From: james.morse@arm•com (James Morse)
To: linux-arm-kernel@lists•infradead.org
Subject: [PATCH v3 09/20] KVM: arm/arm64: mask/unmask daif around VHE guests
Date: Wed, 11 Oct 2017 16:40:57 +0100 [thread overview]
Message-ID: <59DE3B89.6090005@arm.com> (raw)
In-Reply-To: <87lgkijbwk.fsf@on-the-bus.cambridge.arm.com>
Hi Marc,
On 11/10/17 10:01, Marc Zyngier wrote:
> On Thu, Oct 05 2017 at 8:18:01 pm BST, James Morse <james.morse@arm•com> wrote:
>> Non-VHE systems take an exception to EL2 in order to world-switch into the
>> guest. When returning from the guest KVM implicitly restores the DAIF
>> flags when it returns to the kernel at EL1.
>>
>> With VHE none of this exception-level jumping happens, so KVMs
>> world-switch code is exposed to the host kernel's DAIF values, and KVM
>> spills the guest-exit DAIF values back into the host kernel.
>> On entry to a guest we have Debug and SError exceptions unmasked, KVM
>> has switched VBAR but isn't prepared to handle these. On guest exit
>> Debug exceptions are left disabled once we return to the host and will
>> stay this way until we enter user space.
>>
>> Add a helper to mask/unmask DAIF around VHE guests. The unmask can only
>> happen after the hosts VBAR value has been synchronised by the isb in
>> __vhe_hyp_call (via kvm_call_hyp()). Masking could be as late as
>> setting KVMs VBAR value, but is kept here for symmetry.
>> diff --git a/virt/kvm/arm/arm.c b/virt/kvm/arm/arm.c
>> index b9f68e4add71..665529924b34 100644
>> --- a/virt/kvm/arm/arm.c
>> +++ b/virt/kvm/arm/arm.c
>> @@ -698,9 +698,13 @@ int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *run)
>> */
>> trace_kvm_entry(*vcpu_pc(vcpu));
>> guest_enter_irqoff();
>> + if (has_vhe())
>> + kvm_arm_vhe_guest_enter();
>>
>> ret = kvm_call_hyp(__kvm_vcpu_run, vcpu);
>>
>> + if (has_vhe())
>> + kvm_arm_vhe_guest_exit();
>> vcpu->mode = OUTSIDE_GUEST_MODE;
>> vcpu->stat.exits++;
>> /*
> Why is that masking limited to entering/exiting the guest? I would have
> though that it would have been put in the kvm_call_hyp helper, in order
> to cover all "HYP" accesses.
> Or is it that you've worked out that only
> the guest run actually requires this because none of the other HYP
> helpers are changing the flags?
That too... Christoffer made the case[0] that for VHE the existing 'hyp code'
shouldn't be considered as running in a 'special EL2 mode':
> The rationale being that in the long run we want to keep "jumping to
> hyp" the oddball legacy case, where everything else is just the
> kernel/hypervisor functionality.
This lets us take interrupts out of e.g. __kvm_tlb_flush_local_vmid().
These are the things kvm calls via kvm_call_hyp():
> __kvm_get_mdcr_el2
> __init_stage2_translation
> __kvm_tlb_flush_local_vmid
> __kvm_flush_vm_context
> __kvm_vcpu_run
> __kvm_tlb_flush_vmid
> __kvm_tlb_flush_vmid_ipa
> __vgic_v3_init_lrs
> __vgic_v3_get_ich_vtr_el2
> __vgic_v3_write_vmcr
> __vgic_v3_read_vmcr
These all read/write system-registers, but only __kvm_vcpu_run() manipulates the
flags due to taking an exception to exit the guest.
__kvm_vcpu_run() should also be masking exceptions when it changes VBAR.
Only __kvm_vcpu_run() needs wrapping like this, if any other helper touches the
debug registers or exception-routing I think it would need to do similar for VHE.
(__vgic_v3_get_ich_vtr_el2() is also preemptible, but all it does is read an id
register which looks safe to me...)
Thanks,
James
[0] https://www.spinics.net/lists/arm-kernel/msg603990.html
next prev parent reply other threads:[~2017-10-11 15:40 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-05 19:17 [PATCH v3 00/20] SError rework + RAS&IESB for firmware first support James Morse
2017-10-05 19:17 ` [PATCH v3 01/20] arm64: explicitly mask all exceptions James Morse
2017-10-11 16:30 ` Julien Thierry
2017-10-12 12:26 ` James Morse
2017-10-18 14:23 ` Catalin Marinas
2017-10-18 14:25 ` Catalin Marinas
2017-10-05 19:17 ` [PATCH v3 02/20] arm64: introduce an order for exceptions James Morse
2017-10-11 17:11 ` Julien Thierry
2017-10-05 19:17 ` [PATCH v3 03/20] arm64: Move the async/fiq helpers to explicitly set process context flags James Morse
2017-10-05 19:17 ` [PATCH v3 04/20] arm64: Mask all exceptions during kernel_exit James Morse
2017-10-05 19:17 ` [PATCH v3 05/20] arm64: entry.S: Remove disable_dbg James Morse
2017-10-05 19:17 ` [PATCH v3 06/20] arm64: entry.S: convert el1_sync James Morse
2017-10-05 19:17 ` [PATCH v3 07/20] arm64: entry.S convert el0_sync James Morse
2017-10-05 19:18 ` [PATCH v3 08/20] arm64: entry.S: convert elX_irq James Morse
2017-10-11 17:13 ` Julien Thierry
2017-10-12 12:26 ` James Morse
2017-10-05 19:18 ` [PATCH v3 09/20] KVM: arm/arm64: mask/unmask daif around VHE guests James Morse
2017-10-11 9:01 ` Marc Zyngier
2017-10-11 15:40 ` James Morse [this message]
2017-10-05 19:18 ` [PATCH v3 10/20] arm64: entry.S: move SError handling into a C function for future expansion James Morse
2017-10-05 19:18 ` [PATCH v3 11/20] arm64: cpufeature: Detect CPU RAS Extentions James Morse
2017-10-05 19:18 ` [PATCH v3 12/20] arm64: kernel: Survive corrected RAS errors notified by SError James Morse
2017-10-05 19:18 ` [PATCH v3 13/20] arm64: cpufeature: Enable IESB on exception entry/return for firmware-first James Morse
2017-10-18 16:43 ` Catalin Marinas
2017-10-18 17:14 ` James Morse
2017-10-05 19:18 ` [PATCH v3 14/20] arm64: kernel: Prepare for a DISR user James Morse
2017-10-05 19:18 ` [PATCH v3 15/20] KVM: arm64: Set an impdef ESR for Virtual-SError using VSESR_EL2 James Morse
2017-10-13 9:25 ` gengdongjiu
2017-10-13 16:53 ` James Morse
2017-10-05 19:18 ` [PATCH v3 16/20] KVM: arm64: Save/Restore guest DISR_EL1 James Morse
2017-10-05 19:18 ` [PATCH v3 17/20] KVM: arm64: Save ESR_EL2 on guest SError James Morse
2017-10-05 19:18 ` [PATCH v3 18/20] KVM: arm64: Handle RAS SErrors from EL1 on guest exit James Morse
2017-10-05 19:18 ` [PATCH v3 19/20] KVM: arm64: Handle RAS SErrors from EL2 " James Morse
2017-10-11 10:37 ` Marc Zyngier
2017-10-12 12:28 ` James Morse
2017-10-05 19:18 ` [PATCH v3 20/20] KVM: arm64: Take any host SError before entering the guest James Morse
2017-10-18 16:55 ` [PATCH v3 00/20] SError rework + RAS&IESB for firmware first support Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=59DE3B89.6090005@arm.com \
--to=james.morse@arm$(echo .)com \
--cc=linux-arm-kernel@lists$(echo .)infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox