lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <e4681fd8-d5d8-400d-be91-19a2f6bddcb2@arm.com>
Date: Tue, 23 Dec 2025 19:56:28 +0000
From: Suzuki K Poulose <suzuki.poulose@....com>
To: "Aneesh Kumar K.V" <aneesh.kumar@...nel.org>,
 linux-kernel@...r.kernel.org, iommu@...ts.linux.dev,
 linux-coco@...ts.linux.dev
Cc: Catalin Marinas <catalin.marinas@....com>, will@...nel.org,
 maz@...nel.org, tglx@...utronix.de, robin.murphy@....com,
 akpm@...ux-foundation.org, jgg@...pe.ca, steven.price@....com
Subject: Re: [PATCH v2 3/4] coco: host: arm64: Handle hostconf RHI calls in
 kernel

On 22/12/2025 14:37, Aneesh Kumar K.V wrote:
> Suzuki K Poulose <suzuki.poulose@....com> writes:
> 
>> On 21/12/2025 16:09, Aneesh Kumar K.V (Arm) wrote:
>>>    - Mark hostconf RHI SMC IDs as handled in the SMCCC filter.
>>>    - Return version/features plus PAGE_SIZE alignment for guest queries.
>>>    - Drop the 4K page-size guard in RMI init now that realm can query IPA
>>>      change alignment size via the hostconf RHI
>>>
>>> Signed-off-by: Aneesh Kumar K.V (Arm) <aneesh.kumar@...nel.org>
>>> ---
>>>    arch/arm64/kvm/hypercalls.c | 23 ++++++++++++++++++++++-
>>>    arch/arm64/kvm/rmi.c        |  4 ----
>>>    2 files changed, 22 insertions(+), 5 deletions(-)
>>>
>>> diff --git a/arch/arm64/kvm/hypercalls.c b/arch/arm64/kvm/hypercalls.c
>>> index 70ac7971416c..2861ca9063dd 100644
>>> --- a/arch/arm64/kvm/hypercalls.c
>>> +++ b/arch/arm64/kvm/hypercalls.c
>>> @@ -8,6 +8,7 @@
>>>    
>>>    #include <kvm/arm_hypercalls.h>
>>>    #include <kvm/arm_psci.h>
>>> +#include <asm/rhi.h>
>>>    
>>>    #define KVM_ARM_SMCCC_STD_FEATURES				\
>>>    	GENMASK(KVM_REG_ARM_STD_BMAP_BIT_COUNT - 1, 0)
>>> @@ -77,6 +78,9 @@ static bool kvm_smccc_default_allowed(u32 func_id)
>>>    	 */
>>>    	case ARM_SMCCC_VERSION_FUNC_ID:
>>>    	case ARM_SMCCC_ARCH_FEATURES_FUNC_ID:
>>> +	case RHI_HOSTCONF_VERSION:
>>> +	case RHI_HOSTCONF_FEATURES:
>>> +	case RHI_HOSTCONF_GET_IPA_CHANGE_ALIGNMENT:
>>>    		return true;
>>>    	default:
>>>    		/* PSCI 0.2 and up is in the 0:0x1f range */
>>> @@ -157,7 +161,15 @@ static int kvm_smccc_filter_insert_reserved(struct kvm *kvm)
>>>    			       GFP_KERNEL_ACCOUNT);
>>>    	if (r)
>>>    		goto out_destroy;
>>> -
>>> +	/*
>>> +	 * Don't forward RHI_HOST_CONF related RHI calls
>>> +	 */
>>> +	r = mtree_insert_range(&kvm->arch.smccc_filter,
>>> +			       RHI_HOSTCONF_VERSION, RHI_HOSTCONF_GET_IPA_CHANGE_ALIGNMENT,
>>> +			       xa_mk_value(KVM_SMCCC_FILTER_HANDLE),
>>> +			       GFP_KERNEL_ACCOUNT);
>>
>> minor nit: this is needed only for the Realms ?
>>
> 
> 
> That is the kvm forwarding of the RHI hostcalls to VMM. We are updating
> smccc filter that the SMCCC FID range [RHI_HOSTCONF_VERSION, RHI_HOSTCONF_GET_IPA_CHANGE_ALIGNMENT]
> will be handled by the kernel. This is needed because it is the kernel
> that is dropping the below check in kvm_init_rmi().

I don't see why that is related to kvm_init_rmi(). My point is,
for non-CCA VMs, RHI_HOST_* are not expected. And given this
filtering is per KVM, we could skip this step for !kvm_is_realm(kvm).



> 
>   	/* Only 4k page size on the host is supported */
> 	if (PAGE_SIZE != SZ_4K)
>   		return;
> 
> We want to make sure RHI support and dropping of the above check happens
> in the same patch and is part of the kernel.


Not necessarily, the guest won't run without the above changes. So, all 
your RHI host changes can go in and the final step can be the above
change.(similar to what we do for "enable a Kconfig" once we have put
in all the infrastructure for the feature).

Suzuki

> 
>>
>>> +	if (r)
>>> +		goto out_destroy;
>>>    	return 0;
>>>    out_destroy:
>>>    	mtree_destroy(&kvm->arch.smccc_filter);
>>> @@ -376,6 +388,15 @@ int kvm_smccc_call_handler(struct kvm_vcpu *vcpu)
>>>    	case ARM_SMCCC_TRNG_RND32:
>>>    	case ARM_SMCCC_TRNG_RND64:
>>>    		return kvm_trng_call(vcpu);
>>> +	case RHI_HOSTCONF_VERSION:
>>> +		val[0] = RHI_HOSTCONF_VER_1_0;
>>> +		break;
>>> +	case RHI_HOSTCONF_FEATURES:
>>> +		val[0] = __RHI_HOSTCONF_GET_IPA_CHANGE_ALIGNMENT;
>>> +		break;
>>> +	case RHI_HOSTCONF_GET_IPA_CHANGE_ALIGNMENT:
>>> +		val[0] = PAGE_SIZE;
>>> +		break;
>>>    	default:
>>>    		return kvm_psci_call(vcpu);
>>>    	}
>>> diff --git a/arch/arm64/kvm/rmi.c b/arch/arm64/kvm/rmi.c
>>> index 9957a71d21b1..bd345e051a24 100644
>>> --- a/arch/arm64/kvm/rmi.c
>>> +++ b/arch/arm64/kvm/rmi.c
>>> @@ -1935,10 +1935,6 @@ EXPORT_SYMBOL_GPL(kvm_has_da_feature);
>>>    
>>>    void kvm_init_rmi(void)
>>>    {
>>> -	/* Only 4k page size on the host is supported */
>>> -	if (PAGE_SIZE != SZ_4K)
>>> -		return;
>>
>> For the record, these patches doesn't necessarily solve the Host support
>> fully. The KVM still needs to support splitting pages for RMM's 4K.
>>
> 
> We already delegate RMM granules and setup stage 2 in rmm with
> RMM_PAGE_SIZE. ie, the shared patchset can be used to setup a 64K host

Do you mean the branch that you are basing these changes on ? I thought
we dropped most of those changes from the KVM support. Yes, there are
some left overs from the changes, but we can't run with 64K yet.

> with 4K Realm running on a RMM using 4K RMM granule size.
> 
>>
>> That said, this can be ignored as we rebase the KVM to only support
>> RMM v2.0, where the Host can set the RMM's Stage2 page size.
>>
>> Suzuki
>>
> 
> -aneesh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ