Commit e1914add authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm 

Pull kvm fixes from Paolo Bonzini:
 "arm64:

   - Add the pKVM side of the workaround for ARM's erratum 4193714,
     provided that the EL3 firmware does its part of the job. KVM will
     refuse to initialise otherwise

   - Correctly handle 52bit VAs for guest EL2 stage-1 translations when
     running under NV with E2H==0

   - Correctly deal with permission faults in guest_memfd memslots

   - Fix the steal-time selftest after the infrastructure was reworked

   - Make sure the host cannot pass a non-sensical clock update to the
     EL2 tracing infrastructure

   - Appoint Steffen Eiden as a reviewer in anticipation of the KVM/s390
     ability to run arm64 guests, which will inevitably lead to arm64
     code being directly used on s390

   - Make sure that EL2 is configured with both exception entry and exit
     being Context Synchronization Events

   - Handle the current vcpu being NULL on EL2 panic

   - Fix the selftest_vcpu memcache being empty at the point of donation
     or sharing

   - Check that the memcache has enough capacity before engaging on the
     share/donate path

   - Fix __deactivate_fgt() to use its parameter rather than a variable
     in the macro context

  s390:

   - Fix array overrun with large amounts of PCI devices

  x86:

   - Never use L0's PAUSE loop exiting while L2 is running, since it's
     unlikely that a nested guest will help solving the hypervisor's
     spinlock contention

   - Fix emulation of MOVNTDQA

   - Fix typo in Xen hypercall tracepoint

   - Add back an optimization that was left behind when recently fixing
     a bug

   - Add module parameter to disable CET, whose implementation seems to
     have issues. For now it remains enabled by default

  Generic:

   - Reject offset causing an unsigned overflow in kvm_reset_dirty_gfn()

  Documentation:

   - Update stale links

  Selftests:

   - Fix guest_memfd_test with host page size > guest page size"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (22 commits)
  KVM: VMX: introduce module parameter to disable CET
  KVM: x86: Swap the dst and src operand for MOVNTDQA
  KVM: x86: use again the flush argument of __link_shadow_page()
  KVM: selftests: Ensure gmem file sizes are multiple of host page size
  Documentation: kvm: update links in the references section of AMD Memory Encryption
  KVM: nSVM: Never use L0's PAUSE loop exiting while L2 is running
  KVM: x86: Fix Xen hypercall tracepoint argument assignment
  KVM: Reject wrapped offset in kvm_reset_dirty_gfn()
  KVM: arm64: Pre-check vcpu memcache for host->guest donate
  KVM: arm64: Pre-check vcpu memcache for host->guest share
  KVM: arm64: Seed pkvm_ownership_selftest vcpu memcache
  KVM: arm64: Fix __deactivate_fgt macro parameter typo
  KVM: arm64: Guard against NULL vcpu on VHE hyp panic path
  KVM: arm64: Make EL2 exception entry and exit context-synchronization events
  MAINTAINERS: Add Steffen as reviewer for KVM/arm64
  KVM: arm64: Remove potential UB on nvhe tracing clock update
  KVM: selftests: arm64: Fix steal_time test after UAPI refactoring
  KVM: arm64: Handle permission faults with guest_memfd
  KVM: arm64: nv: Consider the DS bit when translating TCR_EL2
  KVM: arm64: Work around C1-Pro erratum 4193714 for protected guests
  ...
parents 1f63dd8c 2d5d3fc5

Documentation/virt/kvm/x86/amd-memory-encryption.rst

+4 −4
Original line number Diff line number Diff line
@@ -656,8 +656,8 @@ References 
See [white-paper]_, [api-spec]_, [amd-apm]_, [kvm-forum]_, and [snp-fw-abi]_

for more info.



.. [white-paper] https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf

.. [api-spec] https://support.amd.com/TechDocs/55766_SEV-KM_API_Specification.pdf

.. [amd-apm] https://support.amd.com/TechDocs/24593.pdf (section 15.34)

.. [white-paper] https://docs.amd.com/v/u/en-US/memory-encryption-white-paper

.. [api-spec] https://docs.amd.com/v/u/en-US/55766_PUB_3.24_SEV_API

.. [amd-apm] https://docs.amd.com/v/u/en-US/24593_3.44_APM_Vol2 (section 15.34)

.. [kvm-forum]  https://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf

.. [snp-fw-abi] https://www.amd.com/system/files/TechDocs/56860.pdf
 
.. [snp-fw-abi] https://www.amd.com/content/dam/amd/en/documents/developer/56860.pdf

MAINTAINERS

+1 −0
Original line number Diff line number Diff line
@@ -14055,6 +14055,7 @@ KERNEL VIRTUAL MACHINE FOR ARM64 (KVM/arm64) 
M:	Marc Zyngier <maz@kernel.org>

M:	Oliver Upton <oupton@kernel.org>

R:	Joey Gouly <joey.gouly@arm.com>

R:	Steffen Eiden <seiden@linux.ibm.com>

R:	Suzuki K Poulose <suzuki.poulose@arm.com>

R:	Zenghui Yu <yuzenghui@huawei.com>

L:	linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)

arch/arm64/include/asm/kvm_nested.h

+1 −0
Original line number Diff line number Diff line
@@ -23,6 +23,7 @@ static inline u64 tcr_el2_ps_to_tcr_el1_ips(u64 tcr_el2) 
static inline u64 translate_tcr_el2_to_tcr_el1(u64 tcr)

{

	return TCR_EPD1_MASK |				/* disable TTBR1_EL1 */

	       ((tcr & TCR_EL2_DS) ? TCR_DS : 0) |

	       ((tcr & TCR_EL2_TBI) ? TCR_TBI0 : 0) |

	       tcr_el2_ps_to_tcr_el1_ips(tcr) |

	       (tcr & TCR_EL2_TG0_MASK) |

arch/arm64/include/asm/sysreg.h

+1 −1
Original line number Diff line number Diff line
@@ -844,7 +844,7 @@ 
#define INIT_SCTLR_EL2_MMU_ON						\

	(SCTLR_ELx_M  | SCTLR_ELx_C | SCTLR_ELx_SA | SCTLR_ELx_I |	\

	 SCTLR_ELx_IESB | SCTLR_ELx_WXN | ENDIAN_SET_EL2 |		\

	 SCTLR_ELx_ITFSB | SCTLR_EL2_RES1)

	 SCTLR_ELx_ITFSB | SCTLR_ELx_EIS | SCTLR_ELx_EOS | SCTLR_EL2_RES1)



#define INIT_SCTLR_EL2_MMU_OFF \

	(SCTLR_EL2_RES1 | ENDIAN_SET_EL2)

arch/arm64/kvm/arm.c

+21 −0
Original line number Diff line number Diff line
@@ -4,6 +4,7 @@ 
 * Author: Christoffer Dall <c.dall@virtualopensystems.com>

 */



#include <linux/arm-smccc.h>

#include <linux/bug.h>

#include <linux/cpu_pm.h>

#include <linux/errno.h>
@@ -2638,6 +2639,22 @@ static int init_pkvm_host_sve_state(void) 
	return 0;

}



static int pkvm_check_sme_dvmsync_fw_call(void)

{

	struct arm_smccc_res res;



	if (!cpus_have_final_cap(ARM64_WORKAROUND_4193714))

		return 0;



	arm_smccc_1_1_smc(ARM_SMCCC_CPU_WORKAROUND_4193714, &res);

	if (res.a0) {

		kvm_err("pKVM requires firmware support for C1-Pro erratum 4193714\n");

		return -ENODEV;

	}



	return 0;

}



/*

 * Finalizes the initialization of hyp mode, once everything else is initialized

 * and the initialziation process cannot fail.
@@ -2838,6 +2855,10 @@ static int __init init_hyp_mode(void) 
		if (err)

			goto out_err;



		err = pkvm_check_sme_dvmsync_fw_call();

		if (err)

			goto out_err;



		err = kvm_hyp_init_protection(hyp_va_bits);

		if (err) {

			kvm_err("Failed to init hyp memory protection\n");