From patchwork Fri Dec 20 15:05:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Rutland X-Patchwork-Id: 182301 Delivered-To: patch@linaro.org Received: by 2002:a92:1f98:0:0:0:0:0 with SMTP id f24csp647351ilf; Fri, 20 Dec 2019 07:05:59 -0800 (PST) X-Google-Smtp-Source: APXvYqy6IDAAr3EYLMvZ7EeMT7tY7kzZddgfZ1WxUlgo9wf0xQYPY7tfKOfPToHB48v8qFkWbTT4 X-Received: by 2002:a54:4716:: with SMTP id k22mr3794772oik.36.1576854359814; Fri, 20 Dec 2019 07:05:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1576854359; cv=none; d=google.com; s=arc-20160816; b=No7w/3quqjiaG+huha0FfymeyZXiB206E22Gpwll8PFl4xKWusqzUNCSWjFSC0rSEW FCuC/4ffmK9lb/rENDiu274qLyTW9BjlRmQdp6BXzzR8XzML1Usdaom1op/0BiTHeolV 47gujvq++ElWro6uandftKNeh45F7BhDIt0PKUbvuTfVYynVvsYcqIJToogfNFdhuk6U +9o6ie9uIQXu0uPhiPxGNTB4ngdiJYmvWKIoxxTUQnPK0PhcKM5FmkTk5RPij/MghX4P 2xHuaUX7cuarUvtSt3+JzA0+NqmfHGEr8wUJ602EXMCPXmwMW3WjlcznAQL4MeJAAbCN Fsdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from; bh=/Nt6s9ETl3U8aoPPyXfot2BFzXlzUR8/IsFp27NUZF4=; b=JcEEug4KMS8F8CQg9mgRnwkJG60i6AIvQHkAm+h2IR0d8+6ub0MNNEDUNzFYsz+6Ao m0tmZLMUFhGo9JGF8GZb3LWLlhYolpB49qcLO2y2/M/uA6/8EJHwM3Ttpl7wQT2wpTmh K0LErho/5uOfrnYu6gRVBL2+hdwcgEMtLvHK8eEeldA54rG3+SKK3b8Q5nWR9mva0hSt K74sNYuji8/ivqWjxgEXRKz5UZOUFeWvIhLW+p+hgQHUEHHoiVpswRw5orOOpGcNu81m BXvXwSXTm1C4TIt7geAVoaTAhj7X/DMbWS7kRnVAqDQmQXpPc5h2GFx5ar7ifi131o6Y hP8w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c2si2779188oig.255.2019.12.20.07.05.59; Fri, 20 Dec 2019 07:05:59 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727359AbfLTPF6 (ORCPT + 14 others); Fri, 20 Dec 2019 10:05:58 -0500 Received: from foss.arm.com ([217.140.110.172]:52194 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727233AbfLTPF6 (ORCPT ); Fri, 20 Dec 2019 10:05:58 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D609C31B; Fri, 20 Dec 2019 07:05:57 -0800 (PST) Received: from lakrids.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 4E1D83F6CF; Fri, 20 Dec 2019 07:05:56 -0800 (PST) From: Mark Rutland To: kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org, maz@kernel.org Cc: Mark Rutland , Alexandru Elisei , Drew Jones , James Morse , Julien Thierry , Peter Maydell , Suzuki K Poulose , Will Deacon , stable@vger.kernel.org Subject: [PATCH 1/3] KVM: arm64: correct PSTATE on exception entry Date: Fri, 20 Dec 2019 15:05:47 +0000 Message-Id: <20191220150549.31948-2-mark.rutland@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20191220150549.31948-1-mark.rutland@arm.com> References: <20191220150549.31948-1-mark.rutland@arm.com> Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org When KVM injects an exception into a guest, it generates the PSTATE value from scratch, configuring PSTATE.{M[4:0],DAIF}, and setting all other bits to zero. This isn't correct, as the architecture specifies that some PSTATE bits are (conditionally) cleared or set upon an exception, and others are unchanged from the original context. This patch adds logic to match the architectural behaviour. To make this simple to follow/audit/extend, documentation references are provided, and bits are configured in order of their layout in SPSR_EL2. This layout can be seen in the diagram on ARM DDI 0487E.a page C5-429. Signed-off-by: Mark Rutland Cc: Alexandru Elisei Cc: Drew Jones Cc: James Morse Cc: Julien Thierry Cc: Marc Zyngier Cc: Peter Maydell Cc: Suzuki K Poulose Cc: Will Deacon Cc: stable@vger.kernel.org --- arch/arm64/include/uapi/asm/ptrace.h | 1 + arch/arm64/kvm/inject_fault.c | 69 +++++++++++++++++++++++++++++++++--- 2 files changed, 65 insertions(+), 5 deletions(-) -- 2.11.0 diff --git a/arch/arm64/include/uapi/asm/ptrace.h b/arch/arm64/include/uapi/asm/ptrace.h index 7ed9294e2004..d1bb5b69f1ce 100644 --- a/arch/arm64/include/uapi/asm/ptrace.h +++ b/arch/arm64/include/uapi/asm/ptrace.h @@ -49,6 +49,7 @@ #define PSR_SSBS_BIT 0x00001000 #define PSR_PAN_BIT 0x00400000 #define PSR_UAO_BIT 0x00800000 +#define PSR_DIT_BIT 0x01000000 #define PSR_V_BIT 0x10000000 #define PSR_C_BIT 0x20000000 #define PSR_Z_BIT 0x40000000 diff --git a/arch/arm64/kvm/inject_fault.c b/arch/arm64/kvm/inject_fault.c index a9d25a305af5..270d91c05246 100644 --- a/arch/arm64/kvm/inject_fault.c +++ b/arch/arm64/kvm/inject_fault.c @@ -14,9 +14,6 @@ #include #include -#define PSTATE_FAULT_BITS_64 (PSR_MODE_EL1h | PSR_A_BIT | PSR_F_BIT | \ - PSR_I_BIT | PSR_D_BIT) - #define CURRENT_EL_SP_EL0_VECTOR 0x0 #define CURRENT_EL_SP_ELx_VECTOR 0x200 #define LOWER_EL_AArch64_VECTOR 0x400 @@ -50,6 +47,68 @@ static u64 get_except_vector(struct kvm_vcpu *vcpu, enum exception_type type) return vcpu_read_sys_reg(vcpu, VBAR_EL1) + exc_offset + type; } +/* + * When an exception is taken, most PSTATE fields are left unchanged in the + * handler. However, some are explicitly overridden (e.g. M[4:0]). Luckily all + * of the inherited bits have the same position in the AArch64/AArch32 SPSR_ELx + * layouts, so we don't need to shuffle these for exceptions from AArch32 EL0. + * + * For the SPSR_ELx layout for AArch64, see ARM DDI 0487E.a page C5-429. + * For the SPSR_ELx layout for AArch32, see ARM DDI 0487E.a page C5-426. + * + * Here we manipulate the fields in order of the AArch64 SPSR_ELx layout, from + * MSB to LSB. + */ +static unsigned long get_except64_pstate(struct kvm_vcpu *vcpu) +{ + unsigned long sctlr = vcpu_read_sys_reg(vcpu, SCTLR_EL1); + unsigned long old, new; + + old = *vcpu_cpsr(vcpu); + new = 0; + + new |= (old & PSR_N_BIT); + new |= (old & PSR_Z_BIT); + new |= (old & PSR_C_BIT); + new |= (old & PSR_V_BIT); + + // TODO: TCO (if/when ARMv8.5-MemTag is exposed to guests) + + new |= (old & PSR_DIT_BIT); + + // PSTATE.UAO is set to zero upon any exception to AArch64 + // See ARM DDI 0487E.a, page D5-2579. + + // PSTATE.PAN is unchanged unless overridden by SCTLR_ELx.SPAN + // See ARM DDI 0487E.a, page D5-2578. + new |= (old & PSR_PAN_BIT); + if (sctlr & SCTLR_EL1_SPAN) + new |= PSR_PAN_BIT; + + // PSTATE.SS is set to zero upon any exception to AArch64 + // See ARM DDI 0487E.a, page D2-2452. + + // PSTATE.IL is set to zero upon any exception to AArch64 + // See ARM DDI 0487E.a, page D1-2306. + + // PSTATE.SSBS is set to SCTLR_ELx.DSSBS upon any exception to AArch64 + // See ARM DDI 0487E.a, page D13-3258 + if (sctlr & SCTLR_ELx_DSSBS) + new |= PSR_SSBS_BIT; + + // PSTATE.BTYPE is set to zero upon any exception to AArch64 + // See ARM DDI 0487E.a, pages D1-2293 to D1-2294. + + new |= PSR_D_BIT; + new |= PSR_A_BIT; + new |= PSR_I_BIT; + new |= PSR_F_BIT; + + new |= PSR_MODE_EL1h; + + return new; +} + static void inject_abt64(struct kvm_vcpu *vcpu, bool is_iabt, unsigned long addr) { unsigned long cpsr = *vcpu_cpsr(vcpu); @@ -59,7 +118,7 @@ static void inject_abt64(struct kvm_vcpu *vcpu, bool is_iabt, unsigned long addr vcpu_write_elr_el1(vcpu, *vcpu_pc(vcpu)); *vcpu_pc(vcpu) = get_except_vector(vcpu, except_type_sync); - *vcpu_cpsr(vcpu) = PSTATE_FAULT_BITS_64; + *vcpu_cpsr(vcpu) = get_except64_pstate(vcpu); vcpu_write_spsr(vcpu, cpsr); vcpu_write_sys_reg(vcpu, addr, FAR_EL1); @@ -94,7 +153,7 @@ static void inject_undef64(struct kvm_vcpu *vcpu) vcpu_write_elr_el1(vcpu, *vcpu_pc(vcpu)); *vcpu_pc(vcpu) = get_except_vector(vcpu, except_type_sync); - *vcpu_cpsr(vcpu) = PSTATE_FAULT_BITS_64; + *vcpu_cpsr(vcpu) = get_except64_pstate(vcpu); vcpu_write_spsr(vcpu, cpsr); /*