| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250930103130.197534-17-suzuki.poulose@arm.com>
Date: Tue, 30 Sep 2025 11:31:30 +0100
From: Suzuki K Poulose <suzuki.poulose@....com>
To: kvmarm@...ts.linux.dev
Cc: kvm@...r.kernel.org,
linux-kernel@...r.kernel.org,
will@...nel.org,
oliver.upton@...ux.dev,
maz@...nel.org,
alexandru.elisei@....com,
aneesh.kumar@...nel.org,
steven.price@....com,
tabba@...gle.com,
Suzuki K Poulose <suzuki.poulose@....com>
Subject: [PATCH kvmtool v4 15/15] arm64: smccc: Start sending PSCI to userspace
From: Oliver Upton <oliver.upton@...ux.dev>
kvmtool now has a PSCI implementation that complies with v1.0 of the
specification. Use the SMCCC filter to start sending these calls out to
userspace for further handling. While at it, shut the door on the
legacy, KVM-specific v0.1 functions.
Signed-off-by: Oliver Upton <oliver.upton@...ux.dev>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@....com>
---
arm64/include/kvm/kvm-config-arch.h | 8 +++++--
arm64/smccc.c | 37 +++++++++++++++++++++++++++++
2 files changed, 43 insertions(+), 2 deletions(-)
diff --git a/arm64/include/kvm/kvm-config-arch.h b/arm64/include/kvm/kvm-config-arch.h
index ee031f01..3158fadf 100644
--- a/arm64/include/kvm/kvm-config-arch.h
+++ b/arm64/include/kvm/kvm-config-arch.h
@@ -15,6 +15,7 @@ struct kvm_config_arch {
u64 fw_addr;
unsigned int sve_max_vq;
bool no_pvtime;
+ bool in_kernel_smccc;
};
int irqchip_parser(const struct option *opt, const char *arg, int unset);
@@ -52,11 +53,14 @@ int sve_vl_parser(const struct option *opt, const char *arg, int unset);
"Force virtio devices to use PCI as their default " \
"transport (Deprecated: Use --virtio-transport " \
"option instead)", virtio_transport_parser, kvm), \
- OPT_CALLBACK('\0', "irqchip", &(cfg)->irqchip, \
+ OPT_CALLBACK('\0', "irqchip", &(cfg)->irqchip, \
"[gicv2|gicv2m|gicv3|gicv3-its]", \
"Type of interrupt controller to emulate in the guest", \
irqchip_parser, NULL), \
OPT_U64('\0', "firmware-address", &(cfg)->fw_addr, \
- "Address where firmware should be loaded"),
+ "Address where firmware should be loaded"), \
+ OPT_BOOLEAN('\0', "in-kernel-smccc", &(cfg)->in_kernel_smccc, \
+ "Disable userspace handling of SMCCC, instead" \
+ " relying on the in-kernel implementation"),
#endif /* ARM_COMMON__KVM_CONFIG_ARCH_H */
diff --git a/arm64/smccc.c b/arm64/smccc.c
index ef986d8c..62d826be 100644
--- a/arm64/smccc.c
+++ b/arm64/smccc.c
@@ -38,7 +38,44 @@ out:
return true;
}
+static struct kvm_smccc_filter filter_ranges[] = {
+ {
+ .base = KVM_PSCI_FN_BASE,
+ .nr_functions = 4,
+ .action = KVM_SMCCC_FILTER_DENY,
+ },
+ {
+ .base = PSCI_0_2_FN_BASE,
+ .nr_functions = 0x20,
+ .action = KVM_SMCCC_FILTER_FWD_TO_USER,
+ },
+ {
+ .base = PSCI_0_2_FN64_BASE,
+ .nr_functions = 0x20,
+ .action = KVM_SMCCC_FILTER_FWD_TO_USER,
+ },
+};
+
void kvm__setup_smccc(struct kvm *kvm)
{
+ struct kvm_device_attr attr = {
+ .group = KVM_ARM_VM_SMCCC_CTRL,
+ .attr = KVM_ARM_VM_SMCCC_FILTER,
+ };
+ unsigned int i;
+ if (kvm->cfg.arch.in_kernel_smccc)
+ return;
+
+ if (ioctl(kvm->vm_fd, KVM_HAS_DEVICE_ATTR, &attr)) {
+ pr_debug("KVM SMCCC filter not supported");
+ return;
+ }
+
+ for (i = 0; i < ARRAY_SIZE(filter_ranges); i++) {
+ attr.addr = (u64)&filter_ranges[i];
+
+ if (ioctl(kvm->vm_fd, KVM_SET_DEVICE_ATTR, &attr))
+ die_perror("KVM_SET_DEVICE_ATTR failed");
+ }
}
--
2.43.0
Powered by blists - more mailing lists