From nobody Thu Apr 9 07:16:34 2026 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9CBA33D9DA2 for ; Tue, 10 Mar 2026 12:50:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773147002; cv=none; b=hNJy61BAv9Sg3b5X4c/7P/mRlNwqHzzrGJKNQrYeUEcDEEkgYwUrgHp8GSigELserDl8GKsrP9GJ+tkWUTHpYb3t0kOZPyrjiTPESVn4hS9S7RF2Q51s17jIt6GO341c7jmz0KmYWak50k3Bd8wB6bvYd4CI7W0v1gysIyanZGc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773147002; c=relaxed/simple; bh=63KweO9P+FBqDWP+uz4wXBFXl+Gx6XDUn+f16gacMkw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=UxILVcCymU6xT3CuDuU4ic2E56N+XsIDv8jsuASUvYM4l/ZHhxrvIgIZICJKUHgw/8XFZeLM4wGWRJg09MAKIs4tU7nB1+B0fboTqivKbbRLLHBMEYw7RvZoLSyfSQLq2OX8l/eR74uv+M669f13uYMuA3bYybhJMBU5ybWHvNo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sebastianene.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=ysEwes69; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sebastianene.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ysEwes69" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-485390246c8so25977805e9.0 for ; Tue, 10 Mar 2026 05:50:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1773146999; x=1773751799; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Mh5fFUja/4mDlRa8xj9RozoLiOFoKZimG1GpvA9+1Yc=; b=ysEwes69CEkdVBtajxm/3DJYZjDEjmwsAi1dD/p4Y3Ed0HdlbnWF3elT4U//7aRDTJ ohw7uIlusz7gF2HPiujp8CMm1aYLr1m+6TQ1hB3RPkBbkEnYPKxPUypf6m9066g3a4Cx jNiT0e+A8Gjs2+KSYJdnNeSXzihdKKKqGKIwu1N/jCwRJ7L1aPzkDwf3zapT1jmkCWEh JfpXEbNm9NC5GIfSvATNp+1P5OUh0XImFv8Km8SwhzjeowKqXy49HlbXnnLlWZpwNM/a mFYWCe3E9K88f8nQiQlJUf3CGbm9yKVvdO/iaBhsyjo2cLin2+9rzn8aVf2N+pbNH8cK oVrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1773146999; x=1773751799; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Mh5fFUja/4mDlRa8xj9RozoLiOFoKZimG1GpvA9+1Yc=; b=Cota4bRuegW745OnRCDCFH2x/rVX/7VSFPKkuYWWdTyvRvBLtdVFC+JS0ZgBoZx14x SqopEfSgN/7Z5bPvcj6HRVfTuSzeMJXuakbCKPQ5Ho5JUtv0PKBicABLMCoznN1Tss4s cQ4FguE/4zNzJBX3/NUVrs+0y6zVxwEypO+R9PKbQpb6y9mv3QH7McInS9+y5mr9eqx+ uY5vKqBpePaY1smlSaqD0ehP9BbKGj9WBzGOjmo5dbLmkh/wq8/iYgHcPhBwo69Ex8f7 dQ3JbsNuoh1JZk560Tz7OCqZulKnWv6sQlGhgy2LX3rXcJLlnjw6Ga/UZwrLXDDdpBap +O4w== X-Forwarded-Encrypted: i=1; AJvYcCUj+aqqSWkeEyNCKDOEPu3czVgnA4qREx9O8C3l5o53yXzY25MCoxcufuY/kkqMFUta2cXKQYbrFPxijP8=@vger.kernel.org X-Gm-Message-State: AOJu0YwjC67geHGo4wyLrYvmngsthcZN4LKH2suQt1D+GCf1pOA18+mx uukweTbNyU7wv0dsQuC3I3cZTRVpU1m6wT+qlAsQAc681p+KfAwYc4oGMgFgFbLLvdqcNSV9N64 QfopwRyVRBIYUB1rO8sYV3b/OM59gwg== X-Received: from wmqy3.prod.google.com ([2002:a05:600c:3643:b0:482:ef72:5793]) (user=sebastianene job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:4445:b0:483:a27e:6706 with SMTP id 5b1f17b1804b1-48526922533mr269324465e9.9.1773146999106; Tue, 10 Mar 2026 05:49:59 -0700 (PDT) Date: Tue, 10 Mar 2026 12:49:33 +0000 In-Reply-To: <20260310124933.830025-1-sebastianene@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260310124933.830025-1-sebastianene@google.com> X-Mailer: git-send-email 2.53.0.473.g4a7958ca14-goog Message-ID: <20260310124933.830025-15-sebastianene@google.com> Subject: [PATCH 14/14] KVM: arm64: Implement HVC interface for ITS emulation setup From: Sebastian Ene To: alexandru.elisei@arm.com, kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, android-kvm@google.com Cc: catalin.marinas@arm.com, dbrazdil@google.com, joey.gouly@arm.com, kees@kernel.org, mark.rutland@arm.com, maz@kernel.org, oupton@kernel.org, perlarsen@google.com, qperret@google.com, rananta@google.com, sebastianene@google.com, smostafa@google.com, suzuki.poulose@arm.com, tabba@google.com, tglx@kernel.org, vdonnefort@google.com, bgrzesik@google.com, will@kernel.org, yuzenghui@huawei.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Introduce a new HVC to allow the host to trigger the ITS emulation setup. This interface notifies the ITS driver that hypervisor initialization is complete. Upon invocation, the hypervisor replaces the initial "trap-and-forward" MMIO handler with a full-featured emulation handler. This transition enables mediated access to the ITS hardware, enforcing the verifications required for a protected hypervisor environment. Signed-off-by: Sebastian Ene --- arch/arm64/include/asm/kvm_asm.h | 1 + arch/arm64/include/asm/kvm_pkvm.h | 3 ++- arch/arm64/kvm/hyp/nvhe/hyp-main.c | 14 ++++++++++++++ arch/arm64/kvm/pkvm.c | 24 +++++++++++++++++++++++- 4 files changed, 40 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_= asm.h index a1ad12c72ebf..550dafee88ef 100644 --- a/arch/arm64/include/asm/kvm_asm.h +++ b/arch/arm64/include/asm/kvm_asm.h @@ -89,6 +89,7 @@ enum __kvm_host_smccc_func { __KVM_HOST_SMCCC_FUNC___pkvm_vcpu_load, __KVM_HOST_SMCCC_FUNC___pkvm_vcpu_put, __KVM_HOST_SMCCC_FUNC___pkvm_tlb_flush_vmid, + __KVM_HOST_SMCCC_FUNC___pkvm_init_its_emulation, }; =20 #define DECLARE_KVM_VHE_SYM(sym) extern char sym[] diff --git a/arch/arm64/include/asm/kvm_pkvm.h b/arch/arm64/include/asm/kvm= _pkvm.h index dc5ef2f9ac49..20fb2678a9b9 100644 --- a/arch/arm64/include/asm/kvm_pkvm.h +++ b/arch/arm64/include/asm/kvm_pkvm.h @@ -35,7 +35,8 @@ extern struct pkvm_protected_reg kvm_nvhe_sym(pkvm_protec= ted_regs)[]; extern unsigned int kvm_nvhe_sym(num_protected_reg); extern void kvm_nvhe_sym(pkvm_handle_forward_req)(struct pkvm_protected_re= g *region, u64 offset, bool write, u64 *reg, u8 reg_size); - +extern void kvm_nvhe_sym(pkvm_handle_gic_emulation)(struct pkvm_protected_= reg *region, u64 offset, + bool write, u64 *reg, u8 reg_size); int pkvm_init_host_vm(struct kvm *kvm); int pkvm_create_hyp_vm(struct kvm *kvm); bool pkvm_hyp_vm_is_created(struct kvm *kvm); diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/h= yp-main.c index e7790097db93..4e58e24a1eed 100644 --- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c +++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c @@ -14,6 +14,7 @@ #include #include =20 +#include #include #include #include @@ -421,6 +422,18 @@ static void handle___kvm_tlb_flush_vmid(struct kvm_cpu= _context *host_ctxt) __kvm_tlb_flush_vmid(kern_hyp_va(mmu)); } =20 +static void handle___pkvm_init_its_emulation(struct kvm_cpu_context *host_= ctxt) +{ + DECLARE_REG(phys_addr_t, dev_addr, host_ctxt, 1); + DECLARE_REG(void *, its_state, host_ctxt, 2); + DECLARE_REG(struct its_shadow_tables *, shadow, host_ctxt, 3); + + if (!is_protected_kvm_enabled()) + return; + + cpu_reg(host_ctxt, 1) =3D pkvm_init_gic_its_emulation(dev_addr, its_state= , shadow); +} + static void handle___pkvm_tlb_flush_vmid(struct kvm_cpu_context *host_ctxt) { DECLARE_REG(pkvm_handle_t, handle, host_ctxt, 1); @@ -630,6 +643,7 @@ static const hcall_t host_hcall[] =3D { HANDLE_FUNC(__pkvm_vcpu_load), HANDLE_FUNC(__pkvm_vcpu_put), HANDLE_FUNC(__pkvm_tlb_flush_vmid), + HANDLE_FUNC(__pkvm_init_its_emulation), }; =20 static void handle_host_hcall(struct kvm_cpu_context *host_ctxt) diff --git a/arch/arm64/kvm/pkvm.c b/arch/arm64/kvm/pkvm.c index a766be6de735..5399998d5235 100644 --- a/arch/arm64/kvm/pkvm.c +++ b/arch/arm64/kvm/pkvm.c @@ -6,6 +6,7 @@ =20 #include #include +#include #include #include #include @@ -62,7 +63,7 @@ static int __init register_protected_regions(void) =20 pkvm_protected_regs[i].start_pfn =3D res.start >> PAGE_SHIFT; pkvm_protected_regs[i].num_pages =3D resource_size(&res) >> PAGE_SHIFT; - pkvm_protected_regs[i].cb =3D lm_alias(&kvm_nvhe_sym(pkvm_handle_forward= _req)); + pkvm_protected_regs[i].cb =3D lm_alias(&kvm_nvhe_sym(pkvm_handle_gic_emu= lation)); i++; } =20 @@ -286,16 +287,37 @@ static void __init _kvm_host_prot_finalize(void *arg) WRITE_ONCE(*err, -EINVAL); } =20 +static int pkvm_init_its_emulation(phys_addr_t dev_addr, struct its_shadow= _tables *shadow) +{ + void *its_state; + int ret; + + its_state =3D (void *)__get_free_page(GFP_KERNEL_ACCOUNT); + if (!its_state) + return -ENOMEM; + + ret =3D kvm_call_hyp_nvhe(__pkvm_init_its_emulation, dev_addr, its_state,= shadow); + if (ret) + free_page((unsigned long)its_state); + + return ret; +} + static int __init pkvm_drop_host_privileges(void) { int ret =3D 0; + void *flags; =20 /* * Flip the static key upfront as that may no longer be possible * once the host stage 2 is installed. */ static_branch_enable(&kvm_protected_mode_initialized); + + flags =3D its_start_depriviledge(); on_each_cpu(_kvm_host_prot_finalize, &ret, 1); + its_end_depriviledge(ret, flags, &pkvm_init_its_emulation); + return ret; } =20 --=20 2.53.0.473.g4a7958ca14-goog