From nobody Thu Apr 9 07:15:58 2026 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0993940DFD5 for ; Tue, 10 Mar 2026 12:49:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773146987; cv=none; b=uUHXOheH3jHKAyGXqMbIZM6VysPgFJsHjo+u5DSyvJr8juILh2N3oXd+xbcLdRNwerjHgZUZNlqcQUrgXEHkhlxvJd43uIVT/gxCoGKFIl9FrxjZ0K1j3cDucd54aGjAvHS5kqrUTH/0boKyPpu1YdVVQX1k9SimVo5vlOEBizA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773146987; c=relaxed/simple; bh=24ri8I0HdHMqey03lI4dSqJ6RSKEZnF/Gr6nhwOJ9lg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=bJ29h/bzaRRHkycs1MYcrPYS0dULKzsbsr6CCbcgssLrsO9Kj1fpVFzwAvCApq855Zs4cPfwsmwXn4fDdmk2jXbEsiFpIwc+YMiZwQjRktkFbe8ggNGY7u9ERkBrv6eLQKwgNiR1wacxMTCEp3CGj9+OwPw0k0r9KJwUPayF+BE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sebastianene.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=OKdPyzQr; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sebastianene.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="OKdPyzQr" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-485355493aeso12552675e9.1 for ; Tue, 10 Mar 2026 05:49:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1773146984; x=1773751784; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=FjEHtrJ78MYHEp21ejNh5LanY+xm4uc/Zo9pOF+NIDo=; b=OKdPyzQrfR1pQ4uARn2of0kPsBkmzAgsd4yo2JE10tqYEEQGMeFiEBRPFBq2jdoOr0 qTJ8Gv1YIw/V9Iyhf0LZ7C2/VQh8u9PMbX9/fUKyrheca+7OdCmH9N0urvi5dVatlqQZ MRI1rXkRqRNAhTSFOlBE3kWheGG+2MnqkP24/h3U0otHheTlTUhd+7+67zHue8HJn3EV XuEDb+LqVykwTPIBnnrAvskl+ZzBXEUSdM1Ny9naAH/xNQjLBnUyqH4hhzRE4pVr90u/ uaU+LFsMXR49wvcK2aNep+XFVSsaHG9VC4MZDqX+wdrCQznlJPLEvMqANghuayGD3+T7 U2ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1773146984; x=1773751784; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=FjEHtrJ78MYHEp21ejNh5LanY+xm4uc/Zo9pOF+NIDo=; b=iwNE7BpZr8LTRjsrhmreXGTuq5fSCEbbMwVGxMxi9ZYAbjKaxDUqmPSIYgoi0wx9xT LunxeLGVYFruyQhjabTgJd8iyS29MjmUfjmUMC/8YHi0YAkN0QtQI5rCAXvyy40JGt9Z QwtnuloKtn4l5nY3dHon++kowjJf6oOuVxu1LZwXiC3rtMth4gza0Del4hDahofOx25S nT0kuyB6x8cY/0YLx7KC4l073Uv6YPAJaFYslRvIFRC0ap23FG9AoTYoVkc4HvhjkHMt +srIFMZJOxwHhjTZWcvdHhCU7WKTAyFzIGMNCAeajVwfknFDgckdPNhp2Kc3sW3ytGni RHHg== X-Forwarded-Encrypted: i=1; AJvYcCU+VvVN1ceG5AksnAXwZ2dTB4fkIOJdtD2z1SfQYNbW58Djes2FPlZY90+K/95LOyt2ppBmOhbXzOkcjdw=@vger.kernel.org X-Gm-Message-State: AOJu0Yx++lV4WFPXfw8mECq5m2ncPO3frzQAoZ0CXL+Oj+ScDdj0C45A xQwWaAvykYvqnlgrCnrYeU3xlpWRMfDtAoxU09F5pJd3NE9Vtv08waVcf/p+fZP0hqWO41kaw2Q Kfj/CYF2Jzlf890epHb1SJvKBhSbOEw== X-Received: from wmqn19.prod.google.com ([2002:a05:600c:4f93:b0:483:a1ee:5eb8]) (user=sebastianene job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:4fc5:b0:485:3b34:2f62 with SMTP id 5b1f17b1804b1-4853b343050mr131705485e9.14.1773146984437; Tue, 10 Mar 2026 05:49:44 -0700 (PDT) Date: Tue, 10 Mar 2026 12:49:21 +0000 In-Reply-To: <20260310124933.830025-1-sebastianene@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260310124933.830025-1-sebastianene@google.com> X-Mailer: git-send-email 2.53.0.473.g4a7958ca14-goog Message-ID: <20260310124933.830025-3-sebastianene@google.com> Subject: [PATCH 02/14] KVM: arm64: Track host-unmapped MMIO regions in a static array From: Sebastian Ene To: alexandru.elisei@arm.com, kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, android-kvm@google.com Cc: catalin.marinas@arm.com, dbrazdil@google.com, joey.gouly@arm.com, kees@kernel.org, mark.rutland@arm.com, maz@kernel.org, oupton@kernel.org, perlarsen@google.com, qperret@google.com, rananta@google.com, sebastianene@google.com, smostafa@google.com, suzuki.poulose@arm.com, tabba@google.com, tglx@kernel.org, vdonnefort@google.com, bgrzesik@google.com, will@kernel.org, yuzenghui@huawei.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Introduce a registry to track protected MMIO regions that are unmapped from the host stage-2 page tables. These regions are stored in a fixed-size array and their ownership is donated to the hypervisor during initialization to ensure host-exclusion and persistent tracking. Signed-off-by: Sebastian Ene --- arch/arm64/include/asm/kvm_pkvm.h | 10 ++++++++++ arch/arm64/kvm/hyp/nvhe/mem_protect.c | 3 +++ arch/arm64/kvm/hyp/nvhe/setup.c | 25 +++++++++++++++++++++++++ 3 files changed, 38 insertions(+) diff --git a/arch/arm64/include/asm/kvm_pkvm.h b/arch/arm64/include/asm/kvm= _pkvm.h index 757076ad4ec9..48ec7d519399 100644 --- a/arch/arm64/include/asm/kvm_pkvm.h +++ b/arch/arm64/include/asm/kvm_pkvm.h @@ -17,6 +17,16 @@ =20 #define HYP_MEMBLOCK_REGIONS 128 =20 +#define PKVM_PROTECTED_REGS_NUM 8 + +struct pkvm_protected_reg { + u64 start_pfn; + size_t num_pages; +}; + +extern struct pkvm_protected_reg kvm_nvhe_sym(pkvm_protected_regs)[]; +extern unsigned int kvm_nvhe_sym(num_protected_reg); + int pkvm_init_host_vm(struct kvm *kvm); int pkvm_create_hyp_vm(struct kvm *kvm); bool pkvm_hyp_vm_is_created(struct kvm *kvm); diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvh= e/mem_protect.c index 0808367c52e5..7c125836b533 100644 --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c @@ -23,6 +23,9 @@ =20 struct host_mmu host_mmu; =20 +struct pkvm_protected_reg pkvm_protected_regs[PKVM_PROTECTED_REGS_NUM]; +unsigned int num_protected_reg; + static struct hyp_pool host_s2_pool; =20 static DEFINE_PER_CPU(struct pkvm_hyp_vm *, __current_vm); diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setu= p.c index 90bd014e952f..ad5b96085e1b 100644 --- a/arch/arm64/kvm/hyp/nvhe/setup.c +++ b/arch/arm64/kvm/hyp/nvhe/setup.c @@ -284,6 +284,27 @@ static int fix_hyp_pgtable_refcnt(void) &walker); } =20 +static int unmap_protected_regions(void) +{ + struct pkvm_protected_reg *reg; + int i, ret, j =3D 0; + + for (i =3D 0; i < num_protected_reg; i++) { + reg =3D &pkvm_protected_regs[i]; + for (j =3D 0; j < reg->num_pages; j++) { + ret =3D __pkvm_host_donate_hyp_mmio(reg->start_pfn + j); + if (ret) + goto err_setup; + } + } + + return 0; +err_setup: + for (j =3D j - 1; j >=3D 0; j--) + __pkvm_hyp_donate_host_mmio(reg->start_pfn + j); + return ret; +} + void __noreturn __pkvm_init_finalise(void) { struct kvm_cpu_context *host_ctxt =3D host_data_ptr(host_ctxt); @@ -324,6 +345,10 @@ void __noreturn __pkvm_init_finalise(void) if (ret) goto out; =20 + ret =3D unmap_protected_regions(); + if (ret) + goto out; + ret =3D hyp_ffa_init(ffa_proxy_pages); if (ret) goto out; --=20 2.53.0.473.g4a7958ca14-goog