[PATCH 4/5] KVM: PPC: BOOKE: Clear guest dbsr in userspace exit KVM_EXIT_DEBUG

[Bharat Bhushan]

Dbsr is not visible to userspace and we do not think any need to
expose this to userspace because:
  Userspace cannot inject debug interrupt to guest (as this
  does not know guest ability to handle debug interrupt), so
  userspace will always clear DBSR.
  Now if userspace has to always clear DBSR in KVM_EXIT_DEBUG
  handling then clearing dbsr in kernel looks simple as this
  avoid doing SET_SREGS/set_one_reg() to clear DBSR

Signed-off-by: Bharat Bhushan 
---
 arch/powerpc/kvm/booke.c | 11 +++
 1 file changed, 11 insertions(+)

diff --git a/arch/powerpc/kvm/booke.c b/arch/powerpc/kvm/booke.c
index 322da7d..5c2e26a 100644
--- a/arch/powerpc/kvm/booke.c
+++ b/arch/powerpc/kvm/booke.c
@@ -735,6 +735,17 @@ static int kvmppc_handle_debug(struct kvm_run *run, struct 
kvm_vcpu *vcpu)
struct debug_reg *dbg_reg = &(vcpu->arch.shadow_dbg_reg);
u32 dbsr = vcpu->arch.dbsr;
 
+   /* Clear guest dbsr (vcpu->arch.dbsr).
+* dbsr is not visible to userspace and we do not think any
+* need to expose this to userspace because:
+* Userspace cannot inject debug interrupt to guest (as this does
+* not know guest ability to handle debug interrupt), so userspace
+* will always clear DBSR.
+* Now if userspace has to always clear DBSR in KVM_EXIT_DEBUG
+* handling then clearing here looks simple as this
+* avoid doing SET_SREGS/set_one_reg() to clear DBSR
+*/
+   vcpu->arch.dbsr = 0;
run->debug.arch.status = 0;
run->debug.arch.address = vcpu->arch.pc;
 
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 2/5] KVM: PPC: BOOKE : Emulate rfdi instruction

[Bharat Bhushan]

This patch adds "rfdi" instruction emulation which is required for
guest debug hander on BOOKE-HV

Signed-off-by: Bharat Bhushan 
---
 arch/powerpc/include/asm/kvm_host.h |  1 +
 arch/powerpc/kvm/booke_emulate.c| 13 +
 2 files changed, 14 insertions(+)

diff --git a/arch/powerpc/include/asm/kvm_host.h 
b/arch/powerpc/include/asm/kvm_host.h
index 98d9dd5..636b230 100644
--- a/arch/powerpc/include/asm/kvm_host.h
+++ b/arch/powerpc/include/asm/kvm_host.h
@@ -144,6 +144,7 @@ enum kvm_exit_types {
EMULATED_TLBWE_EXITS,
EMULATED_RFI_EXITS,
EMULATED_RFCI_EXITS,
+   EMULATED_RFDI_EXITS,
DEC_EXITS,
EXT_INTR_EXITS,
HALT_WAKEUP,
diff --git a/arch/powerpc/kvm/booke_emulate.c b/arch/powerpc/kvm/booke_emulate.c
index 28c1588..4b9a079 100644
--- a/arch/powerpc/kvm/booke_emulate.c
+++ b/arch/powerpc/kvm/booke_emulate.c
@@ -25,6 +25,7 @@
 
 #define OP_19_XOP_RFI 50
 #define OP_19_XOP_RFCI51
+#define OP_19_XOP_RFDI39
 
 #define OP_31_XOP_MFMSR   83
 #define OP_31_XOP_WRTEE   131
@@ -37,6 +38,12 @@ static void kvmppc_emul_rfi(struct kvm_vcpu *vcpu)
kvmppc_set_msr(vcpu, vcpu->arch.shared->srr1);
 }
 
+static void kvmppc_emul_rfdi(struct kvm_vcpu *vcpu)
+{
+   vcpu->arch.pc = vcpu->arch.dsrr0;
+   kvmppc_set_msr(vcpu, vcpu->arch.dsrr1);
+}
+
 static void kvmppc_emul_rfci(struct kvm_vcpu *vcpu)
 {
vcpu->arch.pc = vcpu->arch.csrr0;
@@ -65,6 +72,12 @@ int kvmppc_booke_emulate_op(struct kvm_run *run, struct 
kvm_vcpu *vcpu,
*advance = 0;
break;
 
+   case OP_19_XOP_RFDI:
+   kvmppc_emul_rfdi(vcpu);
+   kvmppc_set_exit_type(vcpu, EMULATED_RFDI_EXITS);
+   *advance = 0;
+   break;
+
default:
emulated = EMULATE_FAIL;
break;
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 3/5] KVM: PPC: BOOKE: Allow guest to change MSR_DE

[Bharat Bhushan]

This patch changes the default behavior of MSRP_DEP, that is
guest is not allowed to change the MSR_DE, to guest can change
MSR_DE. When userspace is debugging guest then it override the
default behavior and set MSRP_DEP. This stops guest to change
MSR_DE when userspace is debugging guest.

Signed-off-by: Bharat Bhushan 
---
 arch/powerpc/kvm/e500mc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/powerpc/kvm/e500mc.c b/arch/powerpc/kvm/e500mc.c
index 164bad2..000cf82 100644
--- a/arch/powerpc/kvm/e500mc.c
+++ b/arch/powerpc/kvm/e500mc.c
@@ -194,7 +194,7 @@ int kvmppc_core_vcpu_setup(struct kvm_vcpu *vcpu)
 #ifdef CONFIG_64BIT
vcpu->arch.shadow_epcr |= SPRN_EPCR_ICM;
 #endif
-   vcpu->arch.shadow_msrp = MSRP_UCLEP | MSRP_DEP | MSRP_PMMP;
+   vcpu->arch.shadow_msrp = MSRP_UCLEP | MSRP_PMMP;
vcpu->arch.eplc = EPC_EGS | (vcpu->kvm->arch.lpid << EPC_ELPID_SHIFT);
vcpu->arch.epsc = vcpu->arch.eplc;
 
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 5/5] KVM: PPC: BOOKE: Emulate debug registers and exception

[Bharat Bhushan]

This patch emulates debug registers and debug exception
to support guest using debug resource. This enables running
gdb/kgdb etc in guest.

On BOOKE architecture we cannot share debug resources between QEMU and
guest because:
When QEMU is using debug resources then debug exception must
be always enabled. To achieve this we set MSR_DE and also set
MSRP_DEP so guest cannot change MSR_DE.

When emulating debug resource for guest we want guest
to control MSR_DE (enable/disable debug interrupt on need).

So above mentioned two configuration cannot be supported
at the same time. So the result is that we cannot share
debug resources between QEMU and Guest on BOOKE architecture.

In the current design QEMU gets priority over guest, this means that if
QEMU is using debug resources then guest cannot use them and if guest is
using debug resource then QEMU can overwrite them.

Signed-off-by: Bharat Bhushan 
---
 arch/powerpc/include/asm/kvm_ppc.h   |   3 +
 arch/powerpc/include/asm/reg_booke.h |   2 +
 arch/powerpc/kvm/booke.c |  35 +++-
 arch/powerpc/kvm/booke_emulate.c | 157 +++
 4 files changed, 196 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/include/asm/kvm_ppc.h 
b/arch/powerpc/include/asm/kvm_ppc.h
index fb86a22..05e58b6 100644
--- a/arch/powerpc/include/asm/kvm_ppc.h
+++ b/arch/powerpc/include/asm/kvm_ppc.h
@@ -206,6 +206,9 @@ extern int kvmppc_xics_get_xive(struct kvm *kvm, u32 irq, 
u32 *server,
 extern int kvmppc_xics_int_on(struct kvm *kvm, u32 irq);
 extern int kvmppc_xics_int_off(struct kvm *kvm, u32 irq);
 
+void kvmppc_core_dequeue_debug(struct kvm_vcpu *vcpu);
+void kvmppc_core_queue_debug(struct kvm_vcpu *vcpu);
+
 union kvmppc_one_reg {
u32 wval;
u64 dval;
diff --git a/arch/powerpc/include/asm/reg_booke.h 
b/arch/powerpc/include/asm/reg_booke.h
index 464f108..150d485 100644
--- a/arch/powerpc/include/asm/reg_booke.h
+++ b/arch/powerpc/include/asm/reg_booke.h
@@ -307,6 +307,8 @@
  * DBSR bits which have conflicting definitions on true Book E versus IBM 40x.
  */
 #ifdef CONFIG_BOOKE
+#define DBSR_IDE   0x8000  /* Imprecise Debug Event */
+#define DBSR_MRR   0x3000  /* Most Recent Reset */
 #define DBSR_IC0x0800  /* Instruction Completion */
 #define DBSR_BT0x0400  /* Branch Taken */
 #define DBSR_IRPT  0x0200  /* Exception Debug Event */
diff --git a/arch/powerpc/kvm/booke.c b/arch/powerpc/kvm/booke.c
index 5c2e26a..bd7d93f 100644
--- a/arch/powerpc/kvm/booke.c
+++ b/arch/powerpc/kvm/booke.c
@@ -267,6 +267,16 @@ static void kvmppc_core_dequeue_watchdog(struct kvm_vcpu 
*vcpu)
clear_bit(BOOKE_IRQPRIO_WATCHDOG, &vcpu->arch.pending_exceptions);
 }
 
+void kvmppc_core_queue_debug(struct kvm_vcpu *vcpu)
+{
+   kvmppc_booke_queue_irqprio(vcpu, BOOKE_IRQPRIO_DEBUG);
+}
+
+void kvmppc_core_dequeue_debug(struct kvm_vcpu *vcpu)
+{
+   clear_bit(BOOKE_IRQPRIO_DEBUG, &vcpu->arch.pending_exceptions);
+}
+
 static void set_guest_srr(struct kvm_vcpu *vcpu, unsigned long srr0, u32 srr1)
 {
kvmppc_set_srr0(vcpu, srr0);
@@ -735,7 +745,27 @@ static int kvmppc_handle_debug(struct kvm_run *run, struct 
kvm_vcpu *vcpu)
struct debug_reg *dbg_reg = &(vcpu->arch.shadow_dbg_reg);
u32 dbsr = vcpu->arch.dbsr;
 
-   /* Clear guest dbsr (vcpu->arch.dbsr).
+   if (vcpu->guest_debug == 0) {
+   /*
+* Debug resources belong to Guest.
+* Imprecise debug event are not injected
+*/
+   if (dbsr & DBSR_IDE)
+   return RESUME_GUEST;
+
+   if (dbsr && (vcpu->arch.shared->msr & MSR_DE) &&
+   (vcpu->arch.dbg_reg.dbcr0 & DBCR0_IDM))
+   kvmppc_core_queue_debug(vcpu);
+
+   /* Inject a program interrupt if trap debug is not allowed */
+   if ((dbsr & DBSR_TIE) && !(vcpu->arch.shared->msr & MSR_DE))
+   kvmppc_core_queue_program(vcpu, ESR_PTR);
+
+   return RESUME_GUEST;
+   }
+
+   /* Debug resource owned by userspace.
+* Clear guest dbsr (vcpu->arch.dbsr).
 * dbsr is not visible to userspace and we do not think any
 * need to expose this to userspace because:
 * Userspace cannot inject debug interrupt to guest (as this does
@@ -828,6 +858,8 @@ static void kvmppc_restart_interrupt(struct kvm_vcpu *vcpu,
case BOOKE_INTERRUPT_DEBUG:
/* Save DBSR before preemption is enabled */
vcpu->arch.dbsr = mfspr(SPRN_DBSR);
+   /* MASK out DBSR_MRR */
+   vcpu->arch.dbsr &= ~DBSR_MRR;
kvmppc_clear_dbsr();
break;
}
@@ -1858,6 +1890,7 @@ int kvm_arch_vcpu_ioctl_set_guest_debug(struct kvm_vcpu 
*vcpu,
 
if (!(dbg->control & KVM_GUESTDBG_ENABLE)) {
   

[PATCH 1/5] KVM: PPC: BOOKE: allow debug interrupt at "debug level"

[Bharat Bhushan]

Debug interrupt can be either "critical level" or "debug level".
There are separate set of save/restore registers used for different level.
Example: DSRR0/DSRR1 are used for "debug level" and CSRR0/CSRR1
are used for critical level debug interrupt.

Using CPU_FTR_DEBUG_LVL_EXC to decide which interrupt level to be used.

Signed-off-by: Bharat Bhushan 
---
 arch/powerpc/kvm/booke.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/kvm/booke.c b/arch/powerpc/kvm/booke.c
index b4c89fa..322da7d 100644
--- a/arch/powerpc/kvm/booke.c
+++ b/arch/powerpc/kvm/booke.c
@@ -377,7 +377,11 @@ static int kvmppc_booke_irqprio_deliver(struct kvm_vcpu 
*vcpu,
allowed = vcpu->arch.shared->msr & MSR_DE;
allowed = allowed && !crit;
msr_mask = MSR_ME;
-   int_class = INT_CLASS_CRIT;
+   if (cpu_has_feature(CPU_FTR_DEBUG_LVL_EXC))
+   int_class = INT_CLASS_DBG;
+   else
+   int_class = INT_CLASS_CRIT;
+
break;
}
 
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 3/5 v2] KVM: PPC: BOOKE: Allow guest to change MSR_DE

[Bharat Bhushan]

This patch changes the default behavior of MSRP_DEP, that is
guest is not allowed to change the MSR_DE, to guest can change
MSR_DE. When userspace is debugging guest then it override the
default behavior and set MSRP_DEP. This stops guest to change
MSR_DE when userspace is debugging guest.

Signed-off-by: Bharat Bhushan 
---
v1->v2
 - No Change
 
 arch/powerpc/kvm/e500mc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/powerpc/kvm/e500mc.c b/arch/powerpc/kvm/e500mc.c
index 164bad2..000cf82 100644
--- a/arch/powerpc/kvm/e500mc.c
+++ b/arch/powerpc/kvm/e500mc.c
@@ -194,7 +194,7 @@ int kvmppc_core_vcpu_setup(struct kvm_vcpu *vcpu)
 #ifdef CONFIG_64BIT
vcpu->arch.shadow_epcr |= SPRN_EPCR_ICM;
 #endif
-   vcpu->arch.shadow_msrp = MSRP_UCLEP | MSRP_DEP | MSRP_PMMP;
+   vcpu->arch.shadow_msrp = MSRP_UCLEP | MSRP_PMMP;
vcpu->arch.eplc = EPC_EGS | (vcpu->kvm->arch.lpid << EPC_ELPID_SHIFT);
vcpu->arch.epsc = vcpu->arch.eplc;
 
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 0/5 v2] Guest debug emulation

[Bharat Bhushan]

This patchset adds debug register and interrupt emulation support
for guest, which enables running gdb/kgdb etc in guest.

Bharat Bhushan (5):
  KVM: PPC: BOOKE: allow debug interrupt at "debug level"
  KVM: PPC: BOOKE : Emulate rfdi instruction
  KVM: PPC: BOOKE: Allow guest to change MSR_DE
  KVM: PPC: BOOKE: Clear guest dbsr in userspace exit KVM_EXIT_DEBUG
  KVM: PPC: BOOKE: Emulate debug registers and exception

 arch/powerpc/include/asm/kvm_host.h  |   1 +
 arch/powerpc/include/asm/kvm_ppc.h   |   3 +
 arch/powerpc/include/asm/reg_booke.h |   2 +
 arch/powerpc/kvm/booke.c |  50 ++-
 arch/powerpc/kvm/booke_emulate.c | 170 +++
 arch/powerpc/kvm/e500mc.c|   2 +-
 6 files changed, 226 insertions(+), 2 deletions(-)

-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 2/5 v2] KVM: PPC: BOOKE : Emulate rfdi instruction

[Bharat Bhushan]

This patch adds "rfdi" instruction emulation which is required for
guest debug hander on BOOKE-HV

Signed-off-by: Bharat Bhushan 
---
v1->v2
 -msr update based on guest_debug done under _set_msr(); so removed same check 
here 

 arch/powerpc/include/asm/kvm_host.h |  1 +
 arch/powerpc/kvm/booke_emulate.c| 13 +
 2 files changed, 14 insertions(+)

diff --git a/arch/powerpc/include/asm/kvm_host.h 
b/arch/powerpc/include/asm/kvm_host.h
index 98d9dd5..636b230 100644
--- a/arch/powerpc/include/asm/kvm_host.h
+++ b/arch/powerpc/include/asm/kvm_host.h
@@ -144,6 +144,7 @@ enum kvm_exit_types {
EMULATED_TLBWE_EXITS,
EMULATED_RFI_EXITS,
EMULATED_RFCI_EXITS,
+   EMULATED_RFDI_EXITS,
DEC_EXITS,
EXT_INTR_EXITS,
HALT_WAKEUP,
diff --git a/arch/powerpc/kvm/booke_emulate.c b/arch/powerpc/kvm/booke_emulate.c
index 28c1588..4b9a079 100644
--- a/arch/powerpc/kvm/booke_emulate.c
+++ b/arch/powerpc/kvm/booke_emulate.c
@@ -25,6 +25,7 @@
 
 #define OP_19_XOP_RFI 50
 #define OP_19_XOP_RFCI51
+#define OP_19_XOP_RFDI39
 
 #define OP_31_XOP_MFMSR   83
 #define OP_31_XOP_WRTEE   131
@@ -37,6 +38,12 @@ static void kvmppc_emul_rfi(struct kvm_vcpu *vcpu)
kvmppc_set_msr(vcpu, vcpu->arch.shared->srr1);
 }
 
+static void kvmppc_emul_rfdi(struct kvm_vcpu *vcpu)
+{
+   vcpu->arch.pc = vcpu->arch.dsrr0;
+   kvmppc_set_msr(vcpu, vcpu->arch.dsrr1);
+}
+
 static void kvmppc_emul_rfci(struct kvm_vcpu *vcpu)
 {
vcpu->arch.pc = vcpu->arch.csrr0;
@@ -65,6 +72,12 @@ int kvmppc_booke_emulate_op(struct kvm_run *run, struct 
kvm_vcpu *vcpu,
*advance = 0;
break;
 
+   case OP_19_XOP_RFDI:
+   kvmppc_emul_rfdi(vcpu);
+   kvmppc_set_exit_type(vcpu, EMULATED_RFDI_EXITS);
+   *advance = 0;
+   break;
+
default:
emulated = EMULATE_FAIL;
break;
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 5/5 v2] KVM: PPC: BOOKE: Emulate debug registers and exception

[Bharat Bhushan]

This patch emulates debug registers and debug exception
to support guest using debug resource. This enables running
gdb/kgdb etc in guest.

On BOOKE architecture we cannot share debug resources between QEMU and
guest because:
When QEMU is using debug resources then debug exception must
be always enabled. To achieve this we set MSR_DE and also set
MSRP_DEP so guest cannot change MSR_DE.

When emulating debug resource for guest we want guest
to control MSR_DE (enable/disable debug interrupt on need).

So above mentioned two configuration cannot be supported
at the same time. So the result is that we cannot share
debug resources between QEMU and Guest on BOOKE architecture.

In the current design QEMU gets priority over guest, this means that if
QEMU is using debug resources then guest cannot use them and if guest is
using debug resource then QEMU can overwrite them.

Signed-off-by: Bharat Bhushan 
---
v1->v2
 - Clear DBCR0_EDM when userspace release debug resource
 - change order of debug register and update in h/w register
 - no debug interrupt on MRR/IDE debug event

 arch/powerpc/include/asm/kvm_ppc.h   |   3 +
 arch/powerpc/include/asm/reg_booke.h |   2 +
 arch/powerpc/kvm/booke.c |  35 +++-
 arch/powerpc/kvm/booke_emulate.c | 157 +++
 4 files changed, 196 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/include/asm/kvm_ppc.h 
b/arch/powerpc/include/asm/kvm_ppc.h
index fb86a22..05e58b6 100644
--- a/arch/powerpc/include/asm/kvm_ppc.h
+++ b/arch/powerpc/include/asm/kvm_ppc.h
@@ -206,6 +206,9 @@ extern int kvmppc_xics_get_xive(struct kvm *kvm, u32 irq, 
u32 *server,
 extern int kvmppc_xics_int_on(struct kvm *kvm, u32 irq);
 extern int kvmppc_xics_int_off(struct kvm *kvm, u32 irq);
 
+void kvmppc_core_dequeue_debug(struct kvm_vcpu *vcpu);
+void kvmppc_core_queue_debug(struct kvm_vcpu *vcpu);
+
 union kvmppc_one_reg {
u32 wval;
u64 dval;
diff --git a/arch/powerpc/include/asm/reg_booke.h 
b/arch/powerpc/include/asm/reg_booke.h
index 464f108..150d485 100644
--- a/arch/powerpc/include/asm/reg_booke.h
+++ b/arch/powerpc/include/asm/reg_booke.h
@@ -307,6 +307,8 @@
  * DBSR bits which have conflicting definitions on true Book E versus IBM 40x.
  */
 #ifdef CONFIG_BOOKE
+#define DBSR_IDE   0x8000  /* Imprecise Debug Event */
+#define DBSR_MRR   0x3000  /* Most Recent Reset */
 #define DBSR_IC0x0800  /* Instruction Completion */
 #define DBSR_BT0x0400  /* Branch Taken */
 #define DBSR_IRPT  0x0200  /* Exception Debug Event */
diff --git a/arch/powerpc/kvm/booke.c b/arch/powerpc/kvm/booke.c
index 5c2e26a..bd7d93f 100644
--- a/arch/powerpc/kvm/booke.c
+++ b/arch/powerpc/kvm/booke.c
@@ -267,6 +267,16 @@ static void kvmppc_core_dequeue_watchdog(struct kvm_vcpu 
*vcpu)
clear_bit(BOOKE_IRQPRIO_WATCHDOG, &vcpu->arch.pending_exceptions);
 }
 
+void kvmppc_core_queue_debug(struct kvm_vcpu *vcpu)
+{
+   kvmppc_booke_queue_irqprio(vcpu, BOOKE_IRQPRIO_DEBUG);
+}
+
+void kvmppc_core_dequeue_debug(struct kvm_vcpu *vcpu)
+{
+   clear_bit(BOOKE_IRQPRIO_DEBUG, &vcpu->arch.pending_exceptions);
+}
+
 static void set_guest_srr(struct kvm_vcpu *vcpu, unsigned long srr0, u32 srr1)
 {
kvmppc_set_srr0(vcpu, srr0);
@@ -735,7 +745,27 @@ static int kvmppc_handle_debug(struct kvm_run *run, struct 
kvm_vcpu *vcpu)
struct debug_reg *dbg_reg = &(vcpu->arch.shadow_dbg_reg);
u32 dbsr = vcpu->arch.dbsr;
 
-   /* Clear guest dbsr (vcpu->arch.dbsr).
+   if (vcpu->guest_debug == 0) {
+   /*
+* Debug resources belong to Guest.
+* Imprecise debug event are not injected
+*/
+   if (dbsr & DBSR_IDE)
+   return RESUME_GUEST;
+
+   if (dbsr && (vcpu->arch.shared->msr & MSR_DE) &&
+   (vcpu->arch.dbg_reg.dbcr0 & DBCR0_IDM))
+   kvmppc_core_queue_debug(vcpu);
+
+   /* Inject a program interrupt if trap debug is not allowed */
+   if ((dbsr & DBSR_TIE) && !(vcpu->arch.shared->msr & MSR_DE))
+   kvmppc_core_queue_program(vcpu, ESR_PTR);
+
+   return RESUME_GUEST;
+   }
+
+   /* Debug resource owned by userspace.
+* Clear guest dbsr (vcpu->arch.dbsr).
 * dbsr is not visible to userspace and we do not think any
 * need to expose this to userspace because:
 * Userspace cannot inject debug interrupt to guest (as this does
@@ -828,6 +858,8 @@ static void kvmppc_restart_interrupt(struct kvm_vcpu *vcpu,
case BOOKE_INTERRUPT_DEBUG:
/* Save DBSR before preemption is enabled */
vcpu->arch.dbsr = mfspr(SPRN_DBSR);
+   /* MASK out DBSR_MRR */
+   vcpu->arch.dbsr &= ~DBSR_MRR;
kvmppc_clear_dbsr();
br

[PATCH 1/5 v2] KVM: PPC: BOOKE: allow debug interrupt at "debug level"

[Bharat Bhushan]

Debug interrupt can be either "critical level" or "debug level".
There are separate set of save/restore registers used for different level.
Example: DSRR0/DSRR1 are used for "debug level" and CSRR0/CSRR1
are used for critical level debug interrupt.

Using CPU_FTR_DEBUG_LVL_EXC to decide which interrupt level to be used.

Signed-off-by: Bharat Bhushan 
---
v1->v2
 - No change

 arch/powerpc/kvm/booke.c | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/kvm/booke.c b/arch/powerpc/kvm/booke.c
index b4c89fa..322da7d 100644
--- a/arch/powerpc/kvm/booke.c
+++ b/arch/powerpc/kvm/booke.c
@@ -377,7 +377,11 @@ static int kvmppc_booke_irqprio_deliver(struct kvm_vcpu 
*vcpu,
allowed = vcpu->arch.shared->msr & MSR_DE;
allowed = allowed && !crit;
msr_mask = MSR_ME;
-   int_class = INT_CLASS_CRIT;
+   if (cpu_has_feature(CPU_FTR_DEBUG_LVL_EXC))
+   int_class = INT_CLASS_DBG;
+   else
+   int_class = INT_CLASS_CRIT;
+
break;
}
 
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 4/5 v2] KVM: PPC: BOOKE: Clear guest dbsr in userspace exit KVM_EXIT_DEBUG

[Bharat Bhushan]

Dbsr is not visible to userspace and we do not think any need to
expose this to userspace because:
  Userspace cannot inject debug interrupt to guest (as this
  does not know guest ability to handle debug interrupt), so
  userspace will always clear DBSR.
  Now if userspace has to always clear DBSR in KVM_EXIT_DEBUG
  handling then clearing dbsr in kernel looks simple as this
  avoid doing SET_SREGS/set_one_reg() to clear DBSR

Signed-off-by: Bharat Bhushan 
---
v1->v2
 - New patch (separated from guest debug emulation
 - Added description

 arch/powerpc/kvm/booke.c | 11 +++
 1 file changed, 11 insertions(+)

diff --git a/arch/powerpc/kvm/booke.c b/arch/powerpc/kvm/booke.c
index 322da7d..5c2e26a 100644
--- a/arch/powerpc/kvm/booke.c
+++ b/arch/powerpc/kvm/booke.c
@@ -735,6 +735,17 @@ static int kvmppc_handle_debug(struct kvm_run *run, struct 
kvm_vcpu *vcpu)
struct debug_reg *dbg_reg = &(vcpu->arch.shadow_dbg_reg);
u32 dbsr = vcpu->arch.dbsr;
 
+   /* Clear guest dbsr (vcpu->arch.dbsr).
+* dbsr is not visible to userspace and we do not think any
+* need to expose this to userspace because:
+* Userspace cannot inject debug interrupt to guest (as this does
+* not know guest ability to handle debug interrupt), so userspace
+* will always clear DBSR.
+* Now if userspace has to always clear DBSR in KVM_EXIT_DEBUG
+* handling then clearing here looks simple as this
+* avoid doing SET_SREGS/set_one_reg() to clear DBSR
+*/
+   vcpu->arch.dbsr = 0;
run->debug.arch.status = 0;
run->debug.arch.address = vcpu->arch.pc;
 
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

KVM call for agenda for 2014-08-05

[Juan Quintela]

Hi

Please, send any topic that you are interested in covering.

Thanks, Juan.

Call details:

15:00 CEST
13:00 UTC
09:00 EDT

Every two weeks

By popular demand, a google calendar public entry with it

https://www.google.com/calendar/embed?src=dG9iMXRqcXAzN3Y4ZXZwNzRoMHE4a3BqcXNAZ3JvdXAuY2FsZW5kYXIuZ29vZ2xlLmNvbQ

(Let me know if you have any problems with the calendar entry)

If you need phone number details,  contact me privately


Thanks, Juan.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 00/51] KVM/ARM updates for 3.17

[Christoffer Dall]

Hi Paolo and Gleb,

The following changes since commit 9f6226a762c7ae02f6a23a3d4fc552dafa57ea23:

  arch: x86: kvm: x86.c: Cleaning up variable is set more than once (2014-06-30 
16:52:04 +0200)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git 
tags/kvm-arm-for-3.17

for you to fetch changes up to dedf97e8ff2c7513b1370e36b56e08b6bd0f0290:

  arm64: KVM: fix 64bit CP15 VM access for 32bit guests (2014-08-01 14:05:06 
+0200)

Please note that there are two dependencies for this series:
  021f653 (deps-irqchip-gic-3.17) from Jason Cooper
  72c5839 (Allow GICv3 compilation with older binutils) from Catalin

These should both go in when the arm64 tree lands in Linus' tree.  We
will let you know.

Also note that merging these changes are likely to result in a somewhat
non-trivial merge conflict.  We have provided a conflict resolution
branch here with the correct merge result:
  git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git 
conflict-resolution-for-linus
  commit: 19690a1119a0 (the top one)

Can you pass this on to Linus?


Thanks,
Marc & Christoffer


KVM/ARM New features for 3.17 include:
 - Fixes and code refactoring for stage2 kvm MMU unmap_range
 - Support unmapping IPAs on deleting memslots for arm and arm64
 - Support MMIO mappings in stage2 faults
 - KVM VGIC v2 emulation on GICv3 hardware
 - Big-Endian support for arm/arm64 (guest and host)
 - Debug Architecture support for arm64 (arm32 is on Christoffer's todo list)
 - Detect non page-aligned GICV regions and bail out (plugs guest-can-crash 
host bug)

Alex Bennée (2):
  arm64: KVM: export demux regids as KVM_REG_ARM64
  arm64: KVM: allow export and import of generic timer regs

Christoffer Dall (1):
  arm/arm64: KVM: Fix and refactor unmap_range

Eric Auger (1):
  ARM: KVM: Unmap IPA on memslot delete/move

Kim Phillips (1):
  ARM: KVM: user_mem_abort: support stage 2 MMIO page mapping

Li Liu (1):
  ARM: virt: fix wrong HSCTLR.EE bit setting

Marc Zyngier (33):
  irqchip: gic: Move some bits of GICv2 to a library-type file
  irqchip: gic-v3: Initial support for GICv3
  arm64: GICv3 device tree binding documentation
  arm64: boot protocol documentation update for GICv3
  KVM: arm/arm64: vgic: move GICv2 registers to their own structure
  KVM: ARM: vgic: introduce vgic_ops and LR manipulation primitives
  KVM: ARM: vgic: abstract access to the ELRSR bitmap
  KVM: ARM: vgic: abstract EISR bitmap access
  KVM: ARM: vgic: abstract MISR decoding
  KVM: ARM: vgic: move underflow handling to vgic_ops
  KVM: ARM: vgic: abstract VMCR access
  KVM: ARM: vgic: introduce vgic_enable
  KVM: ARM: introduce vgic_params structure
  KVM: ARM: vgic: split GICv2 backend from the main vgic code
  KVM: ARM: vgic: revisit implementation of irqchip_in_kernel
  arm64: KVM: remove __kvm_hyp_code_{start,end} from hyp.S
  arm64: KVM: split GICv2 world switch from hyp code
  arm64: KVM: move HCR_EL2.{IMO,FMO} manipulation into the vgic switch
code
  KVM: ARM: vgic: add the GICv3 backend
  arm64: KVM: vgic: add GICv3 world switch
  arm64: KVM: vgic: enable GICv2 emulation on top on GICv3 hardware
  arm64: KVM: rename pm_fake handler to trap_raz_wi
  arm64: move DBG_MDSCR_* to asm/debug-monitors.h
  arm64: KVM: add trap handlers for AArch64 debug registers
  arm64: KVM: common infrastructure for handling AArch32 CP14/CP15
  arm64: KVM: use separate tables for AArch32 32 and 64bit traps
  arm64: KVM: check ordering of all system register tables
  arm64: KVM: add trap handlers for AArch32 debug registers
  arm64: KVM: implement lazy world switch for debug registers
  arm64: KVM: enable trapping of all debug registers
  arm64: KVM: GICv3: move system register access to msr_s/mrs_s
  KVM: arm64: GICv3: mandate page-aligned GICV region
  arm64: KVM: fix 64bit CP15 VM access for 32bit guests

Victor Kamensky (12):
  ARM: KVM: fix vgic V7 assembler code to work in BE image
  ARM: KVM: handle 64bit values passed to mrcc or from mcrr instructions
in BE case
  ARM: KVM: __kvm_vcpu_run function return result fix in BE case
  ARM: KVM: vgic mmio should hold data as LE bytes array in BE case
  ARM: KVM: MMIO support BE host running LE code
  ARM: KVM: one_reg coproc set and get BE fixes
  ARM: KVM: enable KVM in Kconfig on big-endian systems
  ARM64: KVM: MMIO support BE host running LE code
  ARM64: KVM: store kvm_vcpu_fault_info est_el2 as word
  ARM64: KVM: fix vgic_bitmap_get_reg function for BE 64bit case
  ARM64: KVM: set and get of sys registers in BE case
  ARM64: KVM: fix big endian issue in access_vm_reg for 32bit guest
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 13/51] KVM: ARM: vgic: abstract EISR bitmap access

[Christoffer Dall]

From: Marc Zyngier 

Move the GICH_EISR access to its own function.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 include/kvm/arm_vgic.h |  1 +
 virt/kvm/arm/vgic.c| 25 +++--
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index 38864f5..ccb9b59 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -86,6 +86,7 @@ struct vgic_ops {
void(*set_lr)(struct kvm_vcpu *, int, struct vgic_lr);
void(*sync_lr_elrsr)(struct kvm_vcpu *, int, struct vgic_lr);
u64 (*get_elrsr)(const struct kvm_vcpu *vcpu);
+   u64 (*get_eisr)(const struct kvm_vcpu *vcpu);
 };
 
 struct vgic_dist {
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 6dcc974..1e857e6 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1036,11 +1036,26 @@ static u64 vgic_v2_get_elrsr(const struct kvm_vcpu 
*vcpu)
return val;
 }
 
+static u64 vgic_v2_get_eisr(const struct kvm_vcpu *vcpu)
+{
+   u64 val;
+
+#if BITS_PER_LONG == 64
+   val  = vcpu->arch.vgic_cpu.vgic_v2.vgic_eisr[1];
+   val <<= 32;
+   val |= vcpu->arch.vgic_cpu.vgic_v2.vgic_eisr[0];
+#else
+   val = *(u64 *)vcpu->arch.vgic_cpu.vgic_v2.vgic_eisr;
+#endif
+   return val;
+}
+
 static const struct vgic_ops vgic_ops = {
.get_lr = vgic_v2_get_lr,
.set_lr = vgic_v2_set_lr,
.sync_lr_elrsr  = vgic_v2_sync_lr_elrsr,
.get_elrsr  = vgic_v2_get_elrsr,
+   .get_eisr   = vgic_v2_get_eisr,
 };
 
 static struct vgic_lr vgic_get_lr(const struct kvm_vcpu *vcpu, int lr)
@@ -1065,6 +1080,11 @@ static inline u64 vgic_get_elrsr(struct kvm_vcpu *vcpu)
return vgic_ops.get_elrsr(vcpu);
 }
 
+static inline u64 vgic_get_eisr(struct kvm_vcpu *vcpu)
+{
+   return vgic_ops.get_eisr(vcpu);
+}
+
 static void vgic_retire_lr(int lr_nr, int irq, struct kvm_vcpu *vcpu)
 {
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
@@ -1271,10 +1291,11 @@ static bool vgic_process_maintenance(struct kvm_vcpu 
*vcpu)
 * Some level interrupts have been EOIed. Clear their
 * active bit.
 */
+   u64 eisr = vgic_get_eisr(vcpu);
+   unsigned long *eisr_ptr = (unsigned long *)&eisr;
int lr;
 
-   for_each_set_bit(lr, (unsigned long 
*)vgic_cpu->vgic_v2.vgic_eisr,
-vgic_cpu->nr_lr) {
+   for_each_set_bit(lr, eisr_ptr, vgic_cpu->nr_lr) {
struct vgic_lr vlr = vgic_get_lr(vcpu, lr);
 
vgic_irq_clear_active(vcpu, vlr.irq);
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 12/51] KVM: ARM: vgic: abstract access to the ELRSR bitmap

[Christoffer Dall]

From: Marc Zyngier 

Move the GICH_ELRSR access to its own functions, and add them to
the vgic_ops structure.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 include/kvm/arm_vgic.h |  2 ++
 virt/kvm/arm/vgic.c| 46 +-
 2 files changed, 43 insertions(+), 5 deletions(-)

diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index 17bbe51..38864f5 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -84,6 +84,8 @@ struct vgic_lr {
 struct vgic_ops {
struct vgic_lr  (*get_lr)(const struct kvm_vcpu *, int);
void(*set_lr)(struct kvm_vcpu *, int, struct vgic_lr);
+   void(*sync_lr_elrsr)(struct kvm_vcpu *, int, struct vgic_lr);
+   u64 (*get_elrsr)(const struct kvm_vcpu *vcpu);
 };
 
 struct vgic_dist {
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 11408fe..6dcc974 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1015,9 +1015,32 @@ static void vgic_v2_set_lr(struct kvm_vcpu *vcpu, int lr,
vcpu->arch.vgic_cpu.vgic_v2.vgic_lr[lr] = lr_val;
 }
 
+static void vgic_v2_sync_lr_elrsr(struct kvm_vcpu *vcpu, int lr,
+ struct vgic_lr lr_desc)
+{
+   if (!(lr_desc.state & LR_STATE_MASK))
+   set_bit(lr, (unsigned long 
*)vcpu->arch.vgic_cpu.vgic_v2.vgic_elrsr);
+}
+
+static u64 vgic_v2_get_elrsr(const struct kvm_vcpu *vcpu)
+{
+   u64 val;
+
+#if BITS_PER_LONG == 64
+   val  = vcpu->arch.vgic_cpu.vgic_v2.vgic_elrsr[1];
+   val <<= 32;
+   val |= vcpu->arch.vgic_cpu.vgic_v2.vgic_elrsr[0];
+#else
+   val = *(u64 *)vcpu->arch.vgic_cpu.vgic_v2.vgic_elrsr;
+#endif
+   return val;
+}
+
 static const struct vgic_ops vgic_ops = {
.get_lr = vgic_v2_get_lr,
.set_lr = vgic_v2_set_lr,
+   .sync_lr_elrsr  = vgic_v2_sync_lr_elrsr,
+   .get_elrsr  = vgic_v2_get_elrsr,
 };
 
 static struct vgic_lr vgic_get_lr(const struct kvm_vcpu *vcpu, int lr)
@@ -1031,6 +1054,17 @@ static void vgic_set_lr(struct kvm_vcpu *vcpu, int lr,
vgic_ops.set_lr(vcpu, lr, vlr);
 }
 
+static void vgic_sync_lr_elrsr(struct kvm_vcpu *vcpu, int lr,
+  struct vgic_lr vlr)
+{
+   vgic_ops.sync_lr_elrsr(vcpu, lr, vlr);
+}
+
+static inline u64 vgic_get_elrsr(struct kvm_vcpu *vcpu)
+{
+   return vgic_ops.get_elrsr(vcpu);
+}
+
 static void vgic_retire_lr(int lr_nr, int irq, struct kvm_vcpu *vcpu)
 {
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
@@ -1260,7 +1294,7 @@ static bool vgic_process_maintenance(struct kvm_vcpu 
*vcpu)
 * Despite being EOIed, the LR may not have
 * been marked as empty.
 */
-   set_bit(lr, (unsigned long 
*)vgic_cpu->vgic_v2.vgic_elrsr);
+   vgic_sync_lr_elrsr(vcpu, lr, vlr);
}
}
 
@@ -1278,14 +1312,17 @@ static void __kvm_vgic_sync_hwstate(struct kvm_vcpu 
*vcpu)
 {
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
struct vgic_dist *dist = &vcpu->kvm->arch.vgic;
+   u64 elrsr;
+   unsigned long *elrsr_ptr;
int lr, pending;
bool level_pending;
 
level_pending = vgic_process_maintenance(vcpu);
+   elrsr = vgic_get_elrsr(vcpu);
+   elrsr_ptr = (unsigned long *)&elrsr;
 
/* Clear mappings for empty LRs */
-   for_each_set_bit(lr, (unsigned long *)vgic_cpu->vgic_v2.vgic_elrsr,
-vgic_cpu->nr_lr) {
+   for_each_set_bit(lr, elrsr_ptr, vgic_cpu->nr_lr) {
struct vgic_lr vlr;
 
if (!test_and_clear_bit(lr, vgic_cpu->lr_used))
@@ -1298,8 +1335,7 @@ static void __kvm_vgic_sync_hwstate(struct kvm_vcpu *vcpu)
}
 
/* Check if we still have something up our sleeve... */
-   pending = find_first_zero_bit((unsigned long 
*)vgic_cpu->vgic_v2.vgic_elrsr,
- vgic_cpu->nr_lr);
+   pending = find_first_zero_bit(elrsr_ptr, vgic_cpu->nr_lr);
if (level_pending || pending < vgic_cpu->nr_lr)
set_bit(vcpu->vcpu_id, &dist->irq_pending_on_cpu);
 }
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 10/51] KVM: arm/arm64: vgic: move GICv2 registers to their own structure

[Christoffer Dall]

From: Marc Zyngier 

In order to make way for the GICv3 registers, move the v2-specific
registers to their own structure.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm/kernel/asm-offsets.c   | 14 +--
 arch/arm/kvm/interrupts_head.S  | 26 +--
 arch/arm64/kernel/asm-offsets.c | 14 +--
 arch/arm64/kvm/hyp.S| 26 +--
 include/kvm/arm_vgic.h  | 20 +--
 virt/kvm/arm/vgic.c | 56 -
 6 files changed, 81 insertions(+), 75 deletions(-)

diff --git a/arch/arm/kernel/asm-offsets.c b/arch/arm/kernel/asm-offsets.c
index 85598b5..713e807 100644
--- a/arch/arm/kernel/asm-offsets.c
+++ b/arch/arm/kernel/asm-offsets.c
@@ -182,13 +182,13 @@ int main(void)
   DEFINE(VCPU_HYP_PC,  offsetof(struct kvm_vcpu, arch.fault.hyp_pc));
 #ifdef CONFIG_KVM_ARM_VGIC
   DEFINE(VCPU_VGIC_CPU,offsetof(struct kvm_vcpu, 
arch.vgic_cpu));
-  DEFINE(VGIC_CPU_HCR, offsetof(struct vgic_cpu, vgic_hcr));
-  DEFINE(VGIC_CPU_VMCR,offsetof(struct vgic_cpu, vgic_vmcr));
-  DEFINE(VGIC_CPU_MISR,offsetof(struct vgic_cpu, vgic_misr));
-  DEFINE(VGIC_CPU_EISR,offsetof(struct vgic_cpu, vgic_eisr));
-  DEFINE(VGIC_CPU_ELRSR,   offsetof(struct vgic_cpu, vgic_elrsr));
-  DEFINE(VGIC_CPU_APR, offsetof(struct vgic_cpu, vgic_apr));
-  DEFINE(VGIC_CPU_LR,  offsetof(struct vgic_cpu, vgic_lr));
+  DEFINE(VGIC_V2_CPU_HCR,  offsetof(struct vgic_cpu, vgic_v2.vgic_hcr));
+  DEFINE(VGIC_V2_CPU_VMCR, offsetof(struct vgic_cpu, vgic_v2.vgic_vmcr));
+  DEFINE(VGIC_V2_CPU_MISR, offsetof(struct vgic_cpu, vgic_v2.vgic_misr));
+  DEFINE(VGIC_V2_CPU_EISR, offsetof(struct vgic_cpu, vgic_v2.vgic_eisr));
+  DEFINE(VGIC_V2_CPU_ELRSR,offsetof(struct vgic_cpu, vgic_v2.vgic_elrsr));
+  DEFINE(VGIC_V2_CPU_APR,  offsetof(struct vgic_cpu, vgic_v2.vgic_apr));
+  DEFINE(VGIC_V2_CPU_LR,   offsetof(struct vgic_cpu, vgic_v2.vgic_lr));
   DEFINE(VGIC_CPU_NR_LR,   offsetof(struct vgic_cpu, nr_lr));
 #ifdef CONFIG_KVM_ARM_TIMER
   DEFINE(VCPU_TIMER_CNTV_CTL,  offsetof(struct kvm_vcpu, 
arch.timer_cpu.cntv_ctl));
diff --git a/arch/arm/kvm/interrupts_head.S b/arch/arm/kvm/interrupts_head.S
index 76af9302..e4eaf30 100644
--- a/arch/arm/kvm/interrupts_head.S
+++ b/arch/arm/kvm/interrupts_head.S
@@ -421,14 +421,14 @@ vcpu  .reqr0  @ vcpu pointer always 
in r0
ldr r9, [r2, #GICH_ELRSR1]
ldr r10, [r2, #GICH_APR]
 
-   str r3, [r11, #VGIC_CPU_HCR]
-   str r4, [r11, #VGIC_CPU_VMCR]
-   str r5, [r11, #VGIC_CPU_MISR]
-   str r6, [r11, #VGIC_CPU_EISR]
-   str r7, [r11, #(VGIC_CPU_EISR + 4)]
-   str r8, [r11, #VGIC_CPU_ELRSR]
-   str r9, [r11, #(VGIC_CPU_ELRSR + 4)]
-   str r10, [r11, #VGIC_CPU_APR]
+   str r3, [r11, #VGIC_V2_CPU_HCR]
+   str r4, [r11, #VGIC_V2_CPU_VMCR]
+   str r5, [r11, #VGIC_V2_CPU_MISR]
+   str r6, [r11, #VGIC_V2_CPU_EISR]
+   str r7, [r11, #(VGIC_V2_CPU_EISR + 4)]
+   str r8, [r11, #VGIC_V2_CPU_ELRSR]
+   str r9, [r11, #(VGIC_V2_CPU_ELRSR + 4)]
+   str r10, [r11, #VGIC_V2_CPU_APR]
 
/* Clear GICH_HCR */
mov r5, #0
@@ -436,7 +436,7 @@ vcpu.reqr0  @ vcpu pointer always 
in r0
 
/* Save list registers */
add r2, r2, #GICH_LR0
-   add r3, r11, #VGIC_CPU_LR
+   add r3, r11, #VGIC_V2_CPU_LR
ldr r4, [r11, #VGIC_CPU_NR_LR]
 1: ldr r6, [r2], #4
str r6, [r3], #4
@@ -463,9 +463,9 @@ vcpu.reqr0  @ vcpu pointer always 
in r0
add r11, vcpu, #VCPU_VGIC_CPU
 
/* We only restore a minimal set of registers */
-   ldr r3, [r11, #VGIC_CPU_HCR]
-   ldr r4, [r11, #VGIC_CPU_VMCR]
-   ldr r8, [r11, #VGIC_CPU_APR]
+   ldr r3, [r11, #VGIC_V2_CPU_HCR]
+   ldr r4, [r11, #VGIC_V2_CPU_VMCR]
+   ldr r8, [r11, #VGIC_V2_CPU_APR]
 
str r3, [r2, #GICH_HCR]
str r4, [r2, #GICH_VMCR]
@@ -473,7 +473,7 @@ vcpu.reqr0  @ vcpu pointer always 
in r0
 
/* Restore list registers */
add r2, r2, #GICH_LR0
-   add r3, r11, #VGIC_CPU_LR
+   add r3, r11, #VGIC_V2_CPU_LR
ldr r4, [r11, #VGIC_CPU_NR_LR]
 1: ldr r6, [r3], #4
str r6, [r2], #4
diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c
index 646f888..20fd488 100644
--- a/arch/arm64/kernel/asm-offsets.c
+++ b/arch/arm64/kernel/asm-offsets.c
@@ -129,13 +129,13 @@ int main(void)
   DEFINE(KVM_TIMER_ENABLED,offsetof(struct kvm, arch.timer.enabled));
   DEFINE(VCPU_KVM, offsetof(struct kvm_vcpu, kvm));
   DEFINE(VCPU_VGIC_CPU,offsetof(stru

[GIT PULL 01/51] irqchip: gic: Move some bits of GICv2 to a library-type file

[Christoffer Dall]

From: Marc Zyngier 

A few GICv2 low-level function are actually very useful to GICv3,
and it makes some sense to share them across the two drivers.
They end-up in their own file, with an additional parameter used
to ensure an optional synchronization (unused on GICv2).

Cc: Thomas Gleixner 
Cc: Jason Cooper 
Acked-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
Link: 
https://lkml.kernel.org/r/1404140510-5382-2-git-send-email-marc.zyng...@arm.com
Signed-off-by: Jason Cooper 
---
 drivers/irqchip/Makefile |   2 +-
 drivers/irqchip/irq-gic-common.c | 115 +++
 drivers/irqchip/irq-gic-common.h |  29 ++
 drivers/irqchip/irq-gic.c|  59 ++--
 4 files changed, 149 insertions(+), 56 deletions(-)
 create mode 100644 drivers/irqchip/irq-gic-common.c
 create mode 100644 drivers/irqchip/irq-gic-common.h

diff --git a/drivers/irqchip/Makefile b/drivers/irqchip/Makefile
index 62a13e5..9b9505c 100644
--- a/drivers/irqchip/Makefile
+++ b/drivers/irqchip/Makefile
@@ -15,7 +15,7 @@ obj-$(CONFIG_ORION_IRQCHIP)   += irq-orion.o
 obj-$(CONFIG_ARCH_SUNXI)   += irq-sun4i.o
 obj-$(CONFIG_ARCH_SUNXI)   += irq-sunxi-nmi.o
 obj-$(CONFIG_ARCH_SPEAR3XX)+= spear-shirq.o
-obj-$(CONFIG_ARM_GIC)  += irq-gic.o
+obj-$(CONFIG_ARM_GIC)  += irq-gic.o irq-gic-common.o
 obj-$(CONFIG_ARM_NVIC) += irq-nvic.o
 obj-$(CONFIG_ARM_VIC)  += irq-vic.o
 obj-$(CONFIG_IMGPDC_IRQ)   += irq-imgpdc.o
diff --git a/drivers/irqchip/irq-gic-common.c b/drivers/irqchip/irq-gic-common.c
new file mode 100644
index 000..60ac704
--- /dev/null
+++ b/drivers/irqchip/irq-gic-common.c
@@ -0,0 +1,115 @@
+/*
+ * Copyright (C) 2002 ARM Limited, All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see .
+ */
+
+#include 
+#include 
+#include 
+#include 
+
+#include "irq-gic-common.h"
+
+void gic_configure_irq(unsigned int irq, unsigned int type,
+  void __iomem *base, void (*sync_access)(void))
+{
+   u32 enablemask = 1 << (irq % 32);
+   u32 enableoff = (irq / 32) * 4;
+   u32 confmask = 0x2 << ((irq % 16) * 2);
+   u32 confoff = (irq / 16) * 4;
+   bool enabled = false;
+   u32 val;
+
+   /*
+* Read current configuration register, and insert the config
+* for "irq", depending on "type".
+*/
+   val = readl_relaxed(base + GIC_DIST_CONFIG + confoff);
+   if (type == IRQ_TYPE_LEVEL_HIGH)
+   val &= ~confmask;
+   else if (type == IRQ_TYPE_EDGE_RISING)
+   val |= confmask;
+
+   /*
+* As recommended by the spec, disable the interrupt before changing
+* the configuration
+*/
+   if (readl_relaxed(base + GIC_DIST_ENABLE_SET + enableoff) & enablemask) 
{
+   writel_relaxed(enablemask, base + GIC_DIST_ENABLE_CLEAR + 
enableoff);
+   if (sync_access)
+   sync_access();
+   enabled = true;
+   }
+
+   /*
+* Write back the new configuration, and possibly re-enable
+* the interrupt.
+*/
+   writel_relaxed(val, base + GIC_DIST_CONFIG + confoff);
+
+   if (enabled)
+   writel_relaxed(enablemask, base + GIC_DIST_ENABLE_SET + 
enableoff);
+
+   if (sync_access)
+   sync_access();
+}
+
+void __init gic_dist_config(void __iomem *base, int gic_irqs,
+   void (*sync_access)(void))
+{
+   unsigned int i;
+
+   /*
+* Set all global interrupts to be level triggered, active low.
+*/
+   for (i = 32; i < gic_irqs; i += 16)
+   writel_relaxed(0, base + GIC_DIST_CONFIG + i / 4);
+
+   /*
+* Set priority on all global interrupts.
+*/
+   for (i = 32; i < gic_irqs; i += 4)
+   writel_relaxed(0xa0a0a0a0, base + GIC_DIST_PRI + i);
+
+   /*
+* Disable all interrupts.  Leave the PPI and SGIs alone
+* as they are enabled by redistributor registers.
+*/
+   for (i = 32; i < gic_irqs; i += 32)
+   writel_relaxed(0x, base + GIC_DIST_ENABLE_CLEAR + i / 
8);
+
+   if (sync_access)
+   sync_access();
+}
+
+void gic_cpu_config(void __iomem *base, void (*sync_access)(void))
+{
+   int i;
+
+   /*
+* Deal with the banked PPI and SGI

[GIT PULL 02/51] irqchip: gic-v3: Initial support for GICv3

[Christoffer Dall]

From: Marc Zyngier 

The Generic Interrupt Controller (version 3) offers services that are
similar to GICv2, with a number of additional features:
- Affinity routing based on the CPU MPIDR (ARE)
- System register for the CPU interfaces (SRE)
- Support for more that 8 CPUs
- Locality-specific Peripheral Interrupts (LPIs)
- Interrupt Translation Services (ITS)

This patch adds preliminary support for GICv3 with ARE and SRE,
non-secure mode only. It relies on higher exception levels to grant ARE
and SRE access.

Support for LPI and ITS will be added at a later time.

Cc: Thomas Gleixner 
Cc: Jason Cooper 
Reviewed-by: Zi Shen Lim 
Reviewed-by: Christoffer Dall 
Reviewed-by: Tirumalesh Chalamarla 
Reviewed-by: Yun Wu 
Reviewed-by: Zhen Lei 
Tested-by: Tirumalesh Chalamarla
Tested-by: Radha Mohan Chintakuntla 
Acked-by: Radha Mohan Chintakuntla 
Acked-by: Catalin Marinas 
Signed-off-by: Marc Zyngier 
Reviewed-by: Mark Rutland 
Link: 
https://lkml.kernel.org/r/1404140510-5382-3-git-send-email-marc.zyng...@arm.com
Signed-off-by: Jason Cooper 
---
 arch/arm64/Kconfig |   1 +
 arch/arm64/kernel/head.S   |  18 +
 arch/arm64/kernel/hyp-stub.S   |   1 +
 drivers/irqchip/Kconfig|   5 +
 drivers/irqchip/Makefile   |   1 +
 drivers/irqchip/irq-gic-v3.c   | 692 +
 include/linux/irqchip/arm-gic-v3.h | 198 +++
 7 files changed, 916 insertions(+)
 create mode 100644 drivers/irqchip/irq-gic-v3.c
 create mode 100644 include/linux/irqchip/arm-gic-v3.h

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 7295419..be52492 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -9,6 +9,7 @@ config ARM64
select ARM_AMBA
select ARM_ARCH_TIMER
select ARM_GIC
+   select ARM_GIC_V3
select BUILDTIME_EXTABLE_SORT
select CLONE_BACKWARDS
select COMMON_CLK
diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index a96d3a6..9662350 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -22,6 +22,7 @@
 
 #include 
 #include 
+#include 
 
 #include 
 #include 
@@ -296,6 +297,23 @@ CPU_LE(bic x0, x0, #(3 << 24)  )   // 
Clear the EE and E0E bits for EL1
msr cnthctl_el2, x0
msr cntvoff_el2, xzr// Clear virtual offset
 
+#ifdef CONFIG_ARM_GIC_V3
+   /* GICv3 system register access */
+   mrs x0, id_aa64pfr0_el1
+   ubfxx0, x0, #24, #4
+   cmp x0, #1
+   b.ne3f
+
+   mrs x0, ICC_SRE_EL2
+   orr x0, x0, #ICC_SRE_EL2_SRE// Set ICC_SRE_EL2.SRE==1
+   orr x0, x0, #ICC_SRE_EL2_ENABLE // Set ICC_SRE_EL2.Enable==1
+   msr ICC_SRE_EL2, x0
+   isb // Make sure SRE is now set
+   msr ICH_HCR_EL2, xzr// Reset ICC_HCR_EL2 to defaults
+
+3:
+#endif
+
/* Populate ID registers. */
mrs x0, midr_el1
mrs x1, mpidr_el1
diff --git a/arch/arm64/kernel/hyp-stub.S b/arch/arm64/kernel/hyp-stub.S
index 0959611..a272f33 100644
--- a/arch/arm64/kernel/hyp-stub.S
+++ b/arch/arm64/kernel/hyp-stub.S
@@ -19,6 +19,7 @@
 
 #include 
 #include 
+#include 
 
 #include 
 #include 
diff --git a/drivers/irqchip/Kconfig b/drivers/irqchip/Kconfig
index bbb746e..7f0c2a3 100644
--- a/drivers/irqchip/Kconfig
+++ b/drivers/irqchip/Kconfig
@@ -10,6 +10,11 @@ config ARM_GIC
 config GIC_NON_BANKED
bool
 
+config ARM_GIC_V3
+   bool
+   select IRQ_DOMAIN
+   select MULTI_IRQ_HANDLER
+
 config ARM_NVIC
bool
select IRQ_DOMAIN
diff --git a/drivers/irqchip/Makefile b/drivers/irqchip/Makefile
index 9b9505c..c57e642 100644
--- a/drivers/irqchip/Makefile
+++ b/drivers/irqchip/Makefile
@@ -16,6 +16,7 @@ obj-$(CONFIG_ARCH_SUNXI)  += irq-sun4i.o
 obj-$(CONFIG_ARCH_SUNXI)   += irq-sunxi-nmi.o
 obj-$(CONFIG_ARCH_SPEAR3XX)+= spear-shirq.o
 obj-$(CONFIG_ARM_GIC)  += irq-gic.o irq-gic-common.o
+obj-$(CONFIG_ARM_GIC_V3)   += irq-gic-v3.o irq-gic-common.o
 obj-$(CONFIG_ARM_NVIC) += irq-nvic.o
 obj-$(CONFIG_ARM_VIC)  += irq-vic.o
 obj-$(CONFIG_IMGPDC_IRQ)   += irq-imgpdc.o
diff --git a/drivers/irqchip/irq-gic-v3.c b/drivers/irqchip/irq-gic-v3.c
new file mode 100644
index 000..81519ba
--- /dev/null
+++ b/drivers/irqchip/irq-gic-v3.c
@@ -0,0 +1,692 @@
+/*
+ * Copyright (C) 2013, 2014 ARM Limited, All Rights Reserved.
+ * Author: Marc Zyngier 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public 

[GIT PULL 05/51] ARM: KVM: user_mem_abort: support stage 2 MMIO page mapping

[Christoffer Dall]

From: Kim Phillips 

A userspace process can map device MMIO memory via VFIO or /dev/mem,
e.g., for platform device passthrough support in QEMU.

During early development, we found the PAGE_S2 memory type being used
for MMIO mappings.  This patch corrects that by using the more strongly
ordered memory type for device MMIO mappings: PAGE_S2_DEVICE.

Signed-off-by: Kim Phillips 
Acked-by: Christoffer Dall 
Acked-by: Will Deacon 
Signed-off-by: Marc Zyngier 
---
 arch/arm/kvm/mmu.c | 11 ---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/arch/arm/kvm/mmu.c b/arch/arm/kvm/mmu.c
index b2a708b..16e7994 100644
--- a/arch/arm/kvm/mmu.c
+++ b/arch/arm/kvm/mmu.c
@@ -759,6 +759,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, 
phys_addr_t fault_ipa,
struct kvm_mmu_memory_cache *memcache = &vcpu->arch.mmu_page_cache;
struct vm_area_struct *vma;
pfn_t pfn;
+   pgprot_t mem_type = PAGE_S2;
 
write_fault = kvm_is_write_fault(kvm_vcpu_get_hsr(vcpu));
if (fault_status == FSC_PERM && !write_fault) {
@@ -809,6 +810,9 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, 
phys_addr_t fault_ipa,
if (is_error_pfn(pfn))
return -EFAULT;
 
+   if (kvm_is_mmio_pfn(pfn))
+   mem_type = PAGE_S2_DEVICE;
+
spin_lock(&kvm->mmu_lock);
if (mmu_notifier_retry(kvm, mmu_seq))
goto out_unlock;
@@ -816,7 +820,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, 
phys_addr_t fault_ipa,
hugetlb = transparent_hugepage_adjust(&pfn, &fault_ipa);
 
if (hugetlb) {
-   pmd_t new_pmd = pfn_pmd(pfn, PAGE_S2);
+   pmd_t new_pmd = pfn_pmd(pfn, mem_type);
new_pmd = pmd_mkhuge(new_pmd);
if (writable) {
kvm_set_s2pmd_writable(&new_pmd);
@@ -825,13 +829,14 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, 
phys_addr_t fault_ipa,
coherent_cache_guest_page(vcpu, hva & PMD_MASK, PMD_SIZE);
ret = stage2_set_pmd_huge(kvm, memcache, fault_ipa, &new_pmd);
} else {
-   pte_t new_pte = pfn_pte(pfn, PAGE_S2);
+   pte_t new_pte = pfn_pte(pfn, mem_type);
if (writable) {
kvm_set_s2pte_writable(&new_pte);
kvm_set_pfn_dirty(pfn);
}
coherent_cache_guest_page(vcpu, hva, PAGE_SIZE);
-   ret = stage2_set_pte(kvm, memcache, fault_ipa, &new_pte, false);
+   ret = stage2_set_pte(kvm, memcache, fault_ipa, &new_pte,
+mem_type == PAGE_S2_DEVICE);
}
 
 
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 03/51] arm/arm64: KVM: Fix and refactor unmap_range

[Christoffer Dall]

unmap_range() was utterly broken, to quote Marc, and broke in all sorts
of situations.  It was also quite complicated to follow and didn't
follow the usual scheme of having a separate iterating function for each
level of page tables.

Address this by refactoring the code and introduce a pgd_clear()
function.

Reviewed-by: Jungseok Lee 
Reviewed-by: Mario Smarduch 
Acked-by: Marc Zyngier 
Signed-off-by: Christoffer Dall 
---
 arch/arm/include/asm/kvm_mmu.h   |  12 +++
 arch/arm/kvm/mmu.c   | 157 +--
 arch/arm64/include/asm/kvm_mmu.h |  15 
 3 files changed, 111 insertions(+), 73 deletions(-)

diff --git a/arch/arm/include/asm/kvm_mmu.h b/arch/arm/include/asm/kvm_mmu.h
index 5c7aa3c..5cc0b0f 100644
--- a/arch/arm/include/asm/kvm_mmu.h
+++ b/arch/arm/include/asm/kvm_mmu.h
@@ -127,6 +127,18 @@ static inline void kvm_set_s2pmd_writable(pmd_t *pmd)
(__boundary - 1 < (end) - 1)? __boundary: (end);\
 })
 
+static inline bool kvm_page_empty(void *ptr)
+{
+   struct page *ptr_page = virt_to_page(ptr);
+   return page_count(ptr_page) == 1;
+}
+
+
+#define kvm_pte_table_empty(ptep) kvm_page_empty(ptep)
+#define kvm_pmd_table_empty(pmdp) kvm_page_empty(pmdp)
+#define kvm_pud_table_empty(pudp) (0)
+
+
 struct kvm;
 
 #define kvm_flush_dcache_to_poc(a,l)   __cpuc_flush_dcache_area((a), (l))
diff --git a/arch/arm/kvm/mmu.c b/arch/arm/kvm/mmu.c
index 16f8049..2336061 100644
--- a/arch/arm/kvm/mmu.c
+++ b/arch/arm/kvm/mmu.c
@@ -90,104 +90,115 @@ static void *mmu_memory_cache_alloc(struct 
kvm_mmu_memory_cache *mc)
return p;
 }
 
-static bool page_empty(void *ptr)
+static void clear_pgd_entry(struct kvm *kvm, pgd_t *pgd, phys_addr_t addr)
 {
-   struct page *ptr_page = virt_to_page(ptr);
-   return page_count(ptr_page) == 1;
+   pud_t *pud_table __maybe_unused = pud_offset(pgd, 0);
+   pgd_clear(pgd);
+   kvm_tlb_flush_vmid_ipa(kvm, addr);
+   pud_free(NULL, pud_table);
+   put_page(virt_to_page(pgd));
 }
 
 static void clear_pud_entry(struct kvm *kvm, pud_t *pud, phys_addr_t addr)
 {
-   if (pud_huge(*pud)) {
-   pud_clear(pud);
-   kvm_tlb_flush_vmid_ipa(kvm, addr);
-   } else {
-   pmd_t *pmd_table = pmd_offset(pud, 0);
-   pud_clear(pud);
-   kvm_tlb_flush_vmid_ipa(kvm, addr);
-   pmd_free(NULL, pmd_table);
-   }
+   pmd_t *pmd_table = pmd_offset(pud, 0);
+   VM_BUG_ON(pud_huge(*pud));
+   pud_clear(pud);
+   kvm_tlb_flush_vmid_ipa(kvm, addr);
+   pmd_free(NULL, pmd_table);
put_page(virt_to_page(pud));
 }
 
 static void clear_pmd_entry(struct kvm *kvm, pmd_t *pmd, phys_addr_t addr)
 {
-   if (kvm_pmd_huge(*pmd)) {
-   pmd_clear(pmd);
-   kvm_tlb_flush_vmid_ipa(kvm, addr);
-   } else {
-   pte_t *pte_table = pte_offset_kernel(pmd, 0);
-   pmd_clear(pmd);
-   kvm_tlb_flush_vmid_ipa(kvm, addr);
-   pte_free_kernel(NULL, pte_table);
-   }
+   pte_t *pte_table = pte_offset_kernel(pmd, 0);
+   VM_BUG_ON(kvm_pmd_huge(*pmd));
+   pmd_clear(pmd);
+   kvm_tlb_flush_vmid_ipa(kvm, addr);
+   pte_free_kernel(NULL, pte_table);
put_page(virt_to_page(pmd));
 }
 
-static void clear_pte_entry(struct kvm *kvm, pte_t *pte, phys_addr_t addr)
+static void unmap_ptes(struct kvm *kvm, pmd_t *pmd,
+  phys_addr_t addr, phys_addr_t end)
 {
-   if (pte_present(*pte)) {
-   kvm_set_pte(pte, __pte(0));
-   put_page(virt_to_page(pte));
-   kvm_tlb_flush_vmid_ipa(kvm, addr);
-   }
+   phys_addr_t start_addr = addr;
+   pte_t *pte, *start_pte;
+
+   start_pte = pte = pte_offset_kernel(pmd, addr);
+   do {
+   if (!pte_none(*pte)) {
+   kvm_set_pte(pte, __pte(0));
+   put_page(virt_to_page(pte));
+   kvm_tlb_flush_vmid_ipa(kvm, addr);
+   }
+   } while (pte++, addr += PAGE_SIZE, addr != end);
+
+   if (kvm_pte_table_empty(start_pte))
+   clear_pmd_entry(kvm, pmd, start_addr);
 }
 
-static void unmap_range(struct kvm *kvm, pgd_t *pgdp,
-   unsigned long long start, u64 size)
+static void unmap_pmds(struct kvm *kvm, pud_t *pud,
+  phys_addr_t addr, phys_addr_t end)
 {
-   pgd_t *pgd;
-   pud_t *pud;
-   pmd_t *pmd;
-   pte_t *pte;
-   unsigned long long addr = start, end = start + size;
-   u64 next;
+   phys_addr_t next, start_addr = addr;
+   pmd_t *pmd, *start_pmd;
 
-   while (addr < end) {
-   pgd = pgdp + pgd_index(addr);
-   pud = pud_offset(pgd, addr);
-   pte = NULL;
-   if (pud_none(*pud)) {
-   addr = kvm_pud_addr_end(addr, end);
-   continue;
-   }
-
-  

[GIT PULL 14/51] KVM: ARM: vgic: abstract MISR decoding

[Christoffer Dall]

From: Marc Zyngier 

Instead of directly dealing with the GICH_MISR bits, move the code to
its own function and use a couple of public flags to represent the
actual state.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 include/kvm/arm_vgic.h |  4 
 virt/kvm/arm/vgic.c| 26 +++---
 2 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index ccb9b59..4857508 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -87,6 +87,7 @@ struct vgic_ops {
void(*sync_lr_elrsr)(struct kvm_vcpu *, int, struct vgic_lr);
u64 (*get_elrsr)(const struct kvm_vcpu *vcpu);
u64 (*get_eisr)(const struct kvm_vcpu *vcpu);
+   u32 (*get_interrupt_status)(const struct kvm_vcpu *vcpu);
 };
 
 struct vgic_dist {
@@ -165,6 +166,9 @@ struct vgic_cpu {
 
 #define LR_EMPTY   0xff
 
+#define INT_STATUS_EOI (1 << 0)
+#define INT_STATUS_UNDERFLOW   (1 << 1)
+
 struct kvm;
 struct kvm_vcpu;
 struct kvm_run;
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 1e857e6..c0bcc97 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1050,12 +1050,26 @@ static u64 vgic_v2_get_eisr(const struct kvm_vcpu *vcpu)
return val;
 }
 
+static u32 vgic_v2_get_interrupt_status(const struct kvm_vcpu *vcpu)
+{
+   u32 misr = vcpu->arch.vgic_cpu.vgic_v2.vgic_misr;
+   u32 ret = 0;
+
+   if (misr & GICH_MISR_EOI)
+   ret |= INT_STATUS_EOI;
+   if (misr & GICH_MISR_U)
+   ret |= INT_STATUS_UNDERFLOW;
+
+   return ret;
+}
+
 static const struct vgic_ops vgic_ops = {
.get_lr = vgic_v2_get_lr,
.set_lr = vgic_v2_set_lr,
.sync_lr_elrsr  = vgic_v2_sync_lr_elrsr,
.get_elrsr  = vgic_v2_get_elrsr,
.get_eisr   = vgic_v2_get_eisr,
+   .get_interrupt_status   = vgic_v2_get_interrupt_status,
 };
 
 static struct vgic_lr vgic_get_lr(const struct kvm_vcpu *vcpu, int lr)
@@ -1085,6 +1099,11 @@ static inline u64 vgic_get_eisr(struct kvm_vcpu *vcpu)
return vgic_ops.get_eisr(vcpu);
 }
 
+static inline u32 vgic_get_interrupt_status(struct kvm_vcpu *vcpu)
+{
+   return vgic_ops.get_interrupt_status(vcpu);
+}
+
 static void vgic_retire_lr(int lr_nr, int irq, struct kvm_vcpu *vcpu)
 {
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
@@ -1282,11 +1301,12 @@ epilog:
 static bool vgic_process_maintenance(struct kvm_vcpu *vcpu)
 {
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
+   u32 status = vgic_get_interrupt_status(vcpu);
bool level_pending = false;
 
-   kvm_debug("MISR = %08x\n", vgic_cpu->vgic_v2.vgic_misr);
+   kvm_debug("STATUS = %08x\n", status);
 
-   if (vgic_cpu->vgic_v2.vgic_misr & GICH_MISR_EOI) {
+   if (status & INT_STATUS_EOI) {
/*
 * Some level interrupts have been EOIed. Clear their
 * active bit.
@@ -1319,7 +1339,7 @@ static bool vgic_process_maintenance(struct kvm_vcpu 
*vcpu)
}
}
 
-   if (vgic_cpu->vgic_v2.vgic_misr & GICH_MISR_U)
+   if (status & INT_STATUS_UNDERFLOW)
vgic_cpu->vgic_v2.vgic_hcr &= ~GICH_HCR_UIE;
 
return level_pending;
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 11/51] KVM: ARM: vgic: introduce vgic_ops and LR manipulation primitives

[Christoffer Dall]

From: Marc Zyngier 

In order to split the various register manipulation from the main vgic
code, introduce a vgic_ops structure, and start by abstracting the
LR manipulation code with a couple of accessors.

Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 include/kvm/arm_vgic.h |  18 ++
 virt/kvm/arm/vgic.c| 162 +
 2 files changed, 128 insertions(+), 52 deletions(-)

diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index f738e5a..17bbe51 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -68,6 +68,24 @@ struct vgic_bytemap {
u32 shared[VGIC_NR_SHARED_IRQS  / 4];
 };
 
+struct kvm_vcpu;
+
+#define LR_STATE_PENDING   (1 << 0)
+#define LR_STATE_ACTIVE(1 << 1)
+#define LR_STATE_MASK  (3 << 0)
+#define LR_EOI_INT (1 << 2)
+
+struct vgic_lr {
+   u16 irq;
+   u8  source;
+   u8  state;
+};
+
+struct vgic_ops {
+   struct vgic_lr  (*get_lr)(const struct kvm_vcpu *, int);
+   void(*set_lr)(struct kvm_vcpu *, int, struct vgic_lr);
+};
+
 struct vgic_dist {
 #ifdef CONFIG_KVM_ARM_VGIC
spinlock_t  lock;
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 0ba1ab0..11408fe 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -94,9 +94,12 @@ static struct device_node *vgic_node;
 #define ACCESS_WRITE_MASK(x)   ((x) & (3 << 1))
 
 static void vgic_retire_disabled_irqs(struct kvm_vcpu *vcpu);
+static void vgic_retire_lr(int lr_nr, int irq, struct kvm_vcpu *vcpu);
 static void vgic_update_state(struct kvm *kvm);
 static void vgic_kick_vcpus(struct kvm *kvm);
 static void vgic_dispatch_sgi(struct kvm_vcpu *vcpu, u32 reg);
+static struct vgic_lr vgic_get_lr(const struct kvm_vcpu *vcpu, int lr);
+static void vgic_set_lr(struct kvm_vcpu *vcpu, int lr, struct vgic_lr lr_desc);
 static u32 vgic_nr_lr;
 
 static unsigned int vgic_maint_irq;
@@ -593,18 +596,6 @@ static bool handle_mmio_sgi_reg(struct kvm_vcpu *vcpu,
return false;
 }
 
-#define LR_CPUID(lr)   \
-   (((lr) & GICH_LR_PHYSID_CPUID) >> GICH_LR_PHYSID_CPUID_SHIFT)
-#define LR_IRQID(lr)   \
-   ((lr) & GICH_LR_VIRTUALID)
-
-static void vgic_retire_lr(int lr_nr, int irq, struct vgic_cpu *vgic_cpu)
-{
-   clear_bit(lr_nr, vgic_cpu->lr_used);
-   vgic_cpu->vgic_v2.vgic_lr[lr_nr] &= ~GICH_LR_STATE;
-   vgic_cpu->vgic_irq_lr_map[irq] = LR_EMPTY;
-}
-
 /**
  * vgic_unqueue_irqs - move pending IRQs from LRs to the distributor
  * @vgic_cpu: Pointer to the vgic_cpu struct holding the LRs
@@ -622,13 +613,10 @@ static void vgic_unqueue_irqs(struct kvm_vcpu *vcpu)
struct vgic_dist *dist = &vcpu->kvm->arch.vgic;
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
int vcpu_id = vcpu->vcpu_id;
-   int i, irq, source_cpu;
-   u32 *lr;
+   int i;
 
for_each_set_bit(i, vgic_cpu->lr_used, vgic_cpu->nr_lr) {
-   lr = &vgic_cpu->vgic_v2.vgic_lr[i];
-   irq = LR_IRQID(*lr);
-   source_cpu = LR_CPUID(*lr);
+   struct vgic_lr lr = vgic_get_lr(vcpu, i);
 
/*
 * There are three options for the state bits:
@@ -640,7 +628,7 @@ static void vgic_unqueue_irqs(struct kvm_vcpu *vcpu)
 * If the LR holds only an active interrupt (not pending) then
 * just leave it alone.
 */
-   if ((*lr & GICH_LR_STATE) == GICH_LR_ACTIVE_BIT)
+   if ((lr.state & LR_STATE_MASK) == LR_STATE_ACTIVE)
continue;
 
/*
@@ -649,18 +637,19 @@ static void vgic_unqueue_irqs(struct kvm_vcpu *vcpu)
 * is fine, then we are only setting a few bits that were
 * already set.
 */
-   vgic_dist_irq_set(vcpu, irq);
-   if (irq < VGIC_NR_SGIS)
-   dist->irq_sgi_sources[vcpu_id][irq] |= 1 << source_cpu;
-   *lr &= ~GICH_LR_PENDING_BIT;
+   vgic_dist_irq_set(vcpu, lr.irq);
+   if (lr.irq < VGIC_NR_SGIS)
+   dist->irq_sgi_sources[vcpu_id][lr.irq] |= 1 << 
lr.source;
+   lr.state &= ~LR_STATE_PENDING;
+   vgic_set_lr(vcpu, i, lr);
 
/*
 * If there's no state left on the LR (it could still be
 * active), then the LR does not hold any useful info and can
 * be marked as free for other use.
 */
-   if (!(*lr & GICH_LR_STATE))
-   vgic_retire_lr(i, irq, vgic_cpu);
+   if (!(lr.state & LR_STATE_MASK))
+   vgic_retire_lr(i, lr.irq, vcpu);
 
/* Finally update the VGIC state. */
vgic_update_state(vcpu->kvm);
@@ -989,8 +978,69 @@ static void vgic_update_state(struct kvm *kvm)
}
 }
 
-#define MK_LR_PEND(src, irq)   \
-   (GI

[GIT PULL 07/51] arm64: KVM: allow export and import of generic timer regs

[Christoffer Dall]

From: Alex Bennée 

For correct guest suspend/resume behaviour we need to ensure we include
the generic timer registers for 64 bit guests. As CONFIG_KVM_ARM_TIMER is
always set for arm64 we don't need to worry about null implementations.
However I have re-jigged the kvm_arm_timer_set/get_reg declarations to
be in the common include/kvm/arm_arch_timer.h headers.

Acked-by: Marc Zyngier 
Reviewed-by: Christoffer Dall 
Signed-off-by: Alex Bennée 
Signed-off-by: Christoffer Dall 
---
 arch/arm/include/asm/kvm_host.h |  3 --
 arch/arm/kvm/guest.c| 10 --
 arch/arm64/kvm/guest.c  | 68 -
 include/kvm/arm_arch_timer.h| 14 +
 4 files changed, 81 insertions(+), 14 deletions(-)

diff --git a/arch/arm/include/asm/kvm_host.h b/arch/arm/include/asm/kvm_host.h
index 193ceaf..dc4e3ed 100644
--- a/arch/arm/include/asm/kvm_host.h
+++ b/arch/arm/include/asm/kvm_host.h
@@ -228,7 +228,4 @@ static inline int kvm_arch_dev_ioctl_check_extension(long 
ext)
 int kvm_perf_init(void);
 int kvm_perf_teardown(void);
 
-u64 kvm_arm_timer_get_reg(struct kvm_vcpu *, u64 regid);
-int kvm_arm_timer_set_reg(struct kvm_vcpu *, u64 regid, u64 value);
-
 #endif /* __ARM_KVM_HOST_H__ */
diff --git a/arch/arm/kvm/guest.c b/arch/arm/kvm/guest.c
index b23a59c..986e625 100644
--- a/arch/arm/kvm/guest.c
+++ b/arch/arm/kvm/guest.c
@@ -124,16 +124,6 @@ static bool is_timer_reg(u64 index)
return false;
 }
 
-int kvm_arm_timer_set_reg(struct kvm_vcpu *vcpu, u64 regid, u64 value)
-{
-   return 0;
-}
-
-u64 kvm_arm_timer_get_reg(struct kvm_vcpu *vcpu, u64 regid)
-{
-   return 0;
-}
-
 #else
 
 #define NUM_TIMER_REGS 3
diff --git a/arch/arm64/kvm/guest.c b/arch/arm64/kvm/guest.c
index 60b5c31..8d1ec28 100644
--- a/arch/arm64/kvm/guest.c
+++ b/arch/arm64/kvm/guest.c
@@ -136,13 +136,67 @@ static unsigned long num_core_regs(void)
 }
 
 /**
+ * ARM64 versions of the TIMER registers, always available on arm64
+ */
+
+#define NUM_TIMER_REGS 3
+
+static bool is_timer_reg(u64 index)
+{
+   switch (index) {
+   case KVM_REG_ARM_TIMER_CTL:
+   case KVM_REG_ARM_TIMER_CNT:
+   case KVM_REG_ARM_TIMER_CVAL:
+   return true;
+   }
+   return false;
+}
+
+static int copy_timer_indices(struct kvm_vcpu *vcpu, u64 __user *uindices)
+{
+   if (put_user(KVM_REG_ARM_TIMER_CTL, uindices))
+   return -EFAULT;
+   uindices++;
+   if (put_user(KVM_REG_ARM_TIMER_CNT, uindices))
+   return -EFAULT;
+   uindices++;
+   if (put_user(KVM_REG_ARM_TIMER_CVAL, uindices))
+   return -EFAULT;
+
+   return 0;
+}
+
+static int set_timer_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)
+{
+   void __user *uaddr = (void __user *)(long)reg->addr;
+   u64 val;
+   int ret;
+
+   ret = copy_from_user(&val, uaddr, KVM_REG_SIZE(reg->id));
+   if (ret != 0)
+   return ret;
+
+   return kvm_arm_timer_set_reg(vcpu, reg->id, val);
+}
+
+static int get_timer_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)
+{
+   void __user *uaddr = (void __user *)(long)reg->addr;
+   u64 val;
+
+   val = kvm_arm_timer_get_reg(vcpu, reg->id);
+   return copy_to_user(uaddr, &val, KVM_REG_SIZE(reg->id));
+}
+
+/**
  * kvm_arm_num_regs - how many registers do we present via KVM_GET_ONE_REG
  *
  * This is for all registers.
  */
 unsigned long kvm_arm_num_regs(struct kvm_vcpu *vcpu)
 {
-   return num_core_regs() + kvm_arm_num_sys_reg_descs(vcpu);
+   return num_core_regs() + kvm_arm_num_sys_reg_descs(vcpu)
++ NUM_TIMER_REGS;
 }
 
 /**
@@ -154,6 +208,7 @@ int kvm_arm_copy_reg_indices(struct kvm_vcpu *vcpu, u64 
__user *uindices)
 {
unsigned int i;
const u64 core_reg = KVM_REG_ARM64 | KVM_REG_SIZE_U64 | 
KVM_REG_ARM_CORE;
+   int ret;
 
for (i = 0; i < sizeof(struct kvm_regs) / sizeof(__u32); i++) {
if (put_user(core_reg | i, uindices))
@@ -161,6 +216,11 @@ int kvm_arm_copy_reg_indices(struct kvm_vcpu *vcpu, u64 
__user *uindices)
uindices++;
}
 
+   ret = copy_timer_indices(vcpu, uindices);
+   if (ret)
+   return ret;
+   uindices += NUM_TIMER_REGS;
+
return kvm_arm_copy_sys_reg_indices(vcpu, uindices);
 }
 
@@ -174,6 +234,9 @@ int kvm_arm_get_reg(struct kvm_vcpu *vcpu, const struct 
kvm_one_reg *reg)
if ((reg->id & KVM_REG_ARM_COPROC_MASK) == KVM_REG_ARM_CORE)
return get_core_reg(vcpu, reg);
 
+   if (is_timer_reg(reg->id))
+   return get_timer_reg(vcpu, reg);
+
return kvm_arm_sys_reg_get_reg(vcpu, reg);
 }
 
@@ -187,6 +250,9 @@ int kvm_arm_set_reg(struct kvm_vcpu *vcpu, const struct 
kvm_one_reg *reg)
if ((reg->id & KVM_REG_ARM_COPROC_MASK) == KVM_REG_ARM_CORE)
return set_core_reg(vcpu, reg);
 
+   if (is_timer_reg(reg->id))
+   return set_timer_reg(vcpu, reg);
+

[GIT PULL 09/51] arm64: boot protocol documentation update for GICv3

[Christoffer Dall]

From: Marc Zyngier 

Linux has some requirements that must be satisfied in order to boot
on a system built with a GICv3.

Acked-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 Documentation/arm64/booting.txt | 8 
 1 file changed, 8 insertions(+)

diff --git a/Documentation/arm64/booting.txt b/Documentation/arm64/booting.txt
index 37fc4f6..da1d4bf 100644
--- a/Documentation/arm64/booting.txt
+++ b/Documentation/arm64/booting.txt
@@ -141,6 +141,14 @@ Before jumping into the kernel, the following conditions 
must be met:
   the kernel image will be entered must be initialised by software at a
   higher exception level to prevent execution in an UNKNOWN state.
 
+  For systems with a GICv3 interrupt controller:
+  - If EL3 is present:
+ICC_SRE_EL3.Enable (bit 3) must be initialiased to 0b1.
+ICC_SRE_EL3.SRE (bit 0) must be initialised to 0b1.
+  - If the kernel is entered at EL1:
+ICC.SRE_EL2.Enable (bit 3) must be initialised to 0b1
+ICC_SRE_EL2.SRE (bit 0) must be initialised to 0b1.
+
 The requirements described above for CPU mode, caches, MMUs, architected
 timers, coherency and system registers apply to all CPUs.  All CPUs must
 enter the kernel in the same exception level.
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 06/51] arm64: KVM: export demux regids as KVM_REG_ARM64

[Christoffer Dall]

From: Alex Bennée 

I suspect this is a -ECUTPASTE fault from the initial implementation. If
we don't declare the register ID to be KVM_REG_ARM64 the KVM_GET_ONE_REG
implementation kvm_arm_get_reg() returns -EINVAL and hilarity ensues.

The kvm/api.txt document describes all arm64 registers as starting with
0x60xx... (i.e KVM_REG_ARM64).

Signed-off-by: Alex Bennée 
Acked-by: Christoffer Dall 
Acked-by: Marc Zyngier 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/kvm/sys_regs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index c59a1bd..34f25a5 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -962,7 +962,7 @@ static unsigned int num_demux_regs(void)
 
 static int write_demux_regids(u64 __user *uindices)
 {
-   u64 val = KVM_REG_ARM | KVM_REG_SIZE_U32 | KVM_REG_ARM_DEMUX;
+   u64 val = KVM_REG_ARM64 | KVM_REG_SIZE_U32 | KVM_REG_ARM_DEMUX;
unsigned int i;
 
val |= KVM_REG_ARM_DEMUX_ID_CCSIDR;
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 34/51] ARM: KVM: enable KVM in Kconfig on big-endian systems

[Christoffer Dall]

From: Victor Kamensky 

Previous patches addresses ARMV7 big-endian virtualiztion,
kvm related issues, so enable ARM_VIRT_EXT for big-endian
now.

Signed-off-by: Victor Kamensky 
Acked-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm/kvm/Kconfig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm/kvm/Kconfig b/arch/arm/kvm/Kconfig
index 4be5bb1..466bd29 100644
--- a/arch/arm/kvm/Kconfig
+++ b/arch/arm/kvm/Kconfig
@@ -23,7 +23,7 @@ config KVM
select HAVE_KVM_CPU_RELAX_INTERCEPT
select KVM_MMIO
select KVM_ARM_HOST
-   depends on ARM_VIRT_EXT && ARM_LPAE && !CPU_BIG_ENDIAN
+   depends on ARM_VIRT_EXT && ARM_LPAE
---help---
  Support hosting virtualized guest machines. You will also
  need to select one or more of the processor modules below.
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 15/51] KVM: ARM: vgic: move underflow handling to vgic_ops

[Christoffer Dall]

From: Marc Zyngier 

Move the code dealing with LR underflow handling to its own functions,
and make them accessible through vgic_ops.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 include/kvm/arm_vgic.h |  2 ++
 virt/kvm/arm/vgic.c| 28 +---
 2 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index 4857508..cdfa5d9 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -88,6 +88,8 @@ struct vgic_ops {
u64 (*get_elrsr)(const struct kvm_vcpu *vcpu);
u64 (*get_eisr)(const struct kvm_vcpu *vcpu);
u32 (*get_interrupt_status)(const struct kvm_vcpu *vcpu);
+   void(*enable_underflow)(struct kvm_vcpu *vcpu);
+   void(*disable_underflow)(struct kvm_vcpu *vcpu);
 };
 
 struct vgic_dist {
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index c0bcc97..6d618e0 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1063,6 +1063,16 @@ static u32 vgic_v2_get_interrupt_status(const struct 
kvm_vcpu *vcpu)
return ret;
 }
 
+static void vgic_v2_enable_underflow(struct kvm_vcpu *vcpu)
+{
+   vcpu->arch.vgic_cpu.vgic_v2.vgic_hcr |= GICH_HCR_UIE;
+}
+
+static void vgic_v2_disable_underflow(struct kvm_vcpu *vcpu)
+{
+   vcpu->arch.vgic_cpu.vgic_v2.vgic_hcr &= ~GICH_HCR_UIE;
+}
+
 static const struct vgic_ops vgic_ops = {
.get_lr = vgic_v2_get_lr,
.set_lr = vgic_v2_set_lr,
@@ -1070,6 +1080,8 @@ static const struct vgic_ops vgic_ops = {
.get_elrsr  = vgic_v2_get_elrsr,
.get_eisr   = vgic_v2_get_eisr,
.get_interrupt_status   = vgic_v2_get_interrupt_status,
+   .enable_underflow   = vgic_v2_enable_underflow,
+   .disable_underflow  = vgic_v2_disable_underflow,
 };
 
 static struct vgic_lr vgic_get_lr(const struct kvm_vcpu *vcpu, int lr)
@@ -1104,6 +1116,16 @@ static inline u32 vgic_get_interrupt_status(struct 
kvm_vcpu *vcpu)
return vgic_ops.get_interrupt_status(vcpu);
 }
 
+static inline void vgic_enable_underflow(struct kvm_vcpu *vcpu)
+{
+   vgic_ops.enable_underflow(vcpu);
+}
+
+static inline void vgic_disable_underflow(struct kvm_vcpu *vcpu)
+{
+   vgic_ops.disable_underflow(vcpu);
+}
+
 static void vgic_retire_lr(int lr_nr, int irq, struct kvm_vcpu *vcpu)
 {
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
@@ -1285,9 +1307,9 @@ static void __kvm_vgic_flush_hwstate(struct kvm_vcpu 
*vcpu)
 
 epilog:
if (overflow) {
-   vgic_cpu->vgic_v2.vgic_hcr |= GICH_HCR_UIE;
+   vgic_enable_underflow(vcpu);
} else {
-   vgic_cpu->vgic_v2.vgic_hcr &= ~GICH_HCR_UIE;
+   vgic_disable_underflow(vcpu);
/*
 * We're about to run this VCPU, and we've consumed
 * everything the distributor had in store for
@@ -1340,7 +1362,7 @@ static bool vgic_process_maintenance(struct kvm_vcpu 
*vcpu)
}
 
if (status & INT_STATUS_UNDERFLOW)
-   vgic_cpu->vgic_v2.vgic_hcr &= ~GICH_HCR_UIE;
+   vgic_disable_underflow(vcpu);
 
return level_pending;
 }
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 45/51] arm64: KVM: check ordering of all system register tables

[Christoffer Dall]

From: Marc Zyngier 

We now have multiple tables for the various system registers
we trap. Make sure we check the order of all of them, as it is
critical that we get the order right (been there, done that...).

Reviewed-by: Anup Patel 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/kvm/sys_regs.c | 22 --
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index 499a351..8ab47c7 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -1308,14 +1308,32 @@ int kvm_arm_copy_sys_reg_indices(struct kvm_vcpu *vcpu, 
u64 __user *uindices)
return write_demux_regids(uindices);
 }
 
+static int check_sysreg_table(const struct sys_reg_desc *table, unsigned int n)
+{
+   unsigned int i;
+
+   for (i = 1; i < n; i++) {
+   if (cmp_sys_reg(&table[i-1], &table[i]) >= 0) {
+   kvm_err("sys_reg table %p out of order (%d)\n", table, 
i - 1);
+   return 1;
+   }
+   }
+
+   return 0;
+}
+
 void kvm_sys_reg_table_init(void)
 {
unsigned int i;
struct sys_reg_desc clidr;
 
/* Make sure tables are unique and in order. */
-   for (i = 1; i < ARRAY_SIZE(sys_reg_descs); i++)
-   BUG_ON(cmp_sys_reg(&sys_reg_descs[i-1], &sys_reg_descs[i]) >= 
0);
+   BUG_ON(check_sysreg_table(sys_reg_descs, ARRAY_SIZE(sys_reg_descs)));
+   BUG_ON(check_sysreg_table(cp14_regs, ARRAY_SIZE(cp14_regs)));
+   BUG_ON(check_sysreg_table(cp14_64_regs, ARRAY_SIZE(cp14_64_regs)));
+   BUG_ON(check_sysreg_table(cp15_regs, ARRAY_SIZE(cp15_regs)));
+   BUG_ON(check_sysreg_table(cp15_64_regs, ARRAY_SIZE(cp15_64_regs)));
+   BUG_ON(check_sysreg_table(invariant_sys_regs, 
ARRAY_SIZE(invariant_sys_regs)));
 
/* We abuse the reset function to overwrite the table itself. */
for (i = 0; i < ARRAY_SIZE(invariant_sys_regs); i++)
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 20/51] KVM: ARM: vgic: revisit implementation of irqchip_in_kernel

[Christoffer Dall]

From: Marc Zyngier 

So far, irqchip_in_kernel() was implemented by testing the value of
vctrl_base, which worked fine with GICv2.

With GICv3, this field is useless, as we're using system registers
instead of a emmory mapped interface. To solve this, add a boolean
flag indicating if the we're using a vgic or not.

Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 include/kvm/arm_vgic.h | 3 ++-
 virt/kvm/arm/vgic.c| 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index d8d52a9..f6b9fec 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -117,6 +117,7 @@ struct vgic_params {
 struct vgic_dist {
 #ifdef CONFIG_KVM_ARM_VGIC
spinlock_t  lock;
+   boolin_kernel;
boolready;
 
/* Virtual control interface mapping */
@@ -212,7 +213,7 @@ int kvm_vgic_vcpu_pending_irq(struct kvm_vcpu *vcpu);
 bool vgic_handle_mmio(struct kvm_vcpu *vcpu, struct kvm_run *run,
  struct kvm_exit_mmio *mmio);
 
-#define irqchip_in_kernel(k)   (!!((k)->arch.vgic.vctrl_base))
+#define irqchip_in_kernel(k)   (!!((k)->arch.vgic.in_kernel))
 #define vgic_initialized(k)((k)->arch.vgic.ready)
 
 int vgic_v2_probe(struct device_node *vgic_node,
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index e4b9cbb..1348e74 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1650,6 +1650,7 @@ int kvm_vgic_create(struct kvm *kvm)
}
 
spin_lock_init(&kvm->arch.vgic.lock);
+   kvm->arch.vgic.in_kernel = true;
kvm->arch.vgic.vctrl_base = vgic->vctrl_base;
kvm->arch.vgic.vgic_dist_base = VGIC_ADDR_UNDEF;
kvm->arch.vgic.vgic_cpu_base = VGIC_ADDR_UNDEF;
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 50/51] KVM: arm64: GICv3: mandate page-aligned GICV region

[Christoffer Dall]

From: Marc Zyngier 

Just like GICv2 was fixed in 63afbe7a0ac1
(kvm: arm64: vgic: fix hyp panic with 64k pages on juno platform),
mandate the GICV region to be both aligned on a page boundary and
its size to be a multiple of page size.

This prevents a guest from being able to poke at regions where we
have no idea what is sitting there.

Signed-off-by: Marc Zyngier 
Signed-off-by: Christoffer Dall 
---
 virt/kvm/arm/vgic-v3.c | 16 
 1 file changed, 16 insertions(+)

diff --git a/virt/kvm/arm/vgic-v3.c b/virt/kvm/arm/vgic-v3.c
index f01d446..1c2c8ee 100644
--- a/virt/kvm/arm/vgic-v3.c
+++ b/virt/kvm/arm/vgic-v3.c
@@ -215,6 +215,22 @@ int vgic_v3_probe(struct device_node *vgic_node,
ret = -ENXIO;
goto out;
}
+
+   if (!PAGE_ALIGNED(vcpu_res.start)) {
+   kvm_err("GICV physical address 0x%llx not page aligned\n",
+   (unsigned long long)vcpu_res.start);
+   ret = -ENXIO;
+   goto out;
+   }
+
+   if (!PAGE_ALIGNED(resource_size(&vcpu_res))) {
+   kvm_err("GICV size 0x%llx not a multiple of page size 0x%lx\n",
+   (unsigned long long)resource_size(&vcpu_res),
+   PAGE_SIZE);
+   ret = -ENXIO;
+   goto out;
+   }
+
vgic->vcpu_base = vcpu_res.start;
vgic->vctrl_base = NULL;
vgic->type = VGIC_V3;
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 36/51] ARM64: KVM: store kvm_vcpu_fault_info est_el2 as word

[Christoffer Dall]

From: Victor Kamensky 

esr_el2 field of struct kvm_vcpu_fault_info has u32 type.
It should be stored as word. Current code works in LE case
because existing puts least significant word of x1 into
esr_el2, and it puts most significant work of x1 into next
field, which accidentally is OK because it is updated again
by next instruction. But existing code breaks in BE case.

Signed-off-by: Victor Kamensky 
Acked-by: Christoffer Dall 
Acked-by: Marc Zyngier 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/kvm/hyp.S | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S
index 5945f3b..7874e02 100644
--- a/arch/arm64/kvm/hyp.S
+++ b/arch/arm64/kvm/hyp.S
@@ -762,7 +762,7 @@ el1_trap:
mrs x2, far_el2
 
 2: mrs x0, tpidr_el2
-   str x1, [x0, #VCPU_ESR_EL2]
+   str w1, [x0, #VCPU_ESR_EL2]
str x2, [x0, #VCPU_FAR_EL2]
str x3, [x0, #VCPU_HPFAR_EL2]
 
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 17/51] KVM: ARM: vgic: introduce vgic_enable

[Christoffer Dall]

From: Marc Zyngier 

Move the code dealing with enabling the VGIC on to vgic_ops.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 include/kvm/arm_vgic.h |  1 +
 virt/kvm/arm/vgic.c| 29 +
 2 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index f515800..2228973 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -99,6 +99,7 @@ struct vgic_ops {
void(*disable_underflow)(struct kvm_vcpu *vcpu);
void(*get_vmcr)(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr);
void(*set_vmcr)(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr);
+   void(*enable)(struct kvm_vcpu *vcpu);
 };
 
 struct vgic_dist {
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 5c70639..70f674b 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1097,6 +1097,19 @@ static void vgic_v2_set_vmcr(struct kvm_vcpu *vcpu, 
struct vgic_vmcr *vmcrp)
vcpu->arch.vgic_cpu.vgic_v2.vgic_vmcr = vmcr;
 }
 
+static void vgic_v2_enable(struct kvm_vcpu *vcpu)
+{
+   /*
+* By forcing VMCR to zero, the GIC will restore the binary
+* points to their reset values. Anything else resets to zero
+* anyway.
+*/
+   vcpu->arch.vgic_cpu.vgic_v2.vgic_vmcr = 0;
+
+   /* Get the show on the road... */
+   vcpu->arch.vgic_cpu.vgic_v2.vgic_hcr = GICH_HCR_EN;
+}
+
 static const struct vgic_ops vgic_ops = {
.get_lr = vgic_v2_get_lr,
.set_lr = vgic_v2_set_lr,
@@ -1108,6 +1121,7 @@ static const struct vgic_ops vgic_ops = {
.disable_underflow  = vgic_v2_disable_underflow,
.get_vmcr   = vgic_v2_get_vmcr,
.set_vmcr   = vgic_v2_set_vmcr,
+   .enable = vgic_v2_enable,
 };
 
 static struct vgic_lr vgic_get_lr(const struct kvm_vcpu *vcpu, int lr)
@@ -1162,6 +1176,11 @@ static void vgic_set_vmcr(struct kvm_vcpu *vcpu, struct 
vgic_vmcr *vmcr)
vgic_ops.set_vmcr(vcpu, vmcr);
 }
 
+static inline void vgic_enable(struct kvm_vcpu *vcpu)
+{
+   vgic_ops.enable(vcpu);
+}
+
 static void vgic_retire_lr(int lr_nr, int irq, struct kvm_vcpu *vcpu)
 {
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
@@ -1624,15 +1643,9 @@ int kvm_vgic_vcpu_init(struct kvm_vcpu *vcpu)
vgic_cpu->vgic_irq_lr_map[i] = LR_EMPTY;
}
 
-   /*
-* By forcing VMCR to zero, the GIC will restore the binary
-* points to their reset values. Anything else resets to zero
-* anyway.
-*/
-   vgic_cpu->vgic_v2.vgic_vmcr = 0;
-
vgic_cpu->nr_lr = vgic_nr_lr;
-   vgic_cpu->vgic_v2.vgic_hcr = GICH_HCR_EN; /* Get the show on the 
road... */
+
+   vgic_enable(vcpu);
 
return 0;
 }
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 43/51] arm64: KVM: common infrastructure for handling AArch32 CP14/CP15

[Christoffer Dall]

From: Marc Zyngier 

As we're about to trap a bunch of CP14 registers, let's rework
the CP15 handling so it can be generalized and work with multiple
tables.

Reviewed-by: Anup Patel 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_asm.h|   2 +-
 arch/arm64/include/asm/kvm_coproc.h |   3 +-
 arch/arm64/include/asm/kvm_host.h   |  13 ++--
 arch/arm64/kvm/handle_exit.c|   4 +-
 arch/arm64/kvm/sys_regs.c   | 133 +---
 5 files changed, 124 insertions(+), 31 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index 660f75c..69027de 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -95,7 +95,7 @@
 #define c10_AMAIR0 (AMAIR_EL1 * 2) /* Aux Memory Attr Indirection Reg */
 #define c10_AMAIR1 (c10_AMAIR0 + 1)/* Aux Memory Attr Indirection Reg */
 #define c14_CNTKCTL(CNTKCTL_EL1 * 2) /* Timer Control Register (PL1) */
-#define NR_CP15_REGS   (NR_SYS_REGS * 2)
+#define NR_COPRO_REGS  (NR_SYS_REGS * 2)
 
 #define ARM_EXCEPTION_IRQ0
 #define ARM_EXCEPTION_TRAP   1
diff --git a/arch/arm64/include/asm/kvm_coproc.h 
b/arch/arm64/include/asm/kvm_coproc.h
index 9a59301..0b52377 100644
--- a/arch/arm64/include/asm/kvm_coproc.h
+++ b/arch/arm64/include/asm/kvm_coproc.h
@@ -39,7 +39,8 @@ void kvm_register_target_sys_reg_table(unsigned int target,
   struct kvm_sys_reg_target_table *table);
 
 int kvm_handle_cp14_load_store(struct kvm_vcpu *vcpu, struct kvm_run *run);
-int kvm_handle_cp14_access(struct kvm_vcpu *vcpu, struct kvm_run *run);
+int kvm_handle_cp14_32(struct kvm_vcpu *vcpu, struct kvm_run *run);
+int kvm_handle_cp14_64(struct kvm_vcpu *vcpu, struct kvm_run *run);
 int kvm_handle_cp15_32(struct kvm_vcpu *vcpu, struct kvm_run *run);
 int kvm_handle_cp15_64(struct kvm_vcpu *vcpu, struct kvm_run *run);
 int kvm_handle_sys_reg(struct kvm_vcpu *vcpu, struct kvm_run *run);
diff --git a/arch/arm64/include/asm/kvm_host.h 
b/arch/arm64/include/asm/kvm_host.h
index 8e410f7..79812be 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -86,7 +86,7 @@ struct kvm_cpu_context {
struct kvm_regs gp_regs;
union {
u64 sys_regs[NR_SYS_REGS];
-   u32 cp15[NR_CP15_REGS];
+   u32 copro[NR_COPRO_REGS];
};
 };
 
@@ -141,12 +141,17 @@ struct kvm_vcpu_arch {
 
 #define vcpu_gp_regs(v)(&(v)->arch.ctxt.gp_regs)
 #define vcpu_sys_reg(v,r)  ((v)->arch.ctxt.sys_regs[(r)])
-#define vcpu_cp15(v,r) ((v)->arch.ctxt.cp15[(r)])
+/*
+ * CP14 and CP15 live in the same array, as they are backed by the
+ * same system registers.
+ */
+#define vcpu_cp14(v,r) ((v)->arch.ctxt.copro[(r)])
+#define vcpu_cp15(v,r) ((v)->arch.ctxt.copro[(r)])
 
 #ifdef CONFIG_CPU_BIG_ENDIAN
-#define vcpu_cp15_64_low(v,r) ((v)->arch.ctxt.cp15[((r) + 1)])
+#define vcpu_cp15_64_low(v,r) ((v)->arch.ctxt.copro[((r) + 1)])
 #else
-#define vcpu_cp15_64_low(v,r) ((v)->arch.ctxt.cp15[((r) + 0)])
+#define vcpu_cp15_64_low(v,r) ((v)->arch.ctxt.copro[((r) + 0)])
 #endif
 
 struct kvm_vm_stat {
diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
index 182415e..e28be51 100644
--- a/arch/arm64/kvm/handle_exit.c
+++ b/arch/arm64/kvm/handle_exit.c
@@ -73,9 +73,9 @@ static exit_handle_fn arm_exit_handlers[] = {
[ESR_EL2_EC_WFI]= kvm_handle_wfx,
[ESR_EL2_EC_CP15_32]= kvm_handle_cp15_32,
[ESR_EL2_EC_CP15_64]= kvm_handle_cp15_64,
-   [ESR_EL2_EC_CP14_MR]= kvm_handle_cp14_access,
+   [ESR_EL2_EC_CP14_MR]= kvm_handle_cp14_32,
[ESR_EL2_EC_CP14_LS]= kvm_handle_cp14_load_store,
-   [ESR_EL2_EC_CP14_64]= kvm_handle_cp14_access,
+   [ESR_EL2_EC_CP14_64]= kvm_handle_cp14_64,
[ESR_EL2_EC_HVC32]  = handle_hvc,
[ESR_EL2_EC_SMC32]  = handle_smc,
[ESR_EL2_EC_HVC64]  = handle_hvc,
diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index d53ce43..266afd9 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -494,6 +494,10 @@ static const struct sys_reg_desc sys_reg_descs[] = {
  NULL, reset_val, FPEXC32_EL2, 0x70 },
 };
 
+/* Trapped cp14 registers */
+static const struct sys_reg_desc cp14_regs[] = {
+};
+
 /*
  * Trapped cp15 registers. TTBR0/TTBR1 get a double encoding,
  * depending on the way they are accessed (as a 32bit or a 64bit
@@ -601,26 +605,29 @@ int kvm_handle_cp14_load_store(struct kvm_vcpu *vcpu, 
struct kvm_run *run)
return 1;
 }
 
-int kvm_handle_cp14_access(struct kvm_vcpu *vcpu, struct kvm_run *run)
-{
-   kvm_inject_undefined(vcpu);
-   return 1;
-}
-
-static void emulate_cp15(struct kvm_vcpu *vcpu,
-const struct sys_reg_params *params)
+/*
+ * emulate_cp --  tries to match a sys_reg access in a handlin

[GIT PULL 27/51] ARM: virt: fix wrong HSCTLR.EE bit setting

[Christoffer Dall]

From: Li Liu 

HSCTLR.EE is defined as bit[25] referring to arm manual
DDI0606C.b(p1590).

Reviewed-by: Marc Zyngier 
Signed-off-by: Li Liu 
Signed-off-by: Marc Zyngier 
---
 arch/arm/kernel/hyp-stub.S | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/arch/arm/kernel/hyp-stub.S b/arch/arm/kernel/hyp-stub.S
index 797b1a6..7e666cf 100644
--- a/arch/arm/kernel/hyp-stub.S
+++ b/arch/arm/kernel/hyp-stub.S
@@ -134,9 +134,7 @@ ENTRY(__hyp_stub_install_secondary)
mcr p15, 4, r7, c1, c1, 3   @ HSTR
 
 THUMB( orr r7, #(1 << 30)  )   @ HSCTLR.TE
-#ifdef CONFIG_CPU_BIG_ENDIAN
-   orr r7, #(1 << 9)   @ HSCTLR.EE
-#endif
+ARM_BE8(orrr7, r7, #(1 << 25)) @ HSCTLR.EE
mcr p15, 4, r7, c1, c0, 0   @ HSCTLR
 
mrc p15, 4, r7, c1, c1, 1   @ HDCR
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 44/51] arm64: KVM: use separate tables for AArch32 32 and 64bit traps

[Christoffer Dall]

From: Marc Zyngier 

An interesting "feature" of the CP14 encoding is that there is
an overlap between 32 and 64bit registers, meaning they cannot
live in the same table as we did for CP15.

Create separate tables for 64bit CP14 and CP15 registers, and
let the top level handler use the right one.

Reviewed-by: Anup Patel 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/kvm/sys_regs.c | 13 ++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index 266afd9..499a351 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -498,13 +498,16 @@ static const struct sys_reg_desc sys_reg_descs[] = {
 static const struct sys_reg_desc cp14_regs[] = {
 };
 
+/* Trapped cp14 64bit registers */
+static const struct sys_reg_desc cp14_64_regs[] = {
+};
+
 /*
  * Trapped cp15 registers. TTBR0/TTBR1 get a double encoding,
  * depending on the way they are accessed (as a 32bit or a 64bit
  * register).
  */
 static const struct sys_reg_desc cp15_regs[] = {
-   { Op1( 0), CRn( 0), CRm( 2), Op2( 0), access_vm_reg, NULL, c2_TTBR0 },
{ Op1( 0), CRn( 1), CRm( 0), Op2( 0), access_sctlr, NULL, c1_SCTLR },
{ Op1( 0), CRn( 2), CRm( 0), Op2( 0), access_vm_reg, NULL, c2_TTBR0 },
{ Op1( 0), CRn( 2), CRm( 0), Op2( 1), access_vm_reg, NULL, c2_TTBR1 },
@@ -545,6 +548,10 @@ static const struct sys_reg_desc cp15_regs[] = {
{ Op1( 0), CRn(10), CRm( 3), Op2( 1), access_vm_reg, NULL, c10_AMAIR1 },
{ Op1( 0), CRn(13), CRm( 0), Op2( 1), access_vm_reg, NULL, c13_CID },
 
+};
+
+static const struct sys_reg_desc cp15_64_regs[] = {
+   { Op1( 0), CRn( 0), CRm( 2), Op2( 0), access_vm_reg, NULL, c2_TTBR0 },
{ Op1( 1), CRn( 0), CRm( 2), Op2( 0), access_vm_reg, NULL, c2_TTBR1 },
 };
 
@@ -770,7 +777,7 @@ int kvm_handle_cp15_64(struct kvm_vcpu *vcpu, struct 
kvm_run *run)
 
target_specific = get_target_table(vcpu->arch.target, false, &num);
return kvm_handle_cp_64(vcpu,
-   cp15_regs, ARRAY_SIZE(cp15_regs),
+   cp15_64_regs, ARRAY_SIZE(cp15_64_regs),
target_specific, num);
 }
 
@@ -788,7 +795,7 @@ int kvm_handle_cp15_32(struct kvm_vcpu *vcpu, struct 
kvm_run *run)
 int kvm_handle_cp14_64(struct kvm_vcpu *vcpu, struct kvm_run *run)
 {
return kvm_handle_cp_64(vcpu,
-   cp14_regs, ARRAY_SIZE(cp14_regs),
+   cp14_64_regs, ARRAY_SIZE(cp14_64_regs),
NULL, 0);
 }
 
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 39/51] ARM64: KVM: fix big endian issue in access_vm_reg for 32bit guest

[Christoffer Dall]

From: Victor Kamensky 

Fix issue with 32bit guests running on top of BE KVM host.
Indexes of high and low words of 64bit cp15 register are
swapped in case of big endian code, since 64bit cp15 state is
restored or saved with double word write or read instruction.

Define helper macro to access low words of 64bit cp15 register.

Signed-off-by: Victor Kamensky 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_host.h |  6 ++
 arch/arm64/kvm/sys_regs.c | 10 --
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_host.h 
b/arch/arm64/include/asm/kvm_host.h
index 4ae9213..503c706 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -140,6 +140,12 @@ struct kvm_vcpu_arch {
 #define vcpu_sys_reg(v,r)  ((v)->arch.ctxt.sys_regs[(r)])
 #define vcpu_cp15(v,r) ((v)->arch.ctxt.cp15[(r)])
 
+#ifdef CONFIG_CPU_BIG_ENDIAN
+#define vcpu_cp15_64_low(v,r) ((v)->arch.ctxt.cp15[((r) + 1)])
+#else
+#define vcpu_cp15_64_low(v,r) ((v)->arch.ctxt.cp15[((r) + 0)])
+#endif
+
 struct kvm_vm_stat {
u32 remote_tlb_flush;
 };
diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index f0cecef..56288f3 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -134,13 +134,11 @@ static bool access_vm_reg(struct kvm_vcpu *vcpu,
BUG_ON(!p->is_write);
 
val = *vcpu_reg(vcpu, p->Rt);
-   if (!p->is_aarch32) {
+   if (!p->is_aarch32 || !p->is_32bit)
vcpu_sys_reg(vcpu, r->reg) = val;
-   } else {
-   vcpu_cp15(vcpu, r->reg) = val & 0xUL;
-   if (!p->is_32bit)
-   vcpu_cp15(vcpu, r->reg + 1) = val >> 32;
-   }
+   else
+   vcpu_cp15_64_low(vcpu, r->reg) = val & 0xUL;
+
return true;
 }
 
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 21/51] arm64: KVM: remove __kvm_hyp_code_{start,end} from hyp.S

[Christoffer Dall]

From: Marc Zyngier 

We already have __hyp_text_{start,end} to express the boundaries
of the HYP text section, and __kvm_hyp_code_{start,end} are getting
in the way of a more modular world switch code.

Just turn __kvm_hyp_code_{start,end} into #defines mapping the
linker-emited symbols.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_asm.h | 6 --
 arch/arm64/include/asm/virt.h| 4 
 arch/arm64/kvm/hyp.S | 6 --
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index 9fcd54b..d0bfc4b 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -18,6 +18,8 @@
 #ifndef __ARM_KVM_ASM_H__
 #define __ARM_KVM_ASM_H__
 
+#include 
+
 /*
  * 0 is reserved as an invalid value.
  * Order *must* be kept in sync with the hyp switch code.
@@ -96,8 +98,8 @@ extern char __kvm_hyp_init_end[];
 
 extern char __kvm_hyp_vector[];
 
-extern char __kvm_hyp_code_start[];
-extern char __kvm_hyp_code_end[];
+#define__kvm_hyp_code_start__hyp_text_start
+#define__kvm_hyp_code_end  __hyp_text_end
 
 extern void __kvm_flush_vm_context(void);
 extern void __kvm_tlb_flush_vmid_ipa(struct kvm *kvm, phys_addr_t ipa);
diff --git a/arch/arm64/include/asm/virt.h b/arch/arm64/include/asm/virt.h
index 215ad46..7a5df52 100644
--- a/arch/arm64/include/asm/virt.h
+++ b/arch/arm64/include/asm/virt.h
@@ -50,6 +50,10 @@ static inline bool is_hyp_mode_mismatched(void)
return __boot_cpu_mode[0] != __boot_cpu_mode[1];
 }
 
+/* The section containing the hypervisor text */
+extern char __hyp_text_start[];
+extern char __hyp_text_end[];
+
 #endif /* __ASSEMBLY__ */
 
 #endif /* ! __ASM__VIRT_H */
diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S
index 877d82a1..9c5d0ac 100644
--- a/arch/arm64/kvm/hyp.S
+++ b/arch/arm64/kvm/hyp.S
@@ -36,9 +36,6 @@
.pushsection.hyp.text, "ax"
.align  PAGE_SHIFT
 
-__kvm_hyp_code_start:
-   .globl __kvm_hyp_code_start
-
 .macro save_common_regs
// x2: base address for cpu context
// x3: tmp register
@@ -880,7 +877,4 @@ ENTRY(__kvm_hyp_vector)
ventry  el1_error_invalid   // Error 32-bit EL1
 ENDPROC(__kvm_hyp_vector)
 
-__kvm_hyp_code_end:
-   .globl  __kvm_hyp_code_end
-
.popsection
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 29/51] ARM: KVM: handle 64bit values passed to mrcc or from mcrr instructions in BE case

[Christoffer Dall]

From: Victor Kamensky 

In some cases the mcrr and mrrc instructions in combination with the ldrd
and strd instructions need to deal with 64bit value in memory. The ldrd
and strd instructions already handle endianness within word (register)
boundaries but to get effect of the whole 64bit value represented correctly,
rr_lo_hi macro is introduced and is used to swap registers positions when
the mcrr and mrrc instructions are used. That has the effect of swapping
two words.

Signed-off-by: Victor Kamensky 
Reviewed-by: Christoffer Dall 
Acked-by: Marc Zyngier 
Signed-off-by: Marc Zyngier 
---
 arch/arm/include/asm/kvm_asm.h | 18 ++
 arch/arm/kvm/init.S|  4 ++--
 arch/arm/kvm/interrupts.S  |  4 ++--
 arch/arm/kvm/interrupts_head.S |  6 +++---
 4 files changed, 25 insertions(+), 7 deletions(-)

diff --git a/arch/arm/include/asm/kvm_asm.h b/arch/arm/include/asm/kvm_asm.h
index 53b3c4a..3a67bec 100644
--- a/arch/arm/include/asm/kvm_asm.h
+++ b/arch/arm/include/asm/kvm_asm.h
@@ -61,6 +61,24 @@
 #define ARM_EXCEPTION_FIQ6
 #define ARM_EXCEPTION_HVC7
 
+/*
+ * The rr_lo_hi macro swaps a pair of registers depending on
+ * current endianness. It is used in conjunction with ldrd and strd
+ * instructions that load/store a 64-bit value from/to memory to/from
+ * a pair of registers which are used with the mrrc and mcrr instructions.
+ * If used with the ldrd/strd instructions, the a1 parameter is the first
+ * source/destination register and the a2 parameter is the second
+ * source/destination register. Note that the ldrd/strd instructions
+ * already swap the bytes within the words correctly according to the
+ * endianness setting, but the order of the registers need to be effectively
+ * swapped when used with the mrrc/mcrr instructions.
+ */
+#ifdef CONFIG_CPU_ENDIAN_BE8
+#define rr_lo_hi(a1, a2) a2, a1
+#else
+#define rr_lo_hi(a1, a2) a1, a2
+#endif
+
 #ifndef __ASSEMBLY__
 struct kvm;
 struct kvm_vcpu;
diff --git a/arch/arm/kvm/init.S b/arch/arm/kvm/init.S
index 1b9844d..2cc14df 100644
--- a/arch/arm/kvm/init.S
+++ b/arch/arm/kvm/init.S
@@ -71,7 +71,7 @@ __do_hyp_init:
bne phase2  @ Yes, second stage init
 
@ Set the HTTBR to point to the hypervisor PGD pointer passed
-   mcrrp15, 4, r2, r3, c2
+   mcrrp15, 4, rr_lo_hi(r2, r3), c2
 
@ Set the HTCR and VTCR to the same shareability and cacheability
@ settings as the non-secure TTBCR and with T0SZ == 0.
@@ -137,7 +137,7 @@ phase2:
mov pc, r0
 
 target:@ We're now in the trampoline code, switch page tables
-   mcrrp15, 4, r2, r3, c2
+   mcrrp15, 4, rr_lo_hi(r2, r3), c2
isb
 
@ Invalidate the old TLBs
diff --git a/arch/arm/kvm/interrupts.S b/arch/arm/kvm/interrupts.S
index 0d68d40..24d4e65 100644
--- a/arch/arm/kvm/interrupts.S
+++ b/arch/arm/kvm/interrupts.S
@@ -52,7 +52,7 @@ ENTRY(__kvm_tlb_flush_vmid_ipa)
dsb ishst
add r0, r0, #KVM_VTTBR
ldrdr2, r3, [r0]
-   mcrrp15, 6, r2, r3, c2  @ Write VTTBR
+   mcrrp15, 6, rr_lo_hi(r2, r3), c2@ Write VTTBR
isb
mcr p15, 0, r0, c8, c3, 0   @ TLBIALLIS (rt ignored)
dsb ish
@@ -135,7 +135,7 @@ ENTRY(__kvm_vcpu_run)
ldr r1, [vcpu, #VCPU_KVM]
add r1, r1, #KVM_VTTBR
ldrdr2, r3, [r1]
-   mcrrp15, 6, r2, r3, c2  @ Write VTTBR
+   mcrrp15, 6, rr_lo_hi(r2, r3), c2@ Write VTTBR
 
@ We're all done, just restore the GPRs and go to the guest
restore_guest_regs
diff --git a/arch/arm/kvm/interrupts_head.S b/arch/arm/kvm/interrupts_head.S
index 68d99c6..98c8c5b 100644
--- a/arch/arm/kvm/interrupts_head.S
+++ b/arch/arm/kvm/interrupts_head.S
@@ -520,7 +520,7 @@ ARM_BE8(rev r6, r6  )
mcr p15, 0, r2, c14, c3, 1  @ CNTV_CTL
isb
 
-   mrrcp15, 3, r2, r3, c14 @ CNTV_CVAL
+   mrrcp15, 3, rr_lo_hi(r2, r3), c14   @ CNTV_CVAL
ldr r4, =VCPU_TIMER_CNTV_CVAL
add r5, vcpu, r4
strdr2, r3, [r5]
@@ -560,12 +560,12 @@ ARM_BE8(rev   r6, r6  )
 
ldr r2, [r4, #KVM_TIMER_CNTVOFF]
ldr r3, [r4, #(KVM_TIMER_CNTVOFF + 4)]
-   mcrrp15, 4, r2, r3, c14 @ CNTVOFF
+   mcrrp15, 4, rr_lo_hi(r2, r3), c14   @ CNTVOFF
 
ldr r4, =VCPU_TIMER_CNTV_CVAL
add r5, vcpu, r4
ldrdr2, r3, [r5]
-   mcrrp15, 3, r2, r3, c14 @ CNTV_CVAL
+   mcrrp15, 3, rr_lo_hi(r2, r3), c14   @ CNTV_CVAL
isb
 
ldr r2, [vcpu, #VCPU_TIMER_CNTV_CTL]
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 48/51] arm64: KVM: enable trapping of all debug registers

[Christoffer Dall]

From: Marc Zyngier 

Enable trapping of the debug registers, preventing the guests to
mess with the host state (and allowing guests to use the debug
infrastructure as well).

Reviewed-by: Anup Patel 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/kvm/hyp.S | 8 
 1 file changed, 8 insertions(+)

diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S
index 100494b..b72aa9f 100644
--- a/arch/arm64/kvm/hyp.S
+++ b/arch/arm64/kvm/hyp.S
@@ -770,6 +770,14 @@
mrs x2, mdcr_el2
and x2, x2, #MDCR_EL2_HPMN_MASK
orr x2, x2, #(MDCR_EL2_TPM | MDCR_EL2_TPMCR)
+   orr x2, x2, #(MDCR_EL2_TDRA | MDCR_EL2_TDOSA)
+
+   // Check for KVM_ARM64_DEBUG_DIRTY, and set debug to trap
+   // if not dirty.
+   ldr x3, [x0, #VCPU_DEBUG_FLAGS]
+   tbnzx3, #KVM_ARM64_DEBUG_DIRTY_SHIFT, 1f
+   orr x2, x2,  #MDCR_EL2_TDA
+1:
msr mdcr_el2, x2
 .endm
 
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 37/51] ARM64: KVM: fix vgic_bitmap_get_reg function for BE 64bit case

[Christoffer Dall]

From: Victor Kamensky 

Fix vgic_bitmap_get_reg function to return 'right' word address of
'unsigned long' bitmap value in case of BE 64bit image.

Signed-off-by: Victor Kamensky 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 virt/kvm/arm/vgic.c | 24 ++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index b0edc8c..ede8f64 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -98,14 +98,34 @@ static void vgic_set_vmcr(struct kvm_vcpu *vcpu, struct 
vgic_vmcr *vmcr);
 static const struct vgic_ops *vgic_ops;
 static const struct vgic_params *vgic;
 
+/*
+ * struct vgic_bitmap contains unions that provide two views of
+ * the same data. In one case it is an array of registers of
+ * u32's, and in the other case it is a bitmap of unsigned
+ * longs.
+ *
+ * This does not work on 64-bit BE systems, because the bitmap access
+ * will store two consecutive 32-bit words with the higher-addressed
+ * register's bits at the lower index and the lower-addressed register's
+ * bits at the higher index.
+ *
+ * Therefore, swizzle the register index when accessing the 32-bit word
+ * registers to access the right register's value.
+ */
+#if defined(CONFIG_CPU_BIG_ENDIAN) && BITS_PER_LONG == 64
+#define REG_OFFSET_SWIZZLE 1
+#else
+#define REG_OFFSET_SWIZZLE 0
+#endif
+
 static u32 *vgic_bitmap_get_reg(struct vgic_bitmap *x,
int cpuid, u32 offset)
 {
offset >>= 2;
if (!offset)
-   return x->percpu[cpuid].reg;
+   return x->percpu[cpuid].reg + (offset ^ REG_OFFSET_SWIZZLE);
else
-   return x->shared.reg + offset - 1;
+   return x->shared.reg + ((offset - 1) ^ REG_OFFSET_SWIZZLE);
 }
 
 static int vgic_bitmap_get_irq_val(struct vgic_bitmap *x,
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 25/51] arm64: KVM: vgic: add GICv3 world switch

[Christoffer Dall]

From: Marc Zyngier 

Introduce the GICv3 world switch code used to save/restore the
GICv3 context.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_asm.h |   2 +
 arch/arm64/kernel/asm-offsets.c  |   8 ++
 arch/arm64/kvm/vgic-v3-switch.S  | 238 +++
 3 files changed, 248 insertions(+)

diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index ed4987b..a28c35b 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -110,6 +110,8 @@ extern u64 __vgic_v3_get_ich_vtr_el2(void);
 
 extern char __save_vgic_v2_state[];
 extern char __restore_vgic_v2_state[];
+extern char __save_vgic_v3_state[];
+extern char __restore_vgic_v3_state[];
 
 #endif
 
diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c
index dafc415..e74654c 100644
--- a/arch/arm64/kernel/asm-offsets.c
+++ b/arch/arm64/kernel/asm-offsets.c
@@ -139,6 +139,14 @@ int main(void)
   DEFINE(VGIC_V2_CPU_ELRSR,offsetof(struct vgic_cpu, vgic_v2.vgic_elrsr));
   DEFINE(VGIC_V2_CPU_APR,  offsetof(struct vgic_cpu, vgic_v2.vgic_apr));
   DEFINE(VGIC_V2_CPU_LR,   offsetof(struct vgic_cpu, vgic_v2.vgic_lr));
+  DEFINE(VGIC_V3_CPU_HCR,  offsetof(struct vgic_cpu, vgic_v3.vgic_hcr));
+  DEFINE(VGIC_V3_CPU_VMCR, offsetof(struct vgic_cpu, vgic_v3.vgic_vmcr));
+  DEFINE(VGIC_V3_CPU_MISR, offsetof(struct vgic_cpu, vgic_v3.vgic_misr));
+  DEFINE(VGIC_V3_CPU_EISR, offsetof(struct vgic_cpu, vgic_v3.vgic_eisr));
+  DEFINE(VGIC_V3_CPU_ELRSR,offsetof(struct vgic_cpu, vgic_v3.vgic_elrsr));
+  DEFINE(VGIC_V3_CPU_AP0R, offsetof(struct vgic_cpu, vgic_v3.vgic_ap0r));
+  DEFINE(VGIC_V3_CPU_AP1R, offsetof(struct vgic_cpu, vgic_v3.vgic_ap1r));
+  DEFINE(VGIC_V3_CPU_LR,   offsetof(struct vgic_cpu, vgic_v3.vgic_lr));
   DEFINE(VGIC_CPU_NR_LR,   offsetof(struct vgic_cpu, nr_lr));
   DEFINE(KVM_VTTBR,offsetof(struct kvm, arch.vttbr));
   DEFINE(KVM_VGIC_VCTRL,   offsetof(struct kvm, arch.vgic.vctrl_base));
diff --git a/arch/arm64/kvm/vgic-v3-switch.S b/arch/arm64/kvm/vgic-v3-switch.S
index 9fbf273..21e68f6 100644
--- a/arch/arm64/kvm/vgic-v3-switch.S
+++ b/arch/arm64/kvm/vgic-v3-switch.S
@@ -18,9 +18,247 @@
 #include 
 #include 
 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
.text
.pushsection.hyp.text, "ax"
 
+/*
+ * We store LRs in reverse order to let the CPU deal with streaming
+ * access. Use this macro to make it look saner...
+ */
+#define LR_OFFSET(n)   (VGIC_V3_CPU_LR + (15 - n) * 8)
+
+/*
+ * Save the VGIC CPU state into memory
+ * x0: Register pointing to VCPU struct
+ * Do not corrupt x1!!!
+ */
+.macro save_vgic_v3_state
+   // Compute the address of struct vgic_cpu
+   add x3, x0, #VCPU_VGIC_CPU
+
+   // Make sure stores to the GIC via the memory mapped interface
+   // are now visible to the system register interface
+   dsb st
+
+   // Save all interesting registers
+   mrs x4, ICH_HCR_EL2
+   mrs x5, ICH_VMCR_EL2
+   mrs x6, ICH_MISR_EL2
+   mrs x7, ICH_EISR_EL2
+   mrs x8, ICH_ELSR_EL2
+
+   str w4, [x3, #VGIC_V3_CPU_HCR]
+   str w5, [x3, #VGIC_V3_CPU_VMCR]
+   str w6, [x3, #VGIC_V3_CPU_MISR]
+   str w7, [x3, #VGIC_V3_CPU_EISR]
+   str w8, [x3, #VGIC_V3_CPU_ELRSR]
+
+   msr ICH_HCR_EL2, xzr
+
+   mrs x21, ICH_VTR_EL2
+   mvn w22, w21
+   ubfiz   w23, w22, 2, 4  // w23 = (15 - ListRegs) * 4
+
+   adr x24, 1f
+   add x24, x24, x23
+   br  x24
+
+1:
+   mrs x20, ICH_LR15_EL2
+   mrs x19, ICH_LR14_EL2
+   mrs x18, ICH_LR13_EL2
+   mrs x17, ICH_LR12_EL2
+   mrs x16, ICH_LR11_EL2
+   mrs x15, ICH_LR10_EL2
+   mrs x14, ICH_LR9_EL2
+   mrs x13, ICH_LR8_EL2
+   mrs x12, ICH_LR7_EL2
+   mrs x11, ICH_LR6_EL2
+   mrs x10, ICH_LR5_EL2
+   mrs x9, ICH_LR4_EL2
+   mrs x8, ICH_LR3_EL2
+   mrs x7, ICH_LR2_EL2
+   mrs x6, ICH_LR1_EL2
+   mrs x5, ICH_LR0_EL2
+
+   adr x24, 1f
+   add x24, x24, x23
+   br  x24
+
+1:
+   str x20, [x3, #LR_OFFSET(15)]
+   str x19, [x3, #LR_OFFSET(14)]
+   str x18, [x3, #LR_OFFSET(13)]
+   str x17, [x3, #LR_OFFSET(12)]
+   str x16, [x3, #LR_OFFSET(11)]
+   str x15, [x3, #LR_OFFSET(10)]
+   str x14, [x3, #LR_OFFSET(9)]
+   str x13, [x3, #LR_OFFSET(8)]
+   str x12, [x3, #LR_OFFSET(7)]
+   str x11, [x3, #LR_OFFSET(6)]
+   str x10, [x3, #LR_OFFSET(5)]
+   str x9, [x3, #LR_OFFSET(4)]
+   str x8, [x3, #LR_OFFSET(3)]
+   str x7, [x3, #LR_OFFSET(2)]
+   str x6, [x3, #LR_OFFSET(1)]
+   str x5, [x3, #LR_OFFSET(0)]
+
+   tbnzw21, #29, 

[GIT PULL 49/51] arm64: KVM: GICv3: move system register access to msr_s/mrs_s

[Christoffer Dall]

From: Marc Zyngier 

Commit 72c583951526 (arm64: gicv3: Allow GICv3 compilation with
older binutils) changed the way we express the GICv3 system registers,
but couldn't change the occurences used by KVM as the code wasn't
merged yet.

Just fix the accessors.

Cc: Will Deacon 
Cc: Catalin Marinas 
Cc: Christoffer Dall 
Acked-by: Will Deacon 
Signed-off-by: Marc Zyngier 
Signed-off-by: Christoffer Dall 
---
 arch/arm64/kvm/vgic-v3-switch.S | 130 
 1 file changed, 65 insertions(+), 65 deletions(-)

diff --git a/arch/arm64/kvm/vgic-v3-switch.S b/arch/arm64/kvm/vgic-v3-switch.S
index 21e68f6..d160469 100644
--- a/arch/arm64/kvm/vgic-v3-switch.S
+++ b/arch/arm64/kvm/vgic-v3-switch.S
@@ -48,11 +48,11 @@
dsb st
 
// Save all interesting registers
-   mrs x4, ICH_HCR_EL2
-   mrs x5, ICH_VMCR_EL2
-   mrs x6, ICH_MISR_EL2
-   mrs x7, ICH_EISR_EL2
-   mrs x8, ICH_ELSR_EL2
+   mrs_s   x4, ICH_HCR_EL2
+   mrs_s   x5, ICH_VMCR_EL2
+   mrs_s   x6, ICH_MISR_EL2
+   mrs_s   x7, ICH_EISR_EL2
+   mrs_s   x8, ICH_ELSR_EL2
 
str w4, [x3, #VGIC_V3_CPU_HCR]
str w5, [x3, #VGIC_V3_CPU_VMCR]
@@ -60,9 +60,9 @@
str w7, [x3, #VGIC_V3_CPU_EISR]
str w8, [x3, #VGIC_V3_CPU_ELRSR]
 
-   msr ICH_HCR_EL2, xzr
+   msr_s   ICH_HCR_EL2, xzr
 
-   mrs x21, ICH_VTR_EL2
+   mrs_s   x21, ICH_VTR_EL2
mvn w22, w21
ubfiz   w23, w22, 2, 4  // w23 = (15 - ListRegs) * 4
 
@@ -71,22 +71,22 @@
br  x24
 
 1:
-   mrs x20, ICH_LR15_EL2
-   mrs x19, ICH_LR14_EL2
-   mrs x18, ICH_LR13_EL2
-   mrs x17, ICH_LR12_EL2
-   mrs x16, ICH_LR11_EL2
-   mrs x15, ICH_LR10_EL2
-   mrs x14, ICH_LR9_EL2
-   mrs x13, ICH_LR8_EL2
-   mrs x12, ICH_LR7_EL2
-   mrs x11, ICH_LR6_EL2
-   mrs x10, ICH_LR5_EL2
-   mrs x9, ICH_LR4_EL2
-   mrs x8, ICH_LR3_EL2
-   mrs x7, ICH_LR2_EL2
-   mrs x6, ICH_LR1_EL2
-   mrs x5, ICH_LR0_EL2
+   mrs_s   x20, ICH_LR15_EL2
+   mrs_s   x19, ICH_LR14_EL2
+   mrs_s   x18, ICH_LR13_EL2
+   mrs_s   x17, ICH_LR12_EL2
+   mrs_s   x16, ICH_LR11_EL2
+   mrs_s   x15, ICH_LR10_EL2
+   mrs_s   x14, ICH_LR9_EL2
+   mrs_s   x13, ICH_LR8_EL2
+   mrs_s   x12, ICH_LR7_EL2
+   mrs_s   x11, ICH_LR6_EL2
+   mrs_s   x10, ICH_LR5_EL2
+   mrs_s   x9, ICH_LR4_EL2
+   mrs_s   x8, ICH_LR3_EL2
+   mrs_s   x7, ICH_LR2_EL2
+   mrs_s   x6, ICH_LR1_EL2
+   mrs_s   x5, ICH_LR0_EL2
 
adr x24, 1f
add x24, x24, x23
@@ -113,34 +113,34 @@
tbnzw21, #29, 6f// 6 bits
tbz w21, #30, 5f// 5 bits
// 7 bits
-   mrs x20, ICH_AP0R3_EL2
+   mrs_s   x20, ICH_AP0R3_EL2
str w20, [x3, #(VGIC_V3_CPU_AP0R + 3*4)]
-   mrs x19, ICH_AP0R2_EL2
+   mrs_s   x19, ICH_AP0R2_EL2
str w19, [x3, #(VGIC_V3_CPU_AP0R + 2*4)]
-6: mrs x18, ICH_AP0R1_EL2
+6: mrs_s   x18, ICH_AP0R1_EL2
str w18, [x3, #(VGIC_V3_CPU_AP0R + 1*4)]
-5: mrs x17, ICH_AP0R0_EL2
+5: mrs_s   x17, ICH_AP0R0_EL2
str w17, [x3, #VGIC_V3_CPU_AP0R]
 
tbnzw21, #29, 6f// 6 bits
tbz w21, #30, 5f// 5 bits
// 7 bits
-   mrs x20, ICH_AP1R3_EL2
+   mrs_s   x20, ICH_AP1R3_EL2
str w20, [x3, #(VGIC_V3_CPU_AP1R + 3*4)]
-   mrs x19, ICH_AP1R2_EL2
+   mrs_s   x19, ICH_AP1R2_EL2
str w19, [x3, #(VGIC_V3_CPU_AP1R + 2*4)]
-6: mrs x18, ICH_AP1R1_EL2
+6: mrs_s   x18, ICH_AP1R1_EL2
str w18, [x3, #(VGIC_V3_CPU_AP1R + 1*4)]
-5: mrs x17, ICH_AP1R0_EL2
+5: mrs_s   x17, ICH_AP1R0_EL2
str w17, [x3, #VGIC_V3_CPU_AP1R]
 
// Restore SRE_EL1 access and re-enable SRE at EL1.
-   mrs x5, ICC_SRE_EL2
+   mrs_s   x5, ICC_SRE_EL2
orr x5, x5, #ICC_SRE_EL2_ENABLE
-   msr ICC_SRE_EL2, x5
+   msr_s   ICC_SRE_EL2, x5
isb
mov x5, #1
-   msr ICC_SRE_EL1, x5
+   msr_s   ICC_SRE_EL1, x5
 .endm
 
 /*
@@ -150,7 +150,7 @@
 .macro restore_vgic_v3_state
// Disable SRE_EL1 access. Necessary, otherwise
// ICH_VMCR_EL2.VFIQEn becomes one, and FIQ happens...
-   msr ICC_SRE_EL1, xzr
+   msr_s   ICC_SRE_EL1, xzr
isb
 
// Compute the address of struct vgic_cpu
@@ -160,34 +160,34 @@
ldr w4, [x3, #VGIC_V3_CPU_HCR]
ldr w5, [x3, #VGIC_V3_CPU_VMCR]
 
-   msr ICH_HCR_EL2, x4
-   msr ICH_VMCR_EL2, x5
+   msr_s   ICH_HCR_EL2, x4
+   msr_s   ICH_VMCR_EL2, x5
 
-   mrs x21, ICH_VTR_EL2
+   mrs_s   x21, ICH_VTR_EL2
 
tbnzw21, #29, 6f// 6 bits
tbz w21, #30, 5f// 5 bit

[GIT PULL 38/51] ARM64: KVM: set and get of sys registers in BE case

[Christoffer Dall]

From: Victor Kamensky 

Since size of all sys registers is always 8 bytes. Current
code is actually endian agnostic. Just clean it up a bit.
Removed comment about little endian. Change type of pointer
from 'void *' to 'u64 *' to enforce stronger type checking.

Signed-off-by: Victor Kamensky 
Acked-by: Christoffer Dall 
Acked-by: Marc Zyngier 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/kvm/sys_regs.c | 6 ++
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index 34f25a5..f0cecef 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -776,17 +776,15 @@ static struct sys_reg_desc invariant_sys_regs[] = {
  NULL, get_ctr_el0 },
 };
 
-static int reg_from_user(void *val, const void __user *uaddr, u64 id)
+static int reg_from_user(u64 *val, const void __user *uaddr, u64 id)
 {
-   /* This Just Works because we are little endian. */
if (copy_from_user(val, uaddr, KVM_REG_SIZE(id)) != 0)
return -EFAULT;
return 0;
 }
 
-static int reg_to_user(void __user *uaddr, const void *val, u64 id)
+static int reg_to_user(void __user *uaddr, const u64 *val, u64 id)
 {
-   /* This Just Works because we are little endian. */
if (copy_to_user(uaddr, val, KVM_REG_SIZE(id)) != 0)
return -EFAULT;
return 0;
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 51/51] arm64: KVM: fix 64bit CP15 VM access for 32bit guests

[Christoffer Dall]

From: Marc Zyngier 

Commit f0a3eaff71b8 (ARM64: KVM: fix big endian issue in
access_vm_reg for 32bit guest) changed the way we handle CP15
VM accesses, so that all 64bit accesses are done via vcpu_sys_reg.

This looks like a good idea as it solves indianness issues in an
elegant way, except for one small detail: the register index is
doesn't refer to the same array! We end up corrupting some random
data structure instead.

Fix this by reverting to the original code, except for the introduction
of a vcpu_cp15_64_high macro that deals with the endianness thing.

Tested on Juno with 32bit SMP guests.

Cc: Victor Kamensky 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
Signed-off-by: Christoffer Dall 
---
 arch/arm64/include/asm/kvm_host.h | 6 --
 arch/arm64/kvm/sys_regs.c | 7 +--
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_host.h 
b/arch/arm64/include/asm/kvm_host.h
index 79812be..e10c45a 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -149,9 +149,11 @@ struct kvm_vcpu_arch {
 #define vcpu_cp15(v,r) ((v)->arch.ctxt.copro[(r)])
 
 #ifdef CONFIG_CPU_BIG_ENDIAN
-#define vcpu_cp15_64_low(v,r) ((v)->arch.ctxt.copro[((r) + 1)])
+#define vcpu_cp15_64_high(v,r) vcpu_cp15((v),(r))
+#define vcpu_cp15_64_low(v,r)  vcpu_cp15((v),(r) + 1)
 #else
-#define vcpu_cp15_64_low(v,r) ((v)->arch.ctxt.copro[((r) + 0)])
+#define vcpu_cp15_64_high(v,r) vcpu_cp15((v),(r) + 1)
+#define vcpu_cp15_64_low(v,r)  vcpu_cp15((v),(r))
 #endif
 
 struct kvm_vm_stat {
diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index a4fd526..5805e7c 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -135,10 +135,13 @@ static bool access_vm_reg(struct kvm_vcpu *vcpu,
BUG_ON(!p->is_write);
 
val = *vcpu_reg(vcpu, p->Rt);
-   if (!p->is_aarch32 || !p->is_32bit)
+   if (!p->is_aarch32) {
vcpu_sys_reg(vcpu, r->reg) = val;
-   else
+   } else {
+   if (!p->is_32bit)
+   vcpu_cp15_64_high(vcpu, r->reg) = val >> 32;
vcpu_cp15_64_low(vcpu, r->reg) = val & 0xUL;
+   }
 
return true;
 }
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 22/51] arm64: KVM: split GICv2 world switch from hyp code

[Christoffer Dall]

From: Marc Zyngier 

Move the GICv2 world switch code into its own file, and add the
necessary indirection to the arm64 switch code.

Also introduce a new type field to the vgic_params structure.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm/include/asm/kvm_host.h   |   5 ++
 arch/arm64/include/asm/kvm_asm.h  |   4 ++
 arch/arm64/include/asm/kvm_host.h |  21 ++
 arch/arm64/kernel/asm-offsets.c   |   3 +
 arch/arm64/kvm/Makefile   |   4 +-
 arch/arm64/kvm/hyp.S  | 104 +
 arch/arm64/kvm/vgic-v2-switch.S   | 133 ++
 include/kvm/arm_vgic.h|   7 +-
 virt/kvm/arm/vgic-v2.c|   1 +
 virt/kvm/arm/vgic.c   |   3 +
 10 files changed, 195 insertions(+), 90 deletions(-)
 create mode 100644 arch/arm64/kvm/vgic-v2-switch.S

diff --git a/arch/arm/include/asm/kvm_host.h b/arch/arm/include/asm/kvm_host.h
index dc4e3ed..6dfb404 100644
--- a/arch/arm/include/asm/kvm_host.h
+++ b/arch/arm/include/asm/kvm_host.h
@@ -225,6 +225,11 @@ static inline int kvm_arch_dev_ioctl_check_extension(long 
ext)
return 0;
 }
 
+static inline void vgic_arch_setup(const struct vgic_params *vgic)
+{
+   BUG_ON(vgic->type != VGIC_V2);
+}
+
 int kvm_perf_init(void);
 int kvm_perf_teardown(void);
 
diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index d0bfc4b..6252264 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -105,6 +105,10 @@ extern void __kvm_flush_vm_context(void);
 extern void __kvm_tlb_flush_vmid_ipa(struct kvm *kvm, phys_addr_t ipa);
 
 extern int __kvm_vcpu_run(struct kvm_vcpu *vcpu);
+
+extern char __save_vgic_v2_state[];
+extern char __restore_vgic_v2_state[];
+
 #endif
 
 #endif /* __ARM_KVM_ASM_H__ */
diff --git a/arch/arm64/include/asm/kvm_host.h 
b/arch/arm64/include/asm/kvm_host.h
index 92242ce..4c182d0 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -200,4 +200,25 @@ static inline void __cpu_init_hyp_mode(phys_addr_t 
boot_pgd_ptr,
 hyp_stack_ptr, vector_ptr);
 }
 
+struct vgic_sr_vectors {
+   void*save_vgic;
+   void*restore_vgic;
+};
+
+static inline void vgic_arch_setup(const struct vgic_params *vgic)
+{
+   extern struct vgic_sr_vectors __vgic_sr_vectors;
+
+   switch(vgic->type)
+   {
+   case VGIC_V2:
+   __vgic_sr_vectors.save_vgic = __save_vgic_v2_state;
+   __vgic_sr_vectors.restore_vgic  = __restore_vgic_v2_state;
+   break;
+
+   default:
+   BUG();
+   }
+}
+
 #endif /* __ARM64_KVM_HOST_H__ */
diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c
index 20fd488..dafc415 100644
--- a/arch/arm64/kernel/asm-offsets.c
+++ b/arch/arm64/kernel/asm-offsets.c
@@ -129,6 +129,9 @@ int main(void)
   DEFINE(KVM_TIMER_ENABLED,offsetof(struct kvm, arch.timer.enabled));
   DEFINE(VCPU_KVM, offsetof(struct kvm_vcpu, kvm));
   DEFINE(VCPU_VGIC_CPU,offsetof(struct kvm_vcpu, 
arch.vgic_cpu));
+  DEFINE(VGIC_SAVE_FN, offsetof(struct vgic_sr_vectors, save_vgic));
+  DEFINE(VGIC_RESTORE_FN,  offsetof(struct vgic_sr_vectors, restore_vgic));
+  DEFINE(VGIC_SR_VECTOR_SZ,sizeof(struct vgic_sr_vectors));
   DEFINE(VGIC_V2_CPU_HCR,  offsetof(struct vgic_cpu, vgic_v2.vgic_hcr));
   DEFINE(VGIC_V2_CPU_VMCR, offsetof(struct vgic_cpu, vgic_v2.vgic_vmcr));
   DEFINE(VGIC_V2_CPU_MISR, offsetof(struct vgic_cpu, vgic_v2.vgic_misr));
diff --git a/arch/arm64/kvm/Makefile b/arch/arm64/kvm/Makefile
index 7e92952..daf24dc 100644
--- a/arch/arm64/kvm/Makefile
+++ b/arch/arm64/kvm/Makefile
@@ -19,5 +19,7 @@ kvm-$(CONFIG_KVM_ARM_HOST) += emulate.o inject_fault.o 
regmap.o
 kvm-$(CONFIG_KVM_ARM_HOST) += hyp.o hyp-init.o handle_exit.o
 kvm-$(CONFIG_KVM_ARM_HOST) += guest.o reset.o sys_regs.o sys_regs_generic_v8.o
 
-kvm-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic.o $(KVM)/arm/vgic-v2.o
+kvm-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic.o
+kvm-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic-v2.o
+kvm-$(CONFIG_KVM_ARM_VGIC) += vgic-v2-switch.o
 kvm-$(CONFIG_KVM_ARM_TIMER) += $(KVM)/arm/arch_timer.o
diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S
index 9c5d0ac..56df9a3 100644
--- a/arch/arm64/kvm/hyp.S
+++ b/arch/arm64/kvm/hyp.S
@@ -16,7 +16,6 @@
  */
 
 #include 
-#include 
 
 #include 
 #include 
@@ -376,100 +375,23 @@
 .endm
 
 /*
- * Save the VGIC CPU state into memory
- * x0: Register pointing to VCPU struct
- * Do not corrupt x1!!!
+ * Call into the vgic backend for state saving
  */
 .macro save_vgic_state
-   /* Get VGIC VCTRL base into x2 */
-   ldr x2, [x0, #VCPU_KVM]
-   kern_hyp_va x2
-   ldr x2, [x2, #KVM_VGIC_VCTRL]
-   kern_hyp_va x2
-   cbz x2, 2f  // disabled
-
-   /* Compute the address of struct vgic_

[GIT PULL 23/51] arm64: KVM: move HCR_EL2.{IMO,FMO} manipulation into the vgic switch code

[Christoffer Dall]

From: Marc Zyngier 

GICv3 requires the IMO and FMO bits to be tightly coupled with some
of the interrupt controller's register switch.

In order to have similar code paths, move the manipulation of these
bits to the GICv2 switch code.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_arm.h |  5 +++--
 arch/arm64/kvm/hyp.S | 17 -
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h
index 3d69030..cc83520 100644
--- a/arch/arm64/include/asm/kvm_arm.h
+++ b/arch/arm64/include/asm/kvm_arm.h
@@ -76,9 +76,10 @@
  */
 #define HCR_GUEST_FLAGS (HCR_TSC | HCR_TSW | HCR_TWE | HCR_TWI | HCR_VM | \
 HCR_TVM | HCR_BSU_IS | HCR_FB | HCR_TAC | \
-HCR_AMO | HCR_IMO | HCR_FMO | \
-HCR_SWIO | HCR_TIDCP | HCR_RW)
+HCR_AMO | HCR_SWIO | HCR_TIDCP | HCR_RW)
 #define HCR_VIRT_EXCP_MASK (HCR_VA | HCR_VI | HCR_VF)
+#define HCR_INT_OVERRIDE   (HCR_FMO | HCR_IMO)
+
 
 /* Hyp System Control Register (SCTLR_EL2) bits */
 #define SCTLR_EL2_EE   (1 << 25)
diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S
index 56df9a3..5945f3b 100644
--- a/arch/arm64/kvm/hyp.S
+++ b/arch/arm64/kvm/hyp.S
@@ -335,11 +335,8 @@
 .endm
 
 .macro activate_traps
-   ldr x2, [x0, #VCPU_IRQ_LINES]
-   ldr x1, [x0, #VCPU_HCR_EL2]
-   orr x2, x2, x1
-   msr hcr_el2, x2
-
+   ldr x2, [x0, #VCPU_HCR_EL2]
+   msr hcr_el2, x2
ldr x2, =(CPTR_EL2_TTA)
msr cptr_el2, x2
 
@@ -382,12 +379,22 @@
ldr x24, [x24, VGIC_SAVE_FN]
kern_hyp_va x24
blr x24
+   mrs x24, hcr_el2
+   mov x25, #HCR_INT_OVERRIDE
+   neg x25, x25
+   and x24, x24, x25
+   msr hcr_el2, x24
 .endm
 
 /*
  * Call into the vgic backend for state restoring
  */
 .macro restore_vgic_state
+   mrs x24, hcr_el2
+   ldr x25, [x0, #VCPU_IRQ_LINES]
+   orr x24, x24, #HCR_INT_OVERRIDE
+   orr x24, x24, x25
+   msr hcr_el2, x24
adr x24, __vgic_sr_vectors
ldr x24, [x24, #VGIC_RESTORE_FN]
kern_hyp_va x24
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 28/51] ARM: KVM: fix vgic V7 assembler code to work in BE image

[Christoffer Dall]

From: Victor Kamensky 

The vgic h/w registers are little endian; when BE asm code
reads/writes from/to them, it needs to do byteswap after/before.
Byteswap code uses ARM_BE8 wrapper to add swap only if
CONFIG_CPU_BIG_ENDIAN is configured.

Signed-off-by: Victor Kamensky 
Reviewed-by: Christoffer Dall 
Acked-by: Marc Zyngier 
Signed-off-by: Marc Zyngier 
---
 arch/arm/kvm/interrupts_head.S | 14 ++
 1 file changed, 14 insertions(+)

diff --git a/arch/arm/kvm/interrupts_head.S b/arch/arm/kvm/interrupts_head.S
index e4eaf30..68d99c6 100644
--- a/arch/arm/kvm/interrupts_head.S
+++ b/arch/arm/kvm/interrupts_head.S
@@ -1,4 +1,5 @@
 #include 
+#include 
 
 #define VCPU_USR_REG(_reg_nr)  (VCPU_USR_REGS + (_reg_nr * 4))
 #define VCPU_USR_SP(VCPU_USR_REG(13))
@@ -420,6 +421,14 @@ vcpu   .reqr0  @ vcpu pointer always 
in r0
ldr r8, [r2, #GICH_ELRSR0]
ldr r9, [r2, #GICH_ELRSR1]
ldr r10, [r2, #GICH_APR]
+ARM_BE8(revr3, r3  )
+ARM_BE8(revr4, r4  )
+ARM_BE8(revr5, r5  )
+ARM_BE8(revr6, r6  )
+ARM_BE8(revr7, r7  )
+ARM_BE8(revr8, r8  )
+ARM_BE8(revr9, r9  )
+ARM_BE8(revr10, r10)
 
str r3, [r11, #VGIC_V2_CPU_HCR]
str r4, [r11, #VGIC_V2_CPU_VMCR]
@@ -439,6 +448,7 @@ vcpu.reqr0  @ vcpu pointer always 
in r0
add r3, r11, #VGIC_V2_CPU_LR
ldr r4, [r11, #VGIC_CPU_NR_LR]
 1: ldr r6, [r2], #4
+ARM_BE8(revr6, r6  )
str r6, [r3], #4
subsr4, r4, #1
bne 1b
@@ -466,6 +476,9 @@ vcpu.reqr0  @ vcpu pointer always 
in r0
ldr r3, [r11, #VGIC_V2_CPU_HCR]
ldr r4, [r11, #VGIC_V2_CPU_VMCR]
ldr r8, [r11, #VGIC_V2_CPU_APR]
+ARM_BE8(revr3, r3  )
+ARM_BE8(revr4, r4  )
+ARM_BE8(revr8, r8  )
 
str r3, [r2, #GICH_HCR]
str r4, [r2, #GICH_VMCR]
@@ -476,6 +489,7 @@ vcpu.reqr0  @ vcpu pointer always 
in r0
add r3, r11, #VGIC_V2_CPU_LR
ldr r4, [r11, #VGIC_CPU_NR_LR]
 1: ldr r6, [r3], #4
+ARM_BE8(revr6, r6  )
str r6, [r2], #4
subsr4, r4, #1
bne 1b
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 41/51] arm64: move DBG_MDSCR_* to asm/debug-monitors.h

[Christoffer Dall]

From: Marc Zyngier 

In order to be able to use the DBG_MDSCR_* macros from the KVM code,
move the relevant definitions to the obvious include file.

Also move the debug_el enum to a portion of the file that is guarded
by #ifndef __ASSEMBLY__ in order to use that file from assembly code.

Acked-by: Will Deacon 
Reviewed-by: Anup Patel 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/debug-monitors.h | 19 ++-
 arch/arm64/kernel/debug-monitors.c  |  9 -
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/arch/arm64/include/asm/debug-monitors.h 
b/arch/arm64/include/asm/debug-monitors.h
index 6e9b5b3..7fb3437 100644
--- a/arch/arm64/include/asm/debug-monitors.h
+++ b/arch/arm64/include/asm/debug-monitors.h
@@ -18,6 +18,15 @@
 
 #ifdef __KERNEL__
 
+/* Low-level stepping controls. */
+#define DBG_MDSCR_SS   (1 << 0)
+#define DBG_SPSR_SS(1 << 21)
+
+/* MDSCR_EL1 enabling bits */
+#define DBG_MDSCR_KDE  (1 << 13)
+#define DBG_MDSCR_MDE  (1 << 15)
+#define DBG_MDSCR_MASK ~(DBG_MDSCR_KDE | DBG_MDSCR_MDE)
+
 #defineDBG_ESR_EVT(x)  (((x) >> 27) & 0x7)
 
 /* AArch64 */
@@ -73,11 +82,6 @@
 
 #define CACHE_FLUSH_IS_SAFE1
 
-enum debug_el {
-   DBG_ACTIVE_EL0 = 0,
-   DBG_ACTIVE_EL1,
-};
-
 /* AArch32 */
 #define DBG_ESR_EVT_BKPT   0x4
 #define DBG_ESR_EVT_VECC   0x5
@@ -115,6 +119,11 @@ void unregister_break_hook(struct break_hook *hook);
 
 u8 debug_monitors_arch(void);
 
+enum debug_el {
+   DBG_ACTIVE_EL0 = 0,
+   DBG_ACTIVE_EL1,
+};
+
 void enable_debug_monitors(enum debug_el el);
 void disable_debug_monitors(enum debug_el el);
 
diff --git a/arch/arm64/kernel/debug-monitors.c 
b/arch/arm64/kernel/debug-monitors.c
index a7fb874..e022f87 100644
--- a/arch/arm64/kernel/debug-monitors.c
+++ b/arch/arm64/kernel/debug-monitors.c
@@ -30,15 +30,6 @@
 #include 
 #include 
 
-/* Low-level stepping controls. */
-#define DBG_MDSCR_SS   (1 << 0)
-#define DBG_SPSR_SS(1 << 21)
-
-/* MDSCR_EL1 enabling bits */
-#define DBG_MDSCR_KDE  (1 << 13)
-#define DBG_MDSCR_MDE  (1 << 15)
-#define DBG_MDSCR_MASK ~(DBG_MDSCR_KDE | DBG_MDSCR_MDE)
-
 /* Determine debug architecture. */
 u8 debug_monitors_arch(void)
 {
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 16/51] KVM: ARM: vgic: abstract VMCR access

[Christoffer Dall]

From: Marc Zyngier 

Instead of directly messing with with the GICH_VMCR bits for the CPU
interface save/restore code, add accessors that encode/decode the
entire set of registers exposed by VMCR.

Not the most efficient thing, but given that this code is only used
by the save/restore code, performance is far from being critical.

Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 include/kvm/arm_vgic.h |  9 +++
 virt/kvm/arm/vgic.c| 69 ++
 2 files changed, 62 insertions(+), 16 deletions(-)

diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index cdfa5d9..f515800 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -81,6 +81,13 @@ struct vgic_lr {
u8  state;
 };
 
+struct vgic_vmcr {
+   u32 ctlr;
+   u32 abpr;
+   u32 bpr;
+   u32 pmr;
+};
+
 struct vgic_ops {
struct vgic_lr  (*get_lr)(const struct kvm_vcpu *, int);
void(*set_lr)(struct kvm_vcpu *, int, struct vgic_lr);
@@ -90,6 +97,8 @@ struct vgic_ops {
u32 (*get_interrupt_status)(const struct kvm_vcpu *vcpu);
void(*enable_underflow)(struct kvm_vcpu *vcpu);
void(*disable_underflow)(struct kvm_vcpu *vcpu);
+   void(*get_vmcr)(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr);
+   void(*set_vmcr)(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr);
 };
 
 struct vgic_dist {
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 6d618e0..5c70639 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -100,8 +100,10 @@ static void vgic_kick_vcpus(struct kvm *kvm);
 static void vgic_dispatch_sgi(struct kvm_vcpu *vcpu, u32 reg);
 static struct vgic_lr vgic_get_lr(const struct kvm_vcpu *vcpu, int lr);
 static void vgic_set_lr(struct kvm_vcpu *vcpu, int lr, struct vgic_lr lr_desc);
-static u32 vgic_nr_lr;
+static void vgic_get_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr);
+static void vgic_set_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr);
 
+static u32 vgic_nr_lr;
 static unsigned int vgic_maint_irq;
 
 static u32 *vgic_bitmap_get_reg(struct vgic_bitmap *x,
@@ -1073,6 +1075,28 @@ static void vgic_v2_disable_underflow(struct kvm_vcpu 
*vcpu)
vcpu->arch.vgic_cpu.vgic_v2.vgic_hcr &= ~GICH_HCR_UIE;
 }
 
+static void vgic_v2_get_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcrp)
+{
+   u32 vmcr = vcpu->arch.vgic_cpu.vgic_v2.vgic_vmcr;
+
+   vmcrp->ctlr = (vmcr & GICH_VMCR_CTRL_MASK) >> GICH_VMCR_CTRL_SHIFT;
+   vmcrp->abpr = (vmcr & GICH_VMCR_ALIAS_BINPOINT_MASK) >> 
GICH_VMCR_ALIAS_BINPOINT_SHIFT;
+   vmcrp->bpr  = (vmcr & GICH_VMCR_BINPOINT_MASK) >> 
GICH_VMCR_BINPOINT_SHIFT;
+   vmcrp->pmr  = (vmcr & GICH_VMCR_PRIMASK_MASK) >> 
GICH_VMCR_PRIMASK_SHIFT;
+}
+
+static void vgic_v2_set_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcrp)
+{
+   u32 vmcr;
+
+   vmcr  = (vmcrp->ctlr << GICH_VMCR_CTRL_SHIFT) & GICH_VMCR_CTRL_MASK;
+   vmcr |= (vmcrp->abpr << GICH_VMCR_ALIAS_BINPOINT_SHIFT) & 
GICH_VMCR_ALIAS_BINPOINT_MASK;
+   vmcr |= (vmcrp->bpr << GICH_VMCR_BINPOINT_SHIFT) & 
GICH_VMCR_BINPOINT_MASK;
+   vmcr |= (vmcrp->pmr << GICH_VMCR_PRIMASK_SHIFT) & 
GICH_VMCR_PRIMASK_MASK;
+
+   vcpu->arch.vgic_cpu.vgic_v2.vgic_vmcr = vmcr;
+}
+
 static const struct vgic_ops vgic_ops = {
.get_lr = vgic_v2_get_lr,
.set_lr = vgic_v2_set_lr,
@@ -1082,6 +1106,8 @@ static const struct vgic_ops vgic_ops = {
.get_interrupt_status   = vgic_v2_get_interrupt_status,
.enable_underflow   = vgic_v2_enable_underflow,
.disable_underflow  = vgic_v2_disable_underflow,
+   .get_vmcr   = vgic_v2_get_vmcr,
+   .set_vmcr   = vgic_v2_set_vmcr,
 };
 
 static struct vgic_lr vgic_get_lr(const struct kvm_vcpu *vcpu, int lr)
@@ -1126,6 +1152,16 @@ static inline void vgic_disable_underflow(struct 
kvm_vcpu *vcpu)
vgic_ops.disable_underflow(vcpu);
 }
 
+static inline void vgic_get_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr)
+{
+   vgic_ops.get_vmcr(vcpu, vmcr);
+}
+
+static void vgic_set_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr)
+{
+   vgic_ops.set_vmcr(vcpu, vmcr);
+}
+
 static void vgic_retire_lr(int lr_nr, int irq, struct kvm_vcpu *vcpu)
 {
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
@@ -1879,39 +1915,40 @@ int kvm_vgic_addr(struct kvm *kvm, unsigned long type, 
u64 *addr, bool write)
 static bool handle_cpu_mmio_misc(struct kvm_vcpu *vcpu,
 struct kvm_exit_mmio *mmio, phys_addr_t offset)
 {
-   struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
-   u32 reg, mask = 0, shift = 0;
bool updated = false;
+   struct vgic_vmcr vmcr;
+   u32 *vmcr_field;
+   u32 reg;
+
+   vgic_get_vmcr(vcpu, &vmcr);
 
switch (offset & ~0x3) {
case GIC_CPU_CTRL:
-   mask = GICH_VMCR_CTRL_MASK;
- 

[GIT PULL 42/51] arm64: KVM: add trap handlers for AArch64 debug registers

[Christoffer Dall]

From: Marc Zyngier 

Add handlers for all the AArch64 debug registers that are accessible
from EL0 or EL1. The trapping code keeps track of the state of the
debug registers, allowing for the switch code to implement a lazy
switching strategy.

Reviewed-by: Anup Patel 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_asm.h  |  28 +--
 arch/arm64/include/asm/kvm_host.h |   3 +
 arch/arm64/kvm/sys_regs.c | 150 +-
 3 files changed, 172 insertions(+), 9 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index a28c35b..660f75c 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -45,14 +45,25 @@
 #defineAMAIR_EL1   19  /* Aux Memory Attribute Indirection 
Register */
 #defineCNTKCTL_EL1 20  /* Timer Control Register (EL1) */
 #definePAR_EL1 21  /* Physical Address Register */
+#define MDSCR_EL1  22  /* Monitor Debug System Control Register */
+#define DBGBCR0_EL123  /* Debug Breakpoint Control Registers (0-15) */
+#define DBGBCR15_EL1   38
+#define DBGBVR0_EL139  /* Debug Breakpoint Value Registers (0-15) */
+#define DBGBVR15_EL1   54
+#define DBGWCR0_EL155  /* Debug Watchpoint Control Registers (0-15) */
+#define DBGWCR15_EL1   70
+#define DBGWVR0_EL171  /* Debug Watchpoint Value Registers (0-15) */
+#define DBGWVR15_EL1   86
+#define MDCCINT_EL187  /* Monitor Debug Comms Channel Interrupt Enable 
Reg */
+
 /* 32bit specific registers. Keep them at the end of the range */
-#defineDACR32_EL2  22  /* Domain Access Control Register */
-#defineIFSR32_EL2  23  /* Instruction Fault Status Register */
-#defineFPEXC32_EL2 24  /* Floating-Point Exception Control 
Register */
-#defineDBGVCR32_EL225  /* Debug Vector Catch Register */
-#defineTEECR32_EL1 26  /* ThumbEE Configuration Register */
-#defineTEEHBR32_EL127  /* ThumbEE Handler Base Register */
-#defineNR_SYS_REGS 28
+#defineDACR32_EL2  88  /* Domain Access Control Register */
+#defineIFSR32_EL2  89  /* Instruction Fault Status Register */
+#defineFPEXC32_EL2 90  /* Floating-Point Exception Control 
Register */
+#defineDBGVCR32_EL291  /* Debug Vector Catch Register */
+#defineTEECR32_EL1 92  /* ThumbEE Configuration Register */
+#defineTEEHBR32_EL193  /* ThumbEE Handler Base Register */
+#defineNR_SYS_REGS 94
 
 /* 32bit mapping */
 #define c0_MPIDR   (MPIDR_EL1 * 2) /* MultiProcessor ID Register */
@@ -89,6 +100,9 @@
 #define ARM_EXCEPTION_IRQ0
 #define ARM_EXCEPTION_TRAP   1
 
+#define KVM_ARM64_DEBUG_DIRTY_SHIFT0
+#define KVM_ARM64_DEBUG_DIRTY  (1 << KVM_ARM64_DEBUG_DIRTY_SHIFT)
+
 #ifndef __ASSEMBLY__
 struct kvm;
 struct kvm_vcpu;
diff --git a/arch/arm64/include/asm/kvm_host.h 
b/arch/arm64/include/asm/kvm_host.h
index 503c706..8e410f7 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -101,6 +101,9 @@ struct kvm_vcpu_arch {
/* Exception Information */
struct kvm_vcpu_fault_info fault;
 
+   /* Debug state */
+   u64 debug_flags;
+
/* Pointer to host CPU context */
kvm_cpu_context_t *host_cpu_context;
 
diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index 492ba30..d53ce43 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -30,6 +30,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include "sys_regs.h"
@@ -171,6 +172,73 @@ static bool trap_raz_wi(struct kvm_vcpu *vcpu,
return read_zero(vcpu, p);
 }
 
+static bool trap_oslsr_el1(struct kvm_vcpu *vcpu,
+  const struct sys_reg_params *p,
+  const struct sys_reg_desc *r)
+{
+   if (p->is_write) {
+   return ignore_write(vcpu, p);
+   } else {
+   *vcpu_reg(vcpu, p->Rt) = (1 << 3);
+   return true;
+   }
+}
+
+static bool trap_dbgauthstatus_el1(struct kvm_vcpu *vcpu,
+  const struct sys_reg_params *p,
+  const struct sys_reg_desc *r)
+{
+   if (p->is_write) {
+   return ignore_write(vcpu, p);
+   } else {
+   u32 val;
+   asm volatile("mrs %0, dbgauthstatus_el1" : "=r" (val));
+   *vcpu_reg(vcpu, p->Rt) = val;
+   return true;
+   }
+}
+
+/*
+ * We want to avoid world-switching all the DBG registers all the
+ * time:
+ * 
+ * - If we've touched any debug register, it is likely that we're
+ *   going to touch more of them. It then makes sense to disable the
+ *   traps and start doing the save/restore dance
+ * - If debug is active (DB

[GIT PULL 40/51] arm64: KVM: rename pm_fake handler to trap_raz_wi

[Christoffer Dall]

From: Marc Zyngier 

pm_fake doesn't quite describe what the handler does (ignoring writes
and returning 0 for reads).

As we're about to use it (a lot) in a different context, rename it
with a (admitedly cryptic) name that make sense for all users.

Reviewed-by: Anup Patel 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/kvm/sys_regs.c | 83 ---
 1 file changed, 43 insertions(+), 40 deletions(-)

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index 56288f3..492ba30 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -161,18 +161,9 @@ static bool access_sctlr(struct kvm_vcpu *vcpu,
return true;
 }
 
-/*
- * We could trap ID_DFR0 and tell the guest we don't support performance
- * monitoring.  Unfortunately the patch to make the kernel check ID_DFR0 was
- * NAKed, so it will read the PMCR anyway.
- *
- * Therefore we tell the guest we have 0 counters.  Unfortunately, we
- * must always support PMCCNTR (the cycle counter): we just RAZ/WI for
- * all PM registers, which doesn't crash the guest kernel at least.
- */
-static bool pm_fake(struct kvm_vcpu *vcpu,
-   const struct sys_reg_params *p,
-   const struct sys_reg_desc *r)
+static bool trap_raz_wi(struct kvm_vcpu *vcpu,
+   const struct sys_reg_params *p,
+   const struct sys_reg_desc *r)
 {
if (p->is_write)
return ignore_write(vcpu, p);
@@ -199,6 +190,17 @@ static void reset_mpidr(struct kvm_vcpu *vcpu, const 
struct sys_reg_desc *r)
 /*
  * Architected system registers.
  * Important: Must be sorted ascending by Op0, Op1, CRn, CRm, Op2
+ *
+ * We could trap ID_DFR0 and tell the guest we don't support performance
+ * monitoring.  Unfortunately the patch to make the kernel check ID_DFR0 was
+ * NAKed, so it will read the PMCR anyway.
+ *
+ * Therefore we tell the guest we have 0 counters.  Unfortunately, we
+ * must always support PMCCNTR (the cycle counter): we just RAZ/WI for
+ * all PM registers, which doesn't crash the guest kernel at least.
+ *
+ * Same goes for the whole debug infrastructure, which probably breaks
+ * some guest functionnality. This should be fixed.
  */
 static const struct sys_reg_desc sys_reg_descs[] = {
/* DC ISW */
@@ -258,10 +260,10 @@ static const struct sys_reg_desc sys_reg_descs[] = {
 
/* PMINTENSET_EL1 */
{ Op0(0b11), Op1(0b000), CRn(0b1001), CRm(0b1110), Op2(0b001),
- pm_fake },
+ trap_raz_wi },
/* PMINTENCLR_EL1 */
{ Op0(0b11), Op1(0b000), CRn(0b1001), CRm(0b1110), Op2(0b010),
- pm_fake },
+ trap_raz_wi },
 
/* MAIR_EL1 */
{ Op0(0b11), Op1(0b000), CRn(0b1010), CRm(0b0010), Op2(0b000),
@@ -290,43 +292,43 @@ static const struct sys_reg_desc sys_reg_descs[] = {
 
/* PMCR_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1100), Op2(0b000),
- pm_fake },
+ trap_raz_wi },
/* PMCNTENSET_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1100), Op2(0b001),
- pm_fake },
+ trap_raz_wi },
/* PMCNTENCLR_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1100), Op2(0b010),
- pm_fake },
+ trap_raz_wi },
/* PMOVSCLR_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1100), Op2(0b011),
- pm_fake },
+ trap_raz_wi },
/* PMSWINC_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1100), Op2(0b100),
- pm_fake },
+ trap_raz_wi },
/* PMSELR_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1100), Op2(0b101),
- pm_fake },
+ trap_raz_wi },
/* PMCEID0_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1100), Op2(0b110),
- pm_fake },
+ trap_raz_wi },
/* PMCEID1_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1100), Op2(0b111),
- pm_fake },
+ trap_raz_wi },
/* PMCCNTR_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1101), Op2(0b000),
- pm_fake },
+ trap_raz_wi },
/* PMXEVTYPER_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1101), Op2(0b001),
- pm_fake },
+ trap_raz_wi },
/* PMXEVCNTR_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1101), Op2(0b010),
- pm_fake },
+ trap_raz_wi },
/* PMUSERENR_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1110), Op2(0b000),
- pm_fake },
+ trap_raz_wi },
/* PMOVSSET_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1001), CRm(0b1110), Op2(0b011),
- pm_fake },
+ trap_raz_wi },
 
/* TPIDR_EL0 */
{ Op0(0b11), Op1(0b011), CRn(0b1101), CRm(0b), Op2(0b010),
@@ -372,19 +374,20 @@ static const struct sys_reg_desc cp15_regs[] = {
{ Op1( 0), CRn( 7), CRm(10), Op2( 2), access_dcsw },
  

[GIT PULL 19/51] KVM: ARM: vgic: split GICv2 backend from the main vgic code

[Christoffer Dall]

From: Marc Zyngier 

Brutally hack the innocent vgic code, and move the GICv2 specific code
to its own file, using vgic_ops and vgic_params as a way to pass
information between the two blocks.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm/kvm/Makefile   |   1 +
 arch/arm64/kvm/Makefile |   2 +-
 include/kvm/arm_vgic.h  |  11 +-
 virt/kvm/arm/vgic-v2.c  | 248 
 virt/kvm/arm/vgic.c | 267 +---
 5 files changed, 304 insertions(+), 225 deletions(-)
 create mode 100644 virt/kvm/arm/vgic-v2.c

diff --git a/arch/arm/kvm/Makefile b/arch/arm/kvm/Makefile
index 789bca9..f7057ed 100644
--- a/arch/arm/kvm/Makefile
+++ b/arch/arm/kvm/Makefile
@@ -21,4 +21,5 @@ obj-y += kvm-arm.o init.o interrupts.o
 obj-y += arm.o handle_exit.o guest.o mmu.o emulate.o reset.o
 obj-y += coproc.o coproc_a15.o coproc_a7.o mmio.o psci.o perf.o
 obj-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic.o
+obj-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic-v2.o
 obj-$(CONFIG_KVM_ARM_TIMER) += $(KVM)/arm/arch_timer.o
diff --git a/arch/arm64/kvm/Makefile b/arch/arm64/kvm/Makefile
index 72a9fd5..7e92952 100644
--- a/arch/arm64/kvm/Makefile
+++ b/arch/arm64/kvm/Makefile
@@ -19,5 +19,5 @@ kvm-$(CONFIG_KVM_ARM_HOST) += emulate.o inject_fault.o 
regmap.o
 kvm-$(CONFIG_KVM_ARM_HOST) += hyp.o hyp-init.o handle_exit.o
 kvm-$(CONFIG_KVM_ARM_HOST) += guest.o reset.o sys_regs.o sys_regs_generic_v8.o
 
-kvm-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic.o
+kvm-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic.o $(KVM)/arm/vgic-v2.o
 kvm-$(CONFIG_KVM_ARM_TIMER) += $(KVM)/arm/arch_timer.o
diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index ce2e142..d8d52a9 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -32,7 +32,8 @@
 #define VGIC_NR_PRIVATE_IRQS   (VGIC_NR_SGIS + VGIC_NR_PPIS)
 #define VGIC_NR_SHARED_IRQS(VGIC_NR_IRQS - VGIC_NR_PRIVATE_IRQS)
 #define VGIC_MAX_CPUS  KVM_MAX_VCPUS
-#define VGIC_MAX_LRS   (1 << 6)
+
+#define VGIC_V2_MAX_LRS(1 << 6)
 
 /* Sanity checks... */
 #if (VGIC_MAX_CPUS > 8)
@@ -162,7 +163,7 @@ struct vgic_v2_cpu_if {
u32 vgic_eisr[2];   /* Saved only */
u32 vgic_elrsr[2];  /* Saved only */
u32 vgic_apr;
-   u32 vgic_lr[VGIC_MAX_LRS];
+   u32 vgic_lr[VGIC_V2_MAX_LRS];
 };
 
 struct vgic_cpu {
@@ -175,7 +176,7 @@ struct vgic_cpu {
DECLARE_BITMAP( pending_shared, VGIC_NR_SHARED_IRQS);
 
/* Bitmap of used/free list registers */
-   DECLARE_BITMAP( lr_used, VGIC_MAX_LRS);
+   DECLARE_BITMAP( lr_used, VGIC_V2_MAX_LRS);
 
/* Number of list registers on this CPU */
int nr_lr;
@@ -214,6 +215,10 @@ bool vgic_handle_mmio(struct kvm_vcpu *vcpu, struct 
kvm_run *run,
 #define irqchip_in_kernel(k)   (!!((k)->arch.vgic.vctrl_base))
 #define vgic_initialized(k)((k)->arch.vgic.ready)
 
+int vgic_v2_probe(struct device_node *vgic_node,
+ const struct vgic_ops **ops,
+ const struct vgic_params **params);
+
 #else
 static inline int kvm_vgic_hyp_init(void)
 {
diff --git a/virt/kvm/arm/vgic-v2.c b/virt/kvm/arm/vgic-v2.c
new file mode 100644
index 000..940418e
--- /dev/null
+++ b/virt/kvm/arm/vgic-v2.c
@@ -0,0 +1,248 @@
+/*
+ * Copyright (C) 2012,2013 ARM Limited, All Rights Reserved.
+ * Author: Marc Zyngier 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see .
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+
+#include 
+#include 
+#include 
+
+static struct vgic_lr vgic_v2_get_lr(const struct kvm_vcpu *vcpu, int lr)
+{
+   struct vgic_lr lr_desc;
+   u32 val = vcpu->arch.vgic_cpu.vgic_v2.vgic_lr[lr];
+
+   lr_desc.irq = val & GICH_LR_VIRTUALID;
+   if (lr_desc.irq <= 15)
+   lr_desc.source  = (val >> GICH_LR_PHYSID_CPUID_SHIFT) & 0x7;
+   else
+   lr_desc.source = 0;
+   lr_desc.state   = 0;
+
+   if (val & GICH_LR_PENDING_BIT)
+   lr_desc.state |= LR_STATE_PENDING;
+   if (val & GICH_LR_ACTIVE_BIT)
+   lr_desc.state |= LR_STATE_ACTIVE;
+   if (val & GICH_LR_EOI)
+   lr_desc.state |= LR_EOI_INT;
+
+   return lr_desc;
+}
+
+static void vgic_v2_set_lr(struct kvm_vcpu *vcpu, int lr,
+ 

[GIT PULL 18/51] KVM: ARM: introduce vgic_params structure

[Christoffer Dall]

From: Marc Zyngier 

Move all the data specific to a given GIC implementation into its own
little structure.

Acked-by: Catalin Marinas 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 include/kvm/arm_vgic.h | 11 
 virt/kvm/arm/vgic.c| 70 --
 2 files changed, 44 insertions(+), 37 deletions(-)

diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index 2228973..ce2e142 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -102,6 +102,17 @@ struct vgic_ops {
void(*enable)(struct kvm_vcpu *vcpu);
 };
 
+struct vgic_params {
+   /* Physical address of vgic virtual cpu interface */
+   phys_addr_t vcpu_base;
+   /* Number of list registers */
+   u32 nr_lr;
+   /* Interrupt number */
+   unsigned intmaint_irq;
+   /* Virtual control interface base address */
+   void __iomem*vctrl_base;
+};
+
 struct vgic_dist {
 #ifdef CONFIG_KVM_ARM_VGIC
spinlock_t  lock;
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 70f674b..f3a996d 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -76,14 +76,6 @@
 #define IMPLEMENTER_ARM0x43b
 #define GICC_ARCH_VERSION_V2   0x2
 
-/* Physical address of vgic virtual cpu interface */
-static phys_addr_t vgic_vcpu_base;
-
-/* Virtual control interface base address */
-static void __iomem *vgic_vctrl_base;
-
-static struct device_node *vgic_node;
-
 #define ACCESS_READ_VALUE  (1 << 0)
 #define ACCESS_READ_RAZ(0 << 0)
 #define ACCESS_READ_MASK(x)((x) & (1 << 0))
@@ -103,8 +95,7 @@ static void vgic_set_lr(struct kvm_vcpu *vcpu, int lr, 
struct vgic_lr lr_desc);
 static void vgic_get_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr);
 static void vgic_set_vmcr(struct kvm_vcpu *vcpu, struct vgic_vmcr *vmcr);
 
-static u32 vgic_nr_lr;
-static unsigned int vgic_maint_irq;
+static struct vgic_params vgic;
 
 static u32 *vgic_bitmap_get_reg(struct vgic_bitmap *x,
int cpuid, u32 offset)
@@ -1206,7 +1197,7 @@ static void vgic_retire_disabled_irqs(struct kvm_vcpu 
*vcpu)
struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
int lr;
 
-   for_each_set_bit(lr, vgic_cpu->lr_used, vgic_cpu->nr_lr) {
+   for_each_set_bit(lr, vgic_cpu->lr_used, vgic.nr_lr) {
struct vgic_lr vlr = vgic_get_lr(vcpu, lr);
 
if (!vgic_irq_is_enabled(vcpu, vlr.irq)) {
@@ -1250,8 +1241,8 @@ static bool vgic_queue_irq(struct kvm_vcpu *vcpu, u8 
sgi_source_id, int irq)
 
/* Try to use another LR for this interrupt */
lr = find_first_zero_bit((unsigned long *)vgic_cpu->lr_used,
-  vgic_cpu->nr_lr);
-   if (lr >= vgic_cpu->nr_lr)
+  vgic.nr_lr);
+   if (lr >= vgic.nr_lr)
return false;
 
kvm_debug("LR%d allocated for IRQ%d %x\n", lr, irq, sgi_source_id);
@@ -1377,7 +1368,6 @@ epilog:
 
 static bool vgic_process_maintenance(struct kvm_vcpu *vcpu)
 {
-   struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu;
u32 status = vgic_get_interrupt_status(vcpu);
bool level_pending = false;
 
@@ -1392,7 +1382,7 @@ static bool vgic_process_maintenance(struct kvm_vcpu 
*vcpu)
unsigned long *eisr_ptr = (unsigned long *)&eisr;
int lr;
 
-   for_each_set_bit(lr, eisr_ptr, vgic_cpu->nr_lr) {
+   for_each_set_bit(lr, eisr_ptr, vgic.nr_lr) {
struct vgic_lr vlr = vgic_get_lr(vcpu, lr);
 
vgic_irq_clear_active(vcpu, vlr.irq);
@@ -1440,7 +1430,7 @@ static void __kvm_vgic_sync_hwstate(struct kvm_vcpu *vcpu)
elrsr_ptr = (unsigned long *)&elrsr;
 
/* Clear mappings for empty LRs */
-   for_each_set_bit(lr, elrsr_ptr, vgic_cpu->nr_lr) {
+   for_each_set_bit(lr, elrsr_ptr, vgic.nr_lr) {
struct vgic_lr vlr;
 
if (!test_and_clear_bit(lr, vgic_cpu->lr_used))
@@ -1453,8 +1443,8 @@ static void __kvm_vgic_sync_hwstate(struct kvm_vcpu *vcpu)
}
 
/* Check if we still have something up our sleeve... */
-   pending = find_first_zero_bit(elrsr_ptr, vgic_cpu->nr_lr);
-   if (level_pending || pending < vgic_cpu->nr_lr)
+   pending = find_first_zero_bit(elrsr_ptr, vgic.nr_lr);
+   if (level_pending || pending < vgic.nr_lr)
set_bit(vcpu->vcpu_id, &dist->irq_pending_on_cpu);
 }
 
@@ -1643,7 +1633,12 @@ int kvm_vgic_vcpu_init(struct kvm_vcpu *vcpu)
vgic_cpu->vgic_irq_lr_map[i] = LR_EMPTY;
}
 
-   vgic_cpu->nr_lr = vgic_nr_lr;
+   /*
+* Store the number of LRs per vcpu, so we don't have to go
+* all the way to the distributor structure to find out. Only
+* assembly code should use this one.
+*/
+   vgic_cpu->nr_lr = vgic.nr_lr;
 
vgic_enable(vcpu);
 
@@ -

[GIT PULL 30/51] ARM: KVM: __kvm_vcpu_run function return result fix in BE case

[Christoffer Dall]

From: Victor Kamensky 

The __kvm_vcpu_run function returns a 64-bit result in two registers,
which has to be adjusted for BE case.

Signed-off-by: Victor Kamensky 
Acked-by: Christoffer Dall 
Acked-by: Marc Zyngier 
Signed-off-by: Marc Zyngier 
---
 arch/arm/kvm/interrupts.S | 5 +
 1 file changed, 5 insertions(+)

diff --git a/arch/arm/kvm/interrupts.S b/arch/arm/kvm/interrupts.S
index 24d4e65..01dcb0e 100644
--- a/arch/arm/kvm/interrupts.S
+++ b/arch/arm/kvm/interrupts.S
@@ -199,8 +199,13 @@ after_vfp_restore:
 
restore_host_regs
clrex   @ Clear exclusive monitor
+#ifndef CONFIG_CPU_ENDIAN_BE8
mov r0, r1  @ Return the return code
mov r1, #0  @ Clear upper bits in return value
+#else
+   @ r1 already has return code
+   mov r0, #0  @ Clear upper bits in return value
+#endif /* CONFIG_CPU_ENDIAN_BE8 */
bx  lr  @ return to IOCTL
 
 /
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 47/51] arm64: KVM: implement lazy world switch for debug registers

[Christoffer Dall]

From: Marc Zyngier 

Implement switching of the debug registers. While the number
of registers is massive, CPUs usually don't implement them all
(A57 has 6 breakpoints and 4 watchpoints, which gives us a total
of 22 registers "only").

Also, we only save/restore them when MDSCR_EL1 has debug enabled,
or when we've flagged the debug registers as dirty. It means that
most of the time, we only save/restore MDSCR_EL1.

Reviewed-by: Anup Patel 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/kernel/asm-offsets.c |   1 +
 arch/arm64/kvm/hyp.S| 463 +++-
 2 files changed, 458 insertions(+), 6 deletions(-)

diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c
index e74654c..9a9fce0 100644
--- a/arch/arm64/kernel/asm-offsets.c
+++ b/arch/arm64/kernel/asm-offsets.c
@@ -120,6 +120,7 @@ int main(void)
   DEFINE(VCPU_ESR_EL2, offsetof(struct kvm_vcpu, arch.fault.esr_el2));
   DEFINE(VCPU_FAR_EL2, offsetof(struct kvm_vcpu, arch.fault.far_el2));
   DEFINE(VCPU_HPFAR_EL2,   offsetof(struct kvm_vcpu, 
arch.fault.hpfar_el2));
+  DEFINE(VCPU_DEBUG_FLAGS, offsetof(struct kvm_vcpu, arch.debug_flags));
   DEFINE(VCPU_HCR_EL2, offsetof(struct kvm_vcpu, arch.hcr_el2));
   DEFINE(VCPU_IRQ_LINES,   offsetof(struct kvm_vcpu, arch.irq_lines));
   DEFINE(VCPU_HOST_CONTEXT,offsetof(struct kvm_vcpu, 
arch.host_cpu_context));
diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S
index 7874e02..100494b 100644
--- a/arch/arm64/kvm/hyp.S
+++ b/arch/arm64/kvm/hyp.S
@@ -20,6 +20,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -211,6 +212,7 @@
mrs x22,amair_el1
mrs x23,cntkctl_el1
mrs x24,par_el1
+   mrs x25,mdscr_el1
 
stp x4, x5, [x3]
stp x6, x7, [x3, #16]
@@ -222,7 +224,202 @@
stp x18, x19, [x3, #112]
stp x20, x21, [x3, #128]
stp x22, x23, [x3, #144]
-   str x24, [x3, #160]
+   stp x24, x25, [x3, #160]
+.endm
+
+.macro save_debug
+   // x2: base address for cpu context
+   // x3: tmp register
+
+   mrs x26, id_aa64dfr0_el1
+   ubfxx24, x26, #12, #4   // Extract BRPs
+   ubfxx25, x26, #20, #4   // Extract WRPs
+   mov w26, #15
+   sub w24, w26, w24   // How many BPs to skip
+   sub w25, w26, w25   // How many WPs to skip
+
+   add x3, x2, #CPU_SYSREG_OFFSET(DBGBCR0_EL1)
+
+   adr x26, 1f
+   add x26, x26, x24, lsl #2
+   br  x26
+1:
+   mrs x20, dbgbcr15_el1
+   mrs x19, dbgbcr14_el1
+   mrs x18, dbgbcr13_el1
+   mrs x17, dbgbcr12_el1
+   mrs x16, dbgbcr11_el1
+   mrs x15, dbgbcr10_el1
+   mrs x14, dbgbcr9_el1
+   mrs x13, dbgbcr8_el1
+   mrs x12, dbgbcr7_el1
+   mrs x11, dbgbcr6_el1
+   mrs x10, dbgbcr5_el1
+   mrs x9, dbgbcr4_el1
+   mrs x8, dbgbcr3_el1
+   mrs x7, dbgbcr2_el1
+   mrs x6, dbgbcr1_el1
+   mrs x5, dbgbcr0_el1
+
+   adr x26, 1f
+   add x26, x26, x24, lsl #2
+   br  x26
+
+1:
+   str x20, [x3, #(15 * 8)]
+   str x19, [x3, #(14 * 8)]
+   str x18, [x3, #(13 * 8)]
+   str x17, [x3, #(12 * 8)]
+   str x16, [x3, #(11 * 8)]
+   str x15, [x3, #(10 * 8)]
+   str x14, [x3, #(9 * 8)]
+   str x13, [x3, #(8 * 8)]
+   str x12, [x3, #(7 * 8)]
+   str x11, [x3, #(6 * 8)]
+   str x10, [x3, #(5 * 8)]
+   str x9, [x3, #(4 * 8)]
+   str x8, [x3, #(3 * 8)]
+   str x7, [x3, #(2 * 8)]
+   str x6, [x3, #(1 * 8)]
+   str x5, [x3, #(0 * 8)]
+
+   add x3, x2, #CPU_SYSREG_OFFSET(DBGBVR0_EL1)
+
+   adr x26, 1f
+   add x26, x26, x24, lsl #2
+   br  x26
+1:
+   mrs x20, dbgbvr15_el1
+   mrs x19, dbgbvr14_el1
+   mrs x18, dbgbvr13_el1
+   mrs x17, dbgbvr12_el1
+   mrs x16, dbgbvr11_el1
+   mrs x15, dbgbvr10_el1
+   mrs x14, dbgbvr9_el1
+   mrs x13, dbgbvr8_el1
+   mrs x12, dbgbvr7_el1
+   mrs x11, dbgbvr6_el1
+   mrs x10, dbgbvr5_el1
+   mrs x9, dbgbvr4_el1
+   mrs x8, dbgbvr3_el1
+   mrs x7, dbgbvr2_el1
+   mrs x6, dbgbvr1_el1
+   mrs x5, dbgbvr0_el1
+
+   adr x26, 1f
+   add x26, x26, x24, lsl #2
+   br  x26
+
+1:
+   str x20, [x3, #(15 * 8)]
+   str x19, [x3, #(14 * 8)]
+   str x18, [x3, #(13 * 8)]
+   str x17, [x3, #(12 * 8)]
+   str x16, [x3, #(11 * 8)]
+   str x15, [x3, #(10 * 8)]
+   str x14, [x3, #(9 * 8)]
+   str x13, [x3, #(8 * 8)]
+   str x12, [x3, #(7 * 8)]
+   str x11, [x3, #(6 * 8)]
+ 

[GIT PULL 33/51] ARM: KVM: one_reg coproc set and get BE fixes

[Christoffer Dall]

From: Victor Kamensky 

Fix code that handles KVM_SET_ONE_REG, KVM_GET_ONE_REG ioctls to work in BE
image. Before this fix get/set_one_reg functions worked correctly only in
LE case - reg_from_user was taking 'void *' kernel address that actually could
be target/source memory of either 4 bytes size or 8 bytes size, and code copied
from/to user memory that could hold either 4 bytes register, 8 byte register
or pair of 4 bytes registers.

In order to work in endian agnostic way reg_from_user to reg_to_user functions
should copy register value only to kernel variable with size that matches
register size. In few place where size mismatch existed fix issue on macro
caller side.

Signed-off-by: Victor Kamensky 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm/kvm/coproc.c | 88 +--
 1 file changed, 79 insertions(+), 9 deletions(-)

diff --git a/arch/arm/kvm/coproc.c b/arch/arm/kvm/coproc.c
index c58a351..37a0fe1 100644
--- a/arch/arm/kvm/coproc.c
+++ b/arch/arm/kvm/coproc.c
@@ -44,6 +44,31 @@ static u32 cache_levels;
 /* CSSELR values; used to index KVM_REG_ARM_DEMUX_ID_CCSIDR */
 #define CSSELR_MAX 12
 
+/*
+ * kvm_vcpu_arch.cp15 holds cp15 registers as an array of u32, but some
+ * of cp15 registers can be viewed either as couple of two u32 registers
+ * or one u64 register. Current u64 register encoding is that least
+ * significant u32 word is followed by most significant u32 word.
+ */
+static inline void vcpu_cp15_reg64_set(struct kvm_vcpu *vcpu,
+  const struct coproc_reg *r,
+  u64 val)
+{
+   vcpu->arch.cp15[r->reg] = val & 0x;
+   vcpu->arch.cp15[r->reg + 1] = val >> 32;
+}
+
+static inline u64 vcpu_cp15_reg64_get(struct kvm_vcpu *vcpu,
+ const struct coproc_reg *r)
+{
+   u64 val;
+
+   val = vcpu->arch.cp15[r->reg + 1];
+   val = val << 32;
+   val = val | vcpu->arch.cp15[r->reg];
+   return val;
+}
+
 int kvm_handle_cp10_id(struct kvm_vcpu *vcpu, struct kvm_run *run)
 {
kvm_inject_undefined(vcpu);
@@ -682,17 +707,23 @@ static struct coproc_reg invariant_cp15[] = {
{ CRn( 0), CRm( 0), Op1( 1), Op2( 7), is32, NULL, get_AIDR },
 };
 
+/*
+ * Reads a register value from a userspace address to a kernel
+ * variable. Make sure that register size matches sizeof(*__val).
+ */
 static int reg_from_user(void *val, const void __user *uaddr, u64 id)
 {
-   /* This Just Works because we are little endian. */
if (copy_from_user(val, uaddr, KVM_REG_SIZE(id)) != 0)
return -EFAULT;
return 0;
 }
 
+/*
+ * Writes a register value to a userspace address from a kernel variable.
+ * Make sure that register size matches sizeof(*__val).
+ */
 static int reg_to_user(void __user *uaddr, const void *val, u64 id)
 {
-   /* This Just Works because we are little endian. */
if (copy_to_user(uaddr, val, KVM_REG_SIZE(id)) != 0)
return -EFAULT;
return 0;
@@ -702,6 +733,7 @@ static int get_invariant_cp15(u64 id, void __user *uaddr)
 {
struct coproc_params params;
const struct coproc_reg *r;
+   int ret;
 
if (!index_to_params(id, ¶ms))
return -ENOENT;
@@ -710,7 +742,15 @@ static int get_invariant_cp15(u64 id, void __user *uaddr)
if (!r)
return -ENOENT;
 
-   return reg_to_user(uaddr, &r->val, id);
+   ret = -ENOENT;
+   if (KVM_REG_SIZE(id) == 4) {
+   u32 val = r->val;
+
+   ret = reg_to_user(uaddr, &val, id);
+   } else if (KVM_REG_SIZE(id) == 8) {
+   ret = reg_to_user(uaddr, &r->val, id);
+   }
+   return ret;
 }
 
 static int set_invariant_cp15(u64 id, void __user *uaddr)
@@ -718,7 +758,7 @@ static int set_invariant_cp15(u64 id, void __user *uaddr)
struct coproc_params params;
const struct coproc_reg *r;
int err;
-   u64 val = 0; /* Make sure high bits are 0 for 32-bit regs */
+   u64 val;
 
if (!index_to_params(id, ¶ms))
return -ENOENT;
@@ -726,7 +766,16 @@ static int set_invariant_cp15(u64 id, void __user *uaddr)
if (!r)
return -ENOENT;
 
-   err = reg_from_user(&val, uaddr, id);
+   err = -ENOENT;
+   if (KVM_REG_SIZE(id) == 4) {
+   u32 val32;
+
+   err = reg_from_user(&val32, uaddr, id);
+   if (!err)
+   val = val32;
+   } else if (KVM_REG_SIZE(id) == 8) {
+   err = reg_from_user(&val, uaddr, id);
+   }
if (err)
return err;
 
@@ -1004,6 +1053,7 @@ int kvm_arm_coproc_get_reg(struct kvm_vcpu *vcpu, const 
struct kvm_one_reg *reg)
 {
const struct coproc_reg *r;
void __user *uaddr = (void __user *)(long)reg->addr;
+   int ret;
 
if ((reg->id & KVM_REG_ARM_COPROC_MASK) == KVM_REG_ARM_DEMU

[GIT PULL 26/51] arm64: KVM: vgic: enable GICv2 emulation on top on GICv3 hardware

[Christoffer Dall]

From: Marc Zyngier 

Add the last missing bits that enable GICv2 emulation on top of
GICv3 hardware.

Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_host.h | 7 +++
 arch/arm64/kvm/Makefile   | 2 ++
 virt/kvm/arm/vgic.c   | 1 +
 3 files changed, 10 insertions(+)

diff --git a/arch/arm64/include/asm/kvm_host.h 
b/arch/arm64/include/asm/kvm_host.h
index 4c182d0..4ae9213 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -216,6 +216,13 @@ static inline void vgic_arch_setup(const struct 
vgic_params *vgic)
__vgic_sr_vectors.restore_vgic  = __restore_vgic_v2_state;
break;
 
+#ifdef CONFIG_ARM_GIC_V3
+   case VGIC_V3:
+   __vgic_sr_vectors.save_vgic = __save_vgic_v3_state;
+   __vgic_sr_vectors.restore_vgic  = __restore_vgic_v3_state;
+   break;
+#endif
+
default:
BUG();
}
diff --git a/arch/arm64/kvm/Makefile b/arch/arm64/kvm/Makefile
index daf24dc..32a0961 100644
--- a/arch/arm64/kvm/Makefile
+++ b/arch/arm64/kvm/Makefile
@@ -22,4 +22,6 @@ kvm-$(CONFIG_KVM_ARM_HOST) += guest.o reset.o sys_regs.o 
sys_regs_generic_v8.o
 kvm-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic.o
 kvm-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic-v2.o
 kvm-$(CONFIG_KVM_ARM_VGIC) += vgic-v2-switch.o
+kvm-$(CONFIG_KVM_ARM_VGIC) += $(KVM)/arm/vgic-v3.o
+kvm-$(CONFIG_KVM_ARM_VGIC) += vgic-v3-switch.o
 kvm-$(CONFIG_KVM_ARM_TIMER) += $(KVM)/arm/arch_timer.o
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 7867b9a..795ab48 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1530,6 +1530,7 @@ static struct notifier_block vgic_cpu_nb = {
 
 static const struct of_device_id vgic_ids[] = {
{ .compatible = "arm,cortex-a15-gic", .data = vgic_v2_probe, },
+   { .compatible = "arm,gic-v3", .data = vgic_v3_probe, },
{},
 };
 
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 35/51] ARM64: KVM: MMIO support BE host running LE code

[Christoffer Dall]

From: Victor Kamensky 

In case of guest CPU running in LE mode and host runs in
BE mode we need byteswap data, so read/write is emulated correctly.

Signed-off-by: Victor Kamensky 
Reviewed-by: Christoffer Dall 
Reviewed-by: Marc Zyngier 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_emulate.h | 22 ++
 1 file changed, 22 insertions(+)

diff --git a/arch/arm64/include/asm/kvm_emulate.h 
b/arch/arm64/include/asm/kvm_emulate.h
index dd8ecfc3..fdc3e21 100644
--- a/arch/arm64/include/asm/kvm_emulate.h
+++ b/arch/arm64/include/asm/kvm_emulate.h
@@ -213,6 +213,17 @@ static inline unsigned long vcpu_data_guest_to_host(struct 
kvm_vcpu *vcpu,
default:
return be64_to_cpu(data);
}
+   } else {
+   switch (len) {
+   case 1:
+   return data & 0xff;
+   case 2:
+   return le16_to_cpu(data & 0x);
+   case 4:
+   return le32_to_cpu(data & 0x);
+   default:
+   return le64_to_cpu(data);
+   }
}
 
return data;/* Leave LE untouched */
@@ -233,6 +244,17 @@ static inline unsigned long vcpu_data_host_to_guest(struct 
kvm_vcpu *vcpu,
default:
return cpu_to_be64(data);
}
+   } else {
+   switch (len) {
+   case 1:
+   return data & 0xff;
+   case 2:
+   return cpu_to_le16(data & 0x);
+   case 4:
+   return cpu_to_le32(data & 0x);
+   default:
+   return cpu_to_le64(data);
+   }
}
 
return data;/* Leave LE untouched */
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 31/51] ARM: KVM: vgic mmio should hold data as LE bytes array in BE case

[Christoffer Dall]

From: Victor Kamensky 

According to recent clarifications of mmio.data array meaning -
the mmio.data array should hold bytes as they would appear in
memory. Vgic is little endian device. And in case of BE image
kernel side that emulates vgic, holds data in BE form. So we
need to byteswap cpu<->le32 vgic registers when we read/write them
from mmio.data[].

Change has no effect in LE case because cpu already runs in le32.

Signed-off-by: Victor Kamensky 
Reviewed-by: Christoffer Dall 
Acked-by: Marc Zyngier 
Signed-off-by: Marc Zyngier 
---
 virt/kvm/arm/vgic.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 795ab48..b0edc8c 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -238,12 +238,12 @@ static void vgic_cpu_irq_clear(struct kvm_vcpu *vcpu, int 
irq)
 
 static u32 mmio_data_read(struct kvm_exit_mmio *mmio, u32 mask)
 {
-   return *((u32 *)mmio->data) & mask;
+   return le32_to_cpu(*((u32 *)mmio->data)) & mask;
 }
 
 static void mmio_data_write(struct kvm_exit_mmio *mmio, u32 mask, u32 value)
 {
-   *((u32 *)mmio->data) = value & mask;
+   *((u32 *)mmio->data) = cpu_to_le32(value) & mask;
 }
 
 /**
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 04/51] ARM: KVM: Unmap IPA on memslot delete/move

[Christoffer Dall]

From: Eric Auger 

Currently when a KVM region is deleted or moved after
KVM_SET_USER_MEMORY_REGION ioctl, the corresponding
intermediate physical memory is not unmapped.

This patch corrects this and unmaps the region's IPA range
in kvm_arch_commit_memory_region using unmap_stage2_range.

Signed-off-by: Eric Auger 
Signed-off-by: Christoffer Dall 
---
 arch/arm/kvm/arm.c | 37 -
 arch/arm/kvm/mmu.c | 46 ++
 2 files changed, 46 insertions(+), 37 deletions(-)

diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c
index 3c82b37..d7424ef 100644
--- a/arch/arm/kvm/arm.c
+++ b/arch/arm/kvm/arm.c
@@ -155,16 +155,6 @@ int kvm_arch_vcpu_fault(struct kvm_vcpu *vcpu, struct 
vm_fault *vmf)
return VM_FAULT_SIGBUS;
 }
 
-void kvm_arch_free_memslot(struct kvm *kvm, struct kvm_memory_slot *free,
-  struct kvm_memory_slot *dont)
-{
-}
-
-int kvm_arch_create_memslot(struct kvm *kvm, struct kvm_memory_slot *slot,
-   unsigned long npages)
-{
-   return 0;
-}
 
 /**
  * kvm_arch_destroy_vm - destroy the VM data structure
@@ -225,33 +215,6 @@ long kvm_arch_dev_ioctl(struct file *filp,
return -EINVAL;
 }
 
-void kvm_arch_memslots_updated(struct kvm *kvm)
-{
-}
-
-int kvm_arch_prepare_memory_region(struct kvm *kvm,
-  struct kvm_memory_slot *memslot,
-  struct kvm_userspace_memory_region *mem,
-  enum kvm_mr_change change)
-{
-   return 0;
-}
-
-void kvm_arch_commit_memory_region(struct kvm *kvm,
-  struct kvm_userspace_memory_region *mem,
-  const struct kvm_memory_slot *old,
-  enum kvm_mr_change change)
-{
-}
-
-void kvm_arch_flush_shadow_all(struct kvm *kvm)
-{
-}
-
-void kvm_arch_flush_shadow_memslot(struct kvm *kvm,
-  struct kvm_memory_slot *slot)
-{
-}
 
 struct kvm_vcpu *kvm_arch_vcpu_create(struct kvm *kvm, unsigned int id)
 {
diff --git a/arch/arm/kvm/mmu.c b/arch/arm/kvm/mmu.c
index 2336061..b2a708b 100644
--- a/arch/arm/kvm/mmu.c
+++ b/arch/arm/kvm/mmu.c
@@ -,3 +,49 @@ out:
free_hyp_pgds();
return err;
 }
+
+void kvm_arch_commit_memory_region(struct kvm *kvm,
+  struct kvm_userspace_memory_region *mem,
+  const struct kvm_memory_slot *old,
+  enum kvm_mr_change change)
+{
+   gpa_t gpa = old->base_gfn << PAGE_SHIFT;
+   phys_addr_t size = old->npages << PAGE_SHIFT;
+   if (change == KVM_MR_DELETE || change == KVM_MR_MOVE) {
+   spin_lock(&kvm->mmu_lock);
+   unmap_stage2_range(kvm, gpa, size);
+   spin_unlock(&kvm->mmu_lock);
+   }
+}
+
+int kvm_arch_prepare_memory_region(struct kvm *kvm,
+  struct kvm_memory_slot *memslot,
+  struct kvm_userspace_memory_region *mem,
+  enum kvm_mr_change change)
+{
+   return 0;
+}
+
+void kvm_arch_free_memslot(struct kvm *kvm, struct kvm_memory_slot *free,
+  struct kvm_memory_slot *dont)
+{
+}
+
+int kvm_arch_create_memslot(struct kvm *kvm, struct kvm_memory_slot *slot,
+   unsigned long npages)
+{
+   return 0;
+}
+
+void kvm_arch_memslots_updated(struct kvm *kvm)
+{
+}
+
+void kvm_arch_flush_shadow_all(struct kvm *kvm)
+{
+}
+
+void kvm_arch_flush_shadow_memslot(struct kvm *kvm,
+  struct kvm_memory_slot *slot)
+{
+}
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 32/51] ARM: KVM: MMIO support BE host running LE code

[Christoffer Dall]

From: Victor Kamensky 

In case of status register E bit is not set (LE mode) and host runs in
BE mode we need byteswap data, so read/write is emulated correctly.

Signed-off-by: Victor Kamensky 
Reviewed-by: Christoffer Dall 
Reviewed-by: Marc Zyngier 
Signed-off-by: Marc Zyngier 
---
 arch/arm/include/asm/kvm_emulate.h | 22 ++
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/arch/arm/include/asm/kvm_emulate.h 
b/arch/arm/include/asm/kvm_emulate.h
index 0fa90c9..69b7469 100644
--- a/arch/arm/include/asm/kvm_emulate.h
+++ b/arch/arm/include/asm/kvm_emulate.h
@@ -185,9 +185,16 @@ static inline unsigned long vcpu_data_guest_to_host(struct 
kvm_vcpu *vcpu,
default:
return be32_to_cpu(data);
}
+   } else {
+   switch (len) {
+   case 1:
+   return data & 0xff;
+   case 2:
+   return le16_to_cpu(data & 0x);
+   default:
+   return le32_to_cpu(data);
+   }
}
-
-   return data;/* Leave LE untouched */
 }
 
 static inline unsigned long vcpu_data_host_to_guest(struct kvm_vcpu *vcpu,
@@ -203,9 +210,16 @@ static inline unsigned long vcpu_data_host_to_guest(struct 
kvm_vcpu *vcpu,
default:
return cpu_to_be32(data);
}
+   } else {
+   switch (len) {
+   case 1:
+   return data & 0xff;
+   case 2:
+   return cpu_to_le16(data & 0x);
+   default:
+   return cpu_to_le32(data);
+   }
}
-
-   return data;/* Leave LE untouched */
 }
 
 #endif /* __ARM_KVM_EMULATE_H__ */
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 08/51] arm64: GICv3 device tree binding documentation

[Christoffer Dall]

From: Marc Zyngier 

Add the necessary documentation to support GICv3.

Cc: Thomas Gleixner 
Cc: Mark Rutland 
Acked-by: Catalin Marinas 
Acked-by: Rob Herring 
Acked-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 Documentation/devicetree/bindings/arm/gic-v3.txt | 79 
 1 file changed, 79 insertions(+)
 create mode 100644 Documentation/devicetree/bindings/arm/gic-v3.txt

diff --git a/Documentation/devicetree/bindings/arm/gic-v3.txt 
b/Documentation/devicetree/bindings/arm/gic-v3.txt
new file mode 100644
index 000..33cd05e
--- /dev/null
+++ b/Documentation/devicetree/bindings/arm/gic-v3.txt
@@ -0,0 +1,79 @@
+* ARM Generic Interrupt Controller, version 3
+
+AArch64 SMP cores are often associated with a GICv3, providing Private
+Peripheral Interrupts (PPI), Shared Peripheral Interrupts (SPI),
+Software Generated Interrupts (SGI), and Locality-specific Peripheral
+Interrupts (LPI).
+
+Main node required properties:
+
+- compatible : should at least contain  "arm,gic-v3".
+- interrupt-controller : Identifies the node as an interrupt controller
+- #interrupt-cells : Specifies the number of cells needed to encode an
+  interrupt source. Must be a single cell with a value of at least 3.
+
+  The 1st cell is the interrupt type; 0 for SPI interrupts, 1 for PPI
+  interrupts. Other values are reserved for future use.
+
+  The 2nd cell contains the interrupt number for the interrupt type.
+  SPI interrupts are in the range [0-987]. PPI interrupts are in the
+  range [0-15].
+
+  The 3rd cell is the flags, encoded as follows:
+   bits[3:0] trigger type and level flags.
+   1 = edge triggered
+   4 = level triggered
+
+  Cells 4 and beyond are reserved for future use. When the 1st cell
+  has a value of 0 or 1, cells 4 and beyond act as padding, and may be
+  ignored. It is recommended that padding cells have a value of 0.
+
+- reg : Specifies base physical address(s) and size of the GIC
+  registers, in the following order:
+  - GIC Distributor interface (GICD)
+  - GIC Redistributors (GICR), one range per redistributor region
+  - GIC CPU interface (GICC)
+  - GIC Hypervisor interface (GICH)
+  - GIC Virtual CPU interface (GICV)
+
+  GICC, GICH and GICV are optional.
+
+- interrupts : Interrupt source of the VGIC maintenance interrupt.
+
+Optional
+
+- redistributor-stride : If using padding pages, specifies the stride
+  of consecutive redistributors. Must be a multiple of 64kB.
+
+- #redistributor-regions: The number of independent contiguous regions
+  occupied by the redistributors. Required if more than one such
+  region is present.
+
+Examples:
+
+   gic: interrupt-controller@2cf0 {
+   compatible = "arm,gic-v3";
+   #interrupt-cells = <3>;
+   interrupt-controller;
+   reg = <0x0 0x2f00 0 0x1>,   // GICD
+ <0x0 0x2f10 0 0x20>,  // GICR
+ <0x0 0x2c00 0 0x2000>,// GICC
+ <0x0 0x2c01 0 0x2000>,// GICH
+ <0x0 0x2c02 0 0x2000>;// GICV
+   interrupts = <1 9 4>;
+   };
+
+   gic: interrupt-controller@2c01 {
+   compatible = "arm,gic-v3";
+   #interrupt-cells = <3>;
+   interrupt-controller;
+   redistributor-stride = <0x0 0x4>;   // 256kB stride
+   #redistributor-regions = <2>;
+   reg = <0x0 0x2c01 0 0x1>,   // GICD
+ <0x0 0x2d00 0 0x80>,  // GICR 1: CPUs 0-31
+ <0x0 0x2e00 0 0x80>;  // GICR 2: CPUs 32-63
+ <0x0 0x2c04 0 0x2000>,// GICC
+ <0x0 0x2c06 0 0x2000>,// GICH
+ <0x0 0x2c08 0 0x2000>;// GICV
+   interrupts = <1 9 4>;
+   };
-- 
2.0.0

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 46/51] arm64: KVM: add trap handlers for AArch32 debug registers

[Christoffer Dall]

From: Marc Zyngier 

Add handlers for all the AArch32 debug registers that are accessible
from EL0 or EL1. The code follow the same strategy as the AArch64
counterpart with regards to tracking the dirty state of the debug
registers.

Reviewed-by: Anup Patel 
Reviewed-by: Christoffer Dall 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_asm.h |   9 +++
 arch/arm64/kvm/sys_regs.c| 144 ++-
 2 files changed, 151 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index 69027de..4838421 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -95,6 +95,15 @@
 #define c10_AMAIR0 (AMAIR_EL1 * 2) /* Aux Memory Attr Indirection Reg */
 #define c10_AMAIR1 (c10_AMAIR0 + 1)/* Aux Memory Attr Indirection Reg */
 #define c14_CNTKCTL(CNTKCTL_EL1 * 2) /* Timer Control Register (PL1) */
+
+#define cp14_DBGDSCRext(MDSCR_EL1 * 2)
+#define cp14_DBGBCR0   (DBGBCR0_EL1 * 2)
+#define cp14_DBGBVR0   (DBGBVR0_EL1 * 2)
+#define cp14_DBGBXVR0  (cp14_DBGBVR0 + 1)
+#define cp14_DBGWCR0   (DBGWCR0_EL1 * 2)
+#define cp14_DBGWVR0   (DBGWVR0_EL1 * 2)
+#define cp14_DBGDCCINT (MDCCINT_EL1 * 2)
+
 #define NR_COPRO_REGS  (NR_SYS_REGS * 2)
 
 #define ARM_EXCEPTION_IRQ0
diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index 8ab47c7..a4fd526 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -494,12 +494,153 @@ static const struct sys_reg_desc sys_reg_descs[] = {
  NULL, reset_val, FPEXC32_EL2, 0x70 },
 };
 
-/* Trapped cp14 registers */
+static bool trap_dbgidr(struct kvm_vcpu *vcpu,
+   const struct sys_reg_params *p,
+   const struct sys_reg_desc *r)
+{
+   if (p->is_write) {
+   return ignore_write(vcpu, p);
+   } else {
+   u64 dfr = read_cpuid(ID_AA64DFR0_EL1);
+   u64 pfr = read_cpuid(ID_AA64PFR0_EL1);
+   u32 el3 = !!((pfr >> 12) & 0xf);
+
+   *vcpu_reg(vcpu, p->Rt) = dfr >> 20) & 0xf) << 28) |
+ (((dfr >> 12) & 0xf) << 24) |
+ (((dfr >> 28) & 0xf) << 20) |
+ (6 << 16) | (el3 << 14) | (el3 << 
12));
+   return true;
+   }
+}
+
+static bool trap_debug32(struct kvm_vcpu *vcpu,
+const struct sys_reg_params *p,
+const struct sys_reg_desc *r)
+{
+   if (p->is_write) {
+   vcpu_cp14(vcpu, r->reg) = *vcpu_reg(vcpu, p->Rt);
+   vcpu->arch.debug_flags |= KVM_ARM64_DEBUG_DIRTY;
+   } else {
+   *vcpu_reg(vcpu, p->Rt) = vcpu_cp14(vcpu, r->reg);
+   }
+
+   return true;
+}
+
+#define DBG_BCR_BVR_WCR_WVR(n) \
+   /* DBGBVRn */   \
+   { Op1( 0), CRn( 0), CRm((n)), Op2( 4), trap_debug32,\
+ NULL, (cp14_DBGBVR0 + (n) * 2) }, \
+   /* DBGBCRn */   \
+   { Op1( 0), CRn( 0), CRm((n)), Op2( 5), trap_debug32,\
+ NULL, (cp14_DBGBCR0 + (n) * 2) }, \
+   /* DBGWVRn */   \
+   { Op1( 0), CRn( 0), CRm((n)), Op2( 6), trap_debug32,\
+ NULL, (cp14_DBGWVR0 + (n) * 2) }, \
+   /* DBGWCRn */   \
+   { Op1( 0), CRn( 0), CRm((n)), Op2( 7), trap_debug32,\
+ NULL, (cp14_DBGWCR0 + (n) * 2) }
+
+#define DBGBXVR(n) \
+   { Op1( 0), CRn( 1), CRm((n)), Op2( 1), trap_debug32,\
+ NULL, cp14_DBGBXVR0 + n * 2 }
+
+/*
+ * Trapped cp14 registers. We generally ignore most of the external
+ * debug, on the principle that they don't really make sense to a
+ * guest. Revisit this one day, whould this principle change.
+ */
 static const struct sys_reg_desc cp14_regs[] = {
+   /* DBGIDR */
+   { Op1( 0), CRn( 0), CRm( 0), Op2( 0), trap_dbgidr },
+   /* DBGDTRRXext */
+   { Op1( 0), CRn( 0), CRm( 0), Op2( 2), trap_raz_wi },
+
+   DBG_BCR_BVR_WCR_WVR(0),
+   /* DBGDSCRint */
+   { Op1( 0), CRn( 0), CRm( 1), Op2( 0), trap_raz_wi },
+   DBG_BCR_BVR_WCR_WVR(1),
+   /* DBGDCCINT */
+   { Op1( 0), CRn( 0), CRm( 2), Op2( 0), trap_debug32 },
+   /* DBGDSCRext */
+   { Op1( 0), CRn( 0), CRm( 2), Op2( 2), trap_debug32 },
+   DBG_BCR_BVR_WCR_WVR(2),
+   /* DBGDTR[RT]Xint */
+   { Op1( 0), CRn( 0), CRm( 3), Op2( 0), trap_raz_wi },
+   /* DBGDTR[RT]Xext */
+   { Op1( 0), CRn( 0), CRm( 3), Op2( 2), trap_raz_wi },
+   DBG_BCR_BVR_WCR_WVR(3),
+   DBG_BCR_BVR_WCR_WVR(4),
+   DBG_BCR_BVR_WCR_WVR(5),
+   /* DBGWFAR */
+   { Op1( 0), CRn( 0), CRm( 6), Op2( 0), trap_raz_wi },

[GIT PULL 24/51] KVM: ARM: vgic: add the GICv3 backend

[Christoffer Dall]

From: Marc Zyngier 

Introduce the support code for emulating a GICv2 on top of GICv3
hardware.

Acked-by: Catalin Marinas 
Signed-off-by: Marc Zyngier 
---
 arch/arm64/include/asm/kvm_asm.h |   2 +
 arch/arm64/kvm/vgic-v3-switch.S  |  29 +
 include/kvm/arm_vgic.h   |  28 +
 virt/kvm/arm/vgic-v3.c   | 231 +++
 4 files changed, 290 insertions(+)
 create mode 100644 arch/arm64/kvm/vgic-v3-switch.S
 create mode 100644 virt/kvm/arm/vgic-v3.c

diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index 6252264..ed4987b 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -106,6 +106,8 @@ extern void __kvm_tlb_flush_vmid_ipa(struct kvm *kvm, 
phys_addr_t ipa);
 
 extern int __kvm_vcpu_run(struct kvm_vcpu *vcpu);
 
+extern u64 __vgic_v3_get_ich_vtr_el2(void);
+
 extern char __save_vgic_v2_state[];
 extern char __restore_vgic_v2_state[];
 
diff --git a/arch/arm64/kvm/vgic-v3-switch.S b/arch/arm64/kvm/vgic-v3-switch.S
new file mode 100644
index 000..9fbf273
--- /dev/null
+++ b/arch/arm64/kvm/vgic-v3-switch.S
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2012,2013 - ARM Ltd
+ * Author: Marc Zyngier 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see .
+ */
+
+#include 
+#include 
+
+   .text
+   .pushsection.hyp.text, "ax"
+
+ENTRY(__vgic_v3_get_ich_vtr_el2)
+   mrs x0, ICH_VTR_EL2
+   ret
+ENDPROC(__vgic_v3_get_ich_vtr_el2)
+
+   .popsection
diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h
index 65f1121..35b0c12 100644
--- a/include/kvm/arm_vgic.h
+++ b/include/kvm/arm_vgic.h
@@ -33,6 +33,7 @@
 #define VGIC_MAX_CPUS  KVM_MAX_VCPUS
 
 #define VGIC_V2_MAX_LRS(1 << 6)
+#define VGIC_V3_MAX_LRS16
 
 /* Sanity checks... */
 #if (VGIC_MAX_CPUS > 8)
@@ -72,6 +73,7 @@ struct kvm_vcpu;
 
 enum vgic_type {
VGIC_V2,/* Good ol' GICv2 */
+   VGIC_V3,/* New fancy GICv3 */
 };
 
 #define LR_STATE_PENDING   (1 << 0)
@@ -172,6 +174,19 @@ struct vgic_v2_cpu_if {
u32 vgic_lr[VGIC_V2_MAX_LRS];
 };
 
+struct vgic_v3_cpu_if {
+#ifdef CONFIG_ARM_GIC_V3
+   u32 vgic_hcr;
+   u32 vgic_vmcr;
+   u32 vgic_misr;  /* Saved only */
+   u32 vgic_eisr;  /* Saved only */
+   u32 vgic_elrsr; /* Saved only */
+   u32 vgic_ap0r[4];
+   u32 vgic_ap1r[4];
+   u64 vgic_lr[VGIC_V3_MAX_LRS];
+#endif
+};
+
 struct vgic_cpu {
 #ifdef CONFIG_KVM_ARM_VGIC
/* per IRQ to LR mapping */
@@ -190,6 +205,7 @@ struct vgic_cpu {
/* CPU vif control registers for world switch */
union {
struct vgic_v2_cpu_if   vgic_v2;
+   struct vgic_v3_cpu_if   vgic_v3;
};
 #endif
 };
@@ -224,6 +240,18 @@ bool vgic_handle_mmio(struct kvm_vcpu *vcpu, struct 
kvm_run *run,
 int vgic_v2_probe(struct device_node *vgic_node,
  const struct vgic_ops **ops,
  const struct vgic_params **params);
+#ifdef CONFIG_ARM_GIC_V3
+int vgic_v3_probe(struct device_node *vgic_node,
+ const struct vgic_ops **ops,
+ const struct vgic_params **params);
+#else
+static inline int vgic_v3_probe(struct device_node *vgic_node,
+   const struct vgic_ops **ops,
+   const struct vgic_params **params)
+{
+   return -ENODEV;
+}
+#endif
 
 #else
 static inline int kvm_vgic_hyp_init(void)
diff --git a/virt/kvm/arm/vgic-v3.c b/virt/kvm/arm/vgic-v3.c
new file mode 100644
index 000..f01d446
--- /dev/null
+++ b/virt/kvm/arm/vgic-v3.c
@@ -0,0 +1,231 @@
+/*
+ * Copyright (C) 2013 ARM Limited, All Rights Reserved.
+ * Author: Marc Zyngier 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see 

[GIT PULL] First round of KVM changes for 3.17

[Paolo Bonzini]

The following changes since commit 33b458d276bbdbe28febac0742835002b9f4778d:

  KVM: SVM: Fix CPL export via SS.DPL (2014-06-30 16:45:28 +0200)

are available in the git repository at:

  git://git.kernel.org/pub/scm/virt/kvm/kvm.git tags/for-linus

for you to fetch changes up to 42cbc04fd3b5e3f9b011bf9fa3ce0b3d1e10b58b:

  x86/kvm: Resolve shadow warnings in macro expansion (2014-07-31 16:33:29 
+0200)


These are the x86, MIPS and s390 changes; PPC and ARM will come in a
few days.

MIPS and s390 have little going on this release; just bugfixes, some
small, some larger.

The highlights for x86 are nested VMX improvements (Jan Kiszka), optimizations
for old processor (up to Nehalem, by me and Bandan Das), and a lot of x86
emulator bugfixes (Nadav Amit).

Stephen Rothwell reported a trivial conflict with the tracing branch.


Bandan Das (6):
  KVM: emulate: move init_decode_cache to emulate.c
  KVM: emulate: Remove ctxt->intercept and ctxt->check_perm checks
  KVM: emulate: cleanup decode_modrm
  KVM: emulate: clean up initializations in init_decode_cache
  KVM: emulate: rework seg_override
  KVM: emulate: do not initialize memopp

Chris J Arges (1):
  KVM: vmx: remove duplicate vmx_mpx_supported() prototype

Christian Borntraeger (2):
  KVM: s390: add ipte to trace event decoding
  KVM: s390: Fix memory leak on busy SIGP stop

Cornelia Huck (3):
  KVM: document target of capability enablement
  KVM: s390: document KVM_CAP_S390_IRQCHIP
  KVM: s390: advertise KVM_CAP_S390_IRQCHIP

David Hildenbrand (11):
  KVM: s390: allow only one SIGP STOP (AND STORE STATUS) at a time
  KVM: s390: move finalization of SIGP STOP orders to kvm_s390_vcpu_stop
  KVM: s390: remove __cpu_is_stopped and expose is_vcpu_stopped
  KVM: prepare for KVM_(S|G)ET_MP_STATE on other architectures
  KVM: s390: implement KVM_(S|G)ET_MP_STATE for user space state control
  KVM: s390: cleanup handle_wait by reusing kvm_vcpu_block
  KVM: s390: remove _bh locking from local_int.lock
  KVM: s390: remove _bh locking from start_stop_lock
  KVM: s390: move vcpu wakeup code to a central point
  KVM: s390: remove the tasklet used by the hrtimer
  KVM: s390: rework broken SIGP STOP interrupt handling

Deng-Cheng Zhu (7):
  MIPS: KVM: Reformat code and comments
  MIPS: KVM: Use KVM internal logger
  MIPS: KVM: Simplify functions by removing redundancy
  MIPS: KVM: Remove unneeded volatile
  MIPS: KVM: Rename files to remove the prefix "kvm_" and "kvm_mips_"
  MIPS: KVM: Skip memory cleaning in kvm_mips_commpage_init()
  MIPS: KVM: Remove dead code of TLB index error in kvm_mips_emul_tlbwr()

Fabian Frederick (1):
  arch/x86/kvm/vmx.c: use PAGE_ALIGNED instead of IS_ALIGNED(PAGE_SIZE

James Hogan (3):
  KVM: Document KVM_SET_SIGNAL_MASK as universal
  KVM: Reformat KVM_SET_ONE_REG register documentation
  KVM: MIPS: Document MIPS specifics of KVM API.

Jan Kiszka (10):
  KVM: x86: Fix constant value of VM_{EXIT_SAVE,ENTRY_LOAD}_DEBUG_CONTROLS
  KVM: nVMX: Advertise support for MSR_IA32_VMX_TRUE_*_CTLS
  KVM: nVMX: Allow to disable CR3 access interception
  KVM: nVMX: Fix returned value of MSR_IA32_VMX_PROCBASED_CTLS
  KVM: nVMX: Allow to disable VM_{ENTRY_LOAD,EXIT_SAVE}_DEBUG_CONTROLS
  KVM: nVMX: Fix returned value of MSR_IA32_VMX_VMCS_ENUM
  KVM: nSVM: Do not report CLTS via SVM_EXIT_WRITE_CR0 to L1
  KVM: nSVM: Fix IOIO bitmap evaluation
  KVM: nSVM: Fix IOIO size reported on emulation
  KVM: nSVM: Set correct port for IOIO interception evaluation

Jim Mattson (1):
  KVM: Synthesize G bit for all segments.

Mark D Rustad (1):
  x86/kvm: Resolve shadow warnings in macro expansion

Mark Rustad (2):
  kvm: Resolve missing-field-initializers warnings
  x86/kvm: Resolve shadow warning from min macro

Matthias Lange (1):
  KVM: svm: writes to MSR_K7_HWCR generates GPE in guest

Nadav Amit (32):
  KVM: x86: Mark VEX-prefix instructions emulation as unimplemented
  KVM: x86: Emulator ignores LDTR/TR extended base on LLDT/LTR
  KVM: x86: Loading segments on 64-bit mode may be wrong
  KVM: x86: sgdt and sidt are not privilaged
  KVM: x86: cmpxchg emulation should compare in reverse order
  KVM: x86: movnti minimum op size of 32-bit is not kept
  KVM: x86: rdpmc emulation checks the counter incorrectly
  KVM: x86: Return error on cmpxchg16b emulation
  KVM: x86: smsw emulation is incorrect in 64-bit mode
  KVM: x86: bit-ops emulation ignores offset on 64-bit
  KVM: x86: Wrong emulation on 'xadd X, X'
  KVM: x86: Inter-privilege level ret emulation is not implemeneted
  KVM: x86: emulation of dword cmov on long-mode should clear [63:32]
  KVM: x86: NOP emulation clears (incorrectly) the h

Re: [PATCH v2] KVM: nVMX: nested TPR shadow/threshold emulation

[Wanpeng Li]

Hi Paolo,
On Fri, Aug 01, 2014 at 11:05:13AM +0200, Paolo Bonzini wrote:
>Il 01/08/2014 10:09, Wanpeng Li ha scritto:
>> This patch fix bug https://bugzilla.kernel.org/show_bug.cgi?id=61411
>> 
>> TPR shadow/threshold feature is important to speed up the Windows guest.
>> Besides, it is a must feature for certain VMM.
>> 
>> We map virtual APIC page address and TPR threshold from L1 VMCS. If
>> TPR_BELOW_THRESHOLD VM exit is triggered by L2 guest and L1 interested
>> in, we inject it into L1 VMM for handling.
>> 
>> Signed-off-by: Wanpeng Li 
>> ---
>> v1 -> v2:
>>  * don't take L0's "virtualize APIC accesses" setting into account
>>  * virtual_apic_page do exactly the same thing that is done for 
>> apic_access_page
>>  * add the tpr threshold field to the read-write fields for shadow VMCS
>> 
>>  arch/x86/kvm/vmx.c | 33 +++--
>>  1 file changed, 31 insertions(+), 2 deletions(-)
>> 
>> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
>> index a3845b8..0e6e95e 100644
>> --- a/arch/x86/kvm/vmx.c
>> +++ b/arch/x86/kvm/vmx.c
>> @@ -379,6 +379,7 @@ struct nested_vmx {
>>   * we must keep them pinned while L2 runs.
>>   */
>>  struct page *apic_access_page;
>> +struct page *virtual_apic_page;
>>  u64 msr_ia32_feature_control;
>>  
>>  struct hrtimer preemption_timer;
>> @@ -533,6 +534,7 @@ static int max_shadow_read_only_fields =
>>  ARRAY_SIZE(shadow_read_only_fields);
>>  
>>  static unsigned long shadow_read_write_fields[] = {
>> +TPR_THRESHOLD,
>>  GUEST_RIP,
>>  GUEST_RSP,
>>  GUEST_CR0,
>> @@ -2331,7 +2333,7 @@ static __init void nested_vmx_setup_ctls_msrs(void)
>>  CPU_BASED_MOV_DR_EXITING | CPU_BASED_UNCOND_IO_EXITING |
>>  CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_EXITING |
>>  CPU_BASED_RDPMC_EXITING | CPU_BASED_RDTSC_EXITING |
>> -CPU_BASED_PAUSE_EXITING |
>> +CPU_BASED_PAUSE_EXITING | CPU_BASED_TPR_SHADOW |
>>  CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
>>  /*
>>   * We can allow some features even when not supported by the
>> @@ -6149,6 +6151,10 @@ static void free_nested(struct vcpu_vmx *vmx)
>>  nested_release_page(vmx->nested.apic_access_page);
>>  vmx->nested.apic_access_page = 0;
>>  }
>> +if (vmx->nested.virtual_apic_page) {
>> +nested_release_page(vmx->nested.virtual_apic_page);
>> +vmx->nested.virtual_apic_page = 0;
>> +}
>>  
>>  nested_free_all_saved_vmcss(vmx);
>>  }
>> @@ -6937,7 +6943,7 @@ static bool nested_vmx_exit_handled(struct kvm_vcpu 
>> *vcpu)
>>  case EXIT_REASON_MCE_DURING_VMENTRY:
>>  return 0;
>>  case EXIT_REASON_TPR_BELOW_THRESHOLD:
>> -return 1;
>> +return nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW);
>>  case EXIT_REASON_APIC_ACCESS:
>>  return nested_cpu_has2(vmcs12,
>>  SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
>> @@ -7058,6 +7064,9 @@ static int vmx_handle_exit(struct kvm_vcpu *vcpu)
>>  
>>  static void update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr)
>>  {
>> +if (is_guest_mode(vcpu))
>> +return;
>> +
>>  if (irr == -1 || tpr < irr) {
>>  vmcs_write32(TPR_THRESHOLD, 0);
>>  return;
>> @@ -8025,6 +8034,22 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, 
>> struct vmcs12 *vmcs12)
>>  exec_control &= ~CPU_BASED_VIRTUAL_NMI_PENDING;
>>  exec_control &= ~CPU_BASED_TPR_SHADOW;
>>  exec_control |= vmcs12->cpu_based_vm_exec_control;
>> +
>> +if (exec_control & CPU_BASED_TPR_SHADOW) {
>> +if (vmx->nested.virtual_apic_page)
>> +nested_release_page(vmx->nested.virtual_apic_page);
>> +vmx->nested.virtual_apic_page =
>> +   nested_get_page(vcpu, vmcs12->virtual_apic_page_addr);
>> +if (!vmx->nested.virtual_apic_page)
>> +exec_control &=
>> +~CPU_BASED_TPR_SHADOW;
>
>This will cause L1 to miss exits when L2 writes to CR8.  I think the
>only sensible thing to do if this happens is fail the vmentry.
>
>The problem is that while the APIC access page field is used to trap
>reads/writes to the APIC access page itself, here the processor will
>read/write the virtual APIC page when L2 does CR8 accesses.

How about add this:

+   if (!(exec_control & CPU_BASED_TPR_SHADOW) &&
+   !((exec_control & CPU_BASED_CR8_LOAD_EXITING) &&
+   (exec_control & CPU_BASED_CR8_STORE_EXITING)))
+   nested_vmx_failValid(vcpu, 
VMXERR_ENTRY_INVALID_CONTROL_FIELD);
+

Regards,
Wanpeng Li 

>
>Paolo
>> +else
>> +vmcs_write64(VIRTUAL_APIC_PAGE_ADDR,
>> +page_to_phys(vmx->nested.virtual_apic_page));
>> +
>> +vmcs_write32(TPR_THRESHOLD, vmcs12->tpr_threshold);
>> +}
>> +
>>  /*
>>  

Re: [PATCH v2] KVM: nVMX: nested TPR shadow/threshold emulation

[Paolo Bonzini]

Il 04/08/2014 12:11, Wanpeng Li ha scritto:
> Hi Paolo,
> On Fri, Aug 01, 2014 at 11:05:13AM +0200, Paolo Bonzini wrote:
>> Il 01/08/2014 10:09, Wanpeng Li ha scritto:
>>> This patch fix bug https://bugzilla.kernel.org/show_bug.cgi?id=61411
>>>
>>> TPR shadow/threshold feature is important to speed up the Windows guest.
>>> Besides, it is a must feature for certain VMM.
>>>
>>> We map virtual APIC page address and TPR threshold from L1 VMCS. If
>>> TPR_BELOW_THRESHOLD VM exit is triggered by L2 guest and L1 interested
>>> in, we inject it into L1 VMM for handling.
>>>
>>> Signed-off-by: Wanpeng Li 
>>> ---
>>> v1 -> v2:
>>>  * don't take L0's "virtualize APIC accesses" setting into account
>>>  * virtual_apic_page do exactly the same thing that is done for 
>>> apic_access_page
>>>  * add the tpr threshold field to the read-write fields for shadow VMCS
>>>
>>>  arch/x86/kvm/vmx.c | 33 +++--
>>>  1 file changed, 31 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
>>> index a3845b8..0e6e95e 100644
>>> --- a/arch/x86/kvm/vmx.c
>>> +++ b/arch/x86/kvm/vmx.c
>>> @@ -379,6 +379,7 @@ struct nested_vmx {
>>>  * we must keep them pinned while L2 runs.
>>>  */
>>> struct page *apic_access_page;
>>> +   struct page *virtual_apic_page;
>>> u64 msr_ia32_feature_control;
>>>  
>>> struct hrtimer preemption_timer;
>>> @@ -533,6 +534,7 @@ static int max_shadow_read_only_fields =
>>> ARRAY_SIZE(shadow_read_only_fields);
>>>  
>>>  static unsigned long shadow_read_write_fields[] = {
>>> +   TPR_THRESHOLD,
>>> GUEST_RIP,
>>> GUEST_RSP,
>>> GUEST_CR0,
>>> @@ -2331,7 +2333,7 @@ static __init void nested_vmx_setup_ctls_msrs(void)
>>> CPU_BASED_MOV_DR_EXITING | CPU_BASED_UNCOND_IO_EXITING |
>>> CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_EXITING |
>>> CPU_BASED_RDPMC_EXITING | CPU_BASED_RDTSC_EXITING |
>>> -   CPU_BASED_PAUSE_EXITING |
>>> +   CPU_BASED_PAUSE_EXITING | CPU_BASED_TPR_SHADOW |
>>> CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
>>> /*
>>>  * We can allow some features even when not supported by the
>>> @@ -6149,6 +6151,10 @@ static void free_nested(struct vcpu_vmx *vmx)
>>> nested_release_page(vmx->nested.apic_access_page);
>>> vmx->nested.apic_access_page = 0;
>>> }
>>> +   if (vmx->nested.virtual_apic_page) {
>>> +   nested_release_page(vmx->nested.virtual_apic_page);
>>> +   vmx->nested.virtual_apic_page = 0;
>>> +   }
>>>  
>>> nested_free_all_saved_vmcss(vmx);
>>>  }
>>> @@ -6937,7 +6943,7 @@ static bool nested_vmx_exit_handled(struct kvm_vcpu 
>>> *vcpu)
>>> case EXIT_REASON_MCE_DURING_VMENTRY:
>>> return 0;
>>> case EXIT_REASON_TPR_BELOW_THRESHOLD:
>>> -   return 1;
>>> +   return nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW);
>>> case EXIT_REASON_APIC_ACCESS:
>>> return nested_cpu_has2(vmcs12,
>>> SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
>>> @@ -7058,6 +7064,9 @@ static int vmx_handle_exit(struct kvm_vcpu *vcpu)
>>>  
>>>  static void update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr)
>>>  {
>>> +   if (is_guest_mode(vcpu))
>>> +   return;
>>> +
>>> if (irr == -1 || tpr < irr) {
>>> vmcs_write32(TPR_THRESHOLD, 0);
>>> return;
>>> @@ -8025,6 +8034,22 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, 
>>> struct vmcs12 *vmcs12)
>>> exec_control &= ~CPU_BASED_VIRTUAL_NMI_PENDING;
>>> exec_control &= ~CPU_BASED_TPR_SHADOW;
>>> exec_control |= vmcs12->cpu_based_vm_exec_control;
>>> +
>>> +   if (exec_control & CPU_BASED_TPR_SHADOW) {
>>> +   if (vmx->nested.virtual_apic_page)
>>> +   nested_release_page(vmx->nested.virtual_apic_page);
>>> +   vmx->nested.virtual_apic_page =
>>> +  nested_get_page(vcpu, vmcs12->virtual_apic_page_addr);
>>> +   if (!vmx->nested.virtual_apic_page)
>>> +   exec_control &=
>>> +   ~CPU_BASED_TPR_SHADOW;
>>
>> This will cause L1 to miss exits when L2 writes to CR8.  I think the
>> only sensible thing to do if this happens is fail the vmentry.
>>
>> The problem is that while the APIC access page field is used to trap
>> reads/writes to the APIC access page itself, here the processor will
>> read/write the virtual APIC page when L2 does CR8 accesses.
> 
> How about add this:
> 
> + if (!(exec_control & CPU_BASED_TPR_SHADOW) &&
> + !((exec_control & CPU_BASED_CR8_LOAD_EXITING) &&
> + (exec_control & CPU_BASED_CR8_STORE_EXITING)))
> + nested_vmx_failValid(vcpu, 
> VMXERR_ENTRY_INVALID_CONTROL_FIELD);

Yes, this is not architecturally correct, but I don't see what else we
can do.

Paolo

> 
> Regards,
> Wanpeng Li 
> 
>>
>> Paolo
>>> +   else
>>> +   vmcs_write64(VIRT

Re: [PATCH] arm/arm64: KVM: Support KVM_CAP_READONLY_MEM

[Christoffer Dall]

On Thu, Jul 10, 2014 at 07:42:31AM -0700, Christoffer Dall wrote:
> When userspace loads code and data in a read-only memory regions, KVM
> needs to be able to handle this on arm and arm64.  Specifically this is
> used when running code directly from a read-only flash device; the
> common scenario is a UEFI blob loaded with the -bios option in QEMU.
> 
> To avoid looking through the memslots twice and to reuse the hva error
> checking of gfn_to_hva_prot(), add a new gfn_to_hva_memslot_prot()
> function and refactor gfn_to_hva_prot() to use this function.
> 
> Signed-off-by: Christoffer Dall 
> ---
> Note that if you want to test this with QEMU, you need to update the
> uapi headers.  You can also grab the branch below from my qemu git tree
> with the temporary update headers patch applied on top of Peter
> Maydell's -bios in -M virt support patches:
> 
> git://git.linaro.org/people/christoffer.dall/qemu-arm.git virt-for-uefi
> 

Ping?

-Christoffer
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v3] KVM: nVMX: nested TPR shadow/threshold emulation

[Wanpeng Li]

This patch fix bug https://bugzilla.kernel.org/show_bug.cgi?id=61411

TPR shadow/threshold feature is important to speed up the Windows guest.
Besides, it is a must feature for certain VMM.

We map virtual APIC page address and TPR threshold from L1 VMCS. If
TPR_BELOW_THRESHOLD VM exit is triggered by L2 guest and L1 interested
in, we inject it into L1 VMM for handling.

Signed-off-by: Wanpeng Li 
---
v2 -> v3:
 * nested vm entry failure if both tpr shadow and cr8 exiting bits are not set 
v1 -> v2:
 * don't take L0's "virtualize APIC accesses" setting into account
 * virtual_apic_page do exactly the same thing that is done for apic_access_page
 * add the tpr threshold field to the read-write fields for shadow VMCS

 arch/x86/kvm/vmx.c | 38 --
 1 file changed, 36 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index c604f3c..7a56e2c 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -379,6 +379,7 @@ struct nested_vmx {
 * we must keep them pinned while L2 runs.
 */
struct page *apic_access_page;
+   struct page *virtual_apic_page;
u64 msr_ia32_feature_control;
 
struct hrtimer preemption_timer;
@@ -533,6 +534,7 @@ static int max_shadow_read_only_fields =
ARRAY_SIZE(shadow_read_only_fields);
 
 static unsigned long shadow_read_write_fields[] = {
+   TPR_THRESHOLD,
GUEST_RIP,
GUEST_RSP,
GUEST_CR0,
@@ -2330,7 +2332,7 @@ static __init void nested_vmx_setup_ctls_msrs(void)
CPU_BASED_MOV_DR_EXITING | CPU_BASED_UNCOND_IO_EXITING |
CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_EXITING |
CPU_BASED_RDPMC_EXITING | CPU_BASED_RDTSC_EXITING |
-   CPU_BASED_PAUSE_EXITING |
+   CPU_BASED_PAUSE_EXITING | CPU_BASED_TPR_SHADOW |
CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
/*
 * We can allow some features even when not supported by the
@@ -6148,6 +6150,10 @@ static void free_nested(struct vcpu_vmx *vmx)
nested_release_page(vmx->nested.apic_access_page);
vmx->nested.apic_access_page = 0;
}
+   if (vmx->nested.virtual_apic_page) {
+   nested_release_page(vmx->nested.virtual_apic_page);
+   vmx->nested.virtual_apic_page = 0;
+   }
 
nested_free_all_saved_vmcss(vmx);
 }
@@ -6936,7 +6942,7 @@ static bool nested_vmx_exit_handled(struct kvm_vcpu *vcpu)
case EXIT_REASON_MCE_DURING_VMENTRY:
return 0;
case EXIT_REASON_TPR_BELOW_THRESHOLD:
-   return 1;
+   return nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW);
case EXIT_REASON_APIC_ACCESS:
return nested_cpu_has2(vmcs12,
SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
@@ -7057,6 +7063,9 @@ static int vmx_handle_exit(struct kvm_vcpu *vcpu)
 
 static void update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr)
 {
+   if (is_guest_mode(vcpu))
+   return;
+
if (irr == -1 || tpr < irr) {
vmcs_write32(TPR_THRESHOLD, 0);
return;
@@ -8024,6 +8033,27 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, struct 
vmcs12 *vmcs12)
exec_control &= ~CPU_BASED_VIRTUAL_NMI_PENDING;
exec_control &= ~CPU_BASED_TPR_SHADOW;
exec_control |= vmcs12->cpu_based_vm_exec_control;
+
+   if (exec_control & CPU_BASED_TPR_SHADOW) {
+   if (vmx->nested.virtual_apic_page)
+   nested_release_page(vmx->nested.virtual_apic_page);
+   vmx->nested.virtual_apic_page =
+  nested_get_page(vcpu, vmcs12->virtual_apic_page_addr);
+   if (!vmx->nested.virtual_apic_page)
+   exec_control &=
+   ~CPU_BASED_TPR_SHADOW;
+   else
+   vmcs_write64(VIRTUAL_APIC_PAGE_ADDR,
+   page_to_phys(vmx->nested.virtual_apic_page));
+
+   if (!(exec_control & CPU_BASED_TPR_SHADOW) &&
+   !((exec_control & CPU_BASED_CR8_LOAD_EXITING) &&
+   (exec_control & CPU_BASED_CR8_STORE_EXITING)))
+   nested_vmx_failValid(vcpu, 
VMXERR_ENTRY_INVALID_CONTROL_FIELD);
+
+   vmcs_write32(TPR_THRESHOLD, vmcs12->tpr_threshold);
+   }
+
/*
 * Merging of IO and MSR bitmaps not currently supported.
 * Rather, exit every time.
@@ -8802,6 +8832,10 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, u32 
exit_reason,
nested_release_page(vmx->nested.apic_access_page);
vmx->nested.apic_access_page = 0;
}
+   if (vmx->nested.virtual_apic_page) {
+   nested_release_page(vmx->nested.virtual_apic_page);
+   vmx->nested.virtual_apic_page = 0;
+   }
 
/*
 * Exiting from L2 to L1, w

Re: [PATCH v2] KVM: nVMX: nested TPR shadow/threshold emulation

[Wanpeng Li]

On Mon, Aug 04, 2014 at 12:13:13PM +0200, Paolo Bonzini wrote:
>Il 04/08/2014 12:11, Wanpeng Li ha scritto:
>> Hi Paolo,
>> On Fri, Aug 01, 2014 at 11:05:13AM +0200, Paolo Bonzini wrote:
>>> Il 01/08/2014 10:09, Wanpeng Li ha scritto:
 This patch fix bug https://bugzilla.kernel.org/show_bug.cgi?id=61411

 TPR shadow/threshold feature is important to speed up the Windows guest.
 Besides, it is a must feature for certain VMM.

 We map virtual APIC page address and TPR threshold from L1 VMCS. If
 TPR_BELOW_THRESHOLD VM exit is triggered by L2 guest and L1 interested
 in, we inject it into L1 VMM for handling.

 Signed-off-by: Wanpeng Li 
 ---
 v1 -> v2:
  * don't take L0's "virtualize APIC accesses" setting into account
  * virtual_apic_page do exactly the same thing that is done for 
 apic_access_page
  * add the tpr threshold field to the read-write fields for shadow VMCS

  arch/x86/kvm/vmx.c | 33 +++--
  1 file changed, 31 insertions(+), 2 deletions(-)

 diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
 index a3845b8..0e6e95e 100644
 --- a/arch/x86/kvm/vmx.c
 +++ b/arch/x86/kvm/vmx.c
 @@ -379,6 +379,7 @@ struct nested_vmx {
 * we must keep them pinned while L2 runs.
 */
struct page *apic_access_page;
 +  struct page *virtual_apic_page;
u64 msr_ia32_feature_control;
  
struct hrtimer preemption_timer;
 @@ -533,6 +534,7 @@ static int max_shadow_read_only_fields =
ARRAY_SIZE(shadow_read_only_fields);
  
  static unsigned long shadow_read_write_fields[] = {
 +  TPR_THRESHOLD,
GUEST_RIP,
GUEST_RSP,
GUEST_CR0,
 @@ -2331,7 +2333,7 @@ static __init void nested_vmx_setup_ctls_msrs(void)
CPU_BASED_MOV_DR_EXITING | CPU_BASED_UNCOND_IO_EXITING |
CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_EXITING |
CPU_BASED_RDPMC_EXITING | CPU_BASED_RDTSC_EXITING |
 -  CPU_BASED_PAUSE_EXITING |
 +  CPU_BASED_PAUSE_EXITING | CPU_BASED_TPR_SHADOW |
CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
/*
 * We can allow some features even when not supported by the
 @@ -6149,6 +6151,10 @@ static void free_nested(struct vcpu_vmx *vmx)
nested_release_page(vmx->nested.apic_access_page);
vmx->nested.apic_access_page = 0;
}
 +  if (vmx->nested.virtual_apic_page) {
 +  nested_release_page(vmx->nested.virtual_apic_page);
 +  vmx->nested.virtual_apic_page = 0;
 +  }
  
nested_free_all_saved_vmcss(vmx);
  }
 @@ -6937,7 +6943,7 @@ static bool nested_vmx_exit_handled(struct kvm_vcpu 
 *vcpu)
case EXIT_REASON_MCE_DURING_VMENTRY:
return 0;
case EXIT_REASON_TPR_BELOW_THRESHOLD:
 -  return 1;
 +  return nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW);
case EXIT_REASON_APIC_ACCESS:
return nested_cpu_has2(vmcs12,
SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
 @@ -7058,6 +7064,9 @@ static int vmx_handle_exit(struct kvm_vcpu *vcpu)
  
  static void update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr)
  {
 +  if (is_guest_mode(vcpu))
 +  return;
 +
if (irr == -1 || tpr < irr) {
vmcs_write32(TPR_THRESHOLD, 0);
return;
 @@ -8025,6 +8034,22 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, 
 struct vmcs12 *vmcs12)
exec_control &= ~CPU_BASED_VIRTUAL_NMI_PENDING;
exec_control &= ~CPU_BASED_TPR_SHADOW;
exec_control |= vmcs12->cpu_based_vm_exec_control;
 +
 +  if (exec_control & CPU_BASED_TPR_SHADOW) {
 +  if (vmx->nested.virtual_apic_page)
 +  nested_release_page(vmx->nested.virtual_apic_page);
 +  vmx->nested.virtual_apic_page =
 + nested_get_page(vcpu, vmcs12->virtual_apic_page_addr);
 +  if (!vmx->nested.virtual_apic_page)
 +  exec_control &=
 +  ~CPU_BASED_TPR_SHADOW;
>>>
>>> This will cause L1 to miss exits when L2 writes to CR8.  I think the
>>> only sensible thing to do if this happens is fail the vmentry.
>>>
>>> The problem is that while the APIC access page field is used to trap
>>> reads/writes to the APIC access page itself, here the processor will
>>> read/write the virtual APIC page when L2 does CR8 accesses.
>> 
>> How about add this:
>> 
>> +if (!(exec_control & CPU_BASED_TPR_SHADOW) &&
>> +!((exec_control & CPU_BASED_CR8_LOAD_EXITING) &&
>> +(exec_control & CPU_BASED_CR8_STORE_EXITING)))
>> +nested_vmx_failValid(vcpu, 
>> VMXERR_ENTRY_INVALID_CONTROL_FIELD);
>
>Yes, this is not architecturally correct, but I don't see what else w

[RFC PATCH] ARM: KVM: add irqfd support

[Eric Auger]

This patch enables irqfd on ARM.

irqfd framework enables to inject a virtual IRQ into a guest upon an
eventfd trigger. User-side uses KVM_IRQFD VM ioctl to provide KVM with
a kvm_irqfd struct that associates a VM, an eventfd, an IRQ number
(aka. the gsi). When an actor signals the eventfd (typically a VFIO
platform driver), the kvm irqfd subsystem injects the provided virtual
IRQ into the guest.

The gsi must correspond to a shared peripheral interrupt (SPI), ie the
GIC interrupt ID is gsi+32.

CONFIG_HAVE_KVM_EVENTFD and CONFIG_HAVE_KVM_IRQFD are turned on.

No IRQ routing table is used thanks to Paul Mackerras' patch serie:
"IRQFD without IRQ routing, enabled for XICS"
(https://www.mail-archive.com/kvm@vger.kernel.org/msg104478.html)

Signed-off-by: Eric Auger 

---

This patch would deprecate the previous patch featuring GSI routing
(https://patches.linaro.org/32261/)

irqchip.c and irq_comm.c are not used at all.

This RFC applies on top of Christoffer Dall's serie
arm/arm64: KVM: Various VGIC cleanups and improvements
https://lists.cs.columbia.edu/pipermail/kvmarm/2014-June/009979.html

All pieces can be found on git://git.linaro.org/people/eric.auger/linux.git
branch irqfd_integ_v4

This work was tested with Calxeda Midway xgmac main interrupt with
qemu-system-arm and QEMU VFIO platform device.
---
 Documentation/virtual/kvm/api.txt |  5 +++-
 arch/arm/include/uapi/asm/kvm.h   |  3 +++
 arch/arm/kvm/Kconfig  |  3 ++-
 arch/arm/kvm/Makefile |  2 +-
 arch/arm/kvm/irq.h| 25 ++
 virt/kvm/arm/vgic.c   | 54 ---
 6 files changed, 85 insertions(+), 7 deletions(-)
 create mode 100644 arch/arm/kvm/irq.h

diff --git a/Documentation/virtual/kvm/api.txt 
b/Documentation/virtual/kvm/api.txt
index 0fe3649..04310d9 100644
--- a/Documentation/virtual/kvm/api.txt
+++ b/Documentation/virtual/kvm/api.txt
@@ -2132,7 +2132,7 @@ into the hash PTE second double word).
 4.75 KVM_IRQFD
 
 Capability: KVM_CAP_IRQFD
-Architectures: x86 s390
+Architectures: x86 s390 arm
 Type: vm ioctl
 Parameters: struct kvm_irqfd (in)
 Returns: 0 on success, -1 on error
@@ -2158,6 +2158,9 @@ Note that closing the resamplefd is not sufficient to 
disable the
 irqfd.  The KVM_IRQFD_FLAG_RESAMPLE is only necessary on assignment
 and need not be specified with KVM_IRQFD_FLAG_DEASSIGN.
 
+On ARM/arm64 the injected must be a shared peripheral interrupt (SPI).
+This means the programmed GIC interrupt ID is gsi+32.
+
 4.76 KVM_PPC_ALLOCATE_HTAB
 
 Capability: KVM_CAP_PPC_ALLOC_HTAB
diff --git a/arch/arm/include/uapi/asm/kvm.h b/arch/arm/include/uapi/asm/kvm.h
index e6ebdd3..3034c66 100644
--- a/arch/arm/include/uapi/asm/kvm.h
+++ b/arch/arm/include/uapi/asm/kvm.h
@@ -194,6 +194,9 @@ struct kvm_arch_memory_slot {
 /* Highest supported SPI, from VGIC_NR_IRQS */
 #define KVM_ARM_IRQ_GIC_MAX127
 
+/* One single KVM irqchip, ie. the VGIC */
+#define KVM_NR_IRQCHIPS  1
+
 /* PSCI interface */
 #define KVM_PSCI_FN_BASE   0x95c1ba5e
 #define KVM_PSCI_FN(n) (KVM_PSCI_FN_BASE + (n))
diff --git a/arch/arm/kvm/Kconfig b/arch/arm/kvm/Kconfig
index 4be5bb1..7800261 100644
--- a/arch/arm/kvm/Kconfig
+++ b/arch/arm/kvm/Kconfig
@@ -24,6 +24,7 @@ config KVM
select KVM_MMIO
select KVM_ARM_HOST
depends on ARM_VIRT_EXT && ARM_LPAE && !CPU_BIG_ENDIAN
+   select HAVE_KVM_EVENTFD
---help---
  Support hosting virtualized guest machines. You will also
  need to select one or more of the processor modules below.
@@ -55,7 +56,7 @@ config KVM_ARM_MAX_VCPUS
 config KVM_ARM_VGIC
bool "KVM support for Virtual GIC"
depends on KVM_ARM_HOST && OF
-   select HAVE_KVM_IRQCHIP
+   select HAVE_KVM_IRQFD
default y
---help---
  Adds support for a hardware assisted, in-kernel GIC emulation.
diff --git a/arch/arm/kvm/Makefile b/arch/arm/kvm/Makefile
index 789bca9..2fa2f82 100644
--- a/arch/arm/kvm/Makefile
+++ b/arch/arm/kvm/Makefile
@@ -15,7 +15,7 @@ AFLAGS_init.o := -Wa,-march=armv7-a$(plus_virt)
 AFLAGS_interrupts.o := -Wa,-march=armv7-a$(plus_virt)
 
 KVM := ../../../virt/kvm
-kvm-arm-y = $(KVM)/kvm_main.o $(KVM)/coalesced_mmio.o
+kvm-arm-y = $(KVM)/kvm_main.o $(KVM)/coalesced_mmio.o $(KVM)/eventfd.o
 
 obj-y += kvm-arm.o init.o interrupts.o
 obj-y += arm.o handle_exit.o guest.o mmu.o emulate.o reset.o
diff --git a/arch/arm/kvm/irq.h b/arch/arm/kvm/irq.h
new file mode 100644
index 000..1275d91
--- /dev/null
+++ b/arch/arm/kvm/irq.h
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2014 Linaro Ltd.
+ * Authors: Eric Auger 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License, version 2, as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty 

Re: [PATCH] arm64: KVM: export current vcpu->pause state via pseudo regs

[Christoffer Dall]

On Fri, Aug 01, 2014 at 10:48:36AM +0100, Alex Bennée wrote:
> 
> Christoffer Dall writes:
> 
> > On Thu, Jul 31, 2014 at 05:45:28PM +0100, Peter Maydell wrote:
> >> On 31 July 2014 17:38, Christoffer Dall  
> >> wrote:
> >> >> > If we are not complaining when setting the pause value to false if it
> >> >> > was true before, then we probably also need to wake up the thread in
> >> >> > case this is called from another thread, right?
> >> >> >
> >> >> > or perhaps we should just return an error if you're trying to 
> >> >> > un-pause a
> >> >> > CPU through this interface, h.
> >> >>
> >> >> Wouldn't it be an error to mess with any register when the system is not
> >> >> in a quiescent state? I was assuming that the wake state is dealt with
> >> >> when the run loop finally restarts.
> >> >>
> >> >
> >> > The ABI doesn't really define it as an error (the ABI doesn't enforce
> >> > anything right now) so the question is, does it ever make sense to clear
> >> > the pause flag through this ioctl?  If not, I think we should just err
> >> > on the side of caution and specify in the docs that this is not
> >> > supported and return an error.
> >> 
> >> Consider the case where the reset state of the system is
> >> "CPU 0 running, CPUs 1..N stopped", and we're doing an
> >> incoming migration to a state where all CPUs are running.
> >> In that case we'll be using this ioctl to clear the pause flag,
> >> right? (We'll also obviously need to set the PC and other
> >> register state correctly before resuming the guest.)
> >> 
> > Doh, you're right, I somehow had it in my mind that when you send the
> > thread a signal, the pause flag would be cleared, but that goes against
> > the whole idea of a CPU being turned off for KVM.
> >
> > But wouldn't we then have to also wake up the thread when clearing the
> > pause flag?  It feels strange that the ioctl can clear the pause flag,
> > but keep the thread on a wake-queue, and then userspace has to send the
> > thread a signal of some sort to wake it up?
> 
> 
> Isn't the vCPU off the wait-queue by definition if the ioctl exits and
> you go through the KVM_SET_ONE_REG stuff?
> 
> Once you re-enter the KVM_RUN ioctl it sees the pause_flag as cleared
> and falls straight through into kvm_guest_enter() otherwise it will
> again wait on wait_event_interruptible(*wq, !vcpu->arch.pause).
> 
Yeah, you're right, I forgot we grab the vcpu->mutex.

-Christoffer
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] arm64: KVM: export current vcpu->pause state via pseudo regs

[Christoffer Dall]

On Fri, Aug 01, 2014 at 10:11:52AM +0100, Alex Bennée wrote:
> 
> Christoffer Dall writes:
> 
> > On Thu, Jul 31, 2014 at 04:14:51PM +0100, Alex Bennée wrote:
> >> 
> >> Christoffer Dall writes:
> >> 
> >> > On Wed, Jul 09, 2014 at 02:55:12PM +0100, Alex Bennée wrote:
> >> >> To cleanly restore an SMP VM we need to ensure that the current pause
> >> >> state of each vcpu is correctly recorded. Things could get confused if
> >> >> the CPU starts running after migration restore completes when it was
> >> >> paused before it state was captured.
> >> >> 
> >> 
> >> >> +/* Power state (PSCI), not real registers */
> >> >> +#define KVM_REG_ARM_PSCI   (0x0014 << 
> >> >> KVM_REG_ARM_COPROC_SHIFT)
> >> >> +#define KVM_REG_ARM_PSCI_REG(n) \
> >> >> +   (KVM_REG_ARM64 | KVM_REG_SIZE_U64 | KVM_REG_ARM_PSCI | \
> >> >> + (n & ~KVM_REG_ARM_COPROC_MASK))
> >> >
> >> > I don't understand this mask, why isn't this
> >> > (n & 0x))
> >> 
> >> I was trying to use the existing masks, but of course if anyone changes
> >> that it would be an ABI change so probably not worth it.
> >> 
> >
> > the KVM_REG_ARM_COPROC_MASK is part of the uapi IIRC, so that's not the
> > issue, but that mask doesn't cover all the upper bits, so it feels weird
> > to use that to me.
> 
> Yeah I missed that. I could do a:
> 
> #define KVM_REG_ARM_COPROC_INDEX_MASK   ((1< 
> and use that. I'm generally try to avoid hardcoded numbers but I could
> be being a little OCD here ;-)
> 
> >> > Can you add the 32-bit counterpart as part of this patch?
> >> 
> >> Same patch? Sure.
> >
> > really up to you if you want to split it up into two patches, but I
> > think it's small enough that you can just create one patch.
> 
> Given the similarity of this code between arm and arm64 I'm wondering if
> it's worth doing a arch/arm/kvm/guest_common.c or something to reduce
> the amount of copy paste stuff?
> 
We've gotten by without it so far.  I fear we end up with a bunch of
complications due to differences in sizeof(unsigned long) etc., but I
may be wrong.

The amount of code that is copied should be trivial boilerplate stuff,
but if you think it's worth unifying, then I'd be happy to review the
patch.

Thanks,
-Christoffer
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] arm64: KVM: export current vcpu->pause state via pseudo regs

[Christoffer Dall]

On Thu, Jul 31, 2014 at 07:21:44PM +0200, Paolo Bonzini wrote:
> Il 31/07/2014 19:04, Peter Maydell ha scritto:
> > On 31 July 2014 17:57, Paolo Bonzini  wrote:
> >> Il 09/07/2014 15:55, Alex Bennée ha scritto:
> >>> To cleanly restore an SMP VM we need to ensure that the current pause
> >>> state of each vcpu is correctly recorded. Things could get confused if
> >>> the CPU starts running after migration restore completes when it was
> >>> paused before it state was captured.
> >>>
> >>> I've done this by exposing a register (currently only 1 bit used) via
> >>> the GET/SET_ONE_REG logic to pass the state between KVM and the VM
> >>> controller (e.g. QEMU).
> >>>
> >>> Signed-off-by: Alex Bennée 
> >>> ---
> >>>  arch/arm64/include/uapi/asm/kvm.h |  8 +
> >>>  arch/arm64/kvm/guest.c| 61 
> >>> ++-
> >>>  2 files changed, 68 insertions(+), 1 deletion(-)
> >>
> >> Since it's a pseudo register anyway, would it make sense to use the
> >> existing KVM_GET/SET_MP_STATE ioctl interface?
> > 
> > That appears to be an x86-specific thing relating to
> > IRQ chips.
> 
> No, it's not.  It's just the state of the CPU, s390 will be using it too.
> 
> On x86 the states are uninitialized (UNINITIALIZED), stopped
> (INIT_RECEIVED), running (RUNNABLE), halted (HALTED).  CPU 0 starts in
> RUNNABLE state, other CPUs start in UNINITIALIZED state.  There are
> x86-specific cases (uninitialized) and x86-isms (the INIT_RECEIVED
> name), but the idea is widely applicable.
> 
Alex, I think it makes perfect sense to use GET/SET_MP_STATE, will you
revise the patch?

(Don't forget to update the documentation to reflect it is now supported
on ARM, and which states are used to represent what there.)

Thanks,
-Christoffer
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] arm64: KVM: export current vcpu->pause state via pseudo regs

[Alex Bennée]

Christoffer Dall writes:

> On Thu, Jul 31, 2014 at 07:21:44PM +0200, Paolo Bonzini wrote:
>> Il 31/07/2014 19:04, Peter Maydell ha scritto:
>> > On 31 July 2014 17:57, Paolo Bonzini  wrote:
>> >> Il 09/07/2014 15:55, Alex Bennée ha scritto:

>> 
>> No, it's not.  It's just the state of the CPU, s390 will be using it too.
>> 
>> On x86 the states are uninitialized (UNINITIALIZED), stopped
>> (INIT_RECEIVED), running (RUNNABLE), halted (HALTED).  CPU 0 starts in
>> RUNNABLE state, other CPUs start in UNINITIALIZED state.  There are
>> x86-specific cases (uninitialized) and x86-isms (the INIT_RECEIVED
>> name), but the idea is widely applicable.
>> 
> Alex, I think it makes perfect sense to use GET/SET_MP_STATE, will you
> revise the patch?

I agree we should use the API that is explicitly for this so I'm looking
at re-doing the patch now.

>
> (Don't forget to update the documentation to reflect it is now supported
> on ARM, and which states are used to represent what there.)
>
> Thanks,
> -Christoffer

-- 
Alex Bennée
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [RFC][PATCH] kvm: x86: fix stale mmio cache bug

[Paolo Bonzini]

Il 02/08/2014 06:15, Xiao Guangrong ha scritto:
> I prefer to also caching the spte’s generation number, then check the number
> in quickly_check_mmio_pf().

I agree, thanks Xiao for the review and David for the report!

Paolo
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 2/2] KVM: nVMX: fix acknowledge interrupt on exit when APICv is in use

[Paolo Bonzini]

Il 01/08/2014 10:12, Wanpeng Li ha scritto:
> +int kvm_lapic_ack_apicv(struct kvm_vcpu *vcpu)
> +{
> + struct kvm_lapic *apic = vcpu->arch.apic;
> + int vec;
> +
> + vec = kvm_apic_has_interrupt(vcpu);
> +
> + if (vec == -1)
> + return vec;
> +
> + apic_set_vector(vec, apic->regs + APIC_ISR);
> + apic_update_ppr(apic);
> + apic_clear_vector(vec, apic->regs + APIC_IRR);
> +
> + return vec;
> +}
> +EXPORT_SYMBOL_GPL(kvm_lapic_ack_apicv);

I would prefer reusing kvm_get_apic_interrupt here (by modifying
kvm_cpu_get_interrupt, apic_set_isr and apic_clear_irr) as I had
sketched in the previous version of the patches.

There is no reason for kvm_cpu_get_interrupt to return -1 if virtual
interrupt delivery is enabled.

Paolo
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 1/2] KVM: nVMX: Fix nested vmexit ack intr before load vmcs01

[Paolo Bonzini]

Il 01/08/2014 10:12, Wanpeng Li ha scritto:
> External interrupt will cause L1 vmexit w/ reason external interrupt when L2 
> is 
> running. Then L1 will pick up the interrupt through vmcs12 if L1 set the ack 
> interrupt bit. Commit 77b0f5d (KVM: nVMX: Ack and write vector info to 
> intr_info
> if L1 asks us to) get intr that belongs to L1 before load vmcs01 which is 
> wrong, 
> especially this lead to the obvious L1 ack APICv behavior weired since APICv 
> is for L1 instead of L2. This patch fix it by ack intr after load vmcs01.
> 
> Signed-off-by: Wanpeng Li 
> ---
>  arch/x86/kvm/vmx.c | 16 
>  1 file changed, 8 insertions(+), 8 deletions(-)
> 
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index e618f34..b8122b3 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -8754,14 +8754,6 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, 
> u32 exit_reason,
>   prepare_vmcs12(vcpu, vmcs12, exit_reason, exit_intr_info,
>  exit_qualification);
>  
> - if ((exit_reason == EXIT_REASON_EXTERNAL_INTERRUPT)
> - && nested_exit_intr_ack_set(vcpu)) {
> - int irq = kvm_cpu_get_interrupt(vcpu);
> - WARN_ON(irq < 0);
> - vmcs12->vm_exit_intr_info = irq |
> - INTR_INFO_VALID_MASK | INTR_TYPE_EXT_INTR;
> - }
> -
>   trace_kvm_nested_vmexit_inject(vmcs12->vm_exit_reason,
>  vmcs12->exit_qualification,
>  vmcs12->idt_vectoring_info_field,
> @@ -8771,6 +8763,14 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, 
> u32 exit_reason,
>  
>   vmx_load_vmcs01(vcpu);
>  
> + if ((exit_reason == EXIT_REASON_EXTERNAL_INTERRUPT)
> + && nested_exit_intr_ack_set(vcpu)) {
> + int irq = kvm_cpu_get_interrupt(vcpu);
> + WARN_ON(irq < 0);
> + vmcs12->vm_exit_intr_info = irq |
> + INTR_INFO_VALID_MASK | INTR_TYPE_EXT_INTR;
> + }
> +
>   vm_entry_controls_init(vmx, vmcs_read32(VM_ENTRY_CONTROLS));
>   vm_exit_controls_init(vmx, vmcs_read32(VM_EXIT_CONTROLS));
>   vmx_segment_cache_clear(vmx);
> 

Reviewed-by: Paolo Bonzini 

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v3] KVM: nVMX: nested TPR shadow/threshold emulation

[Paolo Bonzini]

Il 04/08/2014 12:58, Wanpeng Li ha scritto:
> This patch fix bug https://bugzilla.kernel.org/show_bug.cgi?id=61411
> 
> TPR shadow/threshold feature is important to speed up the Windows guest.
> Besides, it is a must feature for certain VMM.
> 
> We map virtual APIC page address and TPR threshold from L1 VMCS. If
> TPR_BELOW_THRESHOLD VM exit is triggered by L2 guest and L1 interested
> in, we inject it into L1 VMM for handling.
> 
> Signed-off-by: Wanpeng Li 
> ---
> v2 -> v3:
>  * nested vm entry failure if both tpr shadow and cr8 exiting bits are not 
> set 
> v1 -> v2:
>  * don't take L0's "virtualize APIC accesses" setting into account
>  * virtual_apic_page do exactly the same thing that is done for 
> apic_access_page
>  * add the tpr threshold field to the read-write fields for shadow VMCS
> 
>  arch/x86/kvm/vmx.c | 38 --
>  1 file changed, 36 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index c604f3c..7a56e2c 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -379,6 +379,7 @@ struct nested_vmx {
>* we must keep them pinned while L2 runs.
>*/
>   struct page *apic_access_page;
> + struct page *virtual_apic_page;
>   u64 msr_ia32_feature_control;
>  
>   struct hrtimer preemption_timer;
> @@ -533,6 +534,7 @@ static int max_shadow_read_only_fields =
>   ARRAY_SIZE(shadow_read_only_fields);
>  
>  static unsigned long shadow_read_write_fields[] = {
> + TPR_THRESHOLD,
>   GUEST_RIP,
>   GUEST_RSP,
>   GUEST_CR0,
> @@ -2330,7 +2332,7 @@ static __init void nested_vmx_setup_ctls_msrs(void)
>   CPU_BASED_MOV_DR_EXITING | CPU_BASED_UNCOND_IO_EXITING |
>   CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_EXITING |
>   CPU_BASED_RDPMC_EXITING | CPU_BASED_RDTSC_EXITING |
> - CPU_BASED_PAUSE_EXITING |
> + CPU_BASED_PAUSE_EXITING | CPU_BASED_TPR_SHADOW |
>   CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
>   /*
>* We can allow some features even when not supported by the
> @@ -6148,6 +6150,10 @@ static void free_nested(struct vcpu_vmx *vmx)
>   nested_release_page(vmx->nested.apic_access_page);
>   vmx->nested.apic_access_page = 0;
>   }
> + if (vmx->nested.virtual_apic_page) {
> + nested_release_page(vmx->nested.virtual_apic_page);
> + vmx->nested.virtual_apic_page = 0;
> + }
>  
>   nested_free_all_saved_vmcss(vmx);
>  }
> @@ -6936,7 +6942,7 @@ static bool nested_vmx_exit_handled(struct kvm_vcpu 
> *vcpu)
>   case EXIT_REASON_MCE_DURING_VMENTRY:
>   return 0;
>   case EXIT_REASON_TPR_BELOW_THRESHOLD:
> - return 1;
> + return nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW);
>   case EXIT_REASON_APIC_ACCESS:
>   return nested_cpu_has2(vmcs12,
>   SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
> @@ -7057,6 +7063,9 @@ static int vmx_handle_exit(struct kvm_vcpu *vcpu)
>  
>  static void update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr)
>  {
> + if (is_guest_mode(vcpu))
> + return;
> +
>   if (irr == -1 || tpr < irr) {
>   vmcs_write32(TPR_THRESHOLD, 0);
>   return;
> @@ -8024,6 +8033,27 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, 
> struct vmcs12 *vmcs12)
>   exec_control &= ~CPU_BASED_VIRTUAL_NMI_PENDING;
>   exec_control &= ~CPU_BASED_TPR_SHADOW;
>   exec_control |= vmcs12->cpu_based_vm_exec_control;
> +
> + if (exec_control & CPU_BASED_TPR_SHADOW) {
> + if (vmx->nested.virtual_apic_page)
> + nested_release_page(vmx->nested.virtual_apic_page);
> + vmx->nested.virtual_apic_page =
> +nested_get_page(vcpu, vmcs12->virtual_apic_page_addr);
> + if (!vmx->nested.virtual_apic_page)
> + exec_control &=
> + ~CPU_BASED_TPR_SHADOW;
> + else
> + vmcs_write64(VIRTUAL_APIC_PAGE_ADDR,
> + page_to_phys(vmx->nested.virtual_apic_page));
> +
> + if (!(exec_control & CPU_BASED_TPR_SHADOW) &&
> + !((exec_control & CPU_BASED_CR8_LOAD_EXITING) &&
> + (exec_control & CPU_BASED_CR8_STORE_EXITING)))
> + nested_vmx_failValid(vcpu, 
> VMXERR_ENTRY_INVALID_CONTROL_FIELD);
> +
> + vmcs_write32(TPR_THRESHOLD, vmcs12->tpr_threshold);
> + }
> +
>   /*
>* Merging of IO and MSR bitmaps not currently supported.
>* Rather, exit every time.
> @@ -8802,6 +8832,10 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, 
> u32 exit_reason,
>   nested_release_page(vmx->nested.apic_access_page);
>   vmx->nested.apic_access_page = 0;
>   }
> + if (vmx->nested.virtual_apic_page) {
> + nested_rel

On vacation next week

[Paolo Bonzini]

I will be on vacation next week.  I don't expect any big problems since
I'll send the ARM and PPC patches to Linus no later than Thursday.

I will not merge any more x86 patches for the merge window.

Paolo

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v2 09/10] target-arm/kvm.c: better error reporting

[Peter Maydell]

On 10 July 2014 16:50, Alex Bennée  wrote:
> From: Alex Bennée 
>
> When we have a problem syncing CP registers between kvm<->qemu it's a
> lot more useful to have the names of the registers in the log than just
> a random abort() and core dump.
>
> Signed-off-by: Alex Bennée 

No particular objection but it seems out of place in this patchset.

-- PMM
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v2 10/10] target-arm/kvm: make reg sync code common between kvm32/64

[Peter Maydell]

On 10 July 2014 16:50, Alex Bennée  wrote:
> Before we launch a guest we query KVM for the list of "co-processor"
> registers it knows about which is used later for save/restore of machine
> state. The logic is identical for both 32-bit and 64-bit so I've moved
> it all into the common code and simplified the exit paths (as failure =>
> exit).
>
> This list may well have more registers than are known by the TCG
> emulation which is not necessarily a problem but it does stop us from
> migrating between KVM and TCG hosted guests. I've added some additional
> checking to report those registers under -d unimp.
>
> Signed-off-by: Alex Bennée 

This definitely shouldn't be in this patchset...

thanks
-- PMM
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v2] vhost: Add polling mode

[Michael S. Tsirkin]

On Thu, Jul 31, 2014 at 02:50:00PM +0300, Razya Ladelsky wrote:
> Resubmitting the patch in: http://marc.info/?l=kvm&m=140594903520308&w=2
> after fixing the whitespaces issues.
> Thank you,
> Razya
>   
> >From f293e470b36ff9eb4910540c620315c418e4a8fc Mon Sep 17 00:00:00 2001

Above should come after --- below so git will ignore it.

> From: Razya Ladelsky 
> Date: Thu, 31 Jul 2014 09:47:20 +0300
> Subject: [PATCH] vhost: Add polling mode
> 
> Add an optional polling mode to continuously poll the virtqueues
> for new buffers, and avoid asking the guest to kick us.
> 
> Signed-off-by: Razya Ladelsky 

Pls include performance data with the submission next time.


> ---
>  drivers/vhost/net.c   |6 +-
>  drivers/vhost/scsi.c  |6 +-
>  drivers/vhost/vhost.c |  245 
> +++--
>  drivers/vhost/vhost.h |   38 +++-
>  4 files changed, 277 insertions(+), 18 deletions(-)


Please resubmit, copying all maintainer addresses for vhost.
Get them from MAINTAINERS.

-- 
MST
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v3] arm64: fix VTTBR_BADDR_MASK

[Joel Schopp]

The current VTTBR_BADDR_MASK only masks 39 bits, which is broken on current
systems.  Rather than just add a bit it seems like a good time to also set
things at run-time instead of compile time to accomodate more hardware.

This patch sets TCR_EL2.PS, VTCR_EL2.T0SZ and vttbr_baddr_mask in runtime,
not compile time.

In ARMv8, EL2 physical address size (TCR_EL2.PS) and stage2 input address
size (VTCR_EL2.T0SZE) cannot be determined in compile time since they
depends on hardware capability.

According to Table D4-23 and Table D4-25 in ARM DDI 0487A.b document,
vttbr_x is calculated using different hard-coded values with consideration
of T0SZ, granule size and the level of translation tables. Therefore,
vttbr_baddr_mask should be determined dynamically.

Changes since v2:
Rebased on https://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git 
next branch

Changes since v1:
Rebased fix on Jungseok Lee's patch https://lkml.org/lkml/2014/5/12/189 to
provide better long term fix.  Updated that patch to log error instead of
silently fail on unaligned vttbr.

Cc: Christoffer Dall 
Cc: Sungjinn Chung 
Signed-off-by: Jungseok Lee 
Signed-off-by: Joel Schopp 
---
 arch/arm/kvm/arm.c   |   91 +-
 arch/arm64/include/asm/kvm_arm.h |   17 +--
 arch/arm64/kvm/hyp-init.S|   20 ++--
 3 files changed, 106 insertions(+), 22 deletions(-)

diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c
index d7424ef..d7ca2f5 100644
--- a/arch/arm/kvm/arm.c
+++ b/arch/arm/kvm/arm.c
@@ -37,6 +37,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -61,6 +62,9 @@ static atomic64_t kvm_vmid_gen = ATOMIC64_INIT(1);
 static u8 kvm_next_vmid;
 static DEFINE_SPINLOCK(kvm_vmid_lock);
 
+/* VTTBR mask cannot be determined in complie time under ARMv8 */
+static u64 vttbr_baddr_mask;
+
 static bool vgic_present;
 
 static void kvm_arm_set_running_vcpu(struct kvm_vcpu *vcpu)
@@ -376,6 +380,75 @@ static bool need_new_vmid_gen(struct kvm *kvm)
 }
 
 /**
+ * set_vttbr_baddr_mask - set mask value for vttbr base address
+ *
+ * In ARMv8, vttbr_baddr_mask cannot be determined in compile time since stage2
+ * input address size depends on hardware capability. Thus, it is needed to 
read
+ * ID_AA64MMFR0_EL1.PARange first and then set vttbr_baddr_mask with
+ * consideration of both granule size and the level of translation tables.
+ */
+static int set_vttbr_baddr_mask(void)
+{
+#ifndef CONFIG_ARM64
+   vttbr_baddr_mask = VTTBR_BADDR_MASK;
+#else
+   int pa_range, t0sz, vttbr_x;
+
+   pa_range = read_cpuid(ID_AA64MMFR0_EL1) & 0xf;
+
+   switch (pa_range) {
+   case 0:
+   t0sz = VTCR_EL2_T0SZ(32);
+   break;
+   case 1:
+   t0sz = VTCR_EL2_T0SZ(36);
+   break;
+   case 2:
+   t0sz = VTCR_EL2_T0SZ(40);
+   break;
+   case 3:
+   t0sz = VTCR_EL2_T0SZ(42);
+   break;
+   case 4:
+   t0sz = VTCR_EL2_T0SZ(44);
+   break;
+   default:
+   t0sz = VTCR_EL2_T0SZ(48);
+   }
+
+   /*
+* See Table D4-23 and Table D4-25 in ARM DDI 0487A.b to figure out
+* the origin of the hardcoded values, 38 and 37.
+*/
+#ifdef CONFIG_ARM64_64K_PAGES
+   /*
+* 16 <= T0SZ <= 21 is valid under 3 level of translation tables
+* 18 <= T0SZ <= 34 is valid under 2 level of translation tables
+* 31 <= T0SZ <= 39 is valid under 1 level of transltaion tables
+*/
+   if (t0sz <= 17) {
+   kvm_err("Cannot support %d-bit address space\n", 64 - t0sz);
+   return -EINVAL;
+   }
+   vttbr_x = 38 - t0sz;
+#else
+   /*
+* 16 <= T0SZ <= 24 is valid under 4 level of translation tables
+* 21 <= T0SZ <= 30 is valid under 3 level of translation tables
+* 30 <= T0SZ <= 39 is valid under 2 level of translation tables
+*/
+   if (t0sz <= 20) {
+   kvm_err("Cannot support %d-bit address space\n", 64 - t0sz);
+   return -EINVAL;
+   }
+   vttbr_x = 37 - t0sz;
+#endif
+   vttbr_baddr_mask = (((1LLU << (48 - vttbr_x)) - 1) << (vttbr_x - 1));
+#endif
+   return 0;
+}
+
+/**
  * update_vttbr - Update the VTTBR with a valid VMID before the guest runs
  * @kvmThe guest that we are about to run
  *
@@ -429,8 +502,16 @@ static void update_vttbr(struct kvm *kvm)
/* update vttbr to be used with the new vmid */
pgd_phys = virt_to_phys(kvm->arch.pgd);
vmid = ((u64)(kvm->arch.vmid) << VTTBR_VMID_SHIFT) & VTTBR_VMID_MASK;
-   kvm->arch.vttbr = pgd_phys & VTTBR_BADDR_MASK;
-   kvm->arch.vttbr |= vmid;
+
+   /*
+* If the VTTBR isn't aligned there is something wrong with the system
+* or kernel.  It is better to just fail and not mask it. But no need
+* to panic the host kernel with a BUG_ON(), instead just log the e

Re: KVM call for agenda for 2014-08-05

[Juan Quintela]

Reset, this time with the right mailing lists.

Thanks to Markus for noticing.

Later, Juan.

Juan Quintela  wrote:
> Hi
>
> Please, send any topic that you are interested in covering.
>
> Thanks, Juan.
>
> Call details:
>
> 15:00 CEST
> 13:00 UTC
> 09:00 EDT
>
> Every two weeks
>
> By popular demand, a google calendar public entry with it
>
> https://www.google.com/calendar/embed?src=dG9iMXRqcXAzN3Y4ZXZwNzRoMHE4a3BqcXNAZ3JvdXAuY2FsZW5kYXIuZ29vZ2xlLmNvbQ
>
> (Let me know if you have any problems with the calendar entry)
>
> If you need phone number details,  contact me privately
>
>
> Thanks, Juan.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v3] arm64: fix VTTBR_BADDR_MASK

[Joel Schopp]

Since this fixes a real problem and didn't make it into 3.16 it would be
good if this made it into 3.17.

-Joel

On 08/04/2014 09:38 AM, Joel Schopp wrote:
> The current VTTBR_BADDR_MASK only masks 39 bits, which is broken on current
> systems.  Rather than just add a bit it seems like a good time to also set
> things at run-time instead of compile time to accomodate more hardware.
>
> This patch sets TCR_EL2.PS, VTCR_EL2.T0SZ and vttbr_baddr_mask in runtime,
> not compile time.
>
> In ARMv8, EL2 physical address size (TCR_EL2.PS) and stage2 input address
> size (VTCR_EL2.T0SZE) cannot be determined in compile time since they
> depends on hardware capability.
>
> According to Table D4-23 and Table D4-25 in ARM DDI 0487A.b document,
> vttbr_x is calculated using different hard-coded values with consideration
> of T0SZ, granule size and the level of translation tables. Therefore,
> vttbr_baddr_mask should be determined dynamically.
>
> Changes since v2:
> Rebased on https://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git 
> next branch
>
> Changes since v1:
> Rebased fix on Jungseok Lee's patch https://lkml.org/lkml/2014/5/12/189 to
> provide better long term fix.  Updated that patch to log error instead of
> silently fail on unaligned vttbr.
>
> Cc: Christoffer Dall 
> Cc: Sungjinn Chung 
> Signed-off-by: Jungseok Lee 
> Signed-off-by: Joel Schopp 
> ---
>  arch/arm/kvm/arm.c   |   91 
> +-
>  arch/arm64/include/asm/kvm_arm.h |   17 +--
>  arch/arm64/kvm/hyp-init.S|   20 ++--
>  3 files changed, 106 insertions(+), 22 deletions(-)
>
> diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c
> index d7424ef..d7ca2f5 100644
> --- a/arch/arm/kvm/arm.c
> +++ b/arch/arm/kvm/arm.c
> @@ -37,6 +37,7 @@
>  #include 
>  #include 
>  #include 
> +#include 
>  #include 
>  #include 
>  #include 
> @@ -61,6 +62,9 @@ static atomic64_t kvm_vmid_gen = ATOMIC64_INIT(1);
>  static u8 kvm_next_vmid;
>  static DEFINE_SPINLOCK(kvm_vmid_lock);
>  
> +/* VTTBR mask cannot be determined in complie time under ARMv8 */
> +static u64 vttbr_baddr_mask;
> +
>  static bool vgic_present;
>  
>  static void kvm_arm_set_running_vcpu(struct kvm_vcpu *vcpu)
> @@ -376,6 +380,75 @@ static bool need_new_vmid_gen(struct kvm *kvm)
>  }
>  
>  /**
> + * set_vttbr_baddr_mask - set mask value for vttbr base address
> + *
> + * In ARMv8, vttbr_baddr_mask cannot be determined in compile time since 
> stage2
> + * input address size depends on hardware capability. Thus, it is needed to 
> read
> + * ID_AA64MMFR0_EL1.PARange first and then set vttbr_baddr_mask with
> + * consideration of both granule size and the level of translation tables.
> + */
> +static int set_vttbr_baddr_mask(void)
> +{
> +#ifndef CONFIG_ARM64
> + vttbr_baddr_mask = VTTBR_BADDR_MASK;
> +#else
> + int pa_range, t0sz, vttbr_x;
> +
> + pa_range = read_cpuid(ID_AA64MMFR0_EL1) & 0xf;
> +
> + switch (pa_range) {
> + case 0:
> + t0sz = VTCR_EL2_T0SZ(32);
> + break;
> + case 1:
> + t0sz = VTCR_EL2_T0SZ(36);
> + break;
> + case 2:
> + t0sz = VTCR_EL2_T0SZ(40);
> + break;
> + case 3:
> + t0sz = VTCR_EL2_T0SZ(42);
> + break;
> + case 4:
> + t0sz = VTCR_EL2_T0SZ(44);
> + break;
> + default:
> + t0sz = VTCR_EL2_T0SZ(48);
> + }
> +
> + /*
> +  * See Table D4-23 and Table D4-25 in ARM DDI 0487A.b to figure out
> +  * the origin of the hardcoded values, 38 and 37.
> +  */
> +#ifdef CONFIG_ARM64_64K_PAGES
> + /*
> +  * 16 <= T0SZ <= 21 is valid under 3 level of translation tables
> +  * 18 <= T0SZ <= 34 is valid under 2 level of translation tables
> +  * 31 <= T0SZ <= 39 is valid under 1 level of transltaion tables
> +  */
> + if (t0sz <= 17) {
> + kvm_err("Cannot support %d-bit address space\n", 64 - t0sz);
> + return -EINVAL;
> + }
> + vttbr_x = 38 - t0sz;
> +#else
> + /*
> +  * 16 <= T0SZ <= 24 is valid under 4 level of translation tables
> +  * 21 <= T0SZ <= 30 is valid under 3 level of translation tables
> +  * 30 <= T0SZ <= 39 is valid under 2 level of translation tables
> +  */
> + if (t0sz <= 20) {
> + kvm_err("Cannot support %d-bit address space\n", 64 - t0sz);
> + return -EINVAL;
> + }
> + vttbr_x = 37 - t0sz;
> +#endif
> + vttbr_baddr_mask = (((1LLU << (48 - vttbr_x)) - 1) << (vttbr_x - 1));
> +#endif
> + return 0;
> +}
> +
> +/**
>   * update_vttbr - Update the VTTBR with a valid VMID before the guest runs
>   * @kvm  The guest that we are about to run
>   *
> @@ -429,8 +502,16 @@ static void update_vttbr(struct kvm *kvm)
>   /* update vttbr to be used with the new vmid */
>   pgd_phys = virt_to_phys(kvm->arch.pgd);
>   vmid = ((u64)(kvm->arch.vmid) << VTTBR_VMID_SHIFT) & VTTBR_VMID_MASK;
> -   

Re: [PATCH v3] arm64: fix VTTBR_BADDR_MASK

[Christoffer Dall]

On Mon, Aug 04, 2014 at 09:42:46AM -0500, Joel Schopp wrote:
> Since this fixes a real problem and didn't make it into 3.16 it would be
> good if this made it into 3.17.
> 
It's too late for the merge window, we have to review and test as I told
you in a private e-mail.

We will review this and test it, and if it makes sense merge as a fix
for 3.17 before the release.

Please be a little patient given the number of patches on the list
currently.

Thanks,
-Christoffer
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [RFC][PATCH] kvm: x86: fix stale mmio cache bug

[David Matlack]

On Mon, Aug 4, 2014 at 5:44 AM, Paolo Bonzini  wrote:
> Il 02/08/2014 06:15, Xiao Guangrong ha scritto:
>> I prefer to also caching the spte’s generation number, then check the number
>> in quickly_check_mmio_pf().
>
> I agree, thanks Xiao for the review and David for the report!

I like this approach as well. I'll send out a v2.

Thanks for the reviews!
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 04/33] perf kvm stat: Properly show submicrosecond times

[Arnaldo Carvalho de Melo]

From: Christian Borntraeger 

For lots of exits the min time (and sometimes max) is 0 or 1. Lets
increase the accurancy similar to what the average field alread does.

Signed-off-by: Christian Borntraeger 
Acked-by: David Ahern 
Cc: David Ahern 
Cc: Jiri Olsa 
Cc: Paolo Bonzini 
Cc: kvm@vger.kernel.org
Link: 
http://lkml.kernel.org/r/1406805231-10675-2-git-send-email-borntrae...@de.ibm.com
Signed-off-by: Arnaldo Carvalho de Melo 
---
 tools/perf/builtin-kvm.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tools/perf/builtin-kvm.c b/tools/perf/builtin-kvm.c
index 43367eb00510..fe92dfdeab46 100644
--- a/tools/perf/builtin-kvm.c
+++ b/tools/perf/builtin-kvm.c
@@ -592,8 +592,8 @@ static void print_result(struct perf_kvm_stat *kvm)
pr_info("%9s ", "Samples%");
 
pr_info("%9s ", "Time%");
-   pr_info("%10s ", "Min Time");
-   pr_info("%10s ", "Max Time");
+   pr_info("%11s ", "Min Time");
+   pr_info("%11s ", "Max Time");
pr_info("%16s ", "Avg time");
pr_info("\n\n");
 
@@ -610,8 +610,8 @@ static void print_result(struct perf_kvm_stat *kvm)
pr_info("%10llu ", (unsigned long long)ecount);
pr_info("%8.2f%% ", (double)ecount / kvm->total_count * 100);
pr_info("%8.2f%% ", (double)etime / kvm->total_time * 100);
-   pr_info("%8" PRIu64 "us ", min / 1000);
-   pr_info("%8" PRIu64 "us ", max / 1000);
+   pr_info("%9.2fus ", (double)min / 1e3);
+   pr_info("%9.2fus ", (double)max / 1e3);
pr_info("%9.2fus ( +-%7.2f%% )", (double)etime / ecount/1e3,
kvm_event_rel_stddev(vcpu, event));
pr_info("\n");
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL 00/33] perf/core improvements and fixes

[Arnaldo Carvalho de Melo]

Hi Ingo,

Mostly fixes plus some refactoring work, more to come as I process
Adrian Hunter big patch set and other that missed this pull request.

Please consider pulling,

- Arnaldo

The following changes since commit f9b9f812235d53f774a083e88a5a23b517a69752:

  Merge tag 'perf-core-for-mingo' of 
git://git.kernel.org/pub/scm/linux/kernel/git/jolsa/perf into perf/core 
(2014-07-30 14:51:06 +0200)

are available in the git repository at:


  git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux.git 
tags/perf-core-for-mingo

for you to fetch changes up to 55b7e5fcf4782335c1ee5b4a2076697527c36407:

  perf tools: Default to python version 2 (2014-08-04 12:21:37 -0300)


perf/core improvements and fixes:

User visible:

. Show better error message in case we fail to open counters due to EBUSY error,
  for instance, when oprofile is running. (Jiri Olsa)

. Honour -w in the report tools (report, top), allowing to specify the widths
  for the histogram entries columns. (Namhyung Kim)

. Don't run workload if not told to, as happens when the user has no
  permission for profiling and even then the specified workload ends
  up running (Arnaldo Carvalho de Melo)

. Do not ignore mmap events in 'perf kmem report'. This tool was using
  the kernel mmaps in the running machine instead of processing the mmap
  records from the perf.data file. (Namhyung Kim)

. Properly show submicrosecond times in 'perf kvm stat' (Christian Borntraeger)

. Allow the user to disable time stamps in 'perf record' (Andi Kleen)

. Make sure --symfs usage includes the path separator (Arnaldo Carvalho de Melo)

Developer Stuff:

. Fix arm64 build error (Mark Salter)

. Fix make PYTHON override (Namhyung Kim)

. Rename ordered_samples to ordered_events and allow setting a queue
  size for ordering events (Jiri Olsa)

. Default to python version 2 (Thomas Ilsche)

Signed-off-by: Arnaldo Carvalho de Melo 


Andi Kleen (1):
  perf record: Allow the user to disable time stamps

Arnaldo Carvalho de Melo (2):
  perf evlist: Don't run workload if not told to
  perf symbols: Make sure --symfs usage includes the path separator

Christian Borntraeger (1):
  perf kvm stat: Properly show submicrosecond times

Jiri Olsa (18):
  perf tools: Rename ordered_samples bool to ordered_events
  perf tools: Rename ordered_samples struct to ordered_events
  perf tools: Rename ordered_events members
  perf tools: Add ordered_events__(new|delete) interface
  perf tools: Factor ordered_events__flush to be more generic
  perf tools: Limit ordered events queue size
  perf tools: Flush ordered events in case of allocation failure
  perf tools: Make perf_session__deliver_event global
  perf tools: Create ordered-events object
  perf tools: Use list_move in ordered_events_delete function
  perf tools: Add ordered_events__init function
  perf tools: Add ordered_events__free function
  perf tools: Add perf_config_u64 function
  perf tools: Add report.queue-size config file option
  perf tools: Add debug prints for ordered events queue
  perf tools: Allow out of order messages in forced flush
  perf tools: Show better error message in case we fail to open counters 
due to EBUSY error
  perf tools: Fix PERF_FLAG_FD_CLOEXEC flag probing event type open 
counters due to EBUSY error

Mark Salter (1):
  perf tools: Fix arm64 build error

Namhyung Kim (9):
  perf kmem: Do not ignore mmap events
  perf tools: Fix make PYTHON override
  perf tools: Left-align output contents
  perf tools: Make __hpp__fmt() receive an additional len argument
  perf tools: Save column length in perf_hpp_fmt
  perf report: Honor column width setting
  perf top: Add -w option for setting column width
  perf tools: Add name field into perf_hpp_fmt
  perf tools: Fix column alignment when headers aren't shown on TUI

Thomas Ilsche (1):
  perf tools: Default to python version 2

 tools/perf/Documentation/perf-report.txt  |   2 +-
 tools/perf/Documentation/perf-top.txt |   6 +
 tools/perf/Makefile.perf  |   2 +
 tools/perf/arch/arm64/include/perf_regs.h |   2 +
 tools/perf/builtin-annotate.c |   2 +-
 tools/perf/builtin-diff.c |   2 +-
 tools/perf/builtin-inject.c   |   2 +-
 tools/perf/builtin-kmem.c |   7 +-
 tools/perf/builtin-kvm.c  |  16 +-
 tools/perf/builtin-lock.c |   2 +-
 tools/perf/builtin-mem.c  |   2 +-
 tools/perf/builtin-record.c   |   1 +
 tools/perf/builtin-report.c   |  15 +-
 tools/perf/builtin-sched.c|   2 +-
 tools/perf/builtin-script.c   |   2 +-
 tools/perf/builtin-timechart.c|   2 +-
 tools/perf/builtin-top.c  | 

[Bug 53361] Wrong CPUID data returned by KVM

[bugzilla-daemon]

https://bugzilla.kernel.org/show_bug.cgi?id=53361

Chris Harrington  changed:

   What|Removed |Added

 CC||ironiri...@gmail.com

--- Comment #1 from Chris Harrington  ---
Looks like the QEMU folks had a relevant change on this bug:

https://lists.gnu.org/archive/html/qemu-devel/2014-02/msg04140.html

Could you retest?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: kvm-unit-tests failures

[Chris J Arges]

On 08/02/2014 01:35 AM, Paolo Bonzini wrote:
> Il 01/08/2014 23:09, Chris J Arges ha scritto:
>> Hi,
>>
>> We are planning on running kvm-unit-tests as part of our test suite; but
>> I've noticed that many tests fail (even running the latest kvm tip).
>> After searching I found many BZ entires that seem to point at this
>> master bug for tracking these issues:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1079979
> 
> This bug is for failures in the RHEL7 kernel, which is older than
> kvm.git.  Which tests fail for you?.
> 
> kvm.git bugs are tracked in bugzilla.kernel.org, but for now I think
> it's better if you just reply here.
> 
> Paolo
> 


Paulo,
Hopefully this is enough to get started; I can file this as a bug if its
easier to track. Let me know if there is additional information that is
needed. I'm thinking some may be userspace qemu-system-x86_64 issues
since three of them can be resolved by adding "-cpu host"; however it
may be something to add in the test-suite. Let me know and I am happy to
write a patch depending on what you think will work.

All tests below are done with the kvm tip (fresh as of today) merged
with 3.16-rc4.

Thanks,
--chris j arges

--

* Failures:

- pmu
$ sudo ./x86-run x86/pmu.flat -smp 1
qemu-system-x86_64 -enable-kvm -device pc-testdev -device
isa-debug-exit,iobase=0xf4,iosize=0x4 -display none -serial stdio
-device pci-testdev -kernel x86/pmu.flat -smp 1
enabling apic
paging enabled
cr0 = 80010011
cr3 = 7fff000
cr4 = 20
PMU version: 33
GP counters: 1
GP counter width:0
Mask length: 0
Fixed counters:  1
Fixed counter width: 0
GP event 'core cycles' is disabled
GP event 'instructions' is disabled
GP event 'ref cycles' is disabled
GP event 'llc refference' is disabled
GP event 'llc misses' is disabled
GP event 'branches' is disabled
unhandled excecption 13
Return value from qemu: 15

As suggested in comment 2 on this bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1079796
Adding the -cpu host allows this test to PASS.

- tsc_adjust
$ sudo ./x86-run x86/tsc_adjust.flat -smp 1
qemu-system-x86_64 -enable-kvm -device pc-testdev -device
isa-debug-exit,iobase=0xf4,iosize=0x4 -display none -serial stdio
-device pci-testdev -kernel x86/tsc_adjust.flat -smp 1
enabling apic
failure: IA32_TSC_ADJUST msr read / write incorrect
failure: TSC did not adjust for IA32_TSC_ADJUST value
failure: IA32_TSC_ADJUST msr incorrectly adjusted on tsc write
Return value from qemu: 3

Here again adding "-cpu host" allows this to pass.

- pcid
$ sudo ./x86-run x86/tsc_adjust.flat -smp 1
qemu-system-x86_64 -enable-kvm -device pc-testdev -device
isa-debug-exit,iobase=0xf4,iosize=0x4 -display none -serial stdio
-device pci-testdev -kernel x86/tsc_adjust.flat -smp 1
enabling apic
failure: IA32_TSC_ADJUST msr read / write incorrect
failure: TSC did not adjust for IA32_TSC_ADJUST value
failure: IA32_TSC_ADJUST msr incorrectly adjusted on tsc write
Return value from qemu: 3
ubuntu@zoot:~/kvm-unit-tests$ sudo ./x86-run x86/pcid.flat -smp 1 -cpu
qemu64,+pcid
qemu-system-x86_64 -enable-kvm -device pc-testdev -device
isa-debug-exit,iobase=0xf4,iosize=0x4 -display none -serial stdio
-device pci-testdev -kernel x86/pcid.flat -smp 1 -cpu qemu64,+pcid
enabling apic
PASS: CPUID consistency
FAIL: Test on PCID when enabled
PASS: Test on INVPCID when disabled

SUMMARY: 3 tests, 1 unexpected failures
Return value from qemu: 3

Here again adding "-cpu host" allows this to pass.

- msr (HANG)
./x86-run x86/msr.flat -smp 1

$ sudo ./x86-run x86/msr.flat -smp 1qemu-system-x86_64 -enable-kvm
-device pc-testdev -device isa-debug-exit,iobase=0xf4,iosize=0x4
-display none -serial stdio -device pci-testdev -kernel x86/msr.flat -smp 1
enabling apic
enabling apic
enabling apic

"enabling apic" repeats and adding -cpu host seems to have no effect.
Interestingly enough on an Ubuntu 3.13 series kernel this PASSes.

- vmx (HANG)
$ sudo ./x86-run x86/vmx.flat -smp 1 -cpu host,+vmx
qemu-system-x86_64 -enable-kvm -device pc-testdev -device
isa-debug-exit,iobase=0xf4,iosize=0x4 -display none -serial stdio
-device pci-testdev -kernel x86/vmx.flat -smp 1 -cpu host,+vmx
enabling apic
paging enabled
cr0 = 80010011
cr3 = 7fff000
cr4 = 20
PASS: test vmxon with FEATURE_CONTROL cleared
PASS: test vmxon without FEATURE_CONTROL lock
PASS: test enable VMX in FEATURE_CONTROL
PASS: test FEATURE_CONTROL lock bit
PASS: test vmxon with unaligned vmxon region
PASS: test vmxon with bits set beyond physical address width
PASS: test vmxon with invalid revision identifier
PASS: test vmxon with valid vmxon region
PASS: test vmptrld with unaligned vmcs
PASS: test vmptrld with vmcs address bits set beyond physical address width
PASS: test vmptrld with vmxon region
PASS: test vmptrld with valid vmcs region
PASS: test vmclear with unaligned vmcs
PASS: test vmclear with vmcs address bits set beyond physical address width
PASS: test vmclear with vmxon region
PASS: test vmclear with valid vmcs region
PASS: test vmptrst
PASS: test vmxo

Re: kvm-unit-tests failures

[Paolo Bonzini]

Il 04/08/2014 19:02, Chris J Arges ha scritto:
> Paulo,
> Hopefully this is enough to get started; I can file this as a bug if its
> easier to track. Let me know if there is additional information that is
> needed. I'm thinking some may be userspace qemu-system-x86_64 issues
> since three of them can be resolved by adding "-cpu host"; however it
> may be something to add in the test-suite. Let me know and I am happy to
> write a patch depending on what you think will work.

Are you aware of x86/unittests.cfg and run_tests.sh?

Paolo
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: kvm-unit-tests failures

[Chris J Arges]

On 08/04/2014 01:20 PM, Paolo Bonzini wrote:
> Il 04/08/2014 19:02, Chris J Arges ha scritto:
>> Paulo,
>> Hopefully this is enough to get started; I can file this as a bug if its
>> easier to track. Let me know if there is additional information that is
>> needed. I'm thinking some may be userspace qemu-system-x86_64 issues
>> since three of them can be resolved by adding "-cpu host"; however it
>> may be something to add in the test-suite. Let me know and I am happy to
>> write a patch depending on what you think will work.
> 
> Are you aware of x86/unittests.cfg and run_tests.sh?
> 
> Paolo
> 

Paolo,
Yes this is how I initially ran the script:
./configure && make
sudo ./run_tests.sh -v

Then if any commands that failed, I re-ran the command it output in
order to show more output here for debugging.

--chris j arges
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: kvm-unit-tests failures

[Paolo Bonzini]

Il 04/08/2014 20:37, Chris J Arges ha scritto:
> Paolo,
> Yes this is how I initially ran the script:
> ./configure && make
> sudo ./run_tests.sh -v
> 
> Then if any commands that failed, I re-ran the command it output in
> order to show more output here for debugging.

Which tests are failing and which require "-cpu host"?

Paolo
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: kvm-unit-tests failures

[Chris J Arges]

On 08/04/2014 01:40 PM, Paolo Bonzini wrote:
> Il 04/08/2014 20:37, Chris J Arges ha scritto:
>> Paolo,
>> Yes this is how I initially ran the script:
>> ./configure && make
>> sudo ./run_tests.sh -v
>>
>> Then if any commands that failed, I re-ran the command it output in
>> order to show more output here for debugging.
> 
> Which tests are failing and which require "-cpu host"?
> 
> Paolo
> 

Paolo,
I included these results with my original reply:
https://www.mail-archive.com/kvm@vger.kernel.org/msg105950.html
See the "Failures" part.

Thanks,
--chris j arges
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 1/2] KVM: nVMX: Fix nested vmexit ack intr before load vmcs01

[Davidlohr Bueso]

On Fri, 2014-08-01 at 16:12 +0800, Wanpeng Li wrote:
> External interrupt will cause L1 vmexit w/ reason external interrupt when L2 
> is 
> running. Then L1 will pick up the interrupt through vmcs12 if L1 set the ack 
> interrupt bit. Commit 77b0f5d (KVM: nVMX: Ack and write vector info to 
> intr_info
> if L1 asks us to)

So being that 77b0f5d is in 3.15, we need it for -stable.

>  get intr that belongs to L1 before load vmcs01 which is wrong, 
> especially this lead to the obvious L1 ack APICv behavior weired since APICv 
> is for L1 instead of L2. This patch fix it by ack intr after load vmcs01.
> 
> Signed-off-by: Wanpeng Li 

It strikes me that this fixes Felipe's issue:
http://paste.opensuse.org/view/raw/78752586




--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] KVM: MMU: Use hashtable for MMU page hash

[Sasha Levin]

Use the kernel hashtable interface instead of the hlist interface.
This allows us to eliminate some unneeded code and make the code
simpler.

Signed-off-by: Sasha Levin 
---
 arch/x86/include/asm/kvm_host.h |4 ++--
 arch/x86/kvm/mmu.c  |   16 ++--
 2 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 5724601..2c8e3c5 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -17,6 +17,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #include 
 #include 
@@ -90,7 +91,6 @@ static inline gfn_t gfn_to_index(gfn_t gfn, gfn_t base_gfn, 
int level)
 #define KVM_PERMILLE_MMU_PAGES 20
 #define KVM_MIN_ALLOC_MMU_PAGES 64
 #define KVM_MMU_HASH_SHIFT 10
-#define KVM_NUM_MMU_PAGES (1 << KVM_MMU_HASH_SHIFT)
 #define KVM_MIN_FREE_MMU_PAGES 5
 #define KVM_REFILL_PAGES 25
 #define KVM_MAX_CPUID_ENTRIES 80
@@ -556,7 +556,7 @@ struct kvm_arch {
unsigned int n_max_mmu_pages;
unsigned int indirect_shadow_pages;
unsigned long mmu_valid_gen;
-   struct hlist_head mmu_page_hash[KVM_NUM_MMU_PAGES];
+   DECLARE_HASHTABLE(mmu_page_hash, KVM_MMU_HASH_SHIFT);
/*
 * Hash table of struct kvm_mmu_page.
 */
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 9314678..db1ae90 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -1525,7 +1525,7 @@ static inline void kvm_mod_used_mmu_pages(struct kvm 
*kvm, int nr)
 static void kvm_mmu_free_page(struct kvm_mmu_page *sp)
 {
ASSERT(is_empty_shadow_page(sp->spt));
-   hlist_del(&sp->hash_link);
+   hash_del(&sp->hash_link);
list_del(&sp->link);
free_page((unsigned long)sp->spt);
if (!sp->role.direct)
@@ -1533,11 +1533,6 @@ static void kvm_mmu_free_page(struct kvm_mmu_page *sp)
kmem_cache_free(mmu_page_header_cache, sp);
 }
 
-static unsigned kvm_page_table_hashfn(gfn_t gfn)
-{
-   return gfn & ((1 << KVM_MMU_HASH_SHIFT) - 1);
-}
-
 static void mmu_page_add_parent_pte(struct kvm_vcpu *vcpu,
struct kvm_mmu_page *sp, u64 *parent_pte)
 {
@@ -1724,8 +1719,8 @@ static void kvm_mmu_commit_zap_page(struct kvm *kvm,
  * all the obsolete pages.
  */
 #define for_each_gfn_sp(_kvm, _sp, _gfn)   \
-   hlist_for_each_entry(_sp,   \
- &(_kvm)->arch.mmu_page_hash[kvm_page_table_hashfn(_gfn)], hash_link) \
+   hash_for_each_possible((_kvm)->arch.mmu_page_hash, (_sp),   \
+   hash_link, (_gfn))  \
if ((_sp)->gfn != (_gfn)) {} else
 
 #define for_each_gfn_indirect_valid_sp(_kvm, _sp, _gfn)
\
@@ -1973,8 +1968,7 @@ static struct kvm_mmu_page *kvm_mmu_get_page(struct 
kvm_vcpu *vcpu,
return sp;
sp->gfn = gfn;
sp->role = role;
-   hlist_add_head(&sp->hash_link,
-   &vcpu->kvm->arch.mmu_page_hash[kvm_page_table_hashfn(gfn)]);
+   hash_add(vcpu->kvm->arch.mmu_page_hash, &sp->hash_link, gfn);
if (!direct) {
if (rmap_write_protect(vcpu->kvm, gfn))
kvm_flush_remote_tlbs(vcpu->kvm);
@@ -3885,6 +3879,8 @@ static void init_kvm_nested_mmu(struct kvm_vcpu *vcpu)
 
 static void init_kvm_mmu(struct kvm_vcpu *vcpu)
 {
+   hash_init(kvm->arch.mmu_page_hash);
+
if (mmu_is_nested(vcpu))
return init_kvm_nested_mmu(vcpu);
else if (tdp_enabled)
-- 
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v2] kvm: x86: fix stale mmio cache bug

[David Matlack]

The following events can lead to an incorrect KVM_EXIT_MMIO bubbling
up to userspace:

(1) Guest accesses gpa X without a memory slot. The gfn is cached in
struct kvm_vcpu_arch (mmio_gfn). On Intel EPT-enabled hosts, KVM sets
the SPTE write-execute-noread so that future accesses cause
EPT_MISCONFIGs.

(2) Host userspace creates a memory slot via KVM_SET_USER_MEMORY_REGION
covering the page just accessed.

(3) Guest attempts to read or write to gpa X again. On Intel, this
generates an EPT_MISCONFIG. The memory slot generation number that
was incremented in (2) would normally take care of this but we fast
path mmio faults through quickly_check_mmio_pf(), which only checks
the per-vcpu mmio cache. Since we hit the cache, KVM passes a
KVM_EXIT_MMIO up to userspace.

This patch fixes the issue by doing the following:
  - Tag the mmio cache with the memslot generation and use it to
validate mmio cache lookups.
  - Extend vcpu_clear_mmio_info to clear mmio_gfn in addition to
mmio_gva, since both can be used to fast path mmio faults.
  - In mmu_sync_roots, unconditionally clear the mmio cache since
even direct_map (e.g. tdp) hosts use it.

Signed-off-by: David Matlack 
---
Changes in v2:
  - Use memslot generation to invalidate the mmio cache rather than
actively invalidating the cache.
  - Update patch description with new cache invalidation technique.
  - Pull mmio cache/clear code up out of x86.h and mmu.c and into
mmu.h.

 arch/x86/include/asm/kvm_host.h |  1 +
 arch/x86/kvm/mmu.c  | 16 ++
 arch/x86/kvm/mmu.h  | 70 +
 arch/x86/kvm/x86.h  | 36 -
 4 files changed, 73 insertions(+), 50 deletions(-)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 49205d0..f518d14 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -479,6 +479,7 @@ struct kvm_vcpu_arch {
u64 mmio_gva;
unsigned access;
gfn_t mmio_gfn;
+   unsigned int mmio_gen;
 
struct kvm_pmu pmu;
 
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 9314678..43f1c18 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -206,11 +206,8 @@ EXPORT_SYMBOL_GPL(kvm_mmu_set_mmio_spte_mask);
 #define MMIO_SPTE_GEN_LOW_SHIFT3
 #define MMIO_SPTE_GEN_HIGH_SHIFT   52
 
-#define MMIO_GEN_SHIFT 19
 #define MMIO_GEN_LOW_SHIFT 9
 #define MMIO_GEN_LOW_MASK  ((1 << MMIO_GEN_LOW_SHIFT) - 1)
-#define MMIO_GEN_MASK  ((1 << MMIO_GEN_SHIFT) - 1)
-#define MMIO_MAX_GEN   ((1 << MMIO_GEN_SHIFT) - 1)
 
 static u64 generation_mmio_spte_mask(unsigned int gen)
 {
@@ -234,16 +231,6 @@ static unsigned int get_mmio_spte_generation(u64 spte)
return gen;
 }
 
-static unsigned int kvm_current_mmio_generation(struct kvm *kvm)
-{
-   /*
-* Init kvm generation close to MMIO_MAX_GEN to easily test the
-* code of handling generation number wrap-around.
-*/
-   return (kvm_memslots(kvm)->generation +
- MMIO_MAX_GEN - 150) & MMIO_GEN_MASK;
-}
-
 static void mark_mmio_spte(struct kvm *kvm, u64 *sptep, u64 gfn,
   unsigned access)
 {
@@ -3157,13 +3144,14 @@ static void mmu_sync_roots(struct kvm_vcpu *vcpu)
int i;
struct kvm_mmu_page *sp;
 
+   vcpu_clear_mmio_info(vcpu, MMIO_GVA_ANY);
+
if (vcpu->arch.mmu.direct_map)
return;
 
if (!VALID_PAGE(vcpu->arch.mmu.root_hpa))
return;
 
-   vcpu_clear_mmio_info(vcpu, ~0ul);
kvm_mmu_audit(vcpu, AUDIT_PRE_SYNC);
if (vcpu->arch.mmu.root_level == PT64_ROOT_LEVEL) {
hpa_t root = vcpu->arch.mmu.root_hpa;
diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h
index b982112..058651a 100644
--- a/arch/x86/kvm/mmu.h
+++ b/arch/x86/kvm/mmu.h
@@ -82,6 +82,76 @@ void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, struct 
kvm_mmu *context,
 void update_permission_bitmask(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu,
bool ept);
 
+#define MMIO_GEN_SHIFT 19
+#define MMIO_GEN_MASK  ((1 << MMIO_GEN_SHIFT) - 1)
+#define MMIO_MAX_GEN   ((1 << MMIO_GEN_SHIFT) - 1)
+static inline unsigned int kvm_current_mmio_generation(struct kvm *kvm)
+{
+   /*
+* Init kvm generation close to MMIO_MAX_GEN to easily test the
+* code of handling generation number wrap-around.
+*/
+   return (kvm_memslots(kvm)->generation + MMIO_MAX_GEN - 150) &
+  MMIO_GEN_MASK;
+}
+
+static inline void vcpu_cache_mmio_info(struct kvm_vcpu *vcpu,
+   gva_t gva, gfn_t gfn, unsigned access)
+{
+   vcpu->arch.mmio_gen = kvm_current_mmio_generation(vcpu->kvm);
+
+   /*
+* Ensure that the mmio_gen is set before the rest of the cache entry.
+* Otherwis

Re: [PATCH v5 2/5] random: Add and use arch_get_rng_seed

[Theodore Ts'o]

On Wed, Jul 23, 2014 at 09:57:28PM -0700, Andy Lutomirski wrote:
> Currently, init_std_data contains its own logic for using arch
> random sources.  This replaces that logic with a generic function
> arch_get_rng_seed that allows arch code to supply its own logic.
> The default implementation tries arch_get_random_seed_long and
> arch_get_random_long individually.
> 
> The only functional change here is that random_get_entropy() is used
> unconditionally instead of being used only when the arch sources
> fail.  This may add a tiny amount of security.
> 
> Signed-off-by: Andy Lutomirski 

Acked-by: Theodore Ts'o 

- Ted
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html