZy1an0oolZo3H6P9?= =?us-ascii?Q?kAJeVJeduLgkFa7xZNuXnq3wDSUZ4HXrP+pMkWiRmmh1NHxi4z20Qlx0BGDJ?= =?us-ascii?Q?9dmVpkqqxF5eVh3bRQykqMpYjHAYyDjtyHAHrn+3WMJKyuFhFeSIPFYecRMn?= =?us-ascii?Q?nUC+/3W5HfLlOLsYHhURuXzdMAn+rd/ZYbfCHgB2VdL4qoeJyQsoDu4EVXax?= =?us-ascii?Q?OyCozrHT4LjcCNc5uhQQjotuey8v3SofMIuOB70b6c4T3UnIx3nf5MYXVYT/?= =?us-ascii?Q?q6Y6QINf7b5urQ/qXCJz1ciWIdP+vn9Hkx2tGTjo/2ebF9c9yx4OWAAg1xKB?= =?us-ascii?Q?j4kF10YhOJqg+DxauioB705JlaiAEu+ujm1FPmpnzBnoiuwGHEoI0zrZtyKc?= =?us-ascii?Q?+Qd1fmi6j7TYUh8KVsz52+YEG30DfUgQXBzSzjRfSv+DSMNcuRxKR00gHZdJ?= =?us-ascii?Q?8mTsrcsQfuGx30tZFv6gUdEleHo0yGs1jVV4w2rnwK7sl9UpBgzJ/2TIhYni?= =?us-ascii?Q?MJtqkd+L1vKlOeYYZ2G/Yt6QeWF2yo2AThdspw2ivsdqPIQ2GddJCxPCIW78?= =?us-ascii?Q?wWflPw6Qq0mZr1y/hky+GGquUy6kL4TbsgOyTBSJbyJK6R7TFgSs2IZn4XO6?= =?us-ascii?Q?Q7OZO3+lTLphcgUZIFL2N2SOJxRNO9arDjOOHhEd6vLhQtFfsXh1bulUXUah?= =?us-ascii?Q?hEeJwl97daqKbT2m/djV/rqM7QMOvZ6oB66QnJIczk7O33XsthvdOYfL2tAu?= =?us-ascii?Q?X4rvr2JmkhHmH8h7xwyiuMplQcJqglitPzAQZpaLTgrS5ATB2ugCoP46bYeJ?= =?us-ascii?Q?xtJO+AzSxMtK2RwJtPtJNDnH3G3wwt0UYpFIGAAVAIvXeKXtTg1C4cxSAszl?= =?us-ascii?Q?MTtAcsimzVscYSuvGzzOjwkoFx5F1GtPJA0JvR/tnmmd96uGndiQmVWUSg?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(1800799024)(82310400026)(7416014)(36860700013)(376014)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jul 2025 07:17:35.4943 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 079ba6f3-b99a-4735-4ebf-08ddbb940425 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: SA2PEPF00001505.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB8877 Content-Type: text/plain; charset="utf-8" From: Ankit Agrawal Today KVM forces the memory to either NORMAL or DEVICE_nGnRE based on pfn_is_map_memory (which tracks whether the device memory is in the kernel map) and ignores the per-VMA flags that indicates the memory attributes. The KVM code is thus restrictive and allows only for the memory that is added to the kernel to be marked as cacheable. The device memory such as on the Grace Hopper/Blackwell systems is interchangeable with DDR memory and retains properties such as cacheability, unaligned accesses, atomics and handling of executable faults. This requires the device memory to be mapped as NORMAL in stage-2. Given that the GPU device memory is not added to the kernel (but is rather VMA mapped through remap_pfn_range() in nvgrace-gpu module which sets VM_PFNMAP), pfn_is_map_memory() is false and thus KVM prevents such memory to be mapped Normal cacheable. The patch aims to solve this use case. Note when FWB is not enabled, the kernel expects to trivially do cache management by flushing the memory by linearly converting a kvm_pte to phys_addr to a KVA, see kvm_flush_dcache_to_poc(). The cache management thus relies on memory being mapped. Moreover ARM64_HAS_CACHE_DIC CPU cap allows KVM to avoid flushing the icache and turns icache_inval_pou() into a NOP. These two capabilities are thus a requirement of the cacheable PFNMAP feature. Make use of kvm_arch_supports_cacheable_pfnmap() to check them. A cachebility check is made by consulting the VMA pgprot value. If the pgprot mapping type is cacheable, it is safe to be mapped S2 cacheable as the KVM S2 will have the same Normal memory type as the VMA has in the S1 and KVM has no additional responsibility for safety. Checking pgprot as NORMAL is thus a KVM sanity check. No additional checks for MTE are needed as kvm_arch_prepare_memory_region() already tests it at an early stage during memslot creation. There would not even be a fault if the memslot is not created. CC: Oliver Upton CC: Sean Christopherson Suggested-by: Jason Gunthorpe Suggested-by: Catalin Marinas Suggested-by: David Hildenbrand Tested-by: Donald Dutile Signed-off-by: Ankit Agrawal Reviewed-by: Catalin Marinas Reviewed-by: David Hildenbrand Reviewed-by: Jason Gunthorpe --- arch/arm64/kvm/mmu.c | 61 +++++++++++++++++++++++++++++--------------- 1 file changed, 40 insertions(+), 21 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index d8d2eb8a409e..ded8a5d11fd3 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1681,18 +1681,41 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, ph= ys_addr_t fault_ipa, if (is_error_noslot_pfn(pfn)) return -EFAULT; =20 + /* + * Check if this is non-struct page memory PFN, and cannot support + * CMOs. It could potentially be unsafe to access as cachable. + */ if (vm_flags & (VM_PFNMAP | VM_MIXEDMAP) && !pfn_is_map_memory(pfn)) { - /* - * If the page was identified as device early by looking at - * the VMA flags, vma_pagesize is already representing the - * largest quantity we can map. If instead it was mapped - * via __kvm_faultin_pfn(), vma_pagesize is set to PAGE_SIZE - * and must not be upgraded. - * - * In both cases, we don't let transparent_hugepage_adjust() - * change things at the last minute. - */ - s2_force_noncacheable =3D true; + if (is_vma_cacheable) { + /* + * Whilst the VMA owner expects cacheable mapping to this + * PFN, hardware also has to support the FWB and CACHE DIC + * features. + * + * ARM64 KVM relies on kernel VA mapping to the PFN to + * perform cache maintenance as the CMO instructions work on + * virtual addresses. VM_PFNMAP region are not necessarily + * mapped to a KVA and hence the presence of hardware features + * S2FWB and CACHE DIC are mandatory for cache maintenance. + * + * Check if the hardware supports it before allowing the VMA + * owner request for cacheable mapping. + */ + if (!kvm_arch_supports_cacheable_pfnmap()) + return -EFAULT; + } else { + /* + * If the page was identified as device early by looking at + * the VMA flags, vma_pagesize is already representing the + * largest quantity we can map. If instead it was mapped + * via __kvm_faultin_pfn(), vma_pagesize is set to PAGE_SIZE + * and must not be upgraded. + * + * In both cases, we don't let transparent_hugepage_adjust() + * change things at the last minute. + */ + s2_force_noncacheable =3D true; + } } else if (logging_active && !write_fault) { /* * Only actually map the page as writable if this was a write @@ -1701,14 +1724,6 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phy= s_addr_t fault_ipa, writable =3D false; } =20 - /* - * Prohibit a region to be mapped non cacheable in S2 and marked as - * cacheabled in the userspace VMA. Such mismatched mapping is a - * security risk. - */ - if (is_vma_cacheable && s2_force_noncacheable) - return -EINVAL; - if (exec_fault && s2_force_noncacheable) return -ENOEXEC; =20 @@ -2269,8 +2284,12 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, break; } =20 - /* Cacheable PFNMAP is not allowed */ - if (kvm_vma_is_cacheable(vma)) { + /* + * Cacheable PFNMAP is allowed only if the hardware + * supports it. + */ + if (kvm_vma_is_cacheable(vma) && + !kvm_arch_supports_cacheable_pfnmap()) { ret =3D -EINVAL; break; } --=20 2.34.1 From nobody Tue Oct 7 21:28:44 2025 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2056.outbound.protection.outlook.com [40.107.237.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A07D288534 for ; Sat, 5 Jul 2025 07:17:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.56 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699866; cv=fail; b=B5tPsKJg20Cc5vpIXA2UHMQNwnKFCBhXzfdbNokXguqIDBL4Xo3o1SiIITK8xUdE60GXMW5sc4q6hIotBbX5J5iXoPSQ8j10uAy8+5MScjgMTd/fR5wLViQIfunF/0A9kZHWcZn3YKrcQd3XbMHk8PIYVLXAgGNil+01T4X0gZ8= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751699866; c=relaxed/simple; bh=aOkMKc69mAv+aG1DKjrAA8VaFwTqhtXAyarylE+Sg5M=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Z5Hr7/gFwmpPzPbFShcG1xrCDgBBiri4K6XTsKUX15Qk2x5+/4vogBd7zQEuhYz+UYXA7Mba47gLrQ1VdQTSxGT07DKbvmLjsQlmuZCTxL1b0TG9ADB6lm4Wdw2MWMkTheVj+Qls5XGysbXXHBlQ2opUvtHlNDh94gfL/J/sNEE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=rVeKoCOY; arc=fail smtp.client-ip=40.107.237.56 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="rVeKoCOY" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=f16ZxVriWcCmlWGR1unensQBkJFHEUa2+UGbzs6R04mbe3QHQiQHB7xZ+2WnQvMH/M3ElAQva7mT9GWR7ZXDNONscSMoz+I8FyfOlxoTLPXXwo0l8zM9qsWMBT4ui78pHY2hJ732Op/oBw1jnA8Zga1Ukf/hoFA122r3uwJuaNx/Ncv+XcoP6YcjxlaUJHB5g4PY3/hUIIV5SyFKaedtuDzl9W+YSamGl6ZImullSAZ5LO/0B1H80y7qwKJySs7/q/aKZ8T192ascfVoKVzpUaTuO629WjO0OM7dbrb2yvfQhIOHdSGR1tTKoFb5GdhA6TVGGlEbTF/ClGoBNHhDog== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9BTGKYCMzZAm7U1kHldoTJky4SHTDmrEgJiQss8H/t0=; b=ZB1bOfTkxENe00XsC7ShE4g2lWHPURCwE6kvV+y5V8saC462dQWl/gg+t+aR6VRiWIc5pRm6Kl2Zr7GrBW7QzkJ61o/Q/ecNKMfuCXWSVs2zRjQNLNt9VXVL5eejBdHF2iHLu13bLO/908kekPWR5xhuNZxNmGbEnHnTyi8n2Zqi9ZP8XpPNXWxQuIaK5sEUW0SeICbW/iTv4GI/SWImRGNt4IHMgTdbqsV3JXdS3yzaPMAimvRybWyzPzEPPJJzvt41P4ckMsYB8ylxDBnSRZHIL5h2hST0UsVEuV90gL0mFUm8O/cw8qkHzYJqv/hNO55sXMiq4h1OZPGxghfGYg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=redhat.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9BTGKYCMzZAm7U1kHldoTJky4SHTDmrEgJiQss8H/t0=; b=rVeKoCOYG62auxln06uQY6tFTxkExOJRSvgwPXvMtJNV7775vv+GwlnaxiO6MzVv4taKE19GQvZ3dOnA22nWEpl5v5f23wpgDCrQcgrHl1DXbyX87DB8ukohq6a39uT1zujBhp1HJZhYVmJdVuEz3OfLEe4+ygivRtMfvFbea5Xn1Xf4Nyrv9ZguTvxUihfuIwECRIN7rNY3HcBaTQe3FvJv4xkTQdYFDT568gNT729sxFfgi4dXpEOpgftPHrNpCz/whELxkiMHYwdCC+CH8LY4yQVgT7C329ror73n0AWIdO7tTTHwDX69hducU5ABpwrVP88K6xSadLXMoPtRpQ== Received: from SN1PR12CA0046.namprd12.prod.outlook.com (2603:10b6:802:20::17) by DM4PR12MB8451.namprd12.prod.outlook.com (2603:10b6:8:182::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8901.22; Sat, 5 Jul 2025 07:17:37 +0000 Received: from SA2PEPF00001505.namprd04.prod.outlook.com (2603:10b6:802:20:cafe::5f) by SN1PR12CA0046.outlook.office365.com (2603:10b6:802:20::17) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8901.23 via Frontend Transport; Sat, 5 Jul 2025 07:17:37 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by SA2PEPF00001505.mail.protection.outlook.com (10.167.242.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8901.15 via Frontend Transport; Sat, 5 Jul 2025 07:17:37 +0000 Received: from rnnvmail203.nvidia.com (10.129.68.9) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Sat, 5 Jul 2025 00:17:27 -0700 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail203.nvidia.com (10.129.68.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14; Sat, 5 Jul 2025 00:17:27 -0700 Received: from localhost.nvidia.com (10.127.8.12) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.14 via Frontend Transport; Sat, 5 Jul 2025 00:17:26 -0700 From: To: , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 6/6] KVM: arm64: Expose new KVM cap for cacheable PFNMAP Date: Sat, 5 Jul 2025 07:17:17 +0000 Message-ID: <20250705071717.5062-7-ankita@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250705071717.5062-1-ankita@nvidia.com> References: <20250705071717.5062-1-ankita@nvidia.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-NV-OnPremToCloud: AnonymousSubmission X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SA2PEPF00001505:EE_|DM4PR12MB8451:EE_ X-MS-Office365-Filtering-Correlation-Id: 156b0b90-04fc-4b70-ca26-08ddbb940541 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|36860700013|82310400026|376014|7416014|921020; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?7mq5rqkDF9/PJhCouC0nO2d8H2IRBRbQBgejhAi0t+Q4XC6wzAp1CTtMuvcM?= =?us-ascii?Q?wNzBBTvgzRzQbcopuixvRy670rdCF8izJ2ncCVRIjljZOZjv2Wh+ZkkZ6HIN?= =?us-ascii?Q?YMMmhh8DCS7rntcqBNsDYeeGnHVth3LGm6YVtuAOzwHUlg+qCQ3tWLmdEzhf?= =?us-ascii?Q?s6kg+kjeK5ea43HmSZZQulS5S1nthlrjLhjedfGaBJh85ym+i54Gla6A81d/?= =?us-ascii?Q?55VXqtky9c4Yz3yGKnH77TmBz6jQWi3uynfyEdr1RWrw3DWqPiIPWtCSY/dd?= =?us-ascii?Q?1A7zb90QBtINe5lktqIGKnuDz9nTLQ1H4aanJkpDRbw4vo1MmV2nAZXIUblH?= =?us-ascii?Q?TCsY/bRKoEtRC520Dwf41lvw8PxgH9TSZ1DOEV0zER1k+fTnoPizFmP0eU6M?= =?us-ascii?Q?R/cRq5VoZRxUc6v8ZfGaBDp+nI4RxtURTZ/MM4O9X6syRaqafYSfBDh8Rk4+?= =?us-ascii?Q?SgRDJtyR0kueILLhTfQ/3gbQTs6/uxSCkFk9pYvYad+QTdG5zO7O8psvPwvY?= =?us-ascii?Q?FXRlyMpRbI/7nTHL39NwtM4inQYmoU4zoh/XTzzFYWz1wE8cYv+7T2TuWfQn?= =?us-ascii?Q?98N111GU0aqHEpvOZKZJ4Zzl5v6HiBbDcBsRQX76T+b1/dUQ324uR6iqRDmo?= =?us-ascii?Q?Fj3WRJx9/H3uTmZie4fzm4rxndpRiO/77gj1Abk61SxuJEIcD3nnw3eVh0CO?= =?us-ascii?Q?iFR54ZchiQ23CW4l0FIIPkl2FbO0bVwTtgFgQx109vdhdDhmu2XFzHhl4dCV?= =?us-ascii?Q?6INQAdwhAGROG1lSa+/9EMqCyrMp5VUBv5dOhpGYEnwFmO2gCzpOVFDPqxyS?= =?us-ascii?Q?tvl37ctKz6DYztVbDskmSgv4trzOWdIcDexjjpN+3RYLE/lkj9ge7/13erT9?= =?us-ascii?Q?VtMXM5qK+0HAhjxSXdW62GNCT8t6ywRuyRWWhMMrrvRAM5Sdh0SlGtBKzjEa?= =?us-ascii?Q?zsBgaN47A2Htsua8k1xiospeE58aZ4595KAfanTb5Hp2k7CN/gki+sX/iiP+?= =?us-ascii?Q?Dd0/PSID0H5UrUkjIZ8ZhWOn4VbjE92K3FoQJDYbHeyD+bB8tytRHhIwJZxh?= =?us-ascii?Q?ApMOEnVb7XuMVugU8jAXqNrgtqYgKuoNOE38O0kZBnbRKIVemJZq6tIG6WFP?= =?us-ascii?Q?KzOeA6s2tQQGwmNhnDtA5pGOjR3zd3hqrgg96MbsIn9lK+VYCE2TbLCWecvY?= =?us-ascii?Q?WRlwiadKvdkxb4ZGhA+cFurWd0aJVrG+d2UB0J0sJc0sZ6N54sbyE/YZcEaR?= =?us-ascii?Q?m9I9weQXGZw/3U0bxtVNJop9ELMh2HMo5i/O21DuI11W8dF68F2WeVuzWlzb?= =?us-ascii?Q?F9tu5O6UNFDcUO1pi8w9jxYSM6Y5Km9IZTCA+isquEV6lmsa3Fqgv/rjtP59?= =?us-ascii?Q?PfV6Sa2gYxvblJnNnJUGPrJWXjNXV0z40CR+yA7l9GC5DYwu1kEtsowVqSGS?= =?us-ascii?Q?ErnYCqra7x1yB0Bs3ata0TfgFQ3eEXcmafmVt67B55wVX0Ctv4CfhF7xqloR?= =?us-ascii?Q?Q/8RidHhenqaK46G/2N+AICeF1wttl3tEutda+IFKz5O3Rkszbewx4DB/Q?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230040)(1800799024)(36860700013)(82310400026)(376014)(7416014)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jul 2025 07:17:37.3593 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 156b0b90-04fc-4b70-ca26-08ddbb940541 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: SA2PEPF00001505.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB8451 Content-Type: text/plain; charset="utf-8" From: Ankit Agrawal Introduce a new KVM capability to expose to the userspace whether cacheable mapping of PFNMAP is supported. The ability to safely do the cacheable mapping of PFNMAP is contingent on S2FWB and ARM64_HAS_CACHE_DIC. S2FWB allows KVM to avoid flushing the D cache, ARM64_HAS_CACHE_DIC allows KVM to avoid flushing the icache and turns icache_inval_pou() into a NOP. The cap would be false if those requirements are missing and is checked by making use of kvm_arch_supports_cacheable_pfnmap. This capability would allow userspace to discover the support. It could for instance be used by userspace to prevent live-migration across FWB and non-FWB hosts. CC: Catalin Marinas CC: Jason Gunthorpe CC: Oliver Upton CC: David Hildenbrand Suggested-by: Marc Zyngier Reviewed-by: Jason Gunthorpe Tested-by: Donald Dutile Signed-off-by: Ankit Agrawal Reviewed-by: Catalin Marinas --- Documentation/virt/kvm/api.rst | 13 ++++++++++++- arch/arm64/kvm/arm.c | 7 +++++++ include/uapi/linux/kvm.h | 1 + 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 1bd2d42e6424..615cdbdd505f 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -8528,7 +8528,7 @@ ENOSYS for the others. When enabled, KVM will exit to userspace with KVM_EXIT_SYSTEM_EVENT of type KVM_SYSTEM_EVENT_SUSPEND to process the guest suspend request. =20 -7.37 KVM_CAP_ARM_WRITABLE_IMP_ID_REGS +7.42 KVM_CAP_ARM_WRITABLE_IMP_ID_REGS ------------------------------------- =20 :Architectures: arm64 @@ -8557,6 +8557,17 @@ given VM. When this capability is enabled, KVM resets the VCPU when setting MP_STATE_INIT_RECEIVED through IOCTL. The original MP_STATE is preserved. =20 +7.43 KVM_CAP_ARM_CACHEABLE_PFNMAP_SUPPORTED +------------------------------------------- + +:Architectures: arm64 +:Target: VM +:Parameters: None + +This capability indicate to the userspace whether a PFNMAP memory region +can be safely mapped as cacheable. This relies on the presence of +force write back (FWB) feature support on the hardware. + 8. Other capabilities. =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =20 diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index de2b4e9c9f9f..9fb8901dcd86 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -408,6 +408,13 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long= ext) case KVM_CAP_ARM_SUPPORTED_REG_MASK_RANGES: r =3D BIT(0); break; + case KVM_CAP_ARM_CACHEABLE_PFNMAP_SUPPORTED: + if (!kvm) + r =3D -EINVAL; + else + r =3D kvm_arch_supports_cacheable_pfnmap(); + break; + default: r =3D 0; } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index d00b85cb168c..ed9a46875a49 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -934,6 +934,7 @@ struct kvm_enable_cap { #define KVM_CAP_ARM_EL2 240 #define KVM_CAP_ARM_EL2_E2H0 241 #define KVM_CAP_RISCV_MP_STATE_RESET 242 +#define KVM_CAP_ARM_CACHEABLE_PFNMAP_SUPPORTED 243 =20 struct kvm_irq_routing_irqchip { __u32 irqchip; --=20 2.34.1