1. 06 Dec, 2019 2 commits
  2. 08 Nov, 2019 3 commits
  3. 07 Nov, 2019 1 commit
  4. 29 Oct, 2019 3 commits
  5. 28 Oct, 2019 3 commits
  6. 24 Oct, 2019 2 commits
  7. 21 Oct, 2019 13 commits
    • Steven Price's avatar
      arm64: Retrieve stolen time as paravirtualized guest · e0685fa2
      Steven Price authored
      Enable paravirtualization features when running under a hypervisor
      supporting the PV_TIME_ST hypercall.
      
      For each (v)CPU, we ask the hypervisor for the location of a shared
      page which the hypervisor will use to report stolen time to us. We set
      pv_time_ops to the stolen time function which simply reads the stolen
      value from the shared page for a VCPU. We guarantee single-copy
      atomicity using READ_ONCE which means we can also read the stolen
      time for another VCPU than the currently running one while it is
      potentially being updated by the hypervisor.
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      e0685fa2
    • Steven Price's avatar
      arm/arm64: Make use of the SMCCC 1.1 wrapper · ce4d5ca2
      Steven Price authored
      Rather than directly choosing which function to use based on
      psci_ops.conduit, use the new arm_smccc_1_1 wrapper instead.
      
      In some cases we still need to do some operations based on the
      conduit, but the code duplication is removed.
      
      No functional change.
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      ce4d5ca2
    • Steven Price's avatar
      arm/arm64: Provide a wrapper for SMCCC 1.1 calls · 541625ac
      Steven Price authored
      SMCCC 1.1 calls may use either HVC or SMC depending on the PSCI
      conduit. Rather than coding this in every call site, provide a macro
      which uses the correct instruction. The macro also handles the case
      where no conduit is configured/available returning a not supported error
      in res, along with returning the conduit used for the call.
      
      This allow us to remove some duplicated code and will be useful later
      when adding paravirtualized time hypervisor calls.
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Acked-by: default avatarWill Deacon <will@kernel.org>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      541625ac
    • Steven Price's avatar
      KVM: arm64: Provide VCPU attributes for stolen time · 58772e9a
      Steven Price authored
      Allow user space to inform the KVM host where in the physical memory
      map the paravirtualized time structures should be located.
      
      User space can set an attribute on the VCPU providing the IPA base
      address of the stolen time structure for that VCPU. This must be
      repeated for every VCPU in the VM.
      
      The address is given in terms of the physical address visible to
      the guest and must be 64 byte aligned. The guest will discover the
      address via a hypercall.
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      58772e9a
    • Steven Price's avatar
      KVM: Allow kvm_device_ops to be const · 8538cb22
      Steven Price authored
      Currently a kvm_device_ops structure cannot be const without triggering
      compiler warnings. However the structure doesn't need to be written to
      and, by marking it const, it can be read-only in memory. Add some more
      const keywords to allow this.
      Reviewed-by: default avatarAndrew Jones <drjones@redhat.com>
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      8538cb22
    • Steven Price's avatar
      KVM: arm64: Support stolen time reporting via shared structure · 8564d637
      Steven Price authored
      Implement the service call for configuring a shared structure between a
      VCPU and the hypervisor in which the hypervisor can write the time
      stolen from the VCPU's execution time by other tasks on the host.
      
      User space allocates memory which is placed at an IPA also chosen by user
      space. The hypervisor then updates the shared structure using
      kvm_put_guest() to ensure single copy atomicity of the 64-bit value
      reporting the stolen time in nanoseconds.
      
      Whenever stolen time is enabled by the guest, the stolen time counter is
      reset.
      
      The stolen time itself is retrieved from the sched_info structure
      maintained by the Linux scheduler code. We enable SCHEDSTATS when
      selecting KVM Kconfig to ensure this value is meaningful.
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      8564d637
    • Steven Price's avatar
      KVM: Implement kvm_put_guest() · cac0f1b7
      Steven Price authored
      kvm_put_guest() is analogous to put_user() - it writes a single value to
      the guest physical address. The implementation is built upon put_user()
      and so it has the same single copy atomic properties.
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      cac0f1b7
    • Steven Price's avatar
      KVM: arm64: Implement PV_TIME_FEATURES call · b48c1a45
      Steven Price authored
      This provides a mechanism for querying which paravirtualized time
      features are available in this hypervisor.
      
      Also add the header file which defines the ABI for the paravirtualized
      time features we're about to add.
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      b48c1a45
    • Christoffer Dall's avatar
      KVM: arm/arm64: Factor out hypercall handling from PSCI code · 55009c6e
      Christoffer Dall authored
      We currently intertwine the KVM PSCI implementation with the general
      dispatch of hypercall handling, which makes perfect sense because PSCI
      is the only category of hypercalls we support.
      
      However, as we are about to support additional hypercalls, factor out
      this functionality into a separate hypercall handler file.
      Signed-off-by: default avatarChristoffer Dall <christoffer.dall@arm.com>
      [steven.price@arm.com: rebased]
      Reviewed-by: default avatarAndrew Jones <drjones@redhat.com>
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      55009c6e
    • Steven Price's avatar
      KVM: arm64: Document PV-time interface · 6a745848
      Steven Price authored
      Introduce a paravirtualization interface for KVM/arm64 based on the
      "Arm Paravirtualized Time for Arm-Base Systems" specification DEN 0057A.
      
      This only adds the details about "Stolen Time" as the details of "Live
      Physical Time" have not been fully agreed.
      
      User space can specify a reserved area of memory for the guest and
      inform KVM to populate the memory with information on time that the host
      kernel has stolen from the guest.
      
      A hypercall interface is provided for the guest to interrogate the
      hypervisor's support for this interface and the location of the shared
      memory structures.
      Signed-off-by: default avatarSteven Price <steven.price@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      6a745848
    • Marc Zyngier's avatar
    • Christoffer Dall's avatar
      KVM: arm/arm64: Allow user injection of external data aborts · da345174
      Christoffer Dall authored
      In some scenarios, such as buggy guest or incorrect configuration of the
      VMM and firmware description data, userspace will detect a memory access
      to a portion of the IPA, which is not mapped to any MMIO region.
      
      For this purpose, the appropriate action is to inject an external abort
      to the guest.  The kernel already has functionality to inject an
      external abort, but we need to wire up a signal from user space that
      lets user space tell the kernel to do this.
      
      It turns out, we already have the set event functionality which we can
      perfectly reuse for this.
      Signed-off-by: default avatarChristoffer Dall <christoffer.dall@arm.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      da345174
    • Christoffer Dall's avatar
      KVM: arm/arm64: Allow reporting non-ISV data aborts to userspace · c726200d
      Christoffer Dall authored
      For a long time, if a guest accessed memory outside of a memslot using
      any of the load/store instructions in the architecture which doesn't
      supply decoding information in the ESR_EL2 (the ISV bit is not set), the
      kernel would print the following message and terminate the VM as a
      result of returning -ENOSYS to userspace:
      
        load/store instruction decoding not implemented
      
      The reason behind this message is that KVM assumes that all accesses
      outside a memslot is an MMIO access which should be handled by
      userspace, and we originally expected to eventually implement some sort
      of decoding of load/store instructions where the ISV bit was not set.
      
      However, it turns out that many of the instructions which don't provide
      decoding information on abort are not safe to use for MMIO accesses, and
      the remaining few that would potentially make sense to use on MMIO
      accesses, such as those with register writeback, are not used in
      practice.  It also turns out that fetching an instruction from guest
      memory can be a pretty horrible affair, involving stopping all CPUs on
      SMP systems, handling multiple corner cases of address translation in
      software, and more.  It doesn't appear likely that we'll ever implement
      this in the kernel.
      
      What is much more common is that a user has misconfigured his/her guest
      and is actually not accessing an MMIO region, but just hitting some
      random hole in the IPA space.  In this scenario, the error message above
      is almost misleading and has led to a great deal of confusion over the
      years.
      
      It is, nevertheless, ABI to userspace, and we therefore need to
      introduce a new capability that userspace explicitly enables to change
      behavior.
      
      This patch introduces KVM_CAP_ARM_NISV_TO_USER (NISV meaning Non-ISV)
      which does exactly that, and introduces a new exit reason to report the
      event to userspace.  User space can then emulate an exception to the
      guest, restart the guest, suspend the guest, or take any other
      appropriate action as per the policy of the running system.
      Reported-by: default avatarHeinrich Schuchardt <xypron.glpk@gmx.de>
      Signed-off-by: default avatarChristoffer Dall <christoffer.dall@arm.com>
      Reviewed-by: default avatarAlexander Graf <graf@amazon.com>
      Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
      c726200d
  8. 14 Oct, 2019 5 commits
  9. 13 Oct, 2019 8 commits