lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3ad03f27-1f2b-a79f-130d-afb9e713fa70@arm.com>
Date:   Tue, 12 Sep 2023 18:01:43 +0100
From:   James Morse <james.morse@....com>
To:     Salil Mehta <salil.mehta@...wei.com>,
        "linux-pm@...r.kernel.org" <linux-pm@...r.kernel.org>,
        "loongarch@...ts.linux.dev" <loongarch@...ts.linux.dev>,
        "kvmarm@...ts.linux.dev" <kvmarm@...ts.linux.dev>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "linux-acpi@...r.kernel.org" <linux-acpi@...r.kernel.org>,
        "linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
        "linux-ia64@...r.kernel.org" <linux-ia64@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>,
        "x86@...nel.org" <x86@...nel.org>
Cc:     Marc Zyngier <maz@...nel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Lorenzo Pieralisi <lpieralisi@...nel.org>,
        Mark Rutland <mark.rutland@....com>,
        Sudeep Holla <sudeep.holla@....com>,
        Borislav Petkov <bp@...en8.de>, H Peter Anvin <hpa@...or.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Ingo Molnar <mingo@...hat.com>, Will Deacon <will@...nel.org>,
        Catalin Marinas <catalin.marinas@....com>,
        Huacai Chen <chenhuacai@...nel.org>,
        Suzuki K Poulose <suzuki.poulose@....com>,
        Oliver Upton <oliver.upton@...ux.dev>,
        Len Brown <lenb@...nel.org>,
        Rafael Wysocki <rafael@...nel.org>,
        WANG Xuerui <kernel@...0n.name>,
        Russell King <linux@...linux.org.uk>,
        Jean-Philippe Brucker <jean-philippe@...aro.org>
Subject: Re: [RFC PATCH 30/32] KVM: arm64: Pass PSCI calls to userspace

Hi Salil,

On 23/05/2023 10:32, Salil Mehta wrote:
>> From: James Morse <james.morse@....com>
>> Sent: Friday, February 3, 2023 1:51 PM
>> To: linux-pm@...r.kernel.org; loongarch@...ts.linux.dev;
>> kvmarm@...ts.linux.dev; kvm@...r.kernel.org; linux-acpi@...r.kernel.org;
>> linux-arch@...r.kernel.org; linux-ia64@...r.kernel.org; linux-
>> kernel@...r.kernel.org; linux-arm-kernel@...ts.infradead.org;
>> x86@...nel.org
> 
> [...]
> 
> 
>>
>> When the KVM_CAP_ARM_PSCI_TO_USER capability is available, userspace can
>> request to handle PSCI calls.
>>
>> This is required for virtual CPU hotplug to allow the VMM to enforce the
>> online/offline policy it has advertised via ACPI. By managing PSCI in
>> user-space, the VMM is able to return PSCI_DENIED when the guest attempts
>> to bring a disabled vCPU online.
>> Without this, the VMM is only able to not-run the vCPU, the kernel will
>> have already returned PSCI_SUCCESS to the guest. This results in
>> timeouts during boot as the OS must wait for the secondary vCPU.
>>
>> SMCCC probe requires PSCI v1.x. If userspace only implements PSCI v0.2,
>> the guest won't query SMCCC support through PSCI and won't use the
>> spectre workarounds. We could hijack PSCI_VERSION and pretend to support
>> v1.0 if userspace does not, then handle all v1.0 calls ourselves
>> (including guessing the PSCI feature set implemented by the guest), but
>> that seems unnecessary. After all the API already allows userspace to
>> force a version lower than v1.0 using the firmware pseudo-registers.
>>
>> The KVM_REG_ARM_PSCI_VERSION pseudo-register currently resets to either
>> v0.1 if userspace doesn't set KVM_ARM_VCPU_PSCI_0_2, or
>> KVM_ARM_PSCI_LATEST (1.0).

> I just saw the latest PSCI standard issue (Mar 2023 E Non-Confidential
> PSCI 1.2 issue E) and it contains the DENIED return value for the CPU_ON. 
> 
> Should we *explicitly* check for PSCI 1.2 support before allowing vCPU
> Hot plug support? For this we would need KVM changes.

The VMM should certainly check which version of PSCI it supports, to make sure it doesn't
return an error code that the spec says that version of PSCI doesn't use.

Moving the PSCI support to the VMM is a pre-requisite for supporting this mechanism,
otherwise KVM will allow the CPUs to come online immediately.


Thanks,

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ