hypercalls.c 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679
  1. // SPDX-License-Identifier: GPL-2.0
  2. // Copyright (C) 2019 Arm Ltd.
  3. #include <linux/arm-smccc.h>
  4. #include <linux/kvm_host.h>
  5. #include <asm/kvm_emulate.h>
  6. #include <kvm/arm_hypercalls.h>
  7. #include <kvm/arm_psci.h>
  8. #define KVM_ARM_SMCCC_STD_FEATURES \
  9. GENMASK(KVM_REG_ARM_STD_BMAP_BIT_COUNT - 1, 0)
  10. #define KVM_ARM_SMCCC_STD_HYP_FEATURES \
  11. GENMASK(KVM_REG_ARM_STD_HYP_BMAP_BIT_COUNT - 1, 0)
  12. #define KVM_ARM_SMCCC_VENDOR_HYP_FEATURES \
  13. GENMASK(KVM_REG_ARM_VENDOR_HYP_BMAP_BIT_COUNT - 1, 0)
  14. #define KVM_ARM_SMCCC_VENDOR_HYP_FEATURES_2 \
  15. GENMASK(KVM_REG_ARM_VENDOR_HYP_BMAP_2_BIT_COUNT - 1, 0)
  16. static void kvm_ptp_get_time(struct kvm_vcpu *vcpu, u64 *val)
  17. {
  18. struct system_time_snapshot systime_snapshot;
  19. u64 cycles = ~0UL;
  20. u32 feature;
  21. /*
  22. * system time and counter value must captured at the same
  23. * time to keep consistency and precision.
  24. */
  25. ktime_get_snapshot(&systime_snapshot);
  26. /*
  27. * This is only valid if the current clocksource is the
  28. * architected counter, as this is the only one the guest
  29. * can see.
  30. */
  31. if (systime_snapshot.cs_id != CSID_ARM_ARCH_COUNTER)
  32. return;
  33. /*
  34. * The guest selects one of the two reference counters
  35. * (virtual or physical) with the first argument of the SMCCC
  36. * call. In case the identifier is not supported, error out.
  37. */
  38. feature = smccc_get_arg1(vcpu);
  39. switch (feature) {
  40. case KVM_PTP_VIRT_COUNTER:
  41. cycles = systime_snapshot.cycles - vcpu->kvm->arch.timer_data.voffset;
  42. break;
  43. case KVM_PTP_PHYS_COUNTER:
  44. cycles = systime_snapshot.cycles - vcpu->kvm->arch.timer_data.poffset;
  45. break;
  46. default:
  47. return;
  48. }
  49. /*
  50. * This relies on the top bit of val[0] never being set for
  51. * valid values of system time, because that is *really* far
  52. * in the future (about 292 years from 1970, and at that stage
  53. * nobody will give a damn about it).
  54. */
  55. val[0] = upper_32_bits(systime_snapshot.real);
  56. val[1] = lower_32_bits(systime_snapshot.real);
  57. val[2] = upper_32_bits(cycles);
  58. val[3] = lower_32_bits(cycles);
  59. }
  60. static bool kvm_smccc_default_allowed(u32 func_id)
  61. {
  62. switch (func_id) {
  63. /*
  64. * List of function-ids that are not gated with the bitmapped
  65. * feature firmware registers, and are to be allowed for
  66. * servicing the call by default.
  67. */
  68. case ARM_SMCCC_VERSION_FUNC_ID:
  69. case ARM_SMCCC_ARCH_FEATURES_FUNC_ID:
  70. return true;
  71. default:
  72. /* PSCI 0.2 and up is in the 0:0x1f range */
  73. if (ARM_SMCCC_OWNER_NUM(func_id) == ARM_SMCCC_OWNER_STANDARD &&
  74. ARM_SMCCC_FUNC_NUM(func_id) <= 0x1f)
  75. return true;
  76. /*
  77. * KVM's PSCI 0.1 doesn't comply with SMCCC, and has
  78. * its own function-id base and range
  79. */
  80. if (func_id >= KVM_PSCI_FN(0) && func_id <= KVM_PSCI_FN(3))
  81. return true;
  82. return false;
  83. }
  84. }
  85. static bool kvm_smccc_test_fw_bmap(struct kvm_vcpu *vcpu, u32 func_id)
  86. {
  87. struct kvm_smccc_features *smccc_feat = &vcpu->kvm->arch.smccc_feat;
  88. switch (func_id) {
  89. case ARM_SMCCC_TRNG_VERSION:
  90. case ARM_SMCCC_TRNG_FEATURES:
  91. case ARM_SMCCC_TRNG_GET_UUID:
  92. case ARM_SMCCC_TRNG_RND32:
  93. case ARM_SMCCC_TRNG_RND64:
  94. return test_bit(KVM_REG_ARM_STD_BIT_TRNG_V1_0,
  95. &smccc_feat->std_bmap);
  96. case ARM_SMCCC_HV_PV_TIME_FEATURES:
  97. case ARM_SMCCC_HV_PV_TIME_ST:
  98. return test_bit(KVM_REG_ARM_STD_HYP_BIT_PV_TIME,
  99. &smccc_feat->std_hyp_bmap);
  100. case ARM_SMCCC_VENDOR_HYP_KVM_FEATURES_FUNC_ID:
  101. case ARM_SMCCC_VENDOR_HYP_CALL_UID_FUNC_ID:
  102. return test_bit(KVM_REG_ARM_VENDOR_HYP_BIT_FUNC_FEAT,
  103. &smccc_feat->vendor_hyp_bmap);
  104. case ARM_SMCCC_VENDOR_HYP_KVM_PTP_FUNC_ID:
  105. return test_bit(KVM_REG_ARM_VENDOR_HYP_BIT_PTP,
  106. &smccc_feat->vendor_hyp_bmap);
  107. default:
  108. return false;
  109. }
  110. }
  111. #define SMC32_ARCH_RANGE_BEGIN ARM_SMCCC_VERSION_FUNC_ID
  112. #define SMC32_ARCH_RANGE_END ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \
  113. ARM_SMCCC_SMC_32, \
  114. 0, ARM_SMCCC_FUNC_MASK)
  115. #define SMC64_ARCH_RANGE_BEGIN ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \
  116. ARM_SMCCC_SMC_64, \
  117. 0, 0)
  118. #define SMC64_ARCH_RANGE_END ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, \
  119. ARM_SMCCC_SMC_64, \
  120. 0, ARM_SMCCC_FUNC_MASK)
  121. static int kvm_smccc_filter_insert_reserved(struct kvm *kvm)
  122. {
  123. int r;
  124. /*
  125. * Prevent userspace from handling any SMCCC calls in the architecture
  126. * range, avoiding the risk of misrepresenting Spectre mitigation status
  127. * to the guest.
  128. */
  129. r = mtree_insert_range(&kvm->arch.smccc_filter,
  130. SMC32_ARCH_RANGE_BEGIN, SMC32_ARCH_RANGE_END,
  131. xa_mk_value(KVM_SMCCC_FILTER_HANDLE),
  132. GFP_KERNEL_ACCOUNT);
  133. if (r)
  134. goto out_destroy;
  135. r = mtree_insert_range(&kvm->arch.smccc_filter,
  136. SMC64_ARCH_RANGE_BEGIN, SMC64_ARCH_RANGE_END,
  137. xa_mk_value(KVM_SMCCC_FILTER_HANDLE),
  138. GFP_KERNEL_ACCOUNT);
  139. if (r)
  140. goto out_destroy;
  141. return 0;
  142. out_destroy:
  143. mtree_destroy(&kvm->arch.smccc_filter);
  144. return r;
  145. }
  146. static bool kvm_smccc_filter_configured(struct kvm *kvm)
  147. {
  148. return !mtree_empty(&kvm->arch.smccc_filter);
  149. }
  150. static int kvm_smccc_set_filter(struct kvm *kvm, struct kvm_smccc_filter __user *uaddr)
  151. {
  152. const void *zero_page = page_to_virt(ZERO_PAGE(0));
  153. struct kvm_smccc_filter filter;
  154. u32 start, end;
  155. int r;
  156. if (copy_from_user(&filter, uaddr, sizeof(filter)))
  157. return -EFAULT;
  158. if (memcmp(filter.pad, zero_page, sizeof(filter.pad)))
  159. return -EINVAL;
  160. start = filter.base;
  161. end = start + filter.nr_functions - 1;
  162. if (end < start || filter.action >= NR_SMCCC_FILTER_ACTIONS)
  163. return -EINVAL;
  164. mutex_lock(&kvm->arch.config_lock);
  165. if (kvm_vm_has_ran_once(kvm)) {
  166. r = -EBUSY;
  167. goto out_unlock;
  168. }
  169. if (!kvm_smccc_filter_configured(kvm)) {
  170. r = kvm_smccc_filter_insert_reserved(kvm);
  171. if (WARN_ON_ONCE(r))
  172. goto out_unlock;
  173. }
  174. r = mtree_insert_range(&kvm->arch.smccc_filter, start, end,
  175. xa_mk_value(filter.action), GFP_KERNEL_ACCOUNT);
  176. out_unlock:
  177. mutex_unlock(&kvm->arch.config_lock);
  178. return r;
  179. }
  180. static u8 kvm_smccc_filter_get_action(struct kvm *kvm, u32 func_id)
  181. {
  182. unsigned long idx = func_id;
  183. void *val;
  184. if (!kvm_smccc_filter_configured(kvm))
  185. return KVM_SMCCC_FILTER_HANDLE;
  186. /*
  187. * But where's the error handling, you say?
  188. *
  189. * mt_find() returns NULL if no entry was found, which just so happens
  190. * to match KVM_SMCCC_FILTER_HANDLE.
  191. */
  192. val = mt_find(&kvm->arch.smccc_filter, &idx, idx);
  193. return xa_to_value(val);
  194. }
  195. static u8 kvm_smccc_get_action(struct kvm_vcpu *vcpu, u32 func_id)
  196. {
  197. /*
  198. * Intervening actions in the SMCCC filter take precedence over the
  199. * pseudo-firmware register bitmaps.
  200. */
  201. u8 action = kvm_smccc_filter_get_action(vcpu->kvm, func_id);
  202. if (action != KVM_SMCCC_FILTER_HANDLE)
  203. return action;
  204. if (kvm_smccc_test_fw_bmap(vcpu, func_id) ||
  205. kvm_smccc_default_allowed(func_id))
  206. return KVM_SMCCC_FILTER_HANDLE;
  207. return KVM_SMCCC_FILTER_DENY;
  208. }
  209. static void kvm_prepare_hypercall_exit(struct kvm_vcpu *vcpu, u32 func_id)
  210. {
  211. u8 ec = ESR_ELx_EC(kvm_vcpu_get_esr(vcpu));
  212. struct kvm_run *run = vcpu->run;
  213. u64 flags = 0;
  214. if (ec == ESR_ELx_EC_SMC32 || ec == ESR_ELx_EC_SMC64)
  215. flags |= KVM_HYPERCALL_EXIT_SMC;
  216. if (!kvm_vcpu_trap_il_is32bit(vcpu))
  217. flags |= KVM_HYPERCALL_EXIT_16BIT;
  218. run->exit_reason = KVM_EXIT_HYPERCALL;
  219. run->hypercall = (typeof(run->hypercall)) {
  220. .nr = func_id,
  221. .flags = flags,
  222. };
  223. }
  224. int kvm_smccc_call_handler(struct kvm_vcpu *vcpu)
  225. {
  226. struct kvm_smccc_features *smccc_feat = &vcpu->kvm->arch.smccc_feat;
  227. u32 func_id = smccc_get_function(vcpu);
  228. u64 val[4] = {SMCCC_RET_NOT_SUPPORTED};
  229. u32 feature;
  230. u8 action;
  231. gpa_t gpa;
  232. uuid_t uuid;
  233. action = kvm_smccc_get_action(vcpu, func_id);
  234. switch (action) {
  235. case KVM_SMCCC_FILTER_HANDLE:
  236. break;
  237. case KVM_SMCCC_FILTER_DENY:
  238. goto out;
  239. case KVM_SMCCC_FILTER_FWD_TO_USER:
  240. kvm_prepare_hypercall_exit(vcpu, func_id);
  241. return 0;
  242. default:
  243. WARN_RATELIMIT(1, "Unhandled SMCCC filter action: %d\n", action);
  244. goto out;
  245. }
  246. switch (func_id) {
  247. case ARM_SMCCC_VERSION_FUNC_ID:
  248. val[0] = ARM_SMCCC_VERSION_1_1;
  249. break;
  250. case ARM_SMCCC_ARCH_FEATURES_FUNC_ID:
  251. feature = smccc_get_arg1(vcpu);
  252. switch (feature) {
  253. case ARM_SMCCC_ARCH_WORKAROUND_1:
  254. switch (arm64_get_spectre_v2_state()) {
  255. case SPECTRE_VULNERABLE:
  256. break;
  257. case SPECTRE_MITIGATED:
  258. val[0] = SMCCC_RET_SUCCESS;
  259. break;
  260. case SPECTRE_UNAFFECTED:
  261. val[0] = SMCCC_ARCH_WORKAROUND_RET_UNAFFECTED;
  262. break;
  263. }
  264. break;
  265. case ARM_SMCCC_ARCH_WORKAROUND_2:
  266. switch (arm64_get_spectre_v4_state()) {
  267. case SPECTRE_VULNERABLE:
  268. break;
  269. case SPECTRE_MITIGATED:
  270. /*
  271. * SSBS everywhere: Indicate no firmware
  272. * support, as the SSBS support will be
  273. * indicated to the guest and the default is
  274. * safe.
  275. *
  276. * Otherwise, expose a permanent mitigation
  277. * to the guest, and hide SSBS so that the
  278. * guest stays protected.
  279. */
  280. if (kvm_has_feat(vcpu->kvm, ID_AA64PFR1_EL1, SSBS, IMP))
  281. break;
  282. fallthrough;
  283. case SPECTRE_UNAFFECTED:
  284. val[0] = SMCCC_RET_NOT_REQUIRED;
  285. break;
  286. }
  287. break;
  288. case ARM_SMCCC_ARCH_WORKAROUND_3:
  289. switch (arm64_get_spectre_bhb_state()) {
  290. case SPECTRE_VULNERABLE:
  291. break;
  292. case SPECTRE_MITIGATED:
  293. val[0] = SMCCC_RET_SUCCESS;
  294. break;
  295. case SPECTRE_UNAFFECTED:
  296. val[0] = SMCCC_ARCH_WORKAROUND_RET_UNAFFECTED;
  297. break;
  298. }
  299. break;
  300. case ARM_SMCCC_HV_PV_TIME_FEATURES:
  301. if (test_bit(KVM_REG_ARM_STD_HYP_BIT_PV_TIME,
  302. &smccc_feat->std_hyp_bmap))
  303. val[0] = SMCCC_RET_SUCCESS;
  304. break;
  305. }
  306. break;
  307. case ARM_SMCCC_HV_PV_TIME_FEATURES:
  308. val[0] = kvm_hypercall_pv_features(vcpu);
  309. break;
  310. case ARM_SMCCC_HV_PV_TIME_ST:
  311. gpa = kvm_init_stolen_time(vcpu);
  312. if (gpa != INVALID_GPA)
  313. val[0] = gpa;
  314. break;
  315. case ARM_SMCCC_VENDOR_HYP_CALL_UID_FUNC_ID:
  316. uuid = ARM_SMCCC_VENDOR_HYP_UID_KVM;
  317. val[0] = smccc_uuid_to_reg(&uuid, 0);
  318. val[1] = smccc_uuid_to_reg(&uuid, 1);
  319. val[2] = smccc_uuid_to_reg(&uuid, 2);
  320. val[3] = smccc_uuid_to_reg(&uuid, 3);
  321. break;
  322. case ARM_SMCCC_VENDOR_HYP_KVM_FEATURES_FUNC_ID:
  323. val[0] = smccc_feat->vendor_hyp_bmap;
  324. /* Function numbers 2-63 are reserved for pKVM for now */
  325. val[2] = smccc_feat->vendor_hyp_bmap_2;
  326. break;
  327. case ARM_SMCCC_VENDOR_HYP_KVM_PTP_FUNC_ID:
  328. kvm_ptp_get_time(vcpu, val);
  329. break;
  330. case ARM_SMCCC_TRNG_VERSION:
  331. case ARM_SMCCC_TRNG_FEATURES:
  332. case ARM_SMCCC_TRNG_GET_UUID:
  333. case ARM_SMCCC_TRNG_RND32:
  334. case ARM_SMCCC_TRNG_RND64:
  335. return kvm_trng_call(vcpu);
  336. default:
  337. return kvm_psci_call(vcpu);
  338. }
  339. out:
  340. smccc_set_retval(vcpu, val[0], val[1], val[2], val[3]);
  341. return 1;
  342. }
  343. static const u64 kvm_arm_fw_reg_ids[] = {
  344. KVM_REG_ARM_PSCI_VERSION,
  345. KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1,
  346. KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2,
  347. KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_3,
  348. KVM_REG_ARM_STD_BMAP,
  349. KVM_REG_ARM_STD_HYP_BMAP,
  350. KVM_REG_ARM_VENDOR_HYP_BMAP,
  351. KVM_REG_ARM_VENDOR_HYP_BMAP_2,
  352. };
  353. void kvm_arm_init_hypercalls(struct kvm *kvm)
  354. {
  355. struct kvm_smccc_features *smccc_feat = &kvm->arch.smccc_feat;
  356. smccc_feat->std_bmap = KVM_ARM_SMCCC_STD_FEATURES;
  357. smccc_feat->std_hyp_bmap = KVM_ARM_SMCCC_STD_HYP_FEATURES;
  358. smccc_feat->vendor_hyp_bmap = KVM_ARM_SMCCC_VENDOR_HYP_FEATURES;
  359. mt_init(&kvm->arch.smccc_filter);
  360. }
  361. void kvm_arm_teardown_hypercalls(struct kvm *kvm)
  362. {
  363. mtree_destroy(&kvm->arch.smccc_filter);
  364. }
  365. int kvm_arm_get_fw_num_regs(struct kvm_vcpu *vcpu)
  366. {
  367. return ARRAY_SIZE(kvm_arm_fw_reg_ids);
  368. }
  369. int kvm_arm_copy_fw_reg_indices(struct kvm_vcpu *vcpu, u64 __user *uindices)
  370. {
  371. int i;
  372. for (i = 0; i < ARRAY_SIZE(kvm_arm_fw_reg_ids); i++) {
  373. if (put_user(kvm_arm_fw_reg_ids[i], uindices++))
  374. return -EFAULT;
  375. }
  376. return 0;
  377. }
  378. #define KVM_REG_FEATURE_LEVEL_MASK GENMASK(3, 0)
  379. /*
  380. * Convert the workaround level into an easy-to-compare number, where higher
  381. * values mean better protection.
  382. */
  383. static int get_kernel_wa_level(struct kvm_vcpu *vcpu, u64 regid)
  384. {
  385. switch (regid) {
  386. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1:
  387. switch (arm64_get_spectre_v2_state()) {
  388. case SPECTRE_VULNERABLE:
  389. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_NOT_AVAIL;
  390. case SPECTRE_MITIGATED:
  391. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_AVAIL;
  392. case SPECTRE_UNAFFECTED:
  393. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_NOT_REQUIRED;
  394. }
  395. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_NOT_AVAIL;
  396. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2:
  397. switch (arm64_get_spectre_v4_state()) {
  398. case SPECTRE_MITIGATED:
  399. /*
  400. * As for the hypercall discovery, we pretend we
  401. * don't have any FW mitigation if SSBS is there at
  402. * all times.
  403. */
  404. if (kvm_has_feat(vcpu->kvm, ID_AA64PFR1_EL1, SSBS, IMP))
  405. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_AVAIL;
  406. fallthrough;
  407. case SPECTRE_UNAFFECTED:
  408. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_REQUIRED;
  409. case SPECTRE_VULNERABLE:
  410. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_AVAIL;
  411. }
  412. break;
  413. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_3:
  414. switch (arm64_get_spectre_bhb_state()) {
  415. case SPECTRE_VULNERABLE:
  416. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_3_NOT_AVAIL;
  417. case SPECTRE_MITIGATED:
  418. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_3_AVAIL;
  419. case SPECTRE_UNAFFECTED:
  420. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_3_NOT_REQUIRED;
  421. }
  422. return KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_3_NOT_AVAIL;
  423. }
  424. return -EINVAL;
  425. }
  426. int kvm_arm_get_fw_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)
  427. {
  428. struct kvm_smccc_features *smccc_feat = &vcpu->kvm->arch.smccc_feat;
  429. void __user *uaddr = (void __user *)(long)reg->addr;
  430. u64 val;
  431. switch (reg->id) {
  432. case KVM_REG_ARM_PSCI_VERSION:
  433. val = kvm_psci_version(vcpu);
  434. break;
  435. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1:
  436. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2:
  437. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_3:
  438. val = get_kernel_wa_level(vcpu, reg->id) & KVM_REG_FEATURE_LEVEL_MASK;
  439. break;
  440. case KVM_REG_ARM_STD_BMAP:
  441. val = READ_ONCE(smccc_feat->std_bmap);
  442. break;
  443. case KVM_REG_ARM_STD_HYP_BMAP:
  444. val = READ_ONCE(smccc_feat->std_hyp_bmap);
  445. break;
  446. case KVM_REG_ARM_VENDOR_HYP_BMAP:
  447. val = READ_ONCE(smccc_feat->vendor_hyp_bmap);
  448. break;
  449. case KVM_REG_ARM_VENDOR_HYP_BMAP_2:
  450. val = READ_ONCE(smccc_feat->vendor_hyp_bmap_2);
  451. break;
  452. default:
  453. return -ENOENT;
  454. }
  455. if (copy_to_user(uaddr, &val, KVM_REG_SIZE(reg->id)))
  456. return -EFAULT;
  457. return 0;
  458. }
  459. static int kvm_arm_set_fw_reg_bmap(struct kvm_vcpu *vcpu, u64 reg_id, u64 val)
  460. {
  461. int ret = 0;
  462. struct kvm *kvm = vcpu->kvm;
  463. struct kvm_smccc_features *smccc_feat = &kvm->arch.smccc_feat;
  464. unsigned long *fw_reg_bmap, fw_reg_features;
  465. switch (reg_id) {
  466. case KVM_REG_ARM_STD_BMAP:
  467. fw_reg_bmap = &smccc_feat->std_bmap;
  468. fw_reg_features = KVM_ARM_SMCCC_STD_FEATURES;
  469. break;
  470. case KVM_REG_ARM_STD_HYP_BMAP:
  471. fw_reg_bmap = &smccc_feat->std_hyp_bmap;
  472. fw_reg_features = KVM_ARM_SMCCC_STD_HYP_FEATURES;
  473. break;
  474. case KVM_REG_ARM_VENDOR_HYP_BMAP:
  475. fw_reg_bmap = &smccc_feat->vendor_hyp_bmap;
  476. fw_reg_features = KVM_ARM_SMCCC_VENDOR_HYP_FEATURES;
  477. break;
  478. case KVM_REG_ARM_VENDOR_HYP_BMAP_2:
  479. fw_reg_bmap = &smccc_feat->vendor_hyp_bmap_2;
  480. fw_reg_features = KVM_ARM_SMCCC_VENDOR_HYP_FEATURES_2;
  481. break;
  482. default:
  483. return -ENOENT;
  484. }
  485. /* Check for unsupported bit */
  486. if (val & ~fw_reg_features)
  487. return -EINVAL;
  488. mutex_lock(&kvm->arch.config_lock);
  489. if (kvm_vm_has_ran_once(kvm) && val != *fw_reg_bmap) {
  490. ret = -EBUSY;
  491. goto out;
  492. }
  493. WRITE_ONCE(*fw_reg_bmap, val);
  494. out:
  495. mutex_unlock(&kvm->arch.config_lock);
  496. return ret;
  497. }
  498. int kvm_arm_set_fw_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)
  499. {
  500. void __user *uaddr = (void __user *)(long)reg->addr;
  501. u64 val;
  502. int wa_level;
  503. if (KVM_REG_SIZE(reg->id) != sizeof(val))
  504. return -ENOENT;
  505. if (copy_from_user(&val, uaddr, KVM_REG_SIZE(reg->id)))
  506. return -EFAULT;
  507. switch (reg->id) {
  508. case KVM_REG_ARM_PSCI_VERSION:
  509. {
  510. bool wants_02;
  511. wants_02 = vcpu_has_feature(vcpu, KVM_ARM_VCPU_PSCI_0_2);
  512. switch (val) {
  513. case KVM_ARM_PSCI_0_1:
  514. if (wants_02)
  515. return -EINVAL;
  516. vcpu->kvm->arch.psci_version = val;
  517. return 0;
  518. case KVM_ARM_PSCI_0_2:
  519. case KVM_ARM_PSCI_1_0:
  520. case KVM_ARM_PSCI_1_1:
  521. case KVM_ARM_PSCI_1_2:
  522. case KVM_ARM_PSCI_1_3:
  523. if (!wants_02)
  524. return -EINVAL;
  525. vcpu->kvm->arch.psci_version = val;
  526. return 0;
  527. }
  528. break;
  529. }
  530. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1:
  531. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_3:
  532. if (val & ~KVM_REG_FEATURE_LEVEL_MASK)
  533. return -EINVAL;
  534. if (get_kernel_wa_level(vcpu, reg->id) < val)
  535. return -EINVAL;
  536. return 0;
  537. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2:
  538. if (val & ~(KVM_REG_FEATURE_LEVEL_MASK |
  539. KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_ENABLED))
  540. return -EINVAL;
  541. /* The enabled bit must not be set unless the level is AVAIL. */
  542. if ((val & KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_ENABLED) &&
  543. (val & KVM_REG_FEATURE_LEVEL_MASK) != KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_AVAIL)
  544. return -EINVAL;
  545. /*
  546. * Map all the possible incoming states to the only two we
  547. * really want to deal with.
  548. */
  549. switch (val & KVM_REG_FEATURE_LEVEL_MASK) {
  550. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_AVAIL:
  551. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_UNKNOWN:
  552. wa_level = KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_AVAIL;
  553. break;
  554. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_AVAIL:
  555. case KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_REQUIRED:
  556. wa_level = KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_REQUIRED;
  557. break;
  558. default:
  559. return -EINVAL;
  560. }
  561. /*
  562. * We can deal with NOT_AVAIL on NOT_REQUIRED, but not the
  563. * other way around.
  564. */
  565. if (get_kernel_wa_level(vcpu, reg->id) < wa_level)
  566. return -EINVAL;
  567. return 0;
  568. case KVM_REG_ARM_STD_BMAP:
  569. case KVM_REG_ARM_STD_HYP_BMAP:
  570. case KVM_REG_ARM_VENDOR_HYP_BMAP:
  571. case KVM_REG_ARM_VENDOR_HYP_BMAP_2:
  572. return kvm_arm_set_fw_reg_bmap(vcpu, reg->id, val);
  573. default:
  574. return -ENOENT;
  575. }
  576. return -EINVAL;
  577. }
  578. int kvm_vm_smccc_has_attr(struct kvm *kvm, struct kvm_device_attr *attr)
  579. {
  580. switch (attr->attr) {
  581. case KVM_ARM_VM_SMCCC_FILTER:
  582. return 0;
  583. default:
  584. return -ENXIO;
  585. }
  586. }
  587. int kvm_vm_smccc_set_attr(struct kvm *kvm, struct kvm_device_attr *attr)
  588. {
  589. void __user *uaddr = (void __user *)attr->addr;
  590. switch (attr->attr) {
  591. case KVM_ARM_VM_SMCCC_FILTER:
  592. return kvm_smccc_set_filter(kvm, uaddr);
  593. default:
  594. return -ENXIO;
  595. }
  596. }