Warning: This file is not a C or C++ file. It does not have highlighting.

1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (C) 2020 - Google LLC
4 * Author: Quentin Perret <qperret@google.com>
5 */
6#ifndef __ARM64_KVM_PKVM_H__
7#define __ARM64_KVM_PKVM_H__
8
9#include <linux/arm_ffa.h>
10#include <linux/memblock.h>
11#include <linux/scatterlist.h>
12#include <asm/kvm_pgtable.h>
13
14/* Maximum number of VMs that can co-exist under pKVM. */
15#define KVM_MAX_PVMS 255
16
17#define HYP_MEMBLOCK_REGIONS 128
18
19int pkvm_init_host_vm(struct kvm *kvm);
20int pkvm_create_hyp_vm(struct kvm *kvm);
21bool pkvm_hyp_vm_is_created(struct kvm *kvm);
22void pkvm_destroy_hyp_vm(struct kvm *kvm);
23int pkvm_create_hyp_vcpu(struct kvm_vcpu *vcpu);
24
25/*
26 * This functions as an allow-list of protected VM capabilities.
27 * Features not explicitly allowed by this function are denied.
28 */
29static inline bool kvm_pvm_ext_allowed(long ext)
30{
31 switch (ext) {
32 case KVM_CAP_IRQCHIP:
33 case KVM_CAP_ARM_PSCI:
34 case KVM_CAP_ARM_PSCI_0_2:
35 case KVM_CAP_NR_VCPUS:
36 case KVM_CAP_MAX_VCPUS:
37 case KVM_CAP_MAX_VCPU_ID:
38 case KVM_CAP_MSI_DEVID:
39 case KVM_CAP_ARM_VM_IPA_SIZE:
40 case KVM_CAP_ARM_PMU_V3:
41 case KVM_CAP_ARM_SVE:
42 case KVM_CAP_ARM_PTRAUTH_ADDRESS:
43 case KVM_CAP_ARM_PTRAUTH_GENERIC:
44 return true;
45 default:
46 return false;
47 }
48}
49
50extern struct memblock_region kvm_nvhe_sym(hyp_memory)[];
51extern unsigned int kvm_nvhe_sym(hyp_memblock_nr);
52
53static inline unsigned long
54hyp_vmemmap_memblock_size(struct memblock_region *reg, size_t vmemmap_entry_size)
55{
56 unsigned long nr_pages = reg->size >> PAGE_SHIFT;
57 unsigned long start, end;
58
59 start = (reg->base >> PAGE_SHIFT) * vmemmap_entry_size;
60 end = start + nr_pages * vmemmap_entry_size;
61 start = ALIGN_DOWN(start, PAGE_SIZE);
62 end = ALIGN(end, PAGE_SIZE);
63
64 return end - start;
65}
66
67static inline unsigned long hyp_vmemmap_pages(size_t vmemmap_entry_size)
68{
69 unsigned long res = 0, i;
70
71 for (i = 0; i < kvm_nvhe_sym(hyp_memblock_nr); i++) {
72 res += hyp_vmemmap_memblock_size(&kvm_nvhe_sym(hyp_memory)[i],
73 vmemmap_entry_size);
74 }
75
76 return res >> PAGE_SHIFT;
77}
78
79static inline unsigned long hyp_vm_table_pages(void)
80{
81 return PAGE_ALIGN(KVM_MAX_PVMS * sizeof(void *)) >> PAGE_SHIFT;
82}
83
84static inline unsigned long __hyp_pgtable_max_pages(unsigned long nr_pages)
85{
86 unsigned long total = 0;
87 int i;
88
89 /* Provision the worst case scenario */
90 for (i = KVM_PGTABLE_FIRST_LEVEL; i <= KVM_PGTABLE_LAST_LEVEL; i++) {
91 nr_pages = DIV_ROUND_UP(nr_pages, PTRS_PER_PTE);
92 total += nr_pages;
93 }
94
95 return total;
96}
97
98static inline unsigned long __hyp_pgtable_total_pages(void)
99{
100 unsigned long res = 0, i;
101
102 /* Cover all of memory with page-granularity */
103 for (i = 0; i < kvm_nvhe_sym(hyp_memblock_nr); i++) {
104 struct memblock_region *reg = &kvm_nvhe_sym(hyp_memory)[i];
105 res += __hyp_pgtable_max_pages(reg->size >> PAGE_SHIFT);
106 }
107
108 return res;
109}
110
111static inline unsigned long hyp_s1_pgtable_pages(void)
112{
113 unsigned long res;
114
115 res = __hyp_pgtable_total_pages();
116
117 /* Allow 1 GiB for private mappings */
118 res += __hyp_pgtable_max_pages(SZ_1G >> PAGE_SHIFT);
119
120 return res;
121}
122
123static inline unsigned long host_s2_pgtable_pages(void)
124{
125 unsigned long res;
126
127 /*
128 * Include an extra 16 pages to safely upper-bound the worst case of
129 * concatenated pgds.
130 */
131 res = __hyp_pgtable_total_pages() + 16;
132
133 /* Allow 1 GiB for MMIO mappings */
134 res += __hyp_pgtable_max_pages(SZ_1G >> PAGE_SHIFT);
135
136 return res;
137}
138
139#ifdef CONFIG_NVHE_EL2_DEBUG
140static inline unsigned long pkvm_selftest_pages(void) { return 32; }
141#else
142static inline unsigned long pkvm_selftest_pages(void) { return 0; }
143#endif
144
145#define KVM_FFA_MBOX_NR_PAGES 1
146
147static inline unsigned long hyp_ffa_proxy_pages(void)
148{
149 size_t desc_max;
150
151 /*
152 * The hypervisor FFA proxy needs enough memory to buffer a fragmented
153 * descriptor returned from EL3 in response to a RETRIEVE_REQ call.
154 */
155 desc_max = sizeof(struct ffa_mem_region) +
156 sizeof(struct ffa_mem_region_attributes) +
157 sizeof(struct ffa_composite_mem_region) +
158 SG_MAX_SEGMENTS * sizeof(struct ffa_mem_region_addr_range);
159
160 /* Plus a page each for the hypervisor's RX and TX mailboxes. */
161 return (2 * KVM_FFA_MBOX_NR_PAGES) + DIV_ROUND_UP(desc_max, PAGE_SIZE);
162}
163
164static inline size_t pkvm_host_sve_state_size(void)
165{
166 if (!system_supports_sve())
167 return 0;
168
169 return size_add(sizeof(struct cpu_sve_state),
170 SVE_SIG_REGS_SIZE(sve_vq_from_vl(kvm_host_sve_max_vl)));
171}
172
173struct pkvm_mapping {
174 struct rb_node node;
175 u64 gfn;
176 u64 pfn;
177 u64 nr_pages;
178 u64 __subtree_last; /* Internal member for interval tree */
179};
180
181int pkvm_pgtable_stage2_init(struct kvm_pgtable *pgt, struct kvm_s2_mmu *mmu,
182 struct kvm_pgtable_mm_ops *mm_ops);
183void pkvm_pgtable_stage2_destroy_range(struct kvm_pgtable *pgt,
184 u64 addr, u64 size);
185void pkvm_pgtable_stage2_destroy_pgd(struct kvm_pgtable *pgt);
186int pkvm_pgtable_stage2_map(struct kvm_pgtable *pgt, u64 addr, u64 size, u64 phys,
187 enum kvm_pgtable_prot prot, void *mc,
188 enum kvm_pgtable_walk_flags flags);
189int pkvm_pgtable_stage2_unmap(struct kvm_pgtable *pgt, u64 addr, u64 size);
190int pkvm_pgtable_stage2_wrprotect(struct kvm_pgtable *pgt, u64 addr, u64 size);
191int pkvm_pgtable_stage2_flush(struct kvm_pgtable *pgt, u64 addr, u64 size);
192bool pkvm_pgtable_stage2_test_clear_young(struct kvm_pgtable *pgt, u64 addr, u64 size, bool mkold);
193int pkvm_pgtable_stage2_relax_perms(struct kvm_pgtable *pgt, u64 addr, enum kvm_pgtable_prot prot,
194 enum kvm_pgtable_walk_flags flags);
195void pkvm_pgtable_stage2_mkyoung(struct kvm_pgtable *pgt, u64 addr,
196 enum kvm_pgtable_walk_flags flags);
197int pkvm_pgtable_stage2_split(struct kvm_pgtable *pgt, u64 addr, u64 size,
198 struct kvm_mmu_memory_cache *mc);
199void pkvm_pgtable_stage2_free_unlinked(struct kvm_pgtable_mm_ops *mm_ops, void *pgtable, s8 level);
200kvm_pte_t *pkvm_pgtable_stage2_create_unlinked(struct kvm_pgtable *pgt, u64 phys, s8 level,
201 enum kvm_pgtable_prot prot, void *mc,
202 bool force_pte);
203#endif /* __ARM64_KVM_PKVM_H__ */
204

Warning: This file is not a C or C++ file. It does not have highlighting.

source code of linux/arch/arm64/include/asm/kvm_pkvm.h