204 lines
5.3 KiB
C
204 lines
5.3 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/*
|
|
* Copyright (C) 2016 - Linaro and Columbia University
|
|
* Author: Jintack Lim <jintack.lim@linaro.org>
|
|
*/
|
|
|
|
#include <linux/kvm.h>
|
|
#include <linux/kvm_host.h>
|
|
|
|
#include <asm/kvm_emulate.h>
|
|
#include <asm/kvm_nested.h>
|
|
|
|
#include "hyp/include/hyp/adjust_pc.h"
|
|
|
|
#include "trace.h"
|
|
|
|
static u64 kvm_check_illegal_exception_return(struct kvm_vcpu *vcpu, u64 spsr)
|
|
{
|
|
u64 mode = spsr & PSR_MODE_MASK;
|
|
|
|
/*
|
|
* Possible causes for an Illegal Exception Return from EL2:
|
|
* - trying to return to EL3
|
|
* - trying to return to an illegal M value
|
|
* - trying to return to a 32bit EL
|
|
* - trying to return to EL1 with HCR_EL2.TGE set
|
|
*/
|
|
if (mode == PSR_MODE_EL3t || mode == PSR_MODE_EL3h ||
|
|
mode == 0b00001 || (mode & BIT(1)) ||
|
|
(spsr & PSR_MODE32_BIT) ||
|
|
(vcpu_el2_tge_is_set(vcpu) && (mode == PSR_MODE_EL1t ||
|
|
mode == PSR_MODE_EL1h))) {
|
|
/*
|
|
* The guest is playing with our nerves. Preserve EL, SP,
|
|
* masks, flags from the existing PSTATE, and set IL.
|
|
* The HW will then generate an Illegal State Exception
|
|
* immediately after ERET.
|
|
*/
|
|
spsr = *vcpu_cpsr(vcpu);
|
|
|
|
spsr &= (PSR_D_BIT | PSR_A_BIT | PSR_I_BIT | PSR_F_BIT |
|
|
PSR_N_BIT | PSR_Z_BIT | PSR_C_BIT | PSR_V_BIT |
|
|
PSR_MODE_MASK | PSR_MODE32_BIT);
|
|
spsr |= PSR_IL_BIT;
|
|
}
|
|
|
|
return spsr;
|
|
}
|
|
|
|
void kvm_emulate_nested_eret(struct kvm_vcpu *vcpu)
|
|
{
|
|
u64 spsr, elr, mode;
|
|
bool direct_eret;
|
|
|
|
/*
|
|
* Going through the whole put/load motions is a waste of time
|
|
* if this is a VHE guest hypervisor returning to its own
|
|
* userspace, or the hypervisor performing a local exception
|
|
* return. No need to save/restore registers, no need to
|
|
* switch S2 MMU. Just do the canonical ERET.
|
|
*/
|
|
spsr = vcpu_read_sys_reg(vcpu, SPSR_EL2);
|
|
spsr = kvm_check_illegal_exception_return(vcpu, spsr);
|
|
|
|
mode = spsr & (PSR_MODE_MASK | PSR_MODE32_BIT);
|
|
|
|
direct_eret = (mode == PSR_MODE_EL0t &&
|
|
vcpu_el2_e2h_is_set(vcpu) &&
|
|
vcpu_el2_tge_is_set(vcpu));
|
|
direct_eret |= (mode == PSR_MODE_EL2h || mode == PSR_MODE_EL2t);
|
|
|
|
if (direct_eret) {
|
|
*vcpu_pc(vcpu) = vcpu_read_sys_reg(vcpu, ELR_EL2);
|
|
*vcpu_cpsr(vcpu) = spsr;
|
|
trace_kvm_nested_eret(vcpu, *vcpu_pc(vcpu), spsr);
|
|
return;
|
|
}
|
|
|
|
preempt_disable();
|
|
kvm_arch_vcpu_put(vcpu);
|
|
|
|
elr = __vcpu_sys_reg(vcpu, ELR_EL2);
|
|
|
|
trace_kvm_nested_eret(vcpu, elr, spsr);
|
|
|
|
/*
|
|
* Note that the current exception level is always the virtual EL2,
|
|
* since we set HCR_EL2.NV bit only when entering the virtual EL2.
|
|
*/
|
|
*vcpu_pc(vcpu) = elr;
|
|
*vcpu_cpsr(vcpu) = spsr;
|
|
|
|
kvm_arch_vcpu_load(vcpu, smp_processor_id());
|
|
preempt_enable();
|
|
}
|
|
|
|
static void kvm_inject_el2_exception(struct kvm_vcpu *vcpu, u64 esr_el2,
|
|
enum exception_type type)
|
|
{
|
|
trace_kvm_inject_nested_exception(vcpu, esr_el2, type);
|
|
|
|
switch (type) {
|
|
case except_type_sync:
|
|
kvm_pend_exception(vcpu, EXCEPT_AA64_EL2_SYNC);
|
|
vcpu_write_sys_reg(vcpu, esr_el2, ESR_EL2);
|
|
break;
|
|
case except_type_irq:
|
|
kvm_pend_exception(vcpu, EXCEPT_AA64_EL2_IRQ);
|
|
break;
|
|
default:
|
|
WARN_ONCE(1, "Unsupported EL2 exception injection %d\n", type);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Emulate taking an exception to EL2.
|
|
* See ARM ARM J8.1.2 AArch64.TakeException()
|
|
*/
|
|
static int kvm_inject_nested(struct kvm_vcpu *vcpu, u64 esr_el2,
|
|
enum exception_type type)
|
|
{
|
|
u64 pstate, mode;
|
|
bool direct_inject;
|
|
|
|
if (!vcpu_has_nv(vcpu)) {
|
|
kvm_err("Unexpected call to %s for the non-nesting configuration\n",
|
|
__func__);
|
|
return -EINVAL;
|
|
}
|
|
|
|
/*
|
|
* As for ERET, we can avoid doing too much on the injection path by
|
|
* checking that we either took the exception from a VHE host
|
|
* userspace or from vEL2. In these cases, there is no change in
|
|
* translation regime (or anything else), so let's do as little as
|
|
* possible.
|
|
*/
|
|
pstate = *vcpu_cpsr(vcpu);
|
|
mode = pstate & (PSR_MODE_MASK | PSR_MODE32_BIT);
|
|
|
|
direct_inject = (mode == PSR_MODE_EL0t &&
|
|
vcpu_el2_e2h_is_set(vcpu) &&
|
|
vcpu_el2_tge_is_set(vcpu));
|
|
direct_inject |= (mode == PSR_MODE_EL2h || mode == PSR_MODE_EL2t);
|
|
|
|
if (direct_inject) {
|
|
kvm_inject_el2_exception(vcpu, esr_el2, type);
|
|
return 1;
|
|
}
|
|
|
|
preempt_disable();
|
|
|
|
/*
|
|
* We may have an exception or PC update in the EL0/EL1 context.
|
|
* Commit it before entering EL2.
|
|
*/
|
|
__kvm_adjust_pc(vcpu);
|
|
|
|
kvm_arch_vcpu_put(vcpu);
|
|
|
|
kvm_inject_el2_exception(vcpu, esr_el2, type);
|
|
|
|
/*
|
|
* A hard requirement is that a switch between EL1 and EL2
|
|
* contexts has to happen between a put/load, so that we can
|
|
* pick the correct timer and interrupt configuration, among
|
|
* other things.
|
|
*
|
|
* Make sure the exception actually took place before we load
|
|
* the new context.
|
|
*/
|
|
__kvm_adjust_pc(vcpu);
|
|
|
|
kvm_arch_vcpu_load(vcpu, smp_processor_id());
|
|
preempt_enable();
|
|
|
|
return 1;
|
|
}
|
|
|
|
int kvm_inject_nested_sync(struct kvm_vcpu *vcpu, u64 esr_el2)
|
|
{
|
|
return kvm_inject_nested(vcpu, esr_el2, except_type_sync);
|
|
}
|
|
|
|
int kvm_inject_nested_irq(struct kvm_vcpu *vcpu)
|
|
{
|
|
/*
|
|
* Do not inject an irq if the:
|
|
* - Current exception level is EL2, and
|
|
* - virtual HCR_EL2.TGE == 0
|
|
* - virtual HCR_EL2.IMO == 0
|
|
*
|
|
* See Table D1-17 "Physical interrupt target and masking when EL3 is
|
|
* not implemented and EL2 is implemented" in ARM DDI 0487C.a.
|
|
*/
|
|
|
|
if (vcpu_is_el2(vcpu) && !vcpu_el2_tge_is_set(vcpu) &&
|
|
!(__vcpu_sys_reg(vcpu, HCR_EL2) & HCR_IMO))
|
|
return 1;
|
|
|
|
/* esr_el2 value doesn't matter for exits due to irqs. */
|
|
return kvm_inject_nested(vcpu, 0, except_type_irq);
|
|
}
|