Re: [PATCH 00/13] arm64: Virtualization Host Extension support
On Wed, Jul 08, 2015 at 05:19:03PM +0100, Marc Zyngier wrote:
> Marc Zyngier (13):
> arm/arm64: Add new is_kernel_in_hyp_mode predicate
> arm64: Allow the arch timer to use the HYP timer
> arm64: Add ARM64_HAS_VIRT_HOST_EXTN feature
> arm64: KVM: skip HYP setup when already running in HYP
> arm64: KVM: VHE: macroize VTCR_EL2 setup
> arm64: KVM: VHE: Patch out kern_hyp_va
> arm64: KVM: VHE: Patch out use of HVC
> arm64: KVM: VHE: Preserve VHE config in world switch
> arm64: KVM: VHE: Add alternatives for VHE-enabled world-switch
> arm64: Add support for running Linux in EL2 mode
> arm64: Panic when VHE and non VHE CPUs coexist
> arm64: KVM: Split sysreg save/restore
> arm64: KVM: VHE: Early interrupt handling
Do we need to do anything with the debug code? Do we have any
hardware breakpoints/watchpoints targeting kernel space (kgdb doesn't
seem to support this)?
If a breakpoint target is EL1, I don't think we trigger it when running
in the EL2/VHE mode, in which case we need a different
DBGBCR.{HMC,SSC,PMC} combination - {1,11,00}.
Another random untested patch below but we need to get Will to remember
the code he wrote (and the VHE implications):
diff --git a/arch/arm64/include/asm/hw_breakpoint.h
b/arch/arm64/include/asm/hw_breakpoint.h
index 52b484b6aa1a..197af39a5ffb 100644
--- a/arch/arm64/include/asm/hw_breakpoint.h
+++ b/arch/arm64/include/asm/hw_breakpoint.h
@@ -34,8 +34,12 @@ struct arch_hw_breakpoint {
static inline u32 encode_ctrl_reg(struct arch_hw_breakpoint_ctrl ctrl)
{
- return (ctrl.len << 5) | (ctrl.type << 3) | (ctrl.privilege << 1) |
+ u32 reg = (ctrl.len << 5) | (ctrl.type << 3) | (ctrl.privilege << 1) |
ctrl.enabled;
+ /* set HMC and SSC when debug target is EL2 */
+ if (ctrl.privilege == AARCH64_BREAKPOINT_EL2)
+ reg |= (3 << 14) | (1 << 13);
+ return reg
}
static inline void decode_ctrl_reg(u32 reg,
@@ -59,6 +63,7 @@ static inline void decode_ctrl_reg(u32 reg,
#define AARCH64_ESR_ACCESS_MASK(1 << 6)
/* Privilege Levels */
+#define AARCH64_BREAKPOINT_EL2 0
#define AARCH64_BREAKPOINT_EL1 1
#define AARCH64_BREAKPOINT_EL0 2
diff --git a/arch/arm64/kernel/hw_breakpoint.c
b/arch/arm64/kernel/hw_breakpoint.c
index 7a1a5da6c8c1..77866839d1e8 100644
--- a/arch/arm64/kernel/hw_breakpoint.c
+++ b/arch/arm64/kernel/hw_breakpoint.c
@@ -162,6 +162,7 @@ static enum debug_el debug_exception_level(int privilege)
case AARCH64_BREAKPOINT_EL0:
return DBG_ACTIVE_EL0;
case AARCH64_BREAKPOINT_EL1:
+ case AARCH64_BREAKPOINT_EL2:
return DBG_ACTIVE_EL1;
default:
pr_warning("invalid breakpoint privilege level %d\n",
privilege);
@@ -456,7 +457,8 @@ static int arch_build_bp_info(struct perf_event *bp)
* that would complicate the stepping code.
*/
if (arch_check_bp_in_kernelspace(bp))
- info->ctrl.privilege = AARCH64_BREAKPOINT_EL1;
+ info->ctrl.privilege = is_kernel_in_hyp_mode() ?
+ AARCH64_BREAKPOINT_EL2 : AARCH64_BREAKPOINT_EL1;
else
info->ctrl.privilege = AARCH64_BREAKPOINT_EL0;
@@ -526,7 +528,7 @@ int arch_validate_hwbkpt_settings(struct perf_event *bp)
* Disallow per-task kernel breakpoints since these would
* complicate the stepping code.
*/
- if (info->ctrl.privilege == AARCH64_BREAKPOINT_EL1 && bp->hw.target)
+ if (info->ctrl.privilege != AARCH64_BREAKPOINT_EL0 && bp->hw.target)
return -EINVAL;
return 0;
--
Catalin
___
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH 00/13] arm64: Virtualization Host Extension support
On 26-Aug-15 11:21, Jan Kiszka wrote: > On 2015-08-26 11:12, Antonios Motakis wrote: >> Hello Marc, >> >> On 08-Jul-15 18:19, Marc Zyngier wrote: >>> ARMv8.1 comes with the "Virtualization Host Extension" (VHE for >>> short), which enables simpler support of Type-2 hypervisors. >>> >>> This extension allows the kernel to directly run at EL2, and >>> significantly reduces the number of system registers shared between >>> host and guest, reducing the overhead of virtualization. >>> >>> In order to have the same kernel binary running on all versions of the >>> architecture, this series makes heavy use of runtime code patching. >>> >>> The first ten patches massage the KVM code to deal with VHE and enable >>> Linux to run at EL2. >> >> I am currently working on getting the Jailhouse hypervisor to work on >> AArch64. >> >> I've been looking at your patches, trying to figure out the implications for >> Jailhouse. It seems there are a few :) >> >> Jailhouse likes to be loaded by Linux into memory, and then to inject itself >> at a higher level than Linux (demoting Linux into being the "root cell"). >> This works on x86 and ARM (AArch32 and eventually AArch64 without VHE). What >> this means in ARM, is that Jailhouse hooks into the HVC stub exposed by >> Linux, and happily installs itself in EL2. >> >> With Linux running in EL2 though, that won't be as straightforward. It looks >> like we can't just demote Linux to EL1 without breaking something. Obviously >> it's OK for us that KVM won't work, but it looks like at least the timer >> code will break horribly if we try to do something like that. >> >> Any comments on this? One work around would be to just remap the incoming >> interrupt from the timer, so Linux never really realizes it's not running in >> EL2 anymore. Then we would also have to deal with the intricacies of >> removing and re-adding vCPUs to the Linux root cell, so we would have to >> maintain the illusion of running in EL2 for each one of them. > > Without knowing any of the details, I would say there are two strategies > regarding this: > > - Disable KVM support in the Linux kernel - then we shouldn't boot into > EL2 in the first place, should we? We would have to ask the user to patch the kernel, to ignore VHE and keep all the hyp stub magic that we rely on currently. It is an option of course. > > - Emulate what Linux is missing after take-over by Jailhouse (we do > this on x86 with VT-d interrupt remapping which cannot be disabled > anymore for Linux once it started with it, and we cannot boot without > it when we want to use the x2APIC). Essentially what I described above; let's call it nested virtualization without the virtualization parts? :) > > Jan > -- Antonios Motakis Virtualization Engineer Huawei Technologies Duesseldorf GmbH European Research Center Riesstrasse 25, 80992 München ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH 00/13] arm64: Virtualization Host Extension support
On 2015-08-26 11:12, Antonios Motakis wrote: > Hello Marc, > > On 08-Jul-15 18:19, Marc Zyngier wrote: >> ARMv8.1 comes with the "Virtualization Host Extension" (VHE for >> short), which enables simpler support of Type-2 hypervisors. >> >> This extension allows the kernel to directly run at EL2, and >> significantly reduces the number of system registers shared between >> host and guest, reducing the overhead of virtualization. >> >> In order to have the same kernel binary running on all versions of the >> architecture, this series makes heavy use of runtime code patching. >> >> The first ten patches massage the KVM code to deal with VHE and enable >> Linux to run at EL2. > > I am currently working on getting the Jailhouse hypervisor to work on AArch64. > > I've been looking at your patches, trying to figure out the implications for > Jailhouse. It seems there are a few :) > > Jailhouse likes to be loaded by Linux into memory, and then to inject itself > at a higher level than Linux (demoting Linux into being the "root cell"). > This works on x86 and ARM (AArch32 and eventually AArch64 without VHE). What > this means in ARM, is that Jailhouse hooks into the HVC stub exposed by > Linux, and happily installs itself in EL2. > > With Linux running in EL2 though, that won't be as straightforward. It looks > like we can't just demote Linux to EL1 without breaking something. Obviously > it's OK for us that KVM won't work, but it looks like at least the timer code > will break horribly if we try to do something like that. > > Any comments on this? One work around would be to just remap the incoming > interrupt from the timer, so Linux never really realizes it's not running in > EL2 anymore. Then we would also have to deal with the intricacies of removing > and re-adding vCPUs to the Linux root cell, so we would have to maintain the > illusion of running in EL2 for each one of them. Without knowing any of the details, I would say there are two strategies regarding this: - Disable KVM support in the Linux kernel - then we shouldn't boot into EL2 in the first place, should we? - Emulate what Linux is missing after take-over by Jailhouse (we do this on x86 with VT-d interrupt remapping which cannot be disabled anymore for Linux once it started with it, and we cannot boot without it when we want to use the x2APIC). Jan -- Siemens AG, Corporate Technology, CT RTC ITP SES-DE Corporate Competence Center Embedded Linux ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH 00/13] arm64: Virtualization Host Extension support
Hello Marc, On 08-Jul-15 18:19, Marc Zyngier wrote: > ARMv8.1 comes with the "Virtualization Host Extension" (VHE for > short), which enables simpler support of Type-2 hypervisors. > > This extension allows the kernel to directly run at EL2, and > significantly reduces the number of system registers shared between > host and guest, reducing the overhead of virtualization. > > In order to have the same kernel binary running on all versions of the > architecture, this series makes heavy use of runtime code patching. > > The first ten patches massage the KVM code to deal with VHE and enable > Linux to run at EL2. I am currently working on getting the Jailhouse hypervisor to work on AArch64. I've been looking at your patches, trying to figure out the implications for Jailhouse. It seems there are a few :) Jailhouse likes to be loaded by Linux into memory, and then to inject itself at a higher level than Linux (demoting Linux into being the "root cell"). This works on x86 and ARM (AArch32 and eventually AArch64 without VHE). What this means in ARM, is that Jailhouse hooks into the HVC stub exposed by Linux, and happily installs itself in EL2. With Linux running in EL2 though, that won't be as straightforward. It looks like we can't just demote Linux to EL1 without breaking something. Obviously it's OK for us that KVM won't work, but it looks like at least the timer code will break horribly if we try to do something like that. Any comments on this? One work around would be to just remap the incoming interrupt from the timer, so Linux never really realizes it's not running in EL2 anymore. Then we would also have to deal with the intricacies of removing and re-adding vCPUs to the Linux root cell, so we would have to maintain the illusion of running in EL2 for each one of them. Cheers, Antonios > > The next patch catches an ugly case when VHE capable CPUs are paired > with some of their less capable siblings. This should never happen, > but hey... > > The last two patches add an optimisation allowing a physical interrupt > to be serviced on the host without doing a full save/restore, leading > to potential reduction in interrupt latency. > > This has been tested on the FVP_Base_SLV-V8-A model, and based on > v4.2-rc1. I've put a branch out on: > > git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git > kvm-arm64/vhe > > Marc Zyngier (13): > arm/arm64: Add new is_kernel_in_hyp_mode predicate > arm64: Allow the arch timer to use the HYP timer > arm64: Add ARM64_HAS_VIRT_HOST_EXTN feature > arm64: KVM: skip HYP setup when already running in HYP > arm64: KVM: VHE: macroize VTCR_EL2 setup > arm64: KVM: VHE: Patch out kern_hyp_va > arm64: KVM: VHE: Patch out use of HVC > arm64: KVM: VHE: Preserve VHE config in world switch > arm64: KVM: VHE: Add alternatives for VHE-enabled world-switch > arm64: Add support for running Linux in EL2 mode > arm64: Panic when VHE and non VHE CPUs coexist > arm64: KVM: Split sysreg save/restore > arm64: KVM: VHE: Early interrupt handling > > arch/arm/include/asm/virt.h | 5 + > arch/arm/kvm/arm.c | 134 - > arch/arm/kvm/mmu.c | 6 + > arch/arm64/include/asm/cpufeature.h | 3 +- > arch/arm64/include/asm/kvm_arm.h | 1 + > arch/arm64/include/asm/kvm_asm.h | 40 +++- > arch/arm64/include/asm/kvm_emulate.h | 2 + > arch/arm64/include/asm/kvm_mmu.h | 24 ++- > arch/arm64/include/asm/virt.h| 25 +++ > arch/arm64/kernel/cpufeature.c | 11 ++ > arch/arm64/kernel/head.S | 38 +++- > arch/arm64/kernel/smp.c | 4 + > arch/arm64/kvm/hyp-init.S| 9 +- > arch/arm64/kvm/hyp.S | 363 > --- > arch/arm64/kvm/vgic-v2-switch.S | 19 +- > arch/arm64/kvm/vgic-v3-switch.S | 33 ++-- > arch/arm64/kvm/vhe-macros.h | 54 ++ > drivers/clocksource/arm_arch_timer.c | 96 + > 18 files changed, 638 insertions(+), 229 deletions(-) > create mode 100644 arch/arm64/kvm/vhe-macros.h > -- Antonios Motakis Virtualization Engineer Huawei Technologies Duesseldorf GmbH European Research Center Riesstrasse 25, 80992 München ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH 00/13] arm64: Virtualization Host Extension support
On 2015-08-26 11:28, Antonios Motakis wrote: > > > On 26-Aug-15 11:21, Jan Kiszka wrote: >> On 2015-08-26 11:12, Antonios Motakis wrote: >>> Hello Marc, >>> >>> On 08-Jul-15 18:19, Marc Zyngier wrote: ARMv8.1 comes with the "Virtualization Host Extension" (VHE for short), which enables simpler support of Type-2 hypervisors. This extension allows the kernel to directly run at EL2, and significantly reduces the number of system registers shared between host and guest, reducing the overhead of virtualization. In order to have the same kernel binary running on all versions of the architecture, this series makes heavy use of runtime code patching. The first ten patches massage the KVM code to deal with VHE and enable Linux to run at EL2. >>> >>> I am currently working on getting the Jailhouse hypervisor to work on >>> AArch64. >>> >>> I've been looking at your patches, trying to figure out the implications >>> for Jailhouse. It seems there are a few :) >>> >>> Jailhouse likes to be loaded by Linux into memory, and then to inject >>> itself at a higher level than Linux (demoting Linux into being the "root >>> cell"). This works on x86 and ARM (AArch32 and eventually AArch64 without >>> VHE). What this means in ARM, is that Jailhouse hooks into the HVC stub >>> exposed by Linux, and happily installs itself in EL2. >>> >>> With Linux running in EL2 though, that won't be as straightforward. It >>> looks like we can't just demote Linux to EL1 without breaking something. >>> Obviously it's OK for us that KVM won't work, but it looks like at least >>> the timer code will break horribly if we try to do something like that. >>> >>> Any comments on this? One work around would be to just remap the incoming >>> interrupt from the timer, so Linux never really realizes it's not running >>> in EL2 anymore. Then we would also have to deal with the intricacies of >>> removing and re-adding vCPUs to the Linux root cell, so we would have to >>> maintain the illusion of running in EL2 for each one of them. >> >> Without knowing any of the details, I would say there are two strategies >> regarding this: >> >> - Disable KVM support in the Linux kernel - then we shouldn't boot into >> EL2 in the first place, should we? > > We would have to ask the user to patch the kernel, to ignore VHE and keep all > the hyp stub magic that we rely on currently. It is an option of course. Patch or reconfigure? CONFIG_KVM isn't mandatory for arm64, is it? Jan > >> >> - Emulate what Linux is missing after take-over by Jailhouse (we do >> this on x86 with VT-d interrupt remapping which cannot be disabled >> anymore for Linux once it started with it, and we cannot boot without >> it when we want to use the x2APIC). > > Essentially what I described above; let's call it nested virtualization > without the virtualization parts? :) > >> >> Jan >> > -- Siemens AG, Corporate Technology, CT RTC ITP SES-DE Corporate Competence Center Embedded Linux ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH 00/13] arm64: Virtualization Host Extension support
On 26/08/15 10:21, Jan Kiszka wrote: > On 2015-08-26 11:12, Antonios Motakis wrote: >> Hello Marc, >> >> On 08-Jul-15 18:19, Marc Zyngier wrote: >>> ARMv8.1 comes with the "Virtualization Host Extension" (VHE for >>> short), which enables simpler support of Type-2 hypervisors. >>> >>> This extension allows the kernel to directly run at EL2, and >>> significantly reduces the number of system registers shared >>> between host and guest, reducing the overhead of virtualization. >>> >>> In order to have the same kernel binary running on all versions >>> of the architecture, this series makes heavy use of runtime code >>> patching. >>> >>> The first ten patches massage the KVM code to deal with VHE and >>> enable Linux to run at EL2. >> >> I am currently working on getting the Jailhouse hypervisor to work >> on AArch64. >> >> I've been looking at your patches, trying to figure out the >> implications for Jailhouse. It seems there are a few :) >> >> Jailhouse likes to be loaded by Linux into memory, and then to >> inject itself at a higher level than Linux (demoting Linux into >> being the "root cell"). This works on x86 and ARM (AArch32 and >> eventually AArch64 without VHE). What this means in ARM, is that >> Jailhouse hooks into the HVC stub exposed by Linux, and happily >> installs itself in EL2. >> >> With Linux running in EL2 though, that won't be as straightforward. >> It looks like we can't just demote Linux to EL1 without breaking >> something. Obviously it's OK for us that KVM won't work, but it >> looks like at least the timer code will break horribly if we try to >> do something like that. >> >> Any comments on this? One work around would be to just remap the >> incoming interrupt from the timer, so Linux never really realizes >> it's not running in EL2 anymore. Then we would also have to deal >> with the intricacies of removing and re-adding vCPUs to the Linux >> root cell, so we would have to maintain the illusion of running in >> EL2 for each one of them. Unfortunately, there is more to downgrading to EL1 than just interrupts. You need to migrate the whole VM context from EL2 to EL1 in an atomic fashion, clear the HCR_EL2.E2H and HCR_EL2.TGE bits while running at EL2 (which is a bit like pulling the rug from under your own feet so you need to transition via a low mapping or an idmap), reinstall the EL2 stub and do an exception return into EL1. And that's only for the CPU. Downgrading to EL1 has other fun consequences at the system level (SMMUs listening to TLB traffic would need to be reconfigured on the flight - it's a joke, don't even think of it). > > Without knowing any of the details, I would say there are two > strategies regarding this: > > - Disable KVM support in the Linux kernel - then we shouldn't boot > into EL2 in the first place, should we? Disabling KVM support won't drop the kernel to EL1. At least that's not what the current code does (we stay at EL2 if we detect VHE), and that's way too early to be able to parse a command line option. > - Emulate what Linux is missing after take-over by Jailhouse (we do > this on x86 with VT-d interrupt remapping which cannot be disabled > anymore for Linux once it started with it, and we cannot boot > without it when we want to use the x2APIC). I can't really see what you want to emulate (I'm afraid I'm lacking the x86-specific background). As far as I can see, the only practical solution to this is to have a VHE config option, and Jailhouse that can be set to conflict it (depends on !VHE). Thanks, M. -- Jazz is not dead. It just smells funny... ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH 00/13] arm64: Virtualization Host Extension support
On 26-Aug-15 11:59, Marc Zyngier wrote: > On 26/08/15 10:21, Jan Kiszka wrote: >> On 2015-08-26 11:12, Antonios Motakis wrote: >>> Hello Marc, >>> >>> On 08-Jul-15 18:19, Marc Zyngier wrote: ARMv8.1 comes with the "Virtualization Host Extension" (VHE for short), which enables simpler support of Type-2 hypervisors. This extension allows the kernel to directly run at EL2, and significantly reduces the number of system registers shared between host and guest, reducing the overhead of virtualization. In order to have the same kernel binary running on all versions of the architecture, this series makes heavy use of runtime code patching. The first ten patches massage the KVM code to deal with VHE and enable Linux to run at EL2. >>> >>> I am currently working on getting the Jailhouse hypervisor to work >>> on AArch64. >>> >>> I've been looking at your patches, trying to figure out the >>> implications for Jailhouse. It seems there are a few :) >>> >>> Jailhouse likes to be loaded by Linux into memory, and then to >>> inject itself at a higher level than Linux (demoting Linux into >>> being the "root cell"). This works on x86 and ARM (AArch32 and >>> eventually AArch64 without VHE). What this means in ARM, is that >>> Jailhouse hooks into the HVC stub exposed by Linux, and happily >>> installs itself in EL2. >>> >>> With Linux running in EL2 though, that won't be as straightforward. >>> It looks like we can't just demote Linux to EL1 without breaking >>> something. Obviously it's OK for us that KVM won't work, but it >>> looks like at least the timer code will break horribly if we try to >>> do something like that. >>> >>> Any comments on this? One work around would be to just remap the >>> incoming interrupt from the timer, so Linux never really realizes >>> it's not running in EL2 anymore. Then we would also have to deal >>> with the intricacies of removing and re-adding vCPUs to the Linux >>> root cell, so we would have to maintain the illusion of running in >>> EL2 for each one of them. > > Unfortunately, there is more to downgrading to EL1 than just interrupts. > You need to migrate the whole VM context from EL2 to EL1 in an atomic > fashion, clear the HCR_EL2.E2H and HCR_EL2.TGE bits while running at EL2 > (which is a bit like pulling the rug from under your own feet so you > need to transition via a low mapping or an idmap), reinstall the EL2 > stub and do an exception return into EL1. When enabling Jailhouse, we already do most of that. We already use identity mapping, since we need to switch on the MMU for EL2, switch the exception level, etc. Jailhouse entry looks a lot like initializing a new kernel; we just save the state of what was running before it and restore it as the "root cell". So I think we could handle the cpu context switch, with changes only in the Jailhouse entry code. But then of course, Linux would be expecting to be in EL2, while it is running in EL1, so we would have to emulate the differences in behavior. But... > > And that's only for the CPU. Downgrading to EL1 has other fun > consequences at the system level (SMMUs listening to TLB traffic would > need to be reconfigured on the flight - it's a joke, don't even think of > it). ...but then there's that. Hm... even if the kernel is running in EL2, it will still be configuring stage 1 on the SMMU, no? I wonder if this could still be handled somehow... The root cell would be restored with identity mapping, too... Just thinking out loud :) > >> >> Without knowing any of the details, I would say there are two >> strategies regarding this: >> >> - Disable KVM support in the Linux kernel - then we shouldn't boot >> into EL2 in the first place, should we? > > Disabling KVM support won't drop the kernel to EL1. At least that's not > what the current code does (we stay at EL2 if we detect VHE), and that's > way too early to be able to parse a command line option. > >> - Emulate what Linux is missing after take-over by Jailhouse (we do >> this on x86 with VT-d interrupt remapping which cannot be disabled >> anymore for Linux once it started with it, and we cannot boot >> without it when we want to use the x2APIC). > > I can't really see what you want to emulate (I'm afraid I'm lacking the > x86-specific background). > > As far as I can see, the only practical solution to this is to have a > VHE config option, and Jailhouse that can be set to conflict it (depends > on !VHE). Having a toggle to turn VHE off at build time would definitely be the easy way out. Then we can just tell the user that we only support kernels built without it (the Jailhouse driver is out of tree atm). I don't have access to a VHE model though. Are you considering to add a config option for VHE in the next version of your patches? In any case thanks for your thoughts, -- Antonios Motakis Virtualization Engineer Huawei Technologies Duesseldorf GmbH European Research Center R
Re: [PATCH 00/13] arm64: Virtualization Host Extension support
On Wed, 26 Aug 2015 13:16:52 +0200 Antonios Motakis wrote: > On 26-Aug-15 11:59, Marc Zyngier wrote: [...] > > Unfortunately, there is more to downgrading to EL1 than just interrupts. > > You need to migrate the whole VM context from EL2 to EL1 in an atomic > > fashion, clear the HCR_EL2.E2H and HCR_EL2.TGE bits while running at EL2 > > (which is a bit like pulling the rug from under your own feet so you > > need to transition via a low mapping or an idmap), reinstall the EL2 > > stub and do an exception return into EL1. > > When enabling Jailhouse, we already do most of that. We already use > identity mapping, since we need to switch on the MMU for EL2, switch > the exception level, etc. Jailhouse entry looks a lot like > initializing a new kernel; we just save the state of what was running > before it and restore it as the "root cell". > > So I think we could handle the cpu context switch, with changes only > in the Jailhouse entry code. But then of course, Linux would be > expecting to be in EL2, while it is running in EL1, so we would have > to emulate the differences in behavior. But... There would be (almost) no difference in behaviour - VHE is designed for the kernel to be unchanged, and the only difference is the timer interrupt as you noticed. What is really tricky is to perform the downgrade, because you're completely changing the way the code is executed *while running it*. This is not just about changing the memory map, but also changing the effect of most system registers. > > > > > And that's only for the CPU. Downgrading to EL1 has other fun > > consequences at the system level (SMMUs listening to TLB traffic > > would need to be reconfigured on the flight - it's a joke, don't > > even think of it). > > ...but then there's that. > > Hm... even if the kernel is running in EL2, it will still be > configuring stage 1 on the SMMU, no? I wonder if this could still be > handled somehow... The root cell would be restored with identity > mapping, too... Just thinking out loud :) Stage-1 and EL2 are two vastly unrelated concept. The main issue is that it is likely that your SMMU knows about VHE as well (it listens to EL2-VHE DVM messages), and need to be reconfigured as well. Good luck with that. [...] > > As far as I can see, the only practical solution to this is to have > > a VHE config option, and Jailhouse that can be set to conflict it > > (depends on !VHE). > > Having a toggle to turn VHE off at build time would definitely be the > easy way out. Then we can just tell the user that we only support > kernels built without it (the Jailhouse driver is out of tree atm). > > I don't have access to a VHE model though. Are you considering to add > a config option for VHE in the next version of your patches? Yes, that's the plan. Thanks, M. -- Jazz is not dead. It just smells funny. ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
