[PATCH v2 14/17] arm64: KVM: Add ARCH_WORKAROUND_2 discovery through... | linux-arm-kernel

[PATCH v2 00/17] arm64 SSBD (aka Spectre-v4) mitigation · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 01/17] arm/arm64: smccc: Add SMCCC-specific return codes · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 04/17] arm64: Add ARCH_WORKAROUND_2 probing · Marc Zyngier <hidden> · 2018-05-29
Re: [PATCH v2 04/17] arm64: Add ARCH_WORKAROUND_2 probing · Suzuki K Poulose <Suzuki.Poulose@arm.com> · 2018-05-29
[PATCH v2 05/17] arm64: Add 'ssbd' command-line option · Marc Zyngier <hidden> · 2018-05-29
Re: [PATCH v2 05/17] arm64: Add 'ssbd' command-line option · Jon Masters <hidden> · 2018-06-09
Re: [PATCH v2 05/17] arm64: Add 'ssbd' command-line option · Marc Zyngier <hidden> · 2018-06-09
[PATCH v2 03/17] arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 06/17] arm64: ssbd: Add global mitigation state accessor · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 07/17] arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation · Marc Zyngier <hidden> · 2018-05-29
Re: [PATCH v2 07/17] arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation · Jon Masters <hidden> · 2018-06-09
Re: [PATCH v2 07/17] arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation · Marc Zyngier <hidden> · 2018-06-09
[PATCH v2 08/17] arm64: ssbd: Restore mitigation status on CPU resume · Marc Zyngier <hidden> · 2018-05-29
Re: [PATCH v2 08/17] arm64: ssbd: Restore mitigation status on CPU resume · Mark Rutland <mark.rutland@arm.com> · 2018-05-29
[PATCH v2 09/17] arm64: ssbd: Introduce thread flag to control userspace mitigation · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 11/17] arm64: KVM: Add HYP per-cpu accessors · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 15/17] arm64: Add test_and_clear_flag and set_flag atomic assembler primitives · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 16/17] arm64: ssbd: Enable delayed setting of TIF_SSBD · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 17/17] arm64: ssbd: Implement arch_seccomp_spec_mitigate · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 14/17] arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 13/17] arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 12/17] arm64: KVM: Add ARCH_WORKAROUND_2 support for guests · Marc Zyngier <hidden> · 2018-05-29
Re: [PATCH v2 12/17] arm64: KVM: Add ARCH_WORKAROUND_2 support for guests · Jon Masters <hidden> · 2018-06-09
Re: [PATCH v2 12/17] arm64: KVM: Add ARCH_WORKAROUND_2 support for guests · Marc Zyngier <hidden> · 2018-06-09
[PATCH v2 10/17] arm64: ssbd: Add prctl interface for per-thread mitigation · Marc Zyngier <hidden> · 2018-05-29
[PATCH v2 02/17] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Marc Zyngier <hidden> · 2018-05-29
Re: [PATCH v2 00/17] arm64 SSBD (aka Spectre-v4) mitigation · Will Deacon <hidden> · 2018-05-30
Re: [PATCH v2 00/17] arm64 SSBD (aka Spectre-v4) mitigation · Catalin Marinas <catalin.marinas@arm.com> · 2018-05-31
Re: [PATCH v2 00/17] arm64 SSBD (aka Spectre-v4) mitigation · Marc Zyngier <hidden> · 2018-05-31
Re: [PATCH v2 00/17] arm64 SSBD (aka Spectre-v4) mitigation · Jon Masters <hidden> · 2018-06-09

STALE2932d REVIEWED: 8 (7M)

Revisions (2)

2018-05-22 v1 [diff vs current]
2018-05-29 v2 current

[PATCH v2 14/17] arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID

From: Marc Zyngier <hidden>
Date: 2018-05-29 12:13:12
Also in: kvmarm, lkml
Subsystem: arm port, arm64 port (aarch64 architecture), kernel virtual machine (kvm), kernel virtual machine for arm64 (kvm/arm64), the rest · Maintainers: Russell King, Catalin Marinas, Will Deacon, Paolo Bonzini, Marc Zyngier, Oliver Upton, Linus Torvalds

Now that all our infrastructure is in place, let's expose the
availability of ARCH_WORKAROUND_2 to guests. We take this opportunity
to tidy up a couple of SMCCC constants.

Acked-by: Christoffer Dall <redacted>
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <redacted>
---
 arch/arm/include/asm/kvm_host.h   | 12 ++++++++++++
 arch/arm64/include/asm/kvm_host.h | 23 +++++++++++++++++++++++
 arch/arm64/kvm/reset.c            |  4 ++++
 virt/kvm/arm/psci.c               | 18 ++++++++++++++++--
 4 files changed, 55 insertions(+), 2 deletions(-)

diff --git a/arch/arm/include/asm/kvm_host.h b/arch/arm/include/asm/kvm_host.h
index c7c28c885a19..7001fb871429 100644
--- a/arch/arm/include/asm/kvm_host.h
+++ b/arch/arm/include/asm/kvm_host.h

@@ -315,6 +315,18 @@ static inline bool kvm_arm_harden_branch_predictor(void)
 	return false;
 }
 
+#define KVM_SSBD_UNKNOWN		-1
+#define KVM_SSBD_FORCE_DISABLE		0
+#define KVM_SSBD_KERNEL		1
+#define KVM_SSBD_FORCE_ENABLE		2
+#define KVM_SSBD_MITIGATED		3
+
+static inline int kvm_arm_have_ssbd(void)
+{
+	/* No way to detect it yet, pretend it is not there. */
+	return KVM_SSBD_UNKNOWN;
+}
+
 static inline void kvm_vcpu_load_sysregs(struct kvm_vcpu *vcpu) {}
 static inline void kvm_vcpu_put_sysregs(struct kvm_vcpu *vcpu) {}

diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
index 9bef3f69bdcd..95d8a0e15b5f 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h

@@ -455,6 +455,29 @@ static inline bool kvm_arm_harden_branch_predictor(void)
 	return cpus_have_const_cap(ARM64_HARDEN_BRANCH_PREDICTOR);
 }
 
+#define KVM_SSBD_UNKNOWN		-1
+#define KVM_SSBD_FORCE_DISABLE		0
+#define KVM_SSBD_KERNEL		1
+#define KVM_SSBD_FORCE_ENABLE		2
+#define KVM_SSBD_MITIGATED		3
+
+static inline int kvm_arm_have_ssbd(void)
+{
+	switch (arm64_get_ssbd_state()) {
+	case ARM64_SSBD_FORCE_DISABLE:
+		return KVM_SSBD_FORCE_DISABLE;
+	case ARM64_SSBD_KERNEL:
+		return KVM_SSBD_KERNEL;
+	case ARM64_SSBD_FORCE_ENABLE:
+		return KVM_SSBD_FORCE_ENABLE;
+	case ARM64_SSBD_MITIGATED:
+		return KVM_SSBD_MITIGATED;
+	case ARM64_SSBD_UNKNOWN:
+	default:
+		return KVM_SSBD_UNKNOWN;
+	}
+}
+
 void kvm_vcpu_load_sysregs(struct kvm_vcpu *vcpu);
 void kvm_vcpu_put_sysregs(struct kvm_vcpu *vcpu);

diff --git a/arch/arm64/kvm/reset.c b/arch/arm64/kvm/reset.c
index 3256b9228e75..a74311beda35 100644
--- a/arch/arm64/kvm/reset.c
+++ b/arch/arm64/kvm/reset.c

@@ -122,6 +122,10 @@ int kvm_reset_vcpu(struct kvm_vcpu *vcpu)
 	/* Reset PMU */
 	kvm_pmu_vcpu_reset(vcpu);
 
+	/* Default workaround setup is enabled (if supported) */
+	if (kvm_arm_have_ssbd() == KVM_SSBD_KERNEL)
+		vcpu->arch.workaround_flags |= VCPU_WORKAROUND_2_FLAG;
+
 	/* Reset timer */
 	return kvm_timer_vcpu_reset(vcpu);
 }

diff --git a/virt/kvm/arm/psci.c b/virt/kvm/arm/psci.c
index c4762bef13c6..c95ab4c5a475 100644
--- a/virt/kvm/arm/psci.c
+++ b/virt/kvm/arm/psci.c

@@ -405,7 +405,7 @@ static int kvm_psci_call(struct kvm_vcpu *vcpu)
 int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
 {
 	u32 func_id = smccc_get_function(vcpu);
-	u32 val = PSCI_RET_NOT_SUPPORTED;
+	u32 val = SMCCC_RET_NOT_SUPPORTED;
 	u32 feature;
 
 	switch (func_id) {

@@ -417,7 +417,21 @@ int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
 		switch(feature) {
 		case ARM_SMCCC_ARCH_WORKAROUND_1:
 			if (kvm_arm_harden_branch_predictor())
-				val = 0;
+				val = SMCCC_RET_SUCCESS;
+			break;
+		case ARM_SMCCC_ARCH_WORKAROUND_2:
+			switch (kvm_arm_have_ssbd()) {
+			case KVM_SSBD_FORCE_DISABLE:
+			case KVM_SSBD_UNKNOWN:
+				break;
+			case KVM_SSBD_KERNEL:
+				val = SMCCC_RET_SUCCESS;
+				break;
+			case KVM_SSBD_FORCE_ENABLE:
+			case KVM_SSBD_MITIGATED:
+				val = SMCCC_RET_NOT_REQUIRED;
+				break;
+			}
 			break;
 		}
 		break;

-- 
2.14.2

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help