From: Jintack Lim <jintack....@linaro.org>

Exposing memory management support to the virtual EL2 as is exposed to
the host hypervisor would make the implementation too complex and
inefficient. Therefore expose limited memory management support for the
following two cases.

We expose same or larger page granules than the one host uses.  We can
theoretically support a guest hypervisor having smaller-than-host
granularities but it is not worth it since it makes the implementation
complicated and it would waste memory.

We expose 40 bits of physical address range to the virtual EL2, because
we only support a 40bit IPA for the guest. Eventually, this will change.

  [ This was only trapping on the 32-bit encoding, also using the
    current target register value as a base for the sanitisation.

    Use as the handler for the 64-bit sysreg as well, also load the
    sanitised version of the sysreg before clearing and setting bits.

    -- Andre Przywara ]

Signed-off-by: Jintack Lim <jintack....@linaro.org>
Signed-off-by: Andre Przywara <andre.przyw...@arm.com>
Signed-off-by: Marc Zyngier <marc.zyng...@arm.com>
---
 arch/arm64/kvm/sys_regs.c | 50 ++++++++++++++++++++++++++++++++++++++-
 1 file changed, 49 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index ec34b81da936..cc994ec3c121 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -1710,6 +1710,54 @@ static bool access_spsr_el2(struct kvm_vcpu *vcpu,
        return true;
 }
 
+static bool access_id_aa64mmfr0_el1(struct kvm_vcpu *v,
+                                   struct sys_reg_params *p,
+                                   const struct sys_reg_desc *r)
+{
+       u64 val;
+
+       if (p->is_write)
+               return write_to_read_only(v, p, r);
+
+       val = read_id_reg(v, r, false);
+
+       if (!nested_virt_in_use(v))
+               goto out;
+
+       /*
+        * Don't expose granules smaller than the host's granule to the guest.
+        * We can theoretically support a guest hypervisor having
+        * smaller-than-host granularities but it is not worth it since it
+        * makes the implementation complicated and it would waste memory.
+        */
+       switch (PAGE_SIZE) {
+       case SZ_64K:
+               /* 16KB granule not supported */
+               val &= ~(0xf << ID_AA64MMFR0_TGRAN16_SHIFT);
+               val |= (ID_AA64MMFR0_TGRAN16_NI << ID_AA64MMFR0_TGRAN16_SHIFT);
+               /* fall through */
+       case SZ_16K:
+               /* 4KB granule not supported */
+               val &= ~(0xf << ID_AA64MMFR0_TGRAN4_SHIFT);
+               val |= (ID_AA64MMFR0_TGRAN4_NI << ID_AA64MMFR0_TGRAN4_SHIFT);
+               break;
+       case SZ_4K:
+               /* All granule sizes are supported */
+               break;
+       default:
+               unreachable();
+       }
+
+       /* Expose only 40 bits physical address range to the guest hypervisor */
+       val &= ~(0xf << ID_AA64MMFR0_PARANGE_SHIFT);
+       val |= (0x2 << ID_AA64MMFR0_PARANGE_SHIFT); /* 40 bits */
+
+out:
+       p->regval = val;
+
+       return true;
+}
+
 static bool access_id_aa64pfr0_el1(struct kvm_vcpu *v,
                                   struct sys_reg_params *p,
                                   const struct sys_reg_desc *r)
@@ -1846,7 +1894,7 @@ static const struct sys_reg_desc sys_reg_descs[] = {
        ID_UNALLOCATED(6,7),
 
        /* CRm=7 */
-       ID_SANITISED(ID_AA64MMFR0_EL1),
+       ID_SANITISED_FN(ID_AA64MMFR0_EL1, access_id_aa64mmfr0_el1),
        ID_SANITISED(ID_AA64MMFR1_EL1),
        ID_SANITISED(ID_AA64MMFR2_EL1),
        ID_UNALLOCATED(7,3),
-- 
2.20.1

_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm

Reply via email to