Commit 4d526b02 authored by Paolo Bonzini's avatar Paolo Bonzini
Browse files

Merge tag 'kvmarm-6.16' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD 

KVM/arm64 updates for 6.16

* New features:

  - Add large stage-2 mapping support for non-protected pKVM guests,
    clawing back some performance.

  - Add UBSAN support to the standalone EL2 object used in nVHE/hVHE and
    protected modes.

  - Enable nested virtualisation support on systems that support it
    (yes, it has been a long time coming), though it is disabled by
    default.

* Improvements, fixes and cleanups:

  - Large rework of the way KVM tracks architecture features and links
    them with the effects of control bits. This ensures correctness of
    emulation (the data is automatically extracted from the published
    JSON files), and helps dealing with the evolution of the
    architecture.

  - Significant changes to the way pKVM tracks ownership of pages,
    avoiding page table walks by storing the state in the hypervisor's
    vmemmap. This in turn enables the THP support described above.

  - New selftest checking the pKVM ownership transition rules

  - Fixes for FEAT_MTE_ASYNC being accidentally advertised to guests
    even if the host didn't have it.

  - Fixes for the address translation emulation, which happened to be
    rather buggy in some specific contexts.

  - Fixes for the PMU emulation in NV contexts, decoupling PMCR_EL0.N
    from the number of counters exposed to a guest and addressing a
    number of issues in the process.

  - Add a new selftest for the SVE host state being corrupted by a
    guest.

  - Keep HCR_EL2.xMO set at all times for systems running with the
    kernel at EL2, ensuring that the window for interrupts is slightly
    bigger, and avoiding a pretty bad erratum on the AmpereOne HW.

  - Add workaround for AmpereOne's erratum AC04_CPU_23, which suffers
    from a pretty bad case of TLB corruption unless accesses to HCR_EL2
    are heavily synchronised.

  - Add a per-VM, per-ITS debugfs entry to dump the state of the ITS
    tables in a human-friendly fashion.

  - and the usual random cleanups.
parents 85502b22 1b85d923

Documentation/arch/arm64/silicon-errata.rst

+2 −0
Original line number Diff line number Diff line
@@ -57,6 +57,8 @@ stable kernels. 
+----------------+-----------------+-----------------+-----------------------------+

| Ampere         | AmpereOne AC04  | AC04_CPU_10     | AMPERE_ERRATUM_AC03_CPU_38  |

+----------------+-----------------+-----------------+-----------------------------+

| Ampere         | AmpereOne AC04  | AC04_CPU_23     | AMPERE_ERRATUM_AC04_CPU_23  |

+----------------+-----------------+-----------------+-----------------------------+

+----------------+-----------------+-----------------+-----------------------------+

| ARM            | Cortex-A510     | #2457168        | ARM64_ERRATUM_2457168       |

+----------------+-----------------+-----------------+-----------------------------+

Documentation/virt/kvm/api.rst

+13 −1
Original line number Diff line number Diff line
@@ -3463,7 +3463,8 @@ The initial values are defined as: 
	- FPSIMD/NEON registers: set to 0

	- SVE registers: set to 0

	- System registers: Reset to their architecturally defined

	  values as for a warm reset to EL1 (resp. SVC)

	  values as for a warm reset to EL1 (resp. SVC) or EL2 (in the

	  case of EL2 being enabled).



Note that because some registers reflect machine topology, all vcpus

should be created before this ioctl is invoked.
@@ -3530,6 +3531,17 @@ Possible features: 
	      - the KVM_REG_ARM64_SVE_VLS pseudo-register is immutable, and can

	        no longer be written using KVM_SET_ONE_REG.



	- KVM_ARM_VCPU_HAS_EL2: Enable Nested Virtualisation support,

	  booting the guest from EL2 instead of EL1.

	  Depends on KVM_CAP_ARM_EL2.

	  The VM is running with HCR_EL2.E2H being RES1 (VHE) unless

	  KVM_ARM_VCPU_HAS_EL2_E2H0 is also set.



	- KVM_ARM_VCPU_HAS_EL2_E2H0: Restrict Nested Virtualisation

	  support to HCR_EL2.E2H being RES0 (non-VHE).

	  Depends on KVM_CAP_ARM_EL2_E2H0.

	  KVM_ARM_VCPU_HAS_EL2 must also be set.



4.83 KVM_ARM_PREFERRED_TARGET

-----------------------------

Documentation/virt/kvm/devices/vcpu.rst

+24 −0
Original line number Diff line number Diff line
@@ -137,6 +137,30 @@ exit_reason = KVM_EXIT_FAIL_ENTRY and populate the fail_entry struct by setting 
hardare_entry_failure_reason field to KVM_EXIT_FAIL_ENTRY_CPU_UNSUPPORTED and

the cpu field to the processor id.



1.5 ATTRIBUTE: KVM_ARM_VCPU_PMU_V3_SET_NR_COUNTERS

--------------------------------------------------



:Parameters: in kvm_device_attr.addr the address to an unsigned int

	     representing the maximum value taken by PMCR_EL0.N



:Returns:



	 =======  ====================================================

	 -EBUSY   PMUv3 already initialized, a VCPU has already run or

                  an event filter has already been set

	 -EFAULT  Error accessing the value pointed to by addr

	 -ENODEV  PMUv3 not supported or GIC not initialized

	 -EINVAL  No PMUv3 explicitly selected, or value of N out of

	 	  range

	 =======  ====================================================



Set the number of implemented event counters in the virtual PMU. This

mandates that a PMU has explicitly been selected via

KVM_ARM_VCPU_PMU_V3_SET_PMU, and will fail when no PMU has been

explicitly selected, or the number of counters is out of range for the

selected PMU. Selecting a new PMU cancels the effect of setting this

attribute.



2. GROUP: KVM_ARM_VCPU_TIMER_CTRL

=================================

arch/arm64/Kconfig

+17 −0
Original line number Diff line number Diff line
@@ -464,6 +464,23 @@ config AMPERE_ERRATUM_AC03_CPU_38 


	  If unsure, say Y.



config AMPERE_ERRATUM_AC04_CPU_23

        bool "AmpereOne: AC04_CPU_23:  Failure to synchronize writes to HCR_EL2 may corrupt address translations."

	default y

	help

	  This option adds an alternative code sequence to work around Ampere

	  errata AC04_CPU_23 on AmpereOne.



	  Updates to HCR_EL2 can rarely corrupt simultaneous translations for

	  data addresses initiated by load/store instructions. Only

	  instruction initiated translations are vulnerable, not translations

	  from prefetches for example. A DSB before the store to HCR_EL2 is

	  sufficient to prevent older instructions from hitting the window

	  for corruption, and an ISB after is sufficient to prevent younger

	  instructions from hitting the window for corruption.



	  If unsure, say Y.



config ARM64_WORKAROUND_CLEAN_CACHE

	bool

arch/arm64/include/asm/el2_setup.h

+8 −8
Original line number Diff line number Diff line
@@ -38,7 +38,7 @@ 


	orr	x0, x0, #HCR_E2H

.LnVHE_\@:

	msr	hcr_el2, x0

	msr_hcr_el2 x0

	isb

.endm
@@ -213,8 +213,8 @@ 
	cbz	x1, .Lskip_debug_fgt_\@



	/* Disable nVHE traps of TPIDR2 and SMPRI */

	orr	x0, x0, #HFGxTR_EL2_nSMPRI_EL1_MASK

	orr	x0, x0, #HFGxTR_EL2_nTPIDR2_EL0_MASK

	orr	x0, x0, #HFGRTR_EL2_nSMPRI_EL1_MASK

	orr	x0, x0, #HFGRTR_EL2_nTPIDR2_EL0_MASK



.Lskip_debug_fgt_\@:

	mrs_s	x1, SYS_ID_AA64MMFR3_EL1
@@ -222,8 +222,8 @@ 
	cbz	x1, .Lskip_pie_fgt_\@



	/* Disable trapping of PIR_EL1 / PIRE0_EL1 */

	orr	x0, x0, #HFGxTR_EL2_nPIR_EL1

	orr	x0, x0, #HFGxTR_EL2_nPIRE0_EL1

	orr	x0, x0, #HFGRTR_EL2_nPIR_EL1

	orr	x0, x0, #HFGRTR_EL2_nPIRE0_EL1



.Lskip_pie_fgt_\@:

	mrs_s	x1, SYS_ID_AA64MMFR3_EL1
@@ -231,7 +231,7 @@ 
	cbz	x1, .Lskip_poe_fgt_\@



	/* Disable trapping of POR_EL0 */

	orr	x0, x0, #HFGxTR_EL2_nPOR_EL0

	orr	x0, x0, #HFGRTR_EL2_nPOR_EL0



.Lskip_poe_fgt_\@:

	/* GCS depends on PIE so we don't check it if PIE is absent */
@@ -240,8 +240,8 @@ 
	cbz	x1, .Lset_fgt_\@



	/* Disable traps of access to GCS registers at EL0 and EL1 */

	orr	x0, x0, #HFGxTR_EL2_nGCS_EL1_MASK

	orr	x0, x0, #HFGxTR_EL2_nGCS_EL0_MASK

	orr	x0, x0, #HFGRTR_EL2_nGCS_EL1_MASK

	orr	x0, x0, #HFGRTR_EL2_nGCS_EL0_MASK



.Lset_fgt_\@:

	msr_s	SYS_HFGRTR_EL2, x0