| Message ID | 20201127152113.13099-2-steven.price@arm.com |
|---|---|
| State | New |
| Headers | show |
| Series | MTE support for KVM guest | expand |
> diff --git a/arch/arm64/include/asm/sysreg.h > b/arch/arm64/include/asm/sysreg.h > index e2ef4c2edf06..b6668ffa04d9 100644 > --- a/arch/arm64/include/asm/sysreg.h > +++ b/arch/arm64/include/asm/sysreg.h > @@ -569,7 +569,8 @@ > #define SCTLR_ELx_M (BIT(0)) > > #define SCTLR_ELx_FLAGS (SCTLR_ELx_M | SCTLR_ELx_A | SCTLR_ELx_C | \ > - SCTLR_ELx_SA | SCTLR_ELx_I | SCTLR_ELx_IESB) > + SCTLR_ELx_SA | SCTLR_ELx_I | SCTLR_ELx_IESB | \ > + SCTLR_ELx_ITFSB) > > /* SCTLR_EL2 specific flags. */ > #define SCTLR_EL2_RES1 ((BIT(4)) | (BIT(5)) | (BIT(11)) | (BIT(16)) > | \ > diff --git a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h > b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h > index cce43bfe158f..45255ba60152 100644 > --- a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h > +++ b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h > @@ -18,6 +18,11 @@ > static inline void __sysreg_save_common_state(struct kvm_cpu_context > *ctxt) > { > ctxt_sys_reg(ctxt, MDSCR_EL1) = read_sysreg(mdscr_el1); > + if (system_supports_mte()) { Please move the per-VM predicate to this patch so that it can be used not to save/restore the MTE registers if we don't need to. > + ctxt_sys_reg(ctxt, RGSR_EL1) = read_sysreg_s(SYS_RGSR_EL1); > + ctxt_sys_reg(ctxt, GCR_EL1) = read_sysreg_s(SYS_GCR_EL1); > + ctxt_sys_reg(ctxt, TFSRE0_EL1) = read_sysreg_s(SYS_TFSRE0_EL1); > + } Overall, I still don't understand how this is going to work once we have MTE in the kernel. You mentioned having the ability to create turn off the tag checks at times, but I don't see that in this patch (and I'm not sure we want that either). Thanks, M.
On 03/12/2020 17:07, Marc Zyngier wrote: > >> diff --git a/arch/arm64/include/asm/sysreg.h >> b/arch/arm64/include/asm/sysreg.h >> index e2ef4c2edf06..b6668ffa04d9 100644 >> --- a/arch/arm64/include/asm/sysreg.h >> +++ b/arch/arm64/include/asm/sysreg.h >> @@ -569,7 +569,8 @@ >> #define SCTLR_ELx_M (BIT(0)) >> >> #define SCTLR_ELx_FLAGS (SCTLR_ELx_M | SCTLR_ELx_A | SCTLR_ELx_C | \ >> - SCTLR_ELx_SA | SCTLR_ELx_I | SCTLR_ELx_IESB) >> + SCTLR_ELx_SA | SCTLR_ELx_I | SCTLR_ELx_IESB | \ >> + SCTLR_ELx_ITFSB) >> >> /* SCTLR_EL2 specific flags. */ >> #define SCTLR_EL2_RES1 ((BIT(4)) | (BIT(5)) | (BIT(11)) | >> (BIT(16)) | \ >> diff --git a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h >> b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h >> index cce43bfe158f..45255ba60152 100644 >> --- a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h >> +++ b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h >> @@ -18,6 +18,11 @@ >> static inline void __sysreg_save_common_state(struct kvm_cpu_context >> *ctxt) >> { >> ctxt_sys_reg(ctxt, MDSCR_EL1) = read_sysreg(mdscr_el1); >> + if (system_supports_mte()) { > > Please move the per-VM predicate to this patch so that it can be used > not to save/restore the MTE registers if we don't need to. There isn't a valid struct kvm_vcpu or struct kvm here. I know there's ctx->__hyp_running_vcpu but AFAICT that is only valid with the host context. > >> + ctxt_sys_reg(ctxt, RGSR_EL1) = read_sysreg_s(SYS_RGSR_EL1); >> + ctxt_sys_reg(ctxt, GCR_EL1) = read_sysreg_s(SYS_GCR_EL1); >> + ctxt_sys_reg(ctxt, TFSRE0_EL1) = >> read_sysreg_s(SYS_TFSRE0_EL1); >> + } > > Overall, I still don't understand how this is going to work once > we have MTE in the kernel. You mentioned having the ability to > create turn off the tag checks at times, but I don't see that > in this patch (and I'm not sure we want that either). Given that this is now highly unlikely to be merged for v5.11, I'll rebase onto of the KASAN MTE series and double check exactly what happens. My thought was that it should be as simple as setting TCO, but your previous comment about moving the save/restore into assembler might be wise in case the compiler starts playing with TCO itself. Steve
On 2020-12-07 14:48, Steven Price wrote: > On 03/12/2020 17:07, Marc Zyngier wrote: >> >>> diff --git a/arch/arm64/include/asm/sysreg.h >>> b/arch/arm64/include/asm/sysreg.h >>> index e2ef4c2edf06..b6668ffa04d9 100644 >>> --- a/arch/arm64/include/asm/sysreg.h >>> +++ b/arch/arm64/include/asm/sysreg.h >>> @@ -569,7 +569,8 @@ >>> #define SCTLR_ELx_M (BIT(0)) >>> >>> #define SCTLR_ELx_FLAGS (SCTLR_ELx_M | SCTLR_ELx_A | SCTLR_ELx_C >>> | \ >>> - SCTLR_ELx_SA | SCTLR_ELx_I | SCTLR_ELx_IESB) >>> + SCTLR_ELx_SA | SCTLR_ELx_I | SCTLR_ELx_IESB | \ >>> + SCTLR_ELx_ITFSB) >>> >>> /* SCTLR_EL2 specific flags. */ >>> #define SCTLR_EL2_RES1 ((BIT(4)) | (BIT(5)) | (BIT(11)) | >>> (BIT(16)) | \ >>> diff --git a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h >>> b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h >>> index cce43bfe158f..45255ba60152 100644 >>> --- a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h >>> +++ b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h >>> @@ -18,6 +18,11 @@ >>> static inline void __sysreg_save_common_state(struct kvm_cpu_context >>> *ctxt) >>> { >>> ctxt_sys_reg(ctxt, MDSCR_EL1) = read_sysreg(mdscr_el1); >>> + if (system_supports_mte()) { >> >> Please move the per-VM predicate to this patch so that it can be used >> not to save/restore the MTE registers if we don't need to. > > There isn't a valid struct kvm_vcpu or struct kvm here. I know there's > ctx->__hyp_running_vcpu but AFAICT that is only valid with the host > context. We have per-CPU variables for the host context. If ctx->__hyp_running_vcpu is non NULL, you know you're on the host. > >> >>> + ctxt_sys_reg(ctxt, RGSR_EL1) = >>> read_sysreg_s(SYS_RGSR_EL1); >>> + ctxt_sys_reg(ctxt, GCR_EL1) = read_sysreg_s(SYS_GCR_EL1); >>> + ctxt_sys_reg(ctxt, TFSRE0_EL1) = >>> read_sysreg_s(SYS_TFSRE0_EL1); >>> + } >> >> Overall, I still don't understand how this is going to work once >> we have MTE in the kernel. You mentioned having the ability to >> create turn off the tag checks at times, but I don't see that >> in this patch (and I'm not sure we want that either). > > Given that this is now highly unlikely to be merged for v5.11, I'll > rebase onto of the KASAN MTE series and double check exactly what > happens. My thought was that it should be as simple as setting TCO, > but your previous comment about moving the save/restore into assembler > might be wise in case the compiler starts playing with TCO itself. Indeed. Thanks, M.
diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 0cd9f0f75c13..d3e136343468 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -136,6 +136,8 @@ enum vcpu_sysreg { SCTLR_EL1, /* System Control Register */ ACTLR_EL1, /* Auxiliary Control Register */ CPACR_EL1, /* Coprocessor Access Control */ + RGSR_EL1, /* Random Allocation Tag Seed Register */ + GCR_EL1, /* Tag Control Register */ ZCR_EL1, /* SVE Control */ TTBR0_EL1, /* Translation Table Base Register 0 */ TTBR1_EL1, /* Translation Table Base Register 1 */ @@ -152,6 +154,8 @@ enum vcpu_sysreg { TPIDR_EL1, /* Thread ID, Privileged */ AMAIR_EL1, /* Aux Memory Attribute Indirection Register */ CNTKCTL_EL1, /* Timer Control Register (EL1) */ + TFSRE0_EL1, /* Tag Fault Status Register (EL0) */ + TFSR_EL1, /* Tag Fault Stauts Register (EL1) */ PAR_EL1, /* Physical Address Register */ MDSCR_EL1, /* Monitor Debug System Control Register */ MDCCINT_EL1, /* Monitor Debug Comms Channel Interrupt Enable Reg */ diff --git a/arch/arm64/include/asm/sysreg.h b/arch/arm64/include/asm/sysreg.h index e2ef4c2edf06..b6668ffa04d9 100644 --- a/arch/arm64/include/asm/sysreg.h +++ b/arch/arm64/include/asm/sysreg.h @@ -569,7 +569,8 @@ #define SCTLR_ELx_M (BIT(0)) #define SCTLR_ELx_FLAGS (SCTLR_ELx_M | SCTLR_ELx_A | SCTLR_ELx_C | \ - SCTLR_ELx_SA | SCTLR_ELx_I | SCTLR_ELx_IESB) + SCTLR_ELx_SA | SCTLR_ELx_I | SCTLR_ELx_IESB | \ + SCTLR_ELx_ITFSB) /* SCTLR_EL2 specific flags. */ #define SCTLR_EL2_RES1 ((BIT(4)) | (BIT(5)) | (BIT(11)) | (BIT(16)) | \ diff --git a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h index cce43bfe158f..45255ba60152 100644 --- a/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h +++ b/arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h @@ -18,6 +18,11 @@ static inline void __sysreg_save_common_state(struct kvm_cpu_context *ctxt) { ctxt_sys_reg(ctxt, MDSCR_EL1) = read_sysreg(mdscr_el1); + if (system_supports_mte()) { + ctxt_sys_reg(ctxt, RGSR_EL1) = read_sysreg_s(SYS_RGSR_EL1); + ctxt_sys_reg(ctxt, GCR_EL1) = read_sysreg_s(SYS_GCR_EL1); + ctxt_sys_reg(ctxt, TFSRE0_EL1) = read_sysreg_s(SYS_TFSRE0_EL1); + } } static inline void __sysreg_save_user_state(struct kvm_cpu_context *ctxt) @@ -45,6 +50,8 @@ static inline void __sysreg_save_el1_state(struct kvm_cpu_context *ctxt) ctxt_sys_reg(ctxt, CNTKCTL_EL1) = read_sysreg_el1(SYS_CNTKCTL); ctxt_sys_reg(ctxt, PAR_EL1) = read_sysreg_par(); ctxt_sys_reg(ctxt, TPIDR_EL1) = read_sysreg(tpidr_el1); + if (system_supports_mte()) + ctxt_sys_reg(ctxt, TFSR_EL1) = read_sysreg_el1(SYS_TFSR); ctxt_sys_reg(ctxt, SP_EL1) = read_sysreg(sp_el1); ctxt_sys_reg(ctxt, ELR_EL1) = read_sysreg_el1(SYS_ELR); @@ -63,6 +70,11 @@ static inline void __sysreg_save_el2_return_state(struct kvm_cpu_context *ctxt) static inline void __sysreg_restore_common_state(struct kvm_cpu_context *ctxt) { write_sysreg(ctxt_sys_reg(ctxt, MDSCR_EL1), mdscr_el1); + if (system_supports_mte()) { + write_sysreg_s(ctxt_sys_reg(ctxt, RGSR_EL1), SYS_RGSR_EL1); + write_sysreg_s(ctxt_sys_reg(ctxt, GCR_EL1), SYS_GCR_EL1); + write_sysreg_s(ctxt_sys_reg(ctxt, TFSRE0_EL1), SYS_TFSRE0_EL1); + } } static inline void __sysreg_restore_user_state(struct kvm_cpu_context *ctxt) @@ -106,6 +118,8 @@ static inline void __sysreg_restore_el1_state(struct kvm_cpu_context *ctxt) write_sysreg_el1(ctxt_sys_reg(ctxt, CNTKCTL_EL1), SYS_CNTKCTL); write_sysreg(ctxt_sys_reg(ctxt, PAR_EL1), par_el1); write_sysreg(ctxt_sys_reg(ctxt, TPIDR_EL1), tpidr_el1); + if (system_supports_mte()) + write_sysreg_el1(ctxt_sys_reg(ctxt, TFSR_EL1), SYS_TFSR); if (!has_vhe() && cpus_have_final_cap(ARM64_WORKAROUND_SPECULATIVE_AT) && diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index c1fac9836af1..4792d5249f07 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -1366,6 +1366,12 @@ static bool access_ccsidr(struct kvm_vcpu *vcpu, struct sys_reg_params *p, return true; } +static unsigned int mte_visibility(const struct kvm_vcpu *vcpu, + const struct sys_reg_desc *rd) +{ + return REG_HIDDEN; +} + /* sys_reg_desc initialiser for known cpufeature ID registers */ #define ID_SANITISED(name) { \ SYS_DESC(SYS_##name), \ @@ -1534,8 +1540,8 @@ static const struct sys_reg_desc sys_reg_descs[] = { { SYS_DESC(SYS_ACTLR_EL1), access_actlr, reset_actlr, ACTLR_EL1 }, { SYS_DESC(SYS_CPACR_EL1), NULL, reset_val, CPACR_EL1, 0 }, - { SYS_DESC(SYS_RGSR_EL1), undef_access }, - { SYS_DESC(SYS_GCR_EL1), undef_access }, + { SYS_DESC(SYS_RGSR_EL1), undef_access, reset_unknown, RGSR_EL1, .visibility = mte_visibility }, + { SYS_DESC(SYS_GCR_EL1), undef_access, reset_unknown, GCR_EL1, .visibility = mte_visibility }, { SYS_DESC(SYS_ZCR_EL1), NULL, reset_val, ZCR_EL1, 0, .visibility = sve_visibility }, { SYS_DESC(SYS_TTBR0_EL1), access_vm_reg, reset_unknown, TTBR0_EL1 }, @@ -1561,8 +1567,8 @@ static const struct sys_reg_desc sys_reg_descs[] = { { SYS_DESC(SYS_ERXMISC0_EL1), trap_raz_wi }, { SYS_DESC(SYS_ERXMISC1_EL1), trap_raz_wi }, - { SYS_DESC(SYS_TFSR_EL1), undef_access }, - { SYS_DESC(SYS_TFSRE0_EL1), undef_access }, + { SYS_DESC(SYS_TFSR_EL1), undef_access, reset_unknown, TFSR_EL1, .visibility = mte_visibility }, + { SYS_DESC(SYS_TFSRE0_EL1), undef_access, reset_unknown, TFSRE0_EL1, .visibility = mte_visibility }, { SYS_DESC(SYS_FAR_EL1), access_vm_reg, reset_unknown, FAR_EL1 }, { SYS_DESC(SYS_PAR_EL1), NULL, reset_unknown, PAR_EL1 },
Define the new system registers that MTE introduces and context switch them. The MTE feature is still hidden from the ID register as it isn't supported in a VM yet. Signed-off-by: Steven Price <steven.price@arm.com> --- arch/arm64/include/asm/kvm_host.h | 4 ++++ arch/arm64/include/asm/sysreg.h | 3 ++- arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h | 14 ++++++++++++++ arch/arm64/kvm/sys_regs.c | 14 ++++++++++---- 4 files changed, 30 insertions(+), 5 deletions(-)