lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20231222-kvm-arm64-sme-v2-0-da226cb180bb@kernel.org>
Date: Fri, 22 Dec 2023 16:21:08 +0000
From: Mark Brown <broonie@...nel.org>
To: Marc Zyngier <maz@...nel.org>, Oliver Upton <oliver.upton@...ux.dev>, 
 James Morse <james.morse@....com>, 
 Suzuki K Poulose <suzuki.poulose@....com>, 
 Catalin Marinas <catalin.marinas@....com>, Will Deacon <will@...nel.org>, 
 Paolo Bonzini <pbonzini@...hat.com>, Jonathan Corbet <corbet@....net>, 
 Shuah Khan <shuah@...nel.org>
Cc: linux-arm-kernel@...ts.infradead.org, kvmarm@...ts.linux.dev, 
 linux-kernel@...r.kernel.org, kvm@...r.kernel.org, 
 linux-doc@...r.kernel.org, linux-kselftest@...r.kernel.org, 
 Mark Brown <broonie@...nel.org>
Subject: [PATCH RFC v2 00/22] KVM: arm64: Implement support for SME in
 non-protected guests

This series implements support for SME use in non-protected KVM guests.
Much of this is very similar to SVE, the main additional challenge that
SME presents is that it introduces two new controls which change the
registers seen by guests:

 - PSTATE.ZA enables the ZA matrix register and, if SME2 is supported,
   the ZT0 LUT register.
 - PSTATE.SM enables streaming mode, a new floating point mode which
   uses the SVE register set with a separately configured vector length.
   In streaming mode implementation of the FFR register is optional.

It is also permitted to build systems which support SME without SVE, in
this case when not in streaming mode no SVE registers or instructions
are available.  Further, there is no requirement that there be any
overlap in the set of vector lengths supported by SVE and SME in a
system, this is expected to be a common situation in practical systems.

Since there is a new vector length to configure we introduce a new
feature parallel to the existing SVE one with a new pseudo register for
the streaming mode vector length.  Due to the overlap with SVE caused by
streaming mode rather than finalising SME as a separate feature we use
the existing SVE finalisation to also finalise SME, a new define
KVM_ARM_VCPU_VEC is provided to help make user code clearer.  Finalising
SVE and SME separately would introduce complication with register access
since finalising SVE makes the SVE regsiters writeable by userspace and
doing multiple finalisations results in an error being reported.
Dealing with a state where the SVE registers are writeable due to one of
SVE or SME being finalised but may have their VL changed by the other
being finalised seems like needless complexity with minimal practical
utility, it seems clearer to just express directly that only one
finalisation can be done in the ABI.

We represent the streaming mode registers to userspace by always using
the existing SVE registers to access the floating point state, using the
larger of the SME and (if enabled for the guest) SVE vector lengths.

There are a large number of subfeatures for SME, most of which only
offer additional instructions but some of which (SME2 and FA64) add
architectural state.  The expectation is that these will be configured
via the ID registers but since the mechanism for doing this is still
unclear the current code enables SME2 and FA64 for the guest if the host
supports them regardless of what the ID registers say.

Since we do not yet have support for SVE in protected guests and SME is
very reliant on SVE this series does not implement support for SME in
protected guests.  This will be added separately once SVE support is
merged into mainline (or along with merging that), there is code for
protected guests using SVE in the Android tree.

The new KVM_ARM_VCPU_VEC feature and ZA and ZT0 registers have not been
added to the get-reg-list selftest, the idea of supporting additional
features there without restructuring the program to generate all
possible feature combinations has been rejected.  I will post a separate
series which does that restructuring.

I am seeing some test failures currently which I've not got to the
bottom of, at this point I'm reasonably sure these are preexisting
issues in the kernel which are more apparent in a guest.

To: Marc Zyngier <maz@...nel.org>
To: Oliver Upton <oliver.upton@...ux.dev>
To: James Morse <james.morse@....com>
To: Suzuki K Poulose <suzuki.poulose@....com>
To: Catalin Marinas <catalin.marinas@....com>
To: Will Deacon <will@...nel.org>
Cc:  <linux-arm-kernel@...ts.infradead.org>
Cc:  <kvmarm@...ts.linux.dev>
Cc:  <linux-kernel@...r.kernel.org>
To: Paolo Bonzini <pbonzini@...hat.com>
To: Jonathan Corbet <corbet@....net>
Cc:  <kvm@...r.kernel.org>
Cc:  <linux-doc@...r.kernel.org>
To: Shuah Khan <shuah@...nel.org>
Cc:  <linux-kselftest@...r.kernel.org>
Signed-off-by: Mark Brown <broonie@...nel.org>

Changes in v2:
- Rebase onto v6.7-rc3.
- Configure subfeatures based on host system only.
- Complete nVHE support.
- There was some snafu with sending v1 out, it didn't make it to the
  lists but in case it hit people's inboxes I'm sending as v2.

---
Mark Brown (22):
      KVM: arm64: Document why we trap SVE access from the host
      arm64/fpsimd: Make SVE<->FPSIMD rewriting available to KVM
      KVM: arm64: Move SVE state access macros after feature test macros
      KVM: arm64: Store vector lengths in an array
      KVM: arm64: Document the KVM ABI for SME
      KVM: arm64: Make FFR restore optional in __sve_restore_state()
      KVM: arm64: Define guest flags for SME
      KVM: arm64: Rename SVE finalization constants to be more general
      KVM: arm64: Basic SME system register descriptions
      KVM: arm64: Add support for TPIDR2_EL0
      KVM: arm64: Make SMPRI_EL1 RES0 for SME guests
      KVM: arm64: Make SVCR a normal system register
      KVM: arm64: Context switch SME state for guest
      KVM: arm64: Manage and handle SME traps
      KVM: arm64: Implement SME vector length configuration
      KVM: arm64: Rename sve_state_reg_region
      KVM: arm64: Support userspace access to streaming mode SVE registers
      KVM: arm64: Expose ZA to userspace
      KVM: arm64: Provide userspace access to ZT0
      KVM: arm64: Support SME version configuration via ID registers
      KVM: arm64: Provide userspace ABI for enabling SME
      KVM: arm64: selftests: Add SME system registers to get-reg-list

 Documentation/virt/kvm/api.rst                     | 104 +++++---
 arch/arm64/include/asm/fpsimd.h                    |   5 +
 arch/arm64/include/asm/kvm_emulate.h               |  13 +-
 arch/arm64/include/asm/kvm_host.h                  |  99 +++++---
 arch/arm64/include/asm/kvm_hyp.h                   |   3 +-
 arch/arm64/include/uapi/asm/kvm.h                  |  33 +++
 arch/arm64/kernel/fpsimd.c                         |  51 +++-
 arch/arm64/kvm/arm.c                               |  16 +-
 arch/arm64/kvm/fpsimd.c                            | 266 ++++++++++++++++++---
 arch/arm64/kvm/guest.c                             | 230 +++++++++++++++---
 arch/arm64/kvm/handle_exit.c                       |  11 +
 arch/arm64/kvm/hyp/fpsimd.S                        |  11 +-
 arch/arm64/kvm/hyp/include/hyp/switch.h            |  86 ++++++-
 arch/arm64/kvm/hyp/include/hyp/sysreg-sr.h         |  16 ++
 arch/arm64/kvm/hyp/nvhe/hyp-main.c                 |  60 ++++-
 arch/arm64/kvm/hyp/nvhe/switch.c                   |  13 +-
 arch/arm64/kvm/hyp/vhe/switch.c                    |   3 +
 arch/arm64/kvm/reset.c                             | 150 +++++++++---
 arch/arm64/kvm/sys_regs.c                          |  67 +++++-
 include/uapi/linux/kvm.h                           |   1 +
 tools/testing/selftests/kvm/aarch64/get-reg-list.c |  32 ++-
 21 files changed, 1063 insertions(+), 207 deletions(-)
---
base-commit: 4ae6e89253b387476c2ba0202c3a80f2e1284e91
change-id: 20230301-kvm-arm64-sme-06a1246d3636

Best regards,
-- 
Mark Brown <broonie@...nel.org>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ