Commit 43609000 authored by Will Deacon's avatar Will Deacon Committed by Oliver Upton
Browse files

KVM: arm64: Handle FFA_MEM_SHARE calls from the host 



Intercept FFA_MEM_SHARE/FFA_FN64_MEM_SHARE calls from the host and
transition the host stage-2 page-table entries from the OWNED state to
the SHARED_OWNED state prior to forwarding the call onto EL3.

Co-developed-by: default avatarAndrew Walbran <qwandor@google.com>
Signed-off-by: default avatarAndrew Walbran <qwandor@google.com>
Signed-off-by: default avatarWill Deacon <will@kernel.org>
Link: https://lore.kernel.org/r/20230523101828.7328-7-will@kernel.org


Signed-off-by: default avatarOliver Upton <oliver.upton@linux.dev>
parent f9112ead

arch/arm64/kvm/hyp/nvhe/ffa.c

+155 −0
Original line number Diff line number Diff line
@@ -116,6 +116,14 @@ static int ffa_unmap_hyp_buffers(void) 
	return res.a0 == FFA_SUCCESS ? FFA_RET_SUCCESS : res.a2;

}



static void ffa_mem_share(struct arm_smccc_res *res, u32 len, u32 fraglen)

{

	arm_smccc_1_1_smc(FFA_FN64_MEM_SHARE,

			  len, fraglen,

			  0, 0, 0, 0, 0,

			  res);

}



static void do_ffa_rxtx_map(struct arm_smccc_res *res,

			    struct kvm_cpu_context *ctxt)

{
@@ -228,6 +236,149 @@ static void do_ffa_rxtx_unmap(struct arm_smccc_res *res, 
	ffa_to_smccc_res(res, ret);

}



static u32 __ffa_host_share_ranges(struct ffa_mem_region_addr_range *ranges,

				   u32 nranges)

{

	u32 i;



	for (i = 0; i < nranges; ++i) {

		struct ffa_mem_region_addr_range *range = &ranges[i];

		u64 sz = (u64)range->pg_cnt * FFA_PAGE_SIZE;

		u64 pfn = hyp_phys_to_pfn(range->address);



		if (!PAGE_ALIGNED(sz))

			break;



		if (__pkvm_host_share_ffa(pfn, sz / PAGE_SIZE))

			break;

	}



	return i;

}



static u32 __ffa_host_unshare_ranges(struct ffa_mem_region_addr_range *ranges,

				     u32 nranges)

{

	u32 i;



	for (i = 0; i < nranges; ++i) {

		struct ffa_mem_region_addr_range *range = &ranges[i];

		u64 sz = (u64)range->pg_cnt * FFA_PAGE_SIZE;

		u64 pfn = hyp_phys_to_pfn(range->address);



		if (!PAGE_ALIGNED(sz))

			break;



		if (__pkvm_host_unshare_ffa(pfn, sz / PAGE_SIZE))

			break;

	}



	return i;

}



static int ffa_host_share_ranges(struct ffa_mem_region_addr_range *ranges,

				 u32 nranges)

{

	u32 nshared = __ffa_host_share_ranges(ranges, nranges);

	int ret = 0;



	if (nshared != nranges) {

		WARN_ON(__ffa_host_unshare_ranges(ranges, nshared) != nshared);

		ret = FFA_RET_DENIED;

	}



	return ret;

}



static int ffa_host_unshare_ranges(struct ffa_mem_region_addr_range *ranges,

				   u32 nranges)

{

	u32 nunshared = __ffa_host_unshare_ranges(ranges, nranges);

	int ret = 0;



	if (nunshared != nranges) {

		WARN_ON(__ffa_host_share_ranges(ranges, nunshared) != nunshared);

		ret = FFA_RET_DENIED;

	}



	return ret;

}



static void do_ffa_mem_share(struct arm_smccc_res *res,

			     struct kvm_cpu_context *ctxt)

{

	DECLARE_REG(u32, len, ctxt, 1);

	DECLARE_REG(u32, fraglen, ctxt, 2);

	DECLARE_REG(u64, addr_mbz, ctxt, 3);

	DECLARE_REG(u32, npages_mbz, ctxt, 4);

	struct ffa_composite_mem_region *reg;

	struct ffa_mem_region *buf;

	int ret = 0;

	u32 offset;



	if (addr_mbz || npages_mbz || fraglen > len ||

	    fraglen > KVM_FFA_MBOX_NR_PAGES * PAGE_SIZE) {

		ret = FFA_RET_INVALID_PARAMETERS;

		goto out;

	}



	if (fraglen < len) {

		ret = FFA_RET_ABORTED;

		goto out;

	}



	if (fraglen < sizeof(struct ffa_mem_region) +

		      sizeof(struct ffa_mem_region_attributes)) {

		ret = FFA_RET_INVALID_PARAMETERS;

		goto out;

	}



	hyp_spin_lock(&host_buffers.lock);

	if (!host_buffers.tx) {

		ret = FFA_RET_INVALID_PARAMETERS;

		goto out_unlock;

	}



	buf = hyp_buffers.tx;

	memcpy(buf, host_buffers.tx, fraglen);



	offset = buf->ep_mem_access[0].composite_off;

	if (!offset || buf->ep_count != 1 || buf->sender_id != HOST_FFA_ID) {

		ret = FFA_RET_INVALID_PARAMETERS;

		goto out_unlock;

	}



	if (fraglen < offset + sizeof(struct ffa_composite_mem_region)) {

		ret = FFA_RET_INVALID_PARAMETERS;

		goto out_unlock;

	}



	reg = (void *)buf + offset;

	if (fraglen < offset + sizeof(struct ffa_composite_mem_region) +

		      reg->addr_range_cnt *

		      sizeof(struct ffa_mem_region_addr_range)) {

		ret = FFA_RET_INVALID_PARAMETERS;

		goto out_unlock;

	}



	ret = ffa_host_share_ranges(reg->constituents, reg->addr_range_cnt);

	if (ret)

		goto out_unlock;



	ffa_mem_share(res, len, fraglen);

	if (res->a0 != FFA_SUCCESS) {

		WARN_ON(ffa_host_unshare_ranges(reg->constituents,

						reg->addr_range_cnt));

	}



out_unlock:

	hyp_spin_unlock(&host_buffers.lock);

out:

	if (ret)

		ffa_to_smccc_res(res, ret);

	return;

}



/*

 * Is a given FFA function supported, either by forwarding on directly

 * or by handling at EL2?
@@ -290,6 +441,10 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt) 
	case FFA_RXTX_UNMAP:

		do_ffa_rxtx_unmap(&res, host_ctxt);

		goto out_handled;

	case FFA_MEM_SHARE:

	case FFA_FN64_MEM_SHARE:

		do_ffa_mem_share(&res, host_ctxt);

		goto out_handled;

	}



	if (ffa_call_supported(func_id))