| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z6rjkk5JlMlqbl2j@debug.ba.rivosinc.com>
Date: Mon, 10 Feb 2025 21:43:46 -0800
From: Deepak Gupta <debug@...osinc.com>
To: Clément Léger <cleger@...osinc.com>
Cc: Paul Walmsley <paul.walmsley@...ive.com>,
Palmer Dabbelt <palmer@...belt.com>,
Anup Patel <anup@...infault.org>,
Atish Patra <atishp@...shpatra.org>, Shuah Khan <shuah@...nel.org>,
Jonathan Corbet <corbet@....net>, linux-riscv@...ts.infradead.org,
linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org,
kvm@...r.kernel.org, kvm-riscv@...ts.infradead.org,
linux-kselftest@...r.kernel.org,
Samuel Holland <samuel.holland@...ive.com>
Subject: Re: [PATCH v2 14/15] RISC-V: KVM: add support for FWFT SBI extension
On Mon, Feb 10, 2025 at 10:35:47PM +0100, Clément Léger wrote:
>Add basic infrastructure to support the FWFT extension in KVM.
>
>Signed-off-by: Clément Léger <cleger@...osinc.com>
>---
> arch/riscv/include/asm/kvm_host.h | 4 +
> arch/riscv/include/asm/kvm_vcpu_sbi.h | 1 +
> arch/riscv/include/asm/kvm_vcpu_sbi_fwft.h | 37 ++++
> arch/riscv/include/uapi/asm/kvm.h | 1 +
> arch/riscv/kvm/Makefile | 1 +
> arch/riscv/kvm/vcpu_sbi.c | 4 +
> arch/riscv/kvm/vcpu_sbi_fwft.c | 187 +++++++++++++++++++++
> 7 files changed, 235 insertions(+)
> create mode 100644 arch/riscv/include/asm/kvm_vcpu_sbi_fwft.h
> create mode 100644 arch/riscv/kvm/vcpu_sbi_fwft.c
>
>diff --git a/arch/riscv/include/asm/kvm_host.h b/arch/riscv/include/asm/kvm_host.h
>index bb93d2995ea2..c0db61ba691a 100644
>--- a/arch/riscv/include/asm/kvm_host.h
>+++ b/arch/riscv/include/asm/kvm_host.h
>@@ -19,6 +19,7 @@
> #include <asm/kvm_vcpu_fp.h>
> #include <asm/kvm_vcpu_insn.h>
> #include <asm/kvm_vcpu_sbi.h>
>+#include <asm/kvm_vcpu_sbi_fwft.h>
> #include <asm/kvm_vcpu_timer.h>
> #include <asm/kvm_vcpu_pmu.h>
>
>@@ -281,6 +282,9 @@ struct kvm_vcpu_arch {
> /* Performance monitoring context */
> struct kvm_pmu pmu_context;
>
>+ /* Firmware feature SBI extension context */
>+ struct kvm_sbi_fwft fwft_context;
>+
> /* 'static' configurations which are set only once */
> struct kvm_vcpu_config cfg;
>
>diff --git a/arch/riscv/include/asm/kvm_vcpu_sbi.h b/arch/riscv/include/asm/kvm_vcpu_sbi.h
>index cb68b3a57c8f..ffd03fed0c06 100644
>--- a/arch/riscv/include/asm/kvm_vcpu_sbi.h
>+++ b/arch/riscv/include/asm/kvm_vcpu_sbi.h
>@@ -98,6 +98,7 @@ extern const struct kvm_vcpu_sbi_extension vcpu_sbi_ext_hsm;
> extern const struct kvm_vcpu_sbi_extension vcpu_sbi_ext_dbcn;
> extern const struct kvm_vcpu_sbi_extension vcpu_sbi_ext_susp;
> extern const struct kvm_vcpu_sbi_extension vcpu_sbi_ext_sta;
>+extern const struct kvm_vcpu_sbi_extension vcpu_sbi_ext_fwft;
> extern const struct kvm_vcpu_sbi_extension vcpu_sbi_ext_experimental;
> extern const struct kvm_vcpu_sbi_extension vcpu_sbi_ext_vendor;
>
>diff --git a/arch/riscv/include/asm/kvm_vcpu_sbi_fwft.h b/arch/riscv/include/asm/kvm_vcpu_sbi_fwft.h
>new file mode 100644
>index 000000000000..5782517f6e08
>--- /dev/null
>+++ b/arch/riscv/include/asm/kvm_vcpu_sbi_fwft.h
>@@ -0,0 +1,37 @@
>+/* SPDX-License-Identifier: GPL-2.0-only */
>+/*
>+ * Copyright (c) 2025 Rivos Inc.
>+ *
>+ * Authors:
>+ * Clément Léger <cleger@...osinc.com>
>+ */
>+
>+#ifndef __KVM_VCPU_RISCV_FWFT_H
>+#define __KVM_VCPU_RISCV_FWFT_H
>+
>+#include <asm/sbi.h>
>+
>+struct kvm_sbi_fwft_config;
>+struct kvm_vcpu;
>+
>+struct kvm_sbi_fwft_feature {
>+ enum sbi_fwft_feature_t id;
>+ bool (*supported)(struct kvm_vcpu *vcpu);
>+ int (*set)(struct kvm_vcpu *vcpu, struct kvm_sbi_fwft_config *conf, unsigned long value);
>+ int (*get)(struct kvm_vcpu *vcpu, struct kvm_sbi_fwft_config *conf, unsigned long *value);
>+};
>+
>+struct kvm_sbi_fwft_config {
>+ const struct kvm_sbi_fwft_feature *feature;
>+ bool supported;
>+ unsigned long flags;
>+};
>+
>+/* FWFT data structure per vcpu */
>+struct kvm_sbi_fwft {
>+ struct kvm_sbi_fwft_config *configs;
>+};
>+
>+#define vcpu_to_fwft(vcpu) (&(vcpu)->arch.fwft_context)
>+
>+#endif /* !__KVM_VCPU_RISCV_FWFT_H */
>diff --git a/arch/riscv/include/uapi/asm/kvm.h b/arch/riscv/include/uapi/asm/kvm.h
>index f06bc5efcd79..fa6eee1caf41 100644
>--- a/arch/riscv/include/uapi/asm/kvm.h
>+++ b/arch/riscv/include/uapi/asm/kvm.h
>@@ -202,6 +202,7 @@ enum KVM_RISCV_SBI_EXT_ID {
> KVM_RISCV_SBI_EXT_DBCN,
> KVM_RISCV_SBI_EXT_STA,
> KVM_RISCV_SBI_EXT_SUSP,
>+ KVM_RISCV_SBI_EXT_FWFT,
> KVM_RISCV_SBI_EXT_MAX,
> };
>
>diff --git a/arch/riscv/kvm/Makefile b/arch/riscv/kvm/Makefile
>index 4e0bba91d284..06e2d52a9b88 100644
>--- a/arch/riscv/kvm/Makefile
>+++ b/arch/riscv/kvm/Makefile
>@@ -26,6 +26,7 @@ kvm-y += vcpu_onereg.o
> kvm-$(CONFIG_RISCV_PMU_SBI) += vcpu_pmu.o
> kvm-y += vcpu_sbi.o
> kvm-y += vcpu_sbi_base.o
>+kvm-y += vcpu_sbi_fwft.o
> kvm-y += vcpu_sbi_hsm.o
> kvm-$(CONFIG_RISCV_PMU_SBI) += vcpu_sbi_pmu.o
> kvm-y += vcpu_sbi_replace.o
>diff --git a/arch/riscv/kvm/vcpu_sbi.c b/arch/riscv/kvm/vcpu_sbi.c
>index f81f06f82650..3b37deaed4e7 100644
>--- a/arch/riscv/kvm/vcpu_sbi.c
>+++ b/arch/riscv/kvm/vcpu_sbi.c
>@@ -78,6 +78,10 @@ static const struct kvm_riscv_sbi_extension_entry sbi_ext[] = {
> .ext_idx = KVM_RISCV_SBI_EXT_STA,
> .ext_ptr = &vcpu_sbi_ext_sta,
> },
>+ {
>+ .ext_idx = KVM_RISCV_SBI_EXT_FWFT,
>+ .ext_ptr = &vcpu_sbi_ext_fwft,
>+ },
> {
> .ext_idx = KVM_RISCV_SBI_EXT_EXPERIMENTAL,
> .ext_ptr = &vcpu_sbi_ext_experimental,
>diff --git a/arch/riscv/kvm/vcpu_sbi_fwft.c b/arch/riscv/kvm/vcpu_sbi_fwft.c
>new file mode 100644
>index 000000000000..fe608bf16558
>--- /dev/null
>+++ b/arch/riscv/kvm/vcpu_sbi_fwft.c
>@@ -0,0 +1,187 @@
>+// SPDX-License-Identifier: GPL-2.0
>+/*
>+ * Copyright (c) 2025 Rivos Inc.
>+ *
>+ * Authors:
>+ * Clément Léger <cleger@...osinc.com>
>+ */
>+
>+#include <linux/errno.h>
>+#include <linux/err.h>
>+#include <linux/kvm_host.h>
>+#include <asm/cpufeature.h>
>+#include <asm/sbi.h>
>+#include <asm/kvm_vcpu_sbi.h>
>+#include <asm/kvm_vcpu_sbi_fwft.h>
>+
>+static const enum sbi_fwft_feature_t kvm_fwft_defined_features[] = {
>+ SBI_FWFT_MISALIGNED_EXC_DELEG,
>+ SBI_FWFT_LANDING_PAD,
>+ SBI_FWFT_SHADOW_STACK,
>+ SBI_FWFT_DOUBLE_TRAP,
>+ SBI_FWFT_PTE_AD_HW_UPDATING,
>+ SBI_FWFT_POINTER_MASKING_PMLEN,
>+};
>+
>+static bool kvm_fwft_is_defined_feature(enum sbi_fwft_feature_t feature)
>+{
>+ int i;
>+
>+ for (i = 0; i < ARRAY_SIZE(kvm_fwft_defined_features); i++) {
>+ if (kvm_fwft_defined_features[i] == feature)
>+ return true;
>+ }
>+
>+ return false;
>+}
>+
>+static const struct kvm_sbi_fwft_feature features[] = {
>+};
>+
>+static struct kvm_sbi_fwft_config *
>+kvm_sbi_fwft_get_config(struct kvm_vcpu *vcpu, enum sbi_fwft_feature_t feature)
>+{
>+ int i = 0;
>+ struct kvm_sbi_fwft *fwft = vcpu_to_fwft(vcpu);
>+
>+ for (i = 0; i < ARRAY_SIZE(features); i++) {
>+ if (fwft->configs[i].feature->id == feature)
>+ return &fwft->configs[i];
>+ }
>+
>+ return NULL;
>+}
>+
>+static int kvm_fwft_get_feature(struct kvm_vcpu *vcpu, unsigned long feature,
>+ struct kvm_sbi_fwft_config **conf)
>+{
>+ struct kvm_sbi_fwft_config *tconf;
>+
>+ /* Feature are defined as 32 bits identifiers */
>+ if (feature & ~(BIT_ULL(32) - 1))
>+ return SBI_ERR_INVALID_PARAM;
>+
>+ tconf = kvm_sbi_fwft_get_config(vcpu, feature);
>+ if (!tconf) {
>+ if (kvm_fwft_is_defined_feature(feature))
>+ return SBI_ERR_NOT_SUPPORTED;
>+
>+ return SBI_ERR_DENIED;
>+ }
>+
>+ if (!tconf->supported)
>+ return SBI_ERR_NOT_SUPPORTED;
>+
>+ *conf = tconf;
>+
>+ return SBI_SUCCESS;
>+}
>+
>+static int kvm_sbi_fwft_set(struct kvm_vcpu *vcpu, unsigned long feature,
>+ unsigned long value, unsigned long flags)
>+{
>+ int ret;
>+ struct kvm_sbi_fwft_config *conf;
>+
>+ ret = kvm_fwft_get_feature(vcpu, feature, &conf);
>+ if (ret)
>+ return ret;
>+
>+ if ((flags & ~SBI_FWFT_SET_FLAG_LOCK) != 0)
>+ return SBI_ERR_INVALID_PARAM;
>+
>+ if (conf->flags & SBI_FWFT_SET_FLAG_LOCK)
>+ return SBI_ERR_DENIED_LOCKED;
>+
>+ conf->flags = flags;
>+
>+ return conf->feature->set(vcpu, conf, value);
>+}
>+
>+static int kvm_sbi_fwft_get(struct kvm_vcpu *vcpu, unsigned long feature,
>+ unsigned long *value)
>+{
>+ int ret;
>+ struct kvm_sbi_fwft_config *conf;
>+
>+ ret = kvm_fwft_get_feature(vcpu, feature, &conf);
>+ if (ret)
>+ return ret;
>+
>+ return conf->feature->get(vcpu, conf, value);
>+}
>+
>+static int kvm_sbi_ext_fwft_handler(struct kvm_vcpu *vcpu, struct kvm_run *run,
>+ struct kvm_vcpu_sbi_return *retdata)
>+{
>+ int ret = 0;
>+ struct kvm_cpu_context *cp = &vcpu->arch.guest_context;
>+ unsigned long funcid = cp->a6;
>+
>+ switch (funcid) {
>+ case SBI_EXT_FWFT_SET:
>+ ret = kvm_sbi_fwft_set(vcpu, cp->a0, cp->a1, cp->a2);
>+ break;
>+ case SBI_EXT_FWFT_GET:
>+ ret = kvm_sbi_fwft_get(vcpu, cp->a0, &retdata->out_val);
>+ break;
>+ default:
>+ ret = SBI_ERR_NOT_SUPPORTED;
>+ break;
>+ }
>+
>+ retdata->err_val = ret;
>+
>+ return 0;
>+}
>+
>+static int kvm_sbi_ext_fwft_init(struct kvm_vcpu *vcpu)
>+{
>+ struct kvm_sbi_fwft *fwft = vcpu_to_fwft(vcpu);
>+ const struct kvm_sbi_fwft_feature *feature;
>+ struct kvm_sbi_fwft_config *conf;
>+ int i;
>+
>+ fwft->configs = kcalloc(ARRAY_SIZE(features), sizeof(struct kvm_sbi_fwft_config),
>+ GFP_KERNEL);
nit:
I understand that in next patch you grow the static array`features`. But in this patch
`ARRAY_SIZE(features)` evaluates to 0, thus kcalloc will be returning a pointer
to some slab block (IIRC, kcalloc will not return NULL if size eventually evals to 0)
This probably won't result in some bad stuff. But still there is a pointer in
fwft->configs which is pointing to some random stuff if `features` turns out to be
empty.
Let me know if I got that right or missing something.
>+ if (!fwft->configs)
>+ return -ENOMEM;
>+
>+ for (i = 0; i < ARRAY_SIZE(features); i++) {
>+ feature = &features[i];
>+ conf = &fwft->configs[i];
>+ if (feature->supported)
>+ conf->supported = feature->supported(vcpu);
>+ else
>+ conf->supported = true;
>+
>+ conf->feature = feature;
>+ }
>+
>+ return 0;
>+}
>+
>+static void kvm_sbi_ext_fwft_deinit(struct kvm_vcpu *vcpu)
>+{
>+ struct kvm_sbi_fwft *fwft = vcpu_to_fwft(vcpu);
>+
>+ kfree(fwft->configs);
>+}
>+
>+static void kvm_sbi_ext_fwft_reset(struct kvm_vcpu *vcpu)
>+{
>+ int i = 0;
>+ struct kvm_sbi_fwft *fwft = vcpu_to_fwft(vcpu);
>+
>+ for (i = 0; i < ARRAY_SIZE(features); i++)
>+ fwft->configs[i].flags = 0;
>+}
>+
>+const struct kvm_vcpu_sbi_extension vcpu_sbi_ext_fwft = {
>+ .extid_start = SBI_EXT_FWFT,
>+ .extid_end = SBI_EXT_FWFT,
>+ .handler = kvm_sbi_ext_fwft_handler,
>+ .init = kvm_sbi_ext_fwft_init,
>+ .deinit = kvm_sbi_ext_fwft_deinit,
>+ .reset = kvm_sbi_ext_fwft_reset,
>+};
>--
>2.47.2
>
>
Powered by blists - more mailing lists