| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <86cy5erprc.wl-maz@kernel.org>
Date: Wed, 19 Nov 2025 15:44:23 +0000
From: Marc Zyngier <maz@...nel.org>
To: Vincent Donnefort <vdonnefort@...gle.com>
Cc: rostedt@...dmis.org,
mhiramat@...nel.org,
mathieu.desnoyers@...icios.com,
linux-trace-kernel@...r.kernel.org,
oliver.upton@...ux.dev,
joey.gouly@....com,
suzuki.poulose@....com,
yuzenghui@...wei.com,
kvmarm@...ts.linux.dev,
linux-arm-kernel@...ts.infradead.org,
jstultz@...gle.com,
qperret@...gle.com,
will@...nel.org,
aneesh.kumar@...nel.org,
kernel-team@...roid.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v8 20/28] KVM: arm64: Add clock support for the pKVM hyp
On Fri, 07 Nov 2025 09:38:32 +0000,
Vincent Donnefort <vdonnefort@...gle.com> wrote:
>
> By default, the arm64 host kernel is using the arch timer as a source
> for sched_clock. Conveniently, EL2 has access to that same counter,
> allowing to generate clock values that are synchronized.
>
> The clock needs nonetheless to be setup with the same slope values as
> the kernel. Introducing at the same time trace_clock() which is expected
> to be later configured by the hypervisor tracing.
>
> Signed-off-by: Vincent Donnefort <vdonnefort@...gle.com>
>
> diff --git a/arch/arm64/include/asm/kvm_hyp.h b/arch/arm64/include/asm/kvm_hyp.h
> index e6be1f5d0967..d46621d936e3 100644
> --- a/arch/arm64/include/asm/kvm_hyp.h
> +++ b/arch/arm64/include/asm/kvm_hyp.h
> @@ -146,5 +146,4 @@ extern u64 kvm_nvhe_sym(id_aa64smfr0_el1_sys_val);
> extern unsigned long kvm_nvhe_sym(__icache_flags);
> extern unsigned int kvm_nvhe_sym(kvm_arm_vmid_bits);
> extern unsigned int kvm_nvhe_sym(kvm_host_sve_max_vl);
> -
> #endif /* __ARM64_KVM_HYP_H__ */
> diff --git a/arch/arm64/kvm/hyp/include/nvhe/clock.h b/arch/arm64/kvm/hyp/include/nvhe/clock.h
> new file mode 100644
> index 000000000000..9e152521f345
> --- /dev/null
> +++ b/arch/arm64/kvm/hyp/include/nvhe/clock.h
> @@ -0,0 +1,16 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +#ifndef __ARM64_KVM_HYP_NVHE_CLOCK_H
> +#define __ARM64_KVM_HYP_NVHE_CLOCK_H
> +#include <linux/types.h>
> +
> +#include <asm/kvm_hyp.h>
> +
> +#ifdef CONFIG_PKVM_TRACING
> +void trace_clock_update(u32 mult, u32 shift, u64 epoch_ns, u64 epoch_cyc);
> +u64 trace_clock(void);
> +#else
> +static inline void
> +trace_clock_update(u32 mult, u32 shift, u64 epoch_ns, u64 epoch_cyc) { }
> +static inline u64 trace_clock(void) { return 0; }
> +#endif
> +#endif
> diff --git a/arch/arm64/kvm/hyp/nvhe/Makefile b/arch/arm64/kvm/hyp/nvhe/Makefile
> index a244ec25f8c5..f55a9a17d38f 100644
> --- a/arch/arm64/kvm/hyp/nvhe/Makefile
> +++ b/arch/arm64/kvm/hyp/nvhe/Makefile
> @@ -17,7 +17,7 @@ ccflags-y += -fno-stack-protector \
> hostprogs := gen-hyprel
> HOST_EXTRACFLAGS += -I$(objtree)/include
>
> -lib-objs := clear_page.o copy_page.o memcpy.o memset.o
> +lib-objs := clear_page.o copy_page.o memcpy.o memset.o tishift.o
> lib-objs := $(addprefix ../../../lib/, $(lib-objs))
>
> CFLAGS_switch.nvhe.o += -Wno-override-init
> @@ -29,6 +29,7 @@ hyp-obj-y += ../vgic-v3-sr.o ../aarch32.o ../vgic-v2-cpuif-proxy.o ../entry.o \
> ../fpsimd.o ../hyp-entry.o ../exception.o ../pgtable.o
> hyp-obj-y += ../../../kernel/smccc-call.o
> hyp-obj-$(CONFIG_LIST_HARDENED) += list_debug.o
> +hyp-obj-$(CONFIG_PKVM_TRACING) += clock.o
> hyp-obj-y += $(lib-objs)
>
> ##
> diff --git a/arch/arm64/kvm/hyp/nvhe/clock.c b/arch/arm64/kvm/hyp/nvhe/clock.c
> new file mode 100644
> index 000000000000..600a300bece7
> --- /dev/null
> +++ b/arch/arm64/kvm/hyp/nvhe/clock.c
> @@ -0,0 +1,65 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) 2025 Google LLC
> + * Author: Vincent Donnefort <vdonnefort@...gle.com>
> + */
> +
> +#include <nvhe/clock.h>
> +
> +#include <asm/arch_timer.h>
> +#include <asm/div64.h>
> +
> +static struct clock_data {
> + struct {
> + u32 mult;
> + u32 shift;
> + u64 epoch_ns;
> + u64 epoch_cyc;
> + u64 cyc_overflow64;
> + } data[2];
> + u64 cur;
> +} trace_clock_data;
> +
> +static u64 __clock_mult_uint128(u64 cyc, u32 mult, u32 shift)
> +{
> + __uint128_t ns = (__uint128_t)cyc * mult;
> +
> + ns >>= shift;
> +
> + return (u64)ns;
> +}
> +
> +/* Does not guarantee no reader on the modified bank. */
> +void trace_clock_update(u32 mult, u32 shift, u64 epoch_ns, u64 epoch_cyc)
> +{
> + struct clock_data *clock = &trace_clock_data;
> + u64 bank = clock->cur ^ 1;
> +
> + clock->data[bank].mult = mult;
> + clock->data[bank].shift = shift;
> + clock->data[bank].epoch_ns = epoch_ns;
> + clock->data[bank].epoch_cyc = epoch_cyc;
> + clock->data[bank].cyc_overflow64 = ULONG_MAX / mult;
> +
> + smp_store_release(&clock->cur, bank);
> +}
> +
> +/* Using host provided data. Do not use for anything else than debugging. */
> +u64 trace_clock(void)
> +{
> + struct clock_data *clock = &trace_clock_data;
> + u64 bank = smp_load_acquire(&clock->cur);
> + u64 cyc, ns;
> +
> + cyc = __arch_counter_get_cntpct() - clock->data[bank].epoch_cyc;
I can only imagine that you don't care about the broken systems that
do not have a monotonic counter, and that will happily have their
counter swing back and forth?
Also, you may want to document why you are using the physical counter
instead of the virtual one. I guess that you don't want CNTVOFF_EL2 to
apply when HCR_EL2.E2H==0, but given that you never allow anything
else for pKVM, this is slightly odd.
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
Powered by blists - more mailing lists