From nobody Sat Apr 20 04:15:44 2024
Delivered-To: importer2@patchew.org
Received-SPF: pass (zohomail.com: domain of vger.kernel.org designates
 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
 envelope-from=linux-kernel-owner@vger.kernel.org; helo=vger.kernel.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass(p=reject dis=none)  header.from=google.com
ARC-Seal: i=1; a=rsa-sha256; t=1644533012; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Rfp0EfoeQCKIcNC7dUPVF0Nk3SSwsJbrJD3SmemOYsyW8T53HnN6QhfW2ds3armHsGB18ZrYXUIxwbyIsLM5vmg35IZ9GYHelBKhe47idOouBpDRWVjof+cr4k7smLC+R2JPSWAjwOJiZ+/9XOb82Zej3s6IMldjUaSHG2dz4uo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1644533012;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Id:MIME-Version:Message-ID:References:Subject:To;
	bh=2CtdKKtWqmoQwaNtCKVnEnSlCVes5hG5Of9ZJoRSPvY=;
	b=L2qTrnzbSZmUGDyxkg9/MYXIMioG6HoAlozWmMOdx9L1nl4lP72yWAn+MmABQgbDQJvfxpcHasKW4SvluXpq0y5NmegjkvDwpXCcI7hqfQ8OHsCpNnDIPlDHwYSTASHSOtBrMZaDnCMnVZSom/8bibiyirvagJAXh9U7G0K0FeU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass header.from=<kaleshsingh@google.com> (p=reject dis=none)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by
 mx.zohomail.com
	with SMTP id 164453301252812.719357563823337;
 Thu, 10 Feb 2022 14:43:32 -0800 (PST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345139AbiBJWna (ORCPT <rfc822;importer2@patchew.org>);
        Thu, 10 Feb 2022 17:43:30 -0500
Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:60330 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1345122AbiBJWnZ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 10 Feb 2022 17:43:25 -0500
Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com
 [IPv6:2607:f8b0:4864:20::b49])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8EA302704
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:43:25 -0800 (PST)
Received: by mail-yb1-xb49.google.com with SMTP id
 q11-20020a252a0b000000b0061e240c8fb3so11422482ybq.22
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:43:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:in-reply-to:message-id:mime-version:references:subject:from:cc;
        bh=2CtdKKtWqmoQwaNtCKVnEnSlCVes5hG5Of9ZJoRSPvY=;
        b=nf4mRr3ZycGHhBqUZ+8DH8ok/Qz5Vau89sI8kQL6TBzahsS+36PcxWkEHapQEi57zC
         CGZbN1pSxbTcmxo4AB+1siE6sFbVo2nb0UNYy50fVpf34U/KaE2hkYTprUDL4Nb7cEx7
         eOnLgbr0qMZnT6YgUCkRnP6o+xccxEE8H2B8bDpfPqwt3rT5owKtKDyzxlxoreRzy07y
         MzXYO5kYEYUKhF9/9jypyALGVa3urJxqTXcX0FAUfDebx61o/y7NyiNP7UOwQhkI7CzS
         luqBAqd7jIqdj7/5zwZd4zwMLB9kJDCIHLmkKLXY+xR7ATa7MbmSjWRxP0IbgVTg4WA9
         yOBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:in-reply-to:message-id:mime-version
         :references:subject:from:cc;
        bh=2CtdKKtWqmoQwaNtCKVnEnSlCVes5hG5Of9ZJoRSPvY=;
        b=6kDzonm23UMbArHlah93p4q1/R2EGmS7BjvxBZs+N34mxRP9sJQUkU2wY3t3tWfGKG
         rDXbFOZ98jgSyj85YCKd7s1lLOmxFeBhSmfgAgLNrihY7Vl3U6t7jOPMIRJRaQ4Y0v0q
         IUpXruC5fXGUN5nzqUAVn5kRmEyVkaiM1biTescNvTTaFi6oUwi60Qot+SywXbW0Mx3C
         caEx5uQf6iJ65Iq+i3wu+dChCUOYrsN68PtLuUJJIlobfMopJXKIxAFRbxwiuwywj/Mf
         s9e3csv4YlrwrGPw1JzkQyhu13hdkvW4MCoA9VOCdeEYTTYiMTOXWR3dBQVEFAsSgBXO
         +o8g==
X-Gm-Message-State: AOAM5327UqxJAVz38uabWk7CuHOdeBOVEq8VJm04apuSPcP6Dj2r9/AE
        dgjohAI+mARnH+c93OrJY4RyeEXk6cvQgzNyIg==
X-Google-Smtp-Source: 
 ABdhPJwyMEA3/vPtnC5hrjc0C911vwYkTGYEzvGOgFv+0i9iJplYrKuXB9UfmBJoHZPA2fyRMmEXZHP0MgIOdqb77g==
X-Received: from kaleshsingh.mtv.corp.google.com
 ([2620:15c:211:200:8f02:232:ad86:2ab2])
 (user=kaleshsingh job=sendgmr) by 2002:a81:60c3:: with SMTP id
 u186mr9342666ywb.26.1644533004795; Thu, 10 Feb 2022 14:43:24 -0800 (PST)
Date: Thu, 10 Feb 2022 14:41:42 -0800
In-Reply-To: <20220210224220.4076151-1-kaleshsingh@google.com>
Message-Id: <20220210224220.4076151-2-kaleshsingh@google.com>
Mime-Version: 1.0
References: <20220210224220.4076151-1-kaleshsingh@google.com>
X-Mailer: git-send-email 2.35.1.265.g69c8d7142f-goog
Subject: [PATCH 1/7] KVM: arm64: Map the stack pages in the 'private' range
From: Kalesh Singh <kaleshsingh@google.com>
Cc: will@kernel.org, maz@kernel.org, qperret@google.com,
        tabba@google.com, surenb@google.com, kernel-team@android.com,
        Kalesh Singh <kaleshsingh@google.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        James Morse <james.morse@arm.com>,
        Alexandru Elisei <alexandru.elisei@arm.com>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        Ard Biesheuvel <ardb@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Pasha Tatashin <pasha.tatashin@soleen.com>,
        Joey Gouly <joey.gouly@arm.com>,
        Peter Collingbourne <pcc@google.com>,
        Andrew Walbran <qwandor@google.com>,
        Andrew Scull <ascull@google.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        kvmarm@lists.cs.columbia.edu
X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MISSING_HEADERS,
        RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
        USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
To: unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-ZohoMail-DKIM: pass (identity @google.com)
X-ZM-MESSAGEID: 1644533013705100001
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Quentin Perret <qperret@google.com>

In preparation for introducing guard pages for the stacks, map them
in the 'private' range of the EL2 VA space in which the VA to PA
relation is flexible when running in protected mode.

Signed-off-by: Quentin Perret <qperret@google.com>
[Kalesh - Refactor, add comments, resolve conflicts,
          use  __pkvm_create_private_mapping()]
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---
 arch/arm64/kvm/hyp/nvhe/setup.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setu=
p.c
index 27af337f9fea..99e178cf4249 100644
--- a/arch/arm64/kvm/hyp/nvhe/setup.c
+++ b/arch/arm64/kvm/hyp/nvhe/setup.c
@@ -105,11 +105,19 @@ static int recreate_hyp_mappings(phys_addr_t phys, un=
signed long size,
 		if (ret)
 			return ret;
=20
-		end =3D (void *)per_cpu_ptr(&kvm_init_params, i)->stack_hyp_va;
+		/* Map stack pages in the 'private' VA range */
+		end =3D (void *)__hyp_pa(per_cpu_ptr(&kvm_init_params, i)->stack_hyp_va);
 		start =3D end - PAGE_SIZE;
-		ret =3D pkvm_create_mappings(start, end, PAGE_HYP);
-		if (ret)
-			return ret;
+		start =3D (void *)__pkvm_create_private_mapping((phys_addr_t)start,
+					PAGE_SIZE, PAGE_HYP);
+		if (IS_ERR_OR_NULL(start))
+			return PTR_ERR(start);
+		end =3D start + PAGE_SIZE;
+		/*
+		 * Update stack_hyp_va to the end of the stack page's
+		 * allocated 'private' VA range.
+		 */
+		per_cpu_ptr(&kvm_init_params, i)->stack_hyp_va =3D (unsigned long) end;
 	}
=20
 	/*
--=20
2.35.1.265.g69c8d7142f-goog

From nobody Sat Apr 20 04:15:44 2024
Delivered-To: importer2@patchew.org
Received-SPF: pass (zohomail.com: domain of vger.kernel.org designates
 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
 envelope-from=linux-kernel-owner@vger.kernel.org; helo=vger.kernel.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass(p=reject dis=none)  header.from=google.com
ARC-Seal: i=1; a=rsa-sha256; t=1644533046; cv=none;
	d=zohomail.com; s=zohoarc;
	b=DJLF/r2PuZcATSB3qDqDWd4uQ3HSw5bKCANATFuJ22axyrAWK2YGwezlQFg+GrW/91QBcXs3CDD7ixSsFP9mbQITSIkJ2S4HbU/ERBdd21RNNvQ0ucI8M9ufMFLqfMU7DsB1ZzYWfxsPHO7Iy3pPRakM0ZxOeKRBcePfCfr+TIQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1644533046;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Id:MIME-Version:Message-ID:References:Subject:To;
	bh=FWvONc6PPT7SOgcpYOOzYgnlsLgy4lIL2CKlJJtukzs=;
	b=UmeNKN1cHusPgZ2DBlEgdaQHWM2CDiZVF0DAH2xcpDvOg1bJLmXXLcGa7JjgPcyN2b1FmLpIbGdIn2T0DYtLELp0foZBvo8/41M1/Qa6UAwhbZpcvL3Lnrhoy9YM2jvj1I2htv0DQlX7CEt5W2V1b0gHnR+3hgrydW74Fj8wePU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass header.from=<kaleshsingh@google.com> (p=reject dis=none)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by
 mx.zohomail.com
	with SMTP id 1644533046588182.72108487265973;
 Thu, 10 Feb 2022 14:44:06 -0800 (PST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345167AbiBJWoE (ORCPT <rfc822;importer2@patchew.org>);
        Thu, 10 Feb 2022 17:44:04 -0500
Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:32994 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1345168AbiBJWoC (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 10 Feb 2022 17:44:02 -0500
Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com
 [IPv6:2607:f8b0:4864:20::b4a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5E5855F4D
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:44:02 -0800 (PST)
Received: by mail-yb1-xb4a.google.com with SMTP id
 t8-20020a259ac8000000b00619a3b5977fso15158602ybo.5
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:44:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:in-reply-to:message-id:mime-version:references:subject:from:cc;
        bh=FWvONc6PPT7SOgcpYOOzYgnlsLgy4lIL2CKlJJtukzs=;
        b=mBuynU6nVtUUhgSN/Mzp+TKEbV4pFhe3dtKgEyVMOiwApKF6+HLlSY4gE57X5hOP70
         rAAiYgmNoRwzjL9PRCjeUoKyBvbWi9KRQIFADz3Q6trpDjsIh8e/dl0J/VD9kGCwAI+J
         BESFy4HJ4E6dX5+yow+EWQQLwzm01n1PyiQJhfT9IrZs+BepkmJI7SxxevOSmOe5Zkde
         eBCAolmAIMIZry/9HLPgsUjMn0zqebgFcw0PnbcfnYgLHiakd0mei8onuiCvnJNdqIbB
         Mix+BHSyf/9IvbRtthvYA/aAELP0sccVnHZzFmlpWyLkFP2bSNkbmY8rnK0kh6Acc1Vw
         G2Fw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:in-reply-to:message-id:mime-version
         :references:subject:from:cc;
        bh=FWvONc6PPT7SOgcpYOOzYgnlsLgy4lIL2CKlJJtukzs=;
        b=iaEe7fllx18D6SsvevV8FQe2VJUuln+vs7lv5w+VnivAaH4T56Z4c2ixlbKoDZAJRR
         c2WlApvlwRNEHEPf7y0LwW4ezjtSkMq1xq5YepSav5lNidmcogxRq6siFvnFUJJAG++b
         z8cJ/ZGCO0NvyQ92IySjDQDSxv7yZYjEnRtmZoRyDS4uGWRH2nmoQCh8EMBNmWh6RYkG
         /llMhAtXmiO2pNKOWlJDBigdHr1MXJ12hTZRD3IkX0o5ZjJn3x309Odgf1gMO7MzzOFh
         carpCRTUdceEuFROkL/rgkYCCv9y/HPVti+rS3OD38ME/f8/hvU0uKMzifYu7lsjV68w
         QYuw==
X-Gm-Message-State: AOAM5313PReSKviB2wmbzSMYEWRVxJfwlSftXhWkuGKsz74b7w6OE53c
        IS8fBEwg7kPNt4uf4mc6ru7GvFwNPdGD1r/iKg==
X-Google-Smtp-Source: 
 ABdhPJxZHBnjRsaIEqwkHqdAbXT7GDJWvj+cAd1UkPLHhqa+mVsLffzcbYP42soJ9363QIkLwEeaj1E/kFGFAp78sg==
X-Received: from kaleshsingh.mtv.corp.google.com
 ([2620:15c:211:200:8f02:232:ad86:2ab2])
 (user=kaleshsingh job=sendgmr) by 2002:a25:6f08:: with SMTP id
 k8mr8699054ybc.469.1644533041615; Thu, 10 Feb 2022 14:44:01 -0800 (PST)
Date: Thu, 10 Feb 2022 14:41:43 -0800
In-Reply-To: <20220210224220.4076151-1-kaleshsingh@google.com>
Message-Id: <20220210224220.4076151-3-kaleshsingh@google.com>
Mime-Version: 1.0
References: <20220210224220.4076151-1-kaleshsingh@google.com>
X-Mailer: git-send-email 2.35.1.265.g69c8d7142f-goog
Subject: [PATCH 2/7] KVM: arm64: Factor out private range VA allocation
From: Kalesh Singh <kaleshsingh@google.com>
Cc: will@kernel.org, maz@kernel.org, qperret@google.com,
        tabba@google.com, surenb@google.com, kernel-team@android.com,
        Kalesh Singh <kaleshsingh@google.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        James Morse <james.morse@arm.com>,
        Alexandru Elisei <alexandru.elisei@arm.com>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        Ard Biesheuvel <ardb@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Pasha Tatashin <pasha.tatashin@soleen.com>,
        Joey Gouly <joey.gouly@arm.com>,
        Peter Collingbourne <pcc@google.com>,
        Andrew Walbran <qwandor@google.com>,
        Andrew Scull <ascull@google.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        kvmarm@lists.cs.columbia.edu
X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MISSING_HEADERS,
        RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
        USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
To: unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-ZohoMail-DKIM: pass (identity @google.com)
X-ZM-MESSAGEID: 1644533048893100001
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Quentin Perret <qperret@google.com>

__pkvm_create_private_mapping() is currently responsible for allocating
VA space in the hypervisor's "private" range and creating stage-1
mappings. In order to allow reusing the VA space allocation logic from
other places, let's factor it out in a standalone function. This is will
be used to allocate private VA ranges for hypervisor stack guard pages
in a subsequent patch in this series.

Signed-off-by: Quentin Perret <qperret@google.com>
[Kalesh - Resolve conflicts and make hyp_alloc_private_va_range
          available outside nvhe/mm.c, update commit message]
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---
 arch/arm64/kvm/hyp/include/nvhe/mm.h |  1 +
 arch/arm64/kvm/hyp/nvhe/mm.c         | 28 +++++++++++++++++++---------
 2 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/arch/arm64/kvm/hyp/include/nvhe/mm.h b/arch/arm64/kvm/hyp/incl=
ude/nvhe/mm.h
index 2d08510c6cc1..f53fb0e406db 100644
--- a/arch/arm64/kvm/hyp/include/nvhe/mm.h
+++ b/arch/arm64/kvm/hyp/include/nvhe/mm.h
@@ -21,6 +21,7 @@ int pkvm_create_mappings(void *from, void *to, enum kvm_p=
gtable_prot prot);
 int pkvm_create_mappings_locked(void *from, void *to, enum kvm_pgtable_pro=
t prot);
 unsigned long __pkvm_create_private_mapping(phys_addr_t phys, size_t size,
 					    enum kvm_pgtable_prot prot);
+unsigned long hyp_alloc_private_va_range(size_t size);
=20
 static inline void hyp_vmemmap_range(phys_addr_t phys, unsigned long size,
 				     unsigned long *start, unsigned long *end)
diff --git a/arch/arm64/kvm/hyp/nvhe/mm.c b/arch/arm64/kvm/hyp/nvhe/mm.c
index 526a7d6fa86f..e196441e072f 100644
--- a/arch/arm64/kvm/hyp/nvhe/mm.c
+++ b/arch/arm64/kvm/hyp/nvhe/mm.c
@@ -37,6 +37,22 @@ static int __pkvm_create_mappings(unsigned long start, u=
nsigned long size,
 	return err;
 }
=20
+unsigned long hyp_alloc_private_va_range(size_t size)
+{
+	unsigned long addr =3D __io_map_base;
+
+	hyp_assert_lock_held(&pkvm_pgd_lock);
+	__io_map_base +=3D PAGE_ALIGN(size);
+
+	/* Are we overflowing on the vmemmap ? */
+	if (__io_map_base > __hyp_vmemmap) {
+		__io_map_base =3D addr;
+		addr =3D (unsigned long)ERR_PTR(-ENOMEM);
+	}
+
+	return addr;
+}
+
 unsigned long __pkvm_create_private_mapping(phys_addr_t phys, size_t size,
 					    enum kvm_pgtable_prot prot)
 {
@@ -45,16 +61,10 @@ unsigned long __pkvm_create_private_mapping(phys_addr_t=
 phys, size_t size,
=20
 	hyp_spin_lock(&pkvm_pgd_lock);
=20
-	size =3D PAGE_ALIGN(size + offset_in_page(phys));
-	addr =3D __io_map_base;
-	__io_map_base +=3D size;
-
-	/* Are we overflowing on the vmemmap ? */
-	if (__io_map_base > __hyp_vmemmap) {
-		__io_map_base -=3D size;
-		addr =3D (unsigned long)ERR_PTR(-ENOMEM);
+	size =3D size + offset_in_page(phys);
+	addr =3D hyp_alloc_private_va_range(size);
+	if (IS_ERR((void *)addr))
 		goto out;
-	}
=20
 	err =3D kvm_pgtable_hyp_map(&pkvm_pgtable, addr, size, phys, prot);
 	if (err) {
--=20
2.35.1.265.g69c8d7142f-goog

From nobody Sat Apr 20 04:15:44 2024
Delivered-To: importer2@patchew.org
Received-SPF: pass (zohomail.com: domain of vger.kernel.org designates
 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
 envelope-from=linux-kernel-owner@vger.kernel.org; helo=vger.kernel.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass(p=reject dis=none)  header.from=google.com
ARC-Seal: i=1; a=rsa-sha256; t=1644533091; cv=none;
	d=zohomail.com; s=zohoarc;
	b=mZt94GSio0iKrqeX7m6+EOkZC4nOqHkydXuiLELusxWAXBJSTaLSVXxzSRLceo8350A6ZZeQyJ8LagGxXMfWNVw2ELEf6fOPjY7S+3YzsoIp5bJ4nX9c/4lG4KjvvLuVxU12lBDKxeWjimfgP5kpR19QPqsmmg7ooGG3LszuBis=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1644533091;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Id:MIME-Version:Message-ID:References:Subject:To;
	bh=2dZOYBOmJua4dYugoiMtuQUhFU9vmd43xxG8qEJDkFQ=;
	b=NR4rtZ8b6hkNC+m1yUmDrCOTlp1Fs0Tu/1JAEzhXD8GCaEk+939TQ1SaA8aQkIi/hzUi05gfbcDXKt6wFtmocYCj5g1bkwwNYonIO+yJlY8fGpv9r2xZxvoPsmEWnMIzrG6EM7GJRQmsNQoGkM/6PsCFVNi4Ma9kDnQpzWaI0Ls=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass header.from=<kaleshsingh@google.com> (p=reject dis=none)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by
 mx.zohomail.com
	with SMTP id 1644533091131418.3952394970744;
 Thu, 10 Feb 2022 14:44:51 -0800 (PST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345182AbiBJWot (ORCPT <rfc822;importer2@patchew.org>);
        Thu, 10 Feb 2022 17:44:49 -0500
Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:34070 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S237923AbiBJWop (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 10 Feb 2022 17:44:45 -0500
Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com
 [IPv6:2607:f8b0:4864:20::b49])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0A2182704
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:44:46 -0800 (PST)
Received: by mail-yb1-xb49.google.com with SMTP id
 s73-20020a25aa4f000000b0061d764d3c13so15208501ybi.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:44:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:in-reply-to:message-id:mime-version:references:subject:from:cc;
        bh=2dZOYBOmJua4dYugoiMtuQUhFU9vmd43xxG8qEJDkFQ=;
        b=ep6/TNGFOJe8CMFzZYZTp3879NvaY6+muWoz075exQAtJ+Dtv/XxFOgo1TvFvY76YC
         XOB/EOtVDQ935brIbXoSTuX/PaYdWJC8dHLpt6DXVeYIdx05KvPgXyX9s2r4wBITC+yr
         AiLe4qiBik1TW8/yYKyz/i9tgLFNDvabJBTvtv17doe7xkkBUVgcvImDEydYuurvMduH
         wbTib7UbkW1wLjMaJazhGbz3ZRn3P6dDOBYxBoKnsfjlvq1oDKICPU7DpepOHn7PWInc
         6NuG3/TMjtT91dnM2QUaLSFBNYRxG6DVDul48ADGrixxtXdibO2kEXGlX1gPRU0hafh+
         ZcpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:in-reply-to:message-id:mime-version
         :references:subject:from:cc;
        bh=2dZOYBOmJua4dYugoiMtuQUhFU9vmd43xxG8qEJDkFQ=;
        b=N/338bp1zxkvCNbZOoFnYdoYS3+/5AMySHQhcLbQTdNwUs10550mcV9tBw4fOGxbOh
         6Wdjg3mwGHmnU+2/yNVSfD9ozawd83ajtkFx3A2S1H/Ri34D6ESTRBZC85W/cK08jwbY
         dfRw3MzbvxzRZ8umep/eLQdfgptpTA0imuWrxVGw6JZm+lpHdJCrnAsLFgWqE5PCOz5z
         NJHeYFUZkPJ6tjruz1+JI3Slfq+zsvJwSBF6Km6B7z9LM8sXR5eEUUSoJXBDYdj35MG/
         Y3MaWQzesY58e9GzKMOMAqBHHk2csx3N/dJNFSvUMu8o3iCl2Y7wI0JsTr9KXV0MAIl/
         N1SA==
X-Gm-Message-State: AOAM530kRH4Jmao5wTXQqN5E66uxn7vcdhHO9PJmmfFQFFeROOTDK7gU
        VZs7JjgyBrH1656R8vQpA2Wb+4an5UwSzAIHfw==
X-Google-Smtp-Source: 
 ABdhPJzhHuVVpX5/8wSgs7kQYW10C9SFtD8VH8eIEn4uDIMdbuJGadpvTqkiYBtfns2EGA0KUtz+LKt9roCBW8sc/A==
X-Received: from kaleshsingh.mtv.corp.google.com
 ([2620:15c:211:200:8f02:232:ad86:2ab2])
 (user=kaleshsingh job=sendgmr) by 2002:a5b:548:: with SMTP id
 r8mr9416027ybp.717.1644533085249; Thu, 10 Feb 2022 14:44:45 -0800 (PST)
Date: Thu, 10 Feb 2022 14:41:44 -0800
In-Reply-To: <20220210224220.4076151-1-kaleshsingh@google.com>
Message-Id: <20220210224220.4076151-4-kaleshsingh@google.com>
Mime-Version: 1.0
References: <20220210224220.4076151-1-kaleshsingh@google.com>
X-Mailer: git-send-email 2.35.1.265.g69c8d7142f-goog
Subject: [PATCH 3/7] arm64: asm: Introduce test_sp_overflow macro
From: Kalesh Singh <kaleshsingh@google.com>
Cc: will@kernel.org, maz@kernel.org, qperret@google.com,
        tabba@google.com, surenb@google.com, kernel-team@android.com,
        Kalesh Singh <kaleshsingh@google.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        James Morse <james.morse@arm.com>,
        Alexandru Elisei <alexandru.elisei@arm.com>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        Ard Biesheuvel <ardb@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Pasha Tatashin <pasha.tatashin@soleen.com>,
        Joey Gouly <joey.gouly@arm.com>,
        Peter Collingbourne <pcc@google.com>,
        Andrew Walbran <qwandor@google.com>,
        Andrew Scull <ascull@google.com>,
        linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        kvmarm@lists.cs.columbia.edu
X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MISSING_HEADERS,
        RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
        USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
To: unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-ZohoMail-DKIM: pass (identity @google.com)
X-ZM-MESSAGEID: 1644533093536100001
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Quentin Perret <qperret@google.com>

The asm entry code in the kernel uses a trick to check if VMAP'd stacks
have overflowed by aligning them at THREAD_SHIFT * 2 granularity and
checking the SP's THREAD_SHIFT bit.

Protected KVM will soon make use of a similar trick to detect stack
overflows, so factor out the asm code in a re-usable macro.

Signed-off-by: Quentin Perret <qperret@google.com>
[Kalesh - Resolve minor conflicts]
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---
 arch/arm64/include/asm/assembler.h | 11 +++++++++++
 arch/arm64/kernel/entry.S          |  9 ++-------
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/as=
sembler.h
index e8bd0af0141c..ad40eb0eee83 100644
--- a/arch/arm64/include/asm/assembler.h
+++ b/arch/arm64/include/asm/assembler.h
@@ -850,4 +850,15 @@ alternative_endif
=20
 #endif /* GNU_PROPERTY_AARCH64_FEATURE_1_DEFAULT */
=20
+/*
+ * Test whether the SP has overflowed, without corrupting a GPR.
+ */
+.macro test_sp_overflow shift, label
+	add	sp, sp, x0			// sp' =3D sp + x0
+	sub	x0, sp, x0			// x0' =3D sp' - x0 =3D (sp + x0) - x0 =3D sp
+	tbnz	x0, #\shift, \label
+	sub	x0, sp, x0			// x0'' =3D sp' - x0' =3D (sp + x0) - sp =3D x0
+	sub	sp, sp, x0			// sp'' =3D sp' - x0 =3D (sp + x0) - x0 =3D sp
+.endm
+
 #endif	/* __ASM_ASSEMBLER_H */
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 772ec2ecf488..2632bc47b348 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -53,16 +53,11 @@ alternative_else_nop_endif
 	sub	sp, sp, #PT_REGS_SIZE
 #ifdef CONFIG_VMAP_STACK
 	/*
-	 * Test whether the SP has overflowed, without corrupting a GPR.
 	 * Task and IRQ stacks are aligned so that SP & (1 << THREAD_SHIFT)
 	 * should always be zero.
 	 */
-	add	sp, sp, x0			// sp' =3D sp + x0
-	sub	x0, sp, x0			// x0' =3D sp' - x0 =3D (sp + x0) - x0 =3D sp
-	tbnz	x0, #THREAD_SHIFT, 0f
-	sub	x0, sp, x0			// x0'' =3D sp' - x0' =3D (sp + x0) - sp =3D x0
-	sub	sp, sp, x0			// sp'' =3D sp' - x0 =3D (sp + x0) - x0 =3D sp
-	b	el\el\ht\()_\regsize\()_\label
+	test_sp_overflow THREAD_SHIFT, 0f
+	b       el\el\ht\()_\regsize\()_\label
=20
 0:
 	/*
--=20
2.35.1.265.g69c8d7142f-goog

From nobody Sat Apr 20 04:15:44 2024
Delivered-To: importer2@patchew.org
Received-SPF: pass (zohomail.com: domain of vger.kernel.org designates
 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
 envelope-from=linux-kernel-owner@vger.kernel.org; helo=vger.kernel.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass(p=reject dis=none)  header.from=google.com
ARC-Seal: i=1; a=rsa-sha256; t=1644533128; cv=none;
	d=zohomail.com; s=zohoarc;
	b=fY9BBxnK/9b6DwBaPHyhmuKm8c4HFXObFyLInlOBd1i/bluRjlBkuIJfl9RGD29kP6jbaEB4JUbzFfxLZ+LD8gyieZ36UcIRIBbPNneGz3KJmKHRNDFrCs/7LaD8HlAq5Ce9LW7qaa5El2Oc5HkRCKBBACIzHPrrNCjtLDc8fXs=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1644533128;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Id:MIME-Version:Message-ID:References:Subject:To;
	bh=OagLRmMmzyQmGqXHU8QCfKrH7+tgm0iC+teioaMlxY8=;
	b=Ja3XlsqIm10zB7U1192nhYjPm5WDufPnalR2s3lkPHT3Qgs3hYZ2g4j9BPe0KBQ1WsoA6gm/4TsK+yvxyUrBBHXdQgXba9evBC1oHX5NE/wYdMP/V3re2Htl3iIPH6wRnMUp5UOcFBDH1y+GjRlEjKuwuA5Gw6Y3fy8bgyALg00=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass header.from=<kaleshsingh@google.com> (p=reject dis=none)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by
 mx.zohomail.com
	with SMTP id 1644533128713551.1905843782016;
 Thu, 10 Feb 2022 14:45:28 -0800 (PST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345197AbiBJWp0 (ORCPT <rfc822;importer2@patchew.org>);
        Thu, 10 Feb 2022 17:45:26 -0500
Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:34636 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S244889AbiBJWpZ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 10 Feb 2022 17:45:25 -0500
Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com
 [IPv6:2607:f8b0:4864:20::b49])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C7F8D2737
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:45:25 -0800 (PST)
Received: by mail-yb1-xb49.google.com with SMTP id
 b64-20020a256743000000b0061e169a5f19so14656527ybc.11
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:45:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:in-reply-to:message-id:mime-version:references:subject:from:cc;
        bh=OagLRmMmzyQmGqXHU8QCfKrH7+tgm0iC+teioaMlxY8=;
        b=KZUDFgua6kTwrdY0rgWjsvVP3R/Era680jCgYQwjuK0iUjxXTEGhr1k5AU4ecCZI8w
         lGlhfM50n/PyOfFuEnRyrza/dCfR09l2qnRTramuth4IQ5kSJWx8IHEXrR6WGw+YWDLS
         Fcw37pMtSTu7lmTbNbpjWo/86asLiZ0qeY3n5xM9TuAmWeZiYQybxooNBeFcYXyFXw0+
         nw3MMrt2SnLYQkB9BXZaWEk/9+7BpUqlQ9/jkoMabBFdTAqgmPJRbDiXXuHwXpiKMGkR
         ABy9ETz+4Cv/q3YuBrAzVEL6xo4Z9nyp3TJ9LkgLV7VtKKpMguCHsIaLgm9iv9xO8mkw
         WU8Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:in-reply-to:message-id:mime-version
         :references:subject:from:cc;
        bh=OagLRmMmzyQmGqXHU8QCfKrH7+tgm0iC+teioaMlxY8=;
        b=DGjnDUuXWHkHXYTFjPNkxqr3M+uYJorAyNALBL6FQE0wFBHrZmwfQnRvPS+fu1BWK9
         bGBWZuL5NXxmUX7zM+tBHaG1lxmqgk911RrJF2WXQqKWmfeT49HgTYZj5huzdMH2CVHO
         HtFUgCgxNDwH1ueCxy50j969r3OyCV7JNL5uAsUlKr3OTokJc3I+hb09EXBu7EASGhu5
         k4K/QgMU0fYbDRN1S/e4lY2qcfrSLdaqCICpxj0ME3BugNr4yCjdUXUDb/xNSiua1XnT
         OlF4un6dgfTFrS48/7EUr3IbnsfOj/rc1QbJF4ekmMaPG0zFyJ3NDbQI9hX7rXL1DG0D
         Jtsw==
X-Gm-Message-State: AOAM531JjMV3/9p8G077bFAk4TS9zrKeBuQulatvQgU+cVPXoXgCjVzV
        3EOknSxJFmAYzj1o/lhdEE7rCXiyQbodHg7wOQ==
X-Google-Smtp-Source: 
 ABdhPJxzsMWs7cPxHcJVEK0MMmzcLZ3BX26xgEqJ+cjkAM67DycOE9xaVXyG4ooDAIXoCBwYiczs1AVvH+kAit3i8g==
X-Received: from kaleshsingh.mtv.corp.google.com
 ([2620:15c:211:200:8f02:232:ad86:2ab2])
 (user=kaleshsingh job=sendgmr) by 2002:a5b:804:: with SMTP id
 x4mr9503248ybp.673.1644533125008; Thu, 10 Feb 2022 14:45:25 -0800 (PST)
Date: Thu, 10 Feb 2022 14:41:45 -0800
In-Reply-To: <20220210224220.4076151-1-kaleshsingh@google.com>
Message-Id: <20220210224220.4076151-5-kaleshsingh@google.com>
Mime-Version: 1.0
References: <20220210224220.4076151-1-kaleshsingh@google.com>
X-Mailer: git-send-email 2.35.1.265.g69c8d7142f-goog
Subject: [PATCH 4/7] KVM: arm64: Allocate guard pages near hyp stacks
From: Kalesh Singh <kaleshsingh@google.com>
Cc: will@kernel.org, maz@kernel.org, qperret@google.com,
        tabba@google.com, surenb@google.com, kernel-team@android.com,
        Kalesh Singh <kaleshsingh@google.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        James Morse <james.morse@arm.com>,
        Alexandru Elisei <alexandru.elisei@arm.com>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        Ard Biesheuvel <ardb@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Pasha Tatashin <pasha.tatashin@soleen.com>,
        Joey Gouly <joey.gouly@arm.com>,
        Peter Collingbourne <pcc@google.com>,
        Andrew Scull <ascull@google.com>,
        linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        kvmarm@lists.cs.columbia.edu
X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MISSING_HEADERS,
        RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
        USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
To: unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-ZohoMail-DKIM: pass (identity @google.com)
X-ZM-MESSAGEID: 1644533130427100001
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Quentin Perret <qperret@google.com>

Allocate unbacked VA space underneath each stack page to ensure stack
overflows get trapped and don't corrupt memory silently.

The stack is aligned to twice its size (PAGE_SIZE), meaning that any
valid stack address has PAGE_SHIFT bit as 0. This allows us to easily
check for overflow in the exception entry without corrupting any GPRs.

Signed-off-by: Quentin Perret <qperret@google.com>
[ Kalesh - Update commit text and comments,
           refactor, add overflow handling ]
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---
 arch/arm64/kvm/hyp/nvhe/host.S   | 16 ++++++++++++++++
 arch/arm64/kvm/hyp/nvhe/setup.c  | 19 ++++++++++++++++++-
 arch/arm64/kvm/hyp/nvhe/switch.c |  5 +++++
 3 files changed, 39 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/kvm/hyp/nvhe/host.S b/arch/arm64/kvm/hyp/nvhe/host.S
index 3d613e721a75..78e4b612ac06 100644
--- a/arch/arm64/kvm/hyp/nvhe/host.S
+++ b/arch/arm64/kvm/hyp/nvhe/host.S
@@ -153,6 +153,10 @@ SYM_FUNC_END(__host_hvc)
=20
 .macro invalid_host_el2_vect
 	.align 7
+
+	/* Test stack overflow without corrupting GPRs */
+	test_sp_overflow PAGE_SHIFT, .L__hyp_sp_overflow\@
+
 	/* If a guest is loaded, panic out of it. */
 	stp	x0, x1, [sp, #-16]!
 	get_loaded_vcpu x0, x1
@@ -165,6 +169,18 @@ SYM_FUNC_END(__host_hvc)
 	 * been partially clobbered by __host_enter.
 	 */
 	b	hyp_panic
+
+.L__hyp_sp_overflow\@:
+	/*
+	 * Reset SP to the top of the stack, to allow handling the hyp_panic.
+	 * This corrupts the stack but is ok, since we won't be attempting
+	 * any unwinding here.
+	 */
+	ldr_this_cpu	x0, kvm_init_params + NVHE_INIT_STACK_HYP_VA, x1
+	mov	sp, x0
+
+	bl	hyp_panic_bad_stack
+	ASM_BUG()
 .endm
=20
 .macro invalid_host_el1_vect
diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setu=
p.c
index 99e178cf4249..114053dff228 100644
--- a/arch/arm64/kvm/hyp/nvhe/setup.c
+++ b/arch/arm64/kvm/hyp/nvhe/setup.c
@@ -105,7 +105,24 @@ static int recreate_hyp_mappings(phys_addr_t phys, uns=
igned long size,
 		if (ret)
 			return ret;
=20
-		/* Map stack pages in the 'private' VA range */
+		/*
+		 * Allocate 'private' VA range for stack guard pages.
+		 *
+		 * The 'private' VA range grows upward and stacks downwards, so
+		 * allocate the guard page first. But make sure to align the
+		 * stack itself with PAGE_SIZE * 2 granularity to ease overflow
+		 * detection in the entry assembly code.
+		 */
+		do {
+			start =3D (void *)hyp_alloc_private_va_range(PAGE_SIZE);
+			if (IS_ERR(start))
+				return PTR_ERR(start);
+		} while (IS_ALIGNED((u64) start, PAGE_SIZE * 2));
+
+		/*
+		 * Map stack pages in the 'private' VA range above the allocated
+		 * guard pages.
+		 */
 		end =3D (void *)__hyp_pa(per_cpu_ptr(&kvm_init_params, i)->stack_hyp_va);
 		start =3D end - PAGE_SIZE;
 		start =3D (void *)__pkvm_create_private_mapping((phys_addr_t)start,
diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/swi=
tch.c
index 6410d21d8695..5a2e1ab79913 100644
--- a/arch/arm64/kvm/hyp/nvhe/switch.c
+++ b/arch/arm64/kvm/hyp/nvhe/switch.c
@@ -369,6 +369,11 @@ void __noreturn hyp_panic(void)
 	unreachable();
 }
=20
+void __noreturn hyp_panic_bad_stack(void)
+{
+	hyp_panic();
+}
+
 asmlinkage void kvm_unexpected_el2_exception(void)
 {
 	return __kvm_unexpected_el2_exception();
--=20
2.35.1.265.g69c8d7142f-goog

From nobody Sat Apr 20 04:15:44 2024
Delivered-To: importer2@patchew.org
Received-SPF: pass (zohomail.com: domain of vger.kernel.org designates
 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
 envelope-from=linux-kernel-owner@vger.kernel.org; helo=vger.kernel.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass(p=reject dis=none)  header.from=google.com
ARC-Seal: i=1; a=rsa-sha256; t=1644533165; cv=none;
	d=zohomail.com; s=zohoarc;
	b=CCkUrAb0252wRobK06jwZu+pwKpkH4x6NjDCuXtSmEA+u+kuZ/xjxory1zybXWj0uzN8IagumjrGy8qQ0oFrWSkT75QVpUYQ+o5NVjjiG5yGN/ggAQSUMmiYV6wS404eLQKMWCUOByyGv6Nv3cluNBFGfFqmoMfNwF0k2RSdnXE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1644533165;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Id:MIME-Version:Message-ID:References:Subject:To;
	bh=/IZyRrpjogHkvvKAbn/wuM+XhkmHZlGRNHWt0e5zr8A=;
	b=YVQ0rYi0+XfcmsU5RjNOTzBi2sxhA7gpFcjArQB79MVl7meWQczl2aN0TX5zMah69H8qpYkIKp24x39+KTaoW4Yl30ToHAOdVBMFyatkefj5idHdA4/OH0SmXeAaFJwTQUlw2OTWhHVX6wj8t7wVEqFJkmKJFyQonNa0eFyD7dI=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass header.from=<kaleshsingh@google.com> (p=reject dis=none)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by
 mx.zohomail.com
	with SMTP id 1644533165080847.8034664262601;
 Thu, 10 Feb 2022 14:46:05 -0800 (PST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345198AbiBJWqD (ORCPT <rfc822;importer2@patchew.org>);
        Thu, 10 Feb 2022 17:46:03 -0500
Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:35048 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S241709AbiBJWqB (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 10 Feb 2022 17:46:01 -0500
Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com
 [IPv6:2607:f8b0:4864:20::b49])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DD9D45589
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:46:01 -0800 (PST)
Received: by mail-yb1-xb49.google.com with SMTP id
 j17-20020a25ec11000000b0061dabf74012so15055269ybh.15
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:46:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:in-reply-to:message-id:mime-version:references:subject:from:cc;
        bh=/IZyRrpjogHkvvKAbn/wuM+XhkmHZlGRNHWt0e5zr8A=;
        b=PBkmRwuFiGGrv5iRHo7tLluafzQlZXF9AN4cUQvrlWacXQcrnAlFwCuc/zOtvTnj3A
         eyIK8Dr7DfK8BlaH06yRYxaDcs2bvmYni1BgVFeXEqyLnH4uCPmVWvtXo1p/9EFiq8OK
         yozHbjdo5J8wCe1HRkEpfHLkD8SJn8NzBv9iKIQrno5l1WcFw65NEM8NvqQ6xCxV2EW5
         EPhU/2linown0tcJ3M3OITrVQ+B7l8BdSNdus0cc0Zg5pAix41rloxydzHuthJS8zX7p
         ctJ0Xrcr/w2hgACd8f01767tNpufMelYYz/KRWp+lszWzveeyi2sIdj7lorWwXkseetK
         RatA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:in-reply-to:message-id:mime-version
         :references:subject:from:cc;
        bh=/IZyRrpjogHkvvKAbn/wuM+XhkmHZlGRNHWt0e5zr8A=;
        b=HNokUAgE3UguDutcWSrsSOKsBZFjBtO96XHT9BMJGfkH0QuWP5cuJLF/UN1tki1OzI
         6IdB9koxpRLjP9gAsSvh3do8TW4u2aBLmQF5PRu/6izPi+cKCbs4041jlpxPlw+Z7BxH
         J1A9G9Twpekf6BQBE2oWpyGrxiVkzPdbcRDNl7VsgAisrfXlkbZ18NzutTFiIbZ7ASnX
         3KPD5A71H7wkVkcYECqA3rFwn3sH8dav1qTQyGJTe6sgwTQ1CVPIFtqRbHyiW6cNSoED
         r6pJMI8Vxlx+0bquI0DLtm4fHBtkH2fBKSGkKVjDXIqo/tKJTqghq0K1krLLMTGS+hZW
         a4eA==
X-Gm-Message-State: AOAM532AEJJLM+xo5hZC+t0CBqinoLuIHVmhtgB8QVgLBTuKtCfWYT8B
        4Sp8umVVK1bYYR8wIe5MB7yf8r2hfpm2EPFdrA==
X-Google-Smtp-Source: 
 ABdhPJxltTVLo3VOurL3QnroR1cp79bh23NqnvdKXTYN3qVmilP7Lx3u//hZdXpNdmMvGA/0NZZ08lArO17mKqkodg==
X-Received: from kaleshsingh.mtv.corp.google.com
 ([2620:15c:211:200:8f02:232:ad86:2ab2])
 (user=kaleshsingh job=sendgmr) by 2002:a81:3494:: with SMTP id
 b142mr9302016ywa.246.1644533161146; Thu, 10 Feb 2022 14:46:01 -0800 (PST)
Date: Thu, 10 Feb 2022 14:41:46 -0800
In-Reply-To: <20220210224220.4076151-1-kaleshsingh@google.com>
Message-Id: <20220210224220.4076151-6-kaleshsingh@google.com>
Mime-Version: 1.0
References: <20220210224220.4076151-1-kaleshsingh@google.com>
X-Mailer: git-send-email 2.35.1.265.g69c8d7142f-goog
Subject: [PATCH 5/7] KVM: arm64: Add Hyp overflow stack
From: Kalesh Singh <kaleshsingh@google.com>
Cc: will@kernel.org, maz@kernel.org, qperret@google.com,
        tabba@google.com, surenb@google.com, kernel-team@android.com,
        Kalesh Singh <kaleshsingh@google.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        James Morse <james.morse@arm.com>,
        Alexandru Elisei <alexandru.elisei@arm.com>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        Ard Biesheuvel <ardb@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Pasha Tatashin <pasha.tatashin@soleen.com>,
        Joey Gouly <joey.gouly@arm.com>,
        Peter Collingbourne <pcc@google.com>,
        Andrew Scull <ascull@google.com>,
        linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        kvmarm@lists.cs.columbia.edu
X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MISSING_HEADERS,
        RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
        USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
To: unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-ZohoMail-DKIM: pass (identity @google.com)
X-ZM-MESSAGEID: 1644533167981100001
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Allocate and switch to 16-byte aligned secondary stack on overflow. This
provides us stack space to better handle overflows; and is used in
a subsequent patch to dump the hypervisor stacktrace. The overflow stack
is only allocated if CONFIG_NVHE_EL2_DEBUG is enabled, as hypervisor
stacktraces is a debug feature dependent on CONFIG_NVHE_EL2_DEBUG.

Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---
 arch/arm64/kvm/hyp/nvhe/host.S  | 5 +++++
 arch/arm64/kvm/hyp/nvhe/setup.c | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/arch/arm64/kvm/hyp/nvhe/host.S b/arch/arm64/kvm/hyp/nvhe/host.S
index 78e4b612ac06..751a4b9e429f 100644
--- a/arch/arm64/kvm/hyp/nvhe/host.S
+++ b/arch/arm64/kvm/hyp/nvhe/host.S
@@ -171,6 +171,10 @@ SYM_FUNC_END(__host_hvc)
 	b	hyp_panic
=20
 .L__hyp_sp_overflow\@:
+#ifdef CONFIG_NVHE_EL2_DEBUG
+	/* Switch to the overflow stack */
+	adr_this_cpu sp, hyp_overflow_stack + PAGE_SIZE, x0
+#else
 	/*
 	 * Reset SP to the top of the stack, to allow handling the hyp_panic.
 	 * This corrupts the stack but is ok, since we won't be attempting
@@ -178,6 +182,7 @@ SYM_FUNC_END(__host_hvc)
 	 */
 	ldr_this_cpu	x0, kvm_init_params + NVHE_INIT_STACK_HYP_VA, x1
 	mov	sp, x0
+#endif
=20
 	bl	hyp_panic_bad_stack
 	ASM_BUG()
diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setu=
p.c
index 114053dff228..39937fa6a1b2 100644
--- a/arch/arm64/kvm/hyp/nvhe/setup.c
+++ b/arch/arm64/kvm/hyp/nvhe/setup.c
@@ -20,6 +20,11 @@
=20
 unsigned long hyp_nr_cpus;
=20
+#ifdef CONFIG_NVHE_EL2_DEBUG
+DEFINE_PER_CPU(unsigned long [PAGE_SIZE/sizeof(long)], hyp_overflow_stack)
+	__aligned(16);
+#endif
+
 #define hyp_percpu_size ((unsigned long)__per_cpu_end - \
 			 (unsigned long)__per_cpu_start)
=20
--=20
2.35.1.265.g69c8d7142f-goog

From nobody Sat Apr 20 04:15:44 2024
Delivered-To: importer2@patchew.org
Received-SPF: pass (zohomail.com: domain of vger.kernel.org designates
 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
 envelope-from=linux-kernel-owner@vger.kernel.org; helo=vger.kernel.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass(p=reject dis=none)  header.from=google.com
ARC-Seal: i=1; a=rsa-sha256; t=1644533202; cv=none;
	d=zohomail.com; s=zohoarc;
	b=cCspeNlhuPiiw/0EAiTK58JuzW6iJZvVHReyXb39cDITOMUgzQ52EEQZtt1wiqKiI/54gx6EXpIzhts+f1VnkTNdADu0H2fMPNC1UL21AcqVIMnNikDsHRbHqBNhlZXI3ebN9ttEHUAFe2nkp6MjzBHKDGYMYNiyaK8frCouuCU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1644533202;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Id:MIME-Version:Message-ID:References:Subject:To;
	bh=vCIc/T3BypFPMAfivt4Ue/YpaTqTQiwu1sslRwpeTec=;
	b=G5KXebqOWJEgpaZt9ZfUz9/HAPCep7rDRyAvzsf28OOBDW++mmTIl/VlKPf83yLPzm2tLUZgpniElR2cndQNg8lqy9Vs8jhECf8ftL9osDQIfl0qSSNBs/VqaWelaT+shuLln4Rvh2OwxoZLDyBC54Gxd87sbmx2E0ahWkBcjgs=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass header.from=<kaleshsingh@google.com> (p=reject dis=none)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by
 mx.zohomail.com
	with SMTP id 1644533202382632.5157586990858;
 Thu, 10 Feb 2022 14:46:42 -0800 (PST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345208AbiBJWqk (ORCPT <rfc822;importer2@patchew.org>);
        Thu, 10 Feb 2022 17:46:40 -0500
Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:35266 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S241709AbiBJWqi (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 10 Feb 2022 17:46:38 -0500
Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com
 [IPv6:2607:f8b0:4864:20::b49])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7049726F3
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:46:38 -0800 (PST)
Received: by mail-yb1-xb49.google.com with SMTP id
 x1-20020a25a001000000b0061c64ee0196so15115361ybh.9
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:46:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:in-reply-to:message-id:mime-version:references:subject:from:cc;
        bh=vCIc/T3BypFPMAfivt4Ue/YpaTqTQiwu1sslRwpeTec=;
        b=seqJLYA4w2epHJQlXFABX3D3UYUQLwDvDqlyQDaAaeWonXzVw6MUkHTsJIGtf1Cskw
         hepDtnf243UVN0de4xbKTvLzx6+EFj6S3n6IRujfhuaYqjLZUsIxOQDJFaiHLhwHpcif
         azVEJyiu+Imi36TS4A81UL9UDOkVsoc0kyvsRcSLnLEi8OD4pfPAdfyeSn/c8dzfFTh8
         7D62rZPd45GwLcsuMH2KDaNp1C7YkxXtHCKU7OxB1rSZEAw8tiYeNPiKdAhNp55Kki6L
         BdhzopTvP6lPB8mZyd+OizIcJ0uhFSKZBpkvy3pa7eLgNvE/kt/lk25iKtQcmYtsAqDt
         9Ksg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:in-reply-to:message-id:mime-version
         :references:subject:from:cc;
        bh=vCIc/T3BypFPMAfivt4Ue/YpaTqTQiwu1sslRwpeTec=;
        b=yyAwA/QKGublha7pcEU8d+fgAUJQVLwGBS28KShs3MFacF+kEih0IajtBTydMBvh7z
         rwhbGFOJ10JBx2WwFRtwq7gBZWrdG39QiTWx1ktE4o4K+qPMMCXYGrWxTLTcoLC4UgVZ
         qFRM81+6DQVeg/65SoWPtO3YHOriXMbaT1jZxj1Smfe7MOa4vfiIC77mThc3CfL5sczf
         yhDhu31yMRqCqSmd8LTzFpi+960hunEqw2B+hldIBbHuskcqTjb1iCi08Iq6AXwkrXtq
         Vb97/w5s+kBdO8EX9B1/uOI/9NBUNBSAtxxyWBrOuxt4hT1RS5EM0yXrsJ5jA0RCl561
         x9jg==
X-Gm-Message-State: AOAM530FoUNUr2xTxC/Nq7cfvlJjyEOtbdko+gQYTQ/D2t8n+k2vwQ66
        BGerNxrm4zUTfg42c10TeCW3jy/h0dhL0KDWAw==
X-Google-Smtp-Source: 
 ABdhPJyErmlDgws4R3zr2NRs/2SNeRzB0+zSuqXZ4aWQ8ngObpdjK8Lp8zJzG3DZwOPBxAq3t5kSy2t3OH5MHOSyFg==
X-Received: from kaleshsingh.mtv.corp.google.com
 ([2620:15c:211:200:8f02:232:ad86:2ab2])
 (user=kaleshsingh job=sendgmr) by 2002:a25:b94f:: with SMTP id
 s15mr9159159ybm.362.1644533197659; Thu, 10 Feb 2022 14:46:37 -0800 (PST)
Date: Thu, 10 Feb 2022 14:41:47 -0800
In-Reply-To: <20220210224220.4076151-1-kaleshsingh@google.com>
Message-Id: <20220210224220.4076151-7-kaleshsingh@google.com>
Mime-Version: 1.0
References: <20220210224220.4076151-1-kaleshsingh@google.com>
X-Mailer: git-send-email 2.35.1.265.g69c8d7142f-goog
Subject: [PATCH 6/7] KVM: arm64: Unwind and dump nVHE HYP stacktrace
From: Kalesh Singh <kaleshsingh@google.com>
Cc: will@kernel.org, maz@kernel.org, qperret@google.com,
        tabba@google.com, surenb@google.com, kernel-team@android.com,
        Kalesh Singh <kaleshsingh@google.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        James Morse <james.morse@arm.com>,
        Alexandru Elisei <alexandru.elisei@arm.com>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        Ard Biesheuvel <ardb@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Pasha Tatashin <pasha.tatashin@soleen.com>,
        Joey Gouly <joey.gouly@arm.com>,
        Peter Collingbourne <pcc@google.com>,
        Andrew Walbran <qwandor@google.com>,
        Andrew Scull <ascull@google.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        kvmarm@lists.cs.columbia.edu
X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MISSING_HEADERS,
        RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
        USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
To: unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-ZohoMail-DKIM: pass (identity @google.com)
X-ZM-MESSAGEID: 1644533203789100001
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Unwind the stack in EL1, when CONFIG_NVHE_EL2_DEBUG is enabled. This is
possible because CONFIG_NVHE_EL2_DEBUG disables the host stage 2 protection
which allows host to access the hypervisor stack pages in EL1.

Unwinding and dumping hyp call traces is gated on CONFIG_NVHE_EL2_DEBUG
to avoid the potential leaking of information to the host.

A simple stack overflow test produces the following output:

[  580.376051][  T412] kvm: nVHE hyp panic at: ffffffc0116145c4!
[  580.378034][  T412] kvm [412]: nVHE HYP call trace (vmlinux
addresses):
[  580.378591][  T412] kvm [412]:  [<ffffffc011614934>]
[  580.378993][  T412] kvm [412]:  [<ffffffc01160fa48>]
[  580.379386][  T412] kvm [412]:  [<ffffffc0116145dc>]  // Non-terminating=
 recursive call
[  580.379772][  T412] kvm [412]:  [<ffffffc0116145dc>]
[  580.380158][  T412] kvm [412]:  [<ffffffc0116145dc>]
[  580.380544][  T412] kvm [412]:  [<ffffffc0116145dc>]
[  580.380928][  T412] kvm [412]:  [<ffffffc0116145dc>]
. . .

Since nVHE hyp symbols are not included by kallsyms to avoid issues
with aliasing, we fallback to the vmlinux addresses. Symbolizing the
addresses is handled in the next patch in this series.

Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---
 arch/arm64/include/asm/kvm_asm.h |  17 ++
 arch/arm64/kvm/Makefile          |   1 +
 arch/arm64/kvm/arm.c             |   2 +-
 arch/arm64/kvm/handle_exit.c     |   3 +
 arch/arm64/kvm/hyp/nvhe/setup.c  |  25 +++
 arch/arm64/kvm/hyp/nvhe/switch.c |  17 ++
 arch/arm64/kvm/stacktrace.c      | 290 +++++++++++++++++++++++++++++++
 arch/arm64/kvm/stacktrace.h      |  17 ++
 8 files changed, 371 insertions(+), 1 deletion(-)
 create mode 100644 arch/arm64/kvm/stacktrace.c
 create mode 100644 arch/arm64/kvm/stacktrace.h

diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_=
asm.h
index d5b0386ef765..f2b4c2ae5905 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -175,6 +175,23 @@ struct kvm_nvhe_init_params {
 	unsigned long vtcr;
 };
=20
+#ifdef CONFIG_NVHE_EL2_DEBUG
+/*
+ * Used by the host in EL1 to dump the nVHE hypervisor backtrace on
+ * hyp_panic. This is possible because CONFIG_NVHE_EL2_DEBUG disables
+ * the host stage 2 protection. See: __hyp_do_panic()
+ *
+ * @hyp_stack_base:		hyp VA of the hyp_stack base.
+ * @hyp_overflow_stack_base:	hyp VA of the hyp_overflow_stack base.
+ * @start_fp:			hyp FP where the hyp backtrace should begin.
+ */
+struct kvm_nvhe_panic_info {
+	unsigned long hyp_stack_base;
+	unsigned long hyp_overflow_stack_base;
+	unsigned long start_fp;
+};
+#endif
+
 /* Translate a kernel address @ptr into its equivalent linear mapping */
 #define kvm_ksym_ref(ptr)						\
 	({								\
diff --git a/arch/arm64/kvm/Makefile b/arch/arm64/kvm/Makefile
index 91861fd8b897..262b5c58cc62 100644
--- a/arch/arm64/kvm/Makefile
+++ b/arch/arm64/kvm/Makefile
@@ -23,6 +23,7 @@ kvm-y +=3D arm.o mmu.o mmio.o psci.o hypercalls.o pvtime.=
o \
 	 vgic/vgic-its.o vgic/vgic-debug.o
=20
 kvm-$(CONFIG_HW_PERF_EVENTS)  +=3D pmu-emul.o
+kvm-$(CONFIG_NVHE_EL2_DEBUG)  +=3D stacktrace.o
=20
 always-y :=3D hyp_constants.h hyp-constants.s
=20
diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c
index ecc5958e27fe..f779436919ad 100644
--- a/arch/arm64/kvm/arm.c
+++ b/arch/arm64/kvm/arm.c
@@ -49,7 +49,7 @@ DEFINE_STATIC_KEY_FALSE(kvm_protected_mode_initialized);
=20
 DECLARE_KVM_HYP_PER_CPU(unsigned long, kvm_hyp_vector);
=20
-static DEFINE_PER_CPU(unsigned long, kvm_arm_hyp_stack_page);
+DEFINE_PER_CPU(unsigned long, kvm_arm_hyp_stack_page);
 unsigned long kvm_arm_hyp_percpu_base[NR_CPUS];
 DECLARE_KVM_NVHE_PER_CPU(struct kvm_nvhe_init_params, kvm_init_params);
=20
diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
index e3140abd2e2e..b038c32a3236 100644
--- a/arch/arm64/kvm/handle_exit.c
+++ b/arch/arm64/kvm/handle_exit.c
@@ -23,6 +23,7 @@
=20
 #define CREATE_TRACE_POINTS
 #include "trace_handle_exit.h"
+#include "stacktrace.h"
=20
 typedef int (*exit_handle_fn)(struct kvm_vcpu *);
=20
@@ -326,6 +327,8 @@ void __noreturn __cold nvhe_hyp_panic_handler(u64 esr, =
u64 spsr,
 		kvm_err("nVHE hyp panic at: %016llx!\n", elr_virt + hyp_offset);
 	}
=20
+	hyp_dump_backtrace(hyp_offset);
+
 	/*
 	 * Hyp has panicked and we're going to handle that by panicking the
 	 * kernel. The kernel offset will be revealed in the panic so we're
diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setu=
p.c
index 39937fa6a1b2..3d7720d25acb 100644
--- a/arch/arm64/kvm/hyp/nvhe/setup.c
+++ b/arch/arm64/kvm/hyp/nvhe/setup.c
@@ -23,6 +23,29 @@ unsigned long hyp_nr_cpus;
 #ifdef CONFIG_NVHE_EL2_DEBUG
 DEFINE_PER_CPU(unsigned long [PAGE_SIZE/sizeof(long)], hyp_overflow_stack)
 	__aligned(16);
+
+DEFINE_PER_CPU(struct kvm_nvhe_panic_info, kvm_panic_info);
+
+static void init_nvhe_panic_info(void)
+{
+	struct kvm_nvhe_panic_info *panic_info;
+	struct kvm_nvhe_init_params *params;
+	int cpu;
+
+	for (cpu =3D 0; cpu < hyp_nr_cpus; cpu++) {
+		panic_info =3D per_cpu_ptr(&kvm_panic_info, cpu);
+		params =3D per_cpu_ptr(&kvm_init_params, cpu);
+
+		panic_info->hyp_stack_base =3D (unsigned long)(params->stack_hyp_va - PA=
GE_SIZE);
+		panic_info->hyp_overflow_stack_base
+			=3D (unsigned long)per_cpu_ptr(hyp_overflow_stack, cpu);
+		panic_info->start_fp =3D 0;
+	}
+}
+#else
+static inline void init_nvhe_panic_info(void)
+{
+}
 #endif
=20
 #define hyp_percpu_size ((unsigned long)__per_cpu_end - \
@@ -140,6 +163,8 @@ static int recreate_hyp_mappings(phys_addr_t phys, unsi=
gned long size,
 		 * allocated 'private' VA range.
 		 */
 		per_cpu_ptr(&kvm_init_params, i)->stack_hyp_va =3D (unsigned long) end;
+
+		init_nvhe_panic_info();
 	}
=20
 	/*
diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/swi=
tch.c
index 5a2e1ab79913..8f8cd0c02e1a 100644
--- a/arch/arm64/kvm/hyp/nvhe/switch.c
+++ b/arch/arm64/kvm/hyp/nvhe/switch.c
@@ -34,6 +34,21 @@ DEFINE_PER_CPU(struct kvm_host_data, kvm_host_data);
 DEFINE_PER_CPU(struct kvm_cpu_context, kvm_hyp_ctxt);
 DEFINE_PER_CPU(unsigned long, kvm_hyp_vector);
=20
+#ifdef CONFIG_NVHE_EL2_DEBUG
+DECLARE_PER_CPU(struct kvm_nvhe_panic_info, kvm_panic_info);
+
+static void update_nvhe_panic_info_fp(void)
+{
+	struct kvm_nvhe_panic_info *panic_info =3D this_cpu_ptr(&kvm_panic_info);
+
+	panic_info->start_fp =3D (unsigned long)__builtin_frame_address(0);
+}
+#else
+static inline void update_nvhe_panic_info_fp(void)
+{
+}
+#endif
+
 static void __activate_traps(struct kvm_vcpu *vcpu)
 {
 	u64 val;
@@ -355,6 +370,8 @@ void __noreturn hyp_panic(void)
 	struct kvm_cpu_context *host_ctxt;
 	struct kvm_vcpu *vcpu;
=20
+	update_nvhe_panic_info_fp();
+
 	host_ctxt =3D &this_cpu_ptr(&kvm_host_data)->host_ctxt;
 	vcpu =3D host_ctxt->__hyp_running_vcpu;
=20
diff --git a/arch/arm64/kvm/stacktrace.c b/arch/arm64/kvm/stacktrace.c
new file mode 100644
index 000000000000..3990a616ab66
--- /dev/null
+++ b/arch/arm64/kvm/stacktrace.c
@@ -0,0 +1,290 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/*
+ * Stack unwinder for EL2 nVHE hypervisor.
+ *
+ * Code mostly copied from the arm64 kernel stack unwinder
+ * and adapted to the nVHE hypervisor.
+ *
+ * See: arch/arm64/kernel/stacktrace.c
+ *
+ * CONFIG_NVHE_EL2_DEBUG disables the host stage-2 protection
+ * allowing us to access the hypervisor stack pages and
+ * consequently unwind its stack from the host in EL1.
+ *
+ * See: __hyp_do_panic()
+ */
+
+#include <asm/kvm_asm.h>
+#include <asm/kvm_hyp.h>
+#include <linux/kvm_host.h>
+#include "stacktrace.h"
+
+DECLARE_PER_CPU(unsigned long, kvm_arm_hyp_stack_page);
+DECLARE_KVM_NVHE_PER_CPU(unsigned long [PAGE_SIZE/sizeof(long)], hyp_overf=
low_stack);
+DECLARE_KVM_NVHE_PER_CPU(struct kvm_nvhe_panic_info, kvm_panic_info);
+
+enum hyp_stack_type {
+	HYP_STACK_TYPE_UNKNOWN,
+	HYP_STACK_TYPE_HYP,
+	HYP_STACK_TYPE_OVERFLOW,
+	__NR_HYP_STACK_TYPES
+};
+
+struct hyp_stack_info {
+	unsigned long low;
+	unsigned long high;
+	enum hyp_stack_type type;
+};
+
+/*
+ * A snapshot of a frame record or fp/lr register values, along with some
+ * accounting information necessary for robust unwinding.
+ *
+ * @fp:          The fp value in the frame record (or the real fp)
+ * @pc:          The pc value calculated from lr in the frame record.
+ *
+ * @stacks_done: Stacks which have been entirely unwound, for which it is =
no
+ *               longer valid to unwind to.
+ *
+ * @prev_fp:     The fp that pointed to this frame record, or a synthetic =
value
+ *               of 0. This is used to ensure that within a stack, each
+ *               subsequent frame record is at an increasing address.
+ * @prev_type:   The type of stack this frame record was on, or a synthetic
+ *               value of HYP_STACK_TYPE_UNKNOWN. This is used to detect a
+ *               transition from one stack to another.
+ */
+struct hyp_stackframe {
+	unsigned long fp;
+	unsigned long pc;
+	DECLARE_BITMAP(stacks_done, __NR_HYP_STACK_TYPES);
+	unsigned long prev_fp;
+	enum hyp_stack_type prev_type;
+};
+
+static inline bool __on_hyp_stack(unsigned long hyp_sp, unsigned long size,
+				unsigned long low, unsigned long high,
+				enum hyp_stack_type type,
+				struct hyp_stack_info *info)
+{
+	if (!low)
+		return false;
+
+	if (hyp_sp < low || hyp_sp + size < hyp_sp || hyp_sp + size > high)
+		return false;
+
+	if (info) {
+		info->low =3D low;
+		info->high =3D high;
+		info->type =3D type;
+	}
+	return true;
+}
+
+static inline bool on_hyp_overflow_stack(unsigned long hyp_sp, unsigned lo=
ng size,
+				 struct hyp_stack_info *info)
+{
+	struct kvm_nvhe_panic_info *panic_info =3D this_cpu_ptr_nvhe_sym(kvm_pani=
c_info);
+	unsigned long low =3D (unsigned long)panic_info->hyp_overflow_stack_base;
+	unsigned long high =3D low + PAGE_SIZE;
+
+	return __on_hyp_stack(hyp_sp, size, low, high, HYP_STACK_TYPE_OVERFLOW, i=
nfo);
+}
+
+static inline bool on_hyp_stack(unsigned long hyp_sp, unsigned long size,
+				 struct hyp_stack_info *info)
+{
+	struct kvm_nvhe_panic_info *panic_info =3D this_cpu_ptr_nvhe_sym(kvm_pani=
c_info);
+	unsigned long low =3D (unsigned long)panic_info->hyp_stack_base;
+	unsigned long high =3D low + PAGE_SIZE;
+
+	return __on_hyp_stack(hyp_sp, size, low, high, HYP_STACK_TYPE_HYP, info);
+}
+
+static inline bool on_hyp_accessible_stack(unsigned long hyp_sp, unsigned =
long size,
+				       struct hyp_stack_info *info)
+{
+	if (info)
+		info->type =3D HYP_STACK_TYPE_UNKNOWN;
+
+	if (on_hyp_stack(hyp_sp, size, info))
+		return true;
+	if (on_hyp_overflow_stack(hyp_sp, size, info))
+		return true;
+
+	return false;
+}
+
+static unsigned long __hyp_stack_kern_va(unsigned long hyp_va)
+{
+	struct kvm_nvhe_panic_info *panic_info =3D this_cpu_ptr_nvhe_sym(kvm_pani=
c_info);
+	unsigned long hyp_base, kern_base, hyp_offset;
+
+	hyp_base =3D (unsigned long)panic_info->hyp_stack_base;
+	hyp_offset =3D hyp_va - hyp_base;
+
+	kern_base =3D (unsigned long)*this_cpu_ptr(&kvm_arm_hyp_stack_page);
+
+	return kern_base + hyp_offset;
+}
+
+static unsigned long __hyp_overflow_stack_kern_va(unsigned long hyp_va)
+{
+	struct kvm_nvhe_panic_info *panic_info =3D this_cpu_ptr_nvhe_sym(kvm_pani=
c_info);
+	unsigned long hyp_base, kern_base, hyp_offset;
+
+	hyp_base =3D (unsigned long)panic_info->hyp_overflow_stack_base;
+	hyp_offset =3D hyp_va - hyp_base;
+
+	kern_base =3D (unsigned long)this_cpu_ptr_nvhe_sym(hyp_overflow_stack);
+
+	return kern_base + hyp_offset;
+}
+
+/*
+ * Convert hypervisor stack VA to a kernel VA.
+ *
+ * The hypervisor stack is mapped in the flexible 'private' VA range, to a=
llow
+ * for guard pages below the stack. Consequently, the fixed offset address
+ * translation macros won't work here.
+ *
+ * The kernel VA is calculated as an offset from the kernel VA of the hype=
rvisor
+ * stack base. See: __hyp_stack_kern_va(),  __hyp_overflow_stack_kern_va()
+ */
+static unsigned long hyp_stack_kern_va(unsigned long hyp_va,
+					enum hyp_stack_type stack_type)
+{
+	switch (stack_type) {
+	case HYP_STACK_TYPE_HYP:
+		return __hyp_stack_kern_va(hyp_va);
+	case HYP_STACK_TYPE_OVERFLOW:
+		return __hyp_overflow_stack_kern_va(hyp_va);
+	default:
+		return 0UL;
+	}
+}
+
+/*
+ * Unwind from one frame record (A) to the next frame record (B).
+ *
+ * We terminate early if the location of B indicates a malformed chain of =
frame
+ * records (e.g. a cycle), determined based on the location and fp value o=
f A
+ * and the location (but not the fp value) of B.
+ */
+static int notrace hyp_unwind_frame(struct hyp_stackframe *frame)
+{
+	unsigned long fp =3D frame->fp, fp_kern_va;
+	struct hyp_stack_info info;
+
+	if (fp & 0x7)
+		return -EINVAL;
+
+	if (!on_hyp_accessible_stack(fp, 16, &info))
+		return -EINVAL;
+
+	if (test_bit(info.type, frame->stacks_done))
+		return -EINVAL;
+
+	/*
+	 * As stacks grow downward, any valid record on the same stack must be
+	 * at a strictly higher address than the prior record.
+	 *
+	 * Stacks can nest in the following order:
+	 *
+	 * HYP -> OVERFLOW
+	 *
+	 * ... but the nesting itself is strict. Once we transition from one
+	 * stack to another, it's never valid to unwind back to that first
+	 * stack.
+	 */
+	if (info.type =3D=3D frame->prev_type) {
+		if (fp <=3D frame->prev_fp)
+			return -EINVAL;
+	} else {
+		set_bit(frame->prev_type, frame->stacks_done);
+	}
+
+	/* Translate the hyp stack address to a kernel address */
+	fp_kern_va =3D hyp_stack_kern_va(fp, info.type);
+	if (!fp_kern_va)
+		return -EINVAL;
+
+	/*
+	 * Record this frame record's values and location. The prev_fp and
+	 * prev_type are only meaningful to the next hyp_unwind_frame()
+	 * invocation.
+	 */
+	frame->fp =3D READ_ONCE_NOCHECK(*(unsigned long *)(fp_kern_va));
+	/* PC =3D LR - 4; All aarch64 instructions are 32-bits in size */
+	frame->pc =3D READ_ONCE_NOCHECK(*(unsigned long *)(fp_kern_va + 8)) - 4;
+	frame->prev_fp =3D fp;
+	frame->prev_type =3D info.type;
+
+	return 0;
+}
+
+/*
+ * AArch64 PCS assigns the frame pointer to x29.
+ *
+ * A simple function prologue looks like this:
+ *	sub	sp, sp, #0x10
+ *	stp	x29, x30, [sp]
+ *	mov	x29, sp
+ *
+ * A simple function epilogue looks like this:
+ *	mov	sp, x29
+ *	ldp	x29, x30, [sp]
+ *	add	sp, sp, #0x10
+ */
+static void hyp_start_backtrace(struct hyp_stackframe *frame, unsigned lon=
g fp)
+{
+	frame->fp =3D fp;
+
+	/*
+	 * Prime the first unwind.
+	 *
+	 * In hyp_unwind_frame() we'll check that the FP points to a valid
+	 * stack, which can't be HYP_STACK_TYPE_UNKNOWN, and the first unwind
+	 * will be treated as a transition to whichever stack that happens to
+	 * be. The prev_fp value won't be used, but we set it to 0 such that
+	 * it is definitely not an accessible stack address. The first frame
+	 * (hyp_panic()) is skipped, so we also set PC to 0.
+	 */
+	bitmap_zero(frame->stacks_done, __NR_HYP_STACK_TYPES);
+	frame->pc =3D frame->prev_fp =3D 0;
+	frame->prev_type =3D HYP_STACK_TYPE_UNKNOWN;
+}
+
+static void hyp_dump_backtrace_entry(unsigned long hyp_pc, unsigned long h=
yp_offset)
+{
+	unsigned long va_mask =3D GENMASK_ULL(vabits_actual - 1, 0);
+
+	hyp_pc &=3D va_mask;
+	hyp_pc +=3D hyp_offset;
+
+	kvm_err(" [<%016llx>]\n", hyp_pc);
+}
+
+void hyp_dump_backtrace(unsigned long hyp_offset)
+{
+	struct kvm_nvhe_panic_info *panic_info =3D this_cpu_ptr_nvhe_sym(kvm_pani=
c_info);
+	struct hyp_stackframe frame;
+	int frame_nr =3D 0;
+	int skip =3D 1;		/* Skip the first frame: hyp_panic() */
+
+	kvm_err("nVHE HYP call trace (vmlinux addresses):\n");
+
+	hyp_start_backtrace(&frame, (unsigned long)panic_info->start_fp);
+
+	do {
+		if (skip) {
+			skip--;
+			continue;
+		}
+
+		hyp_dump_backtrace_entry(frame.pc, hyp_offset);
+
+		frame_nr++;
+	} while (!hyp_unwind_frame(&frame));
+
+	kvm_err("---- end of nVHE HYP call trace ----\n");
+}
diff --git a/arch/arm64/kvm/stacktrace.h b/arch/arm64/kvm/stacktrace.h
new file mode 100644
index 000000000000..40c397394b9b
--- /dev/null
+++ b/arch/arm64/kvm/stacktrace.h
@@ -0,0 +1,17 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * Stack unwinder for EL2 nVHE hypervisor.
+ */
+
+#ifndef __KVM_HYP_STACKTRACE_H
+#define __KVM_HYP_STACKTRACE_H
+
+#ifdef CONFIG_NVHE_EL2_DEBUG
+void hyp_dump_backtrace(unsigned long hyp_offset);
+#else
+static inline void hyp_dump_backtrace(unsigned long hyp_offset)
+{
+}
+#endif /* CONFIG_NVHE_EL2_DEBUG */
+
+#endif /* __KVM_HYP_STACKTRACE_H */
--=20
2.35.1.265.g69c8d7142f-goog

From nobody Sat Apr 20 04:15:44 2024
Delivered-To: importer2@patchew.org
Received-SPF: pass (zohomail.com: domain of vger.kernel.org designates
 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
 envelope-from=linux-kernel-owner@vger.kernel.org; helo=vger.kernel.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass(p=reject dis=none)  header.from=google.com
ARC-Seal: i=1; a=rsa-sha256; t=1644533237; cv=none;
	d=zohomail.com; s=zohoarc;
	b=fUgwq5kV6onVlhFlbCAKrAenKJ99bNVYZ4M6x8xtxXZ7d3JyWvEFcQKmFCA+7oCVuPncTcqo4J7XBm65O0EUteU0DkKWPq3B9ec07gSFlAidbQnokqTKmfkoLHbcWPqZDzEqfcBO/V779caaoDR6+DcfYC5vFnsaUz2eNGIJERo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1644533237;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Id:MIME-Version:Message-ID:References:Subject:To;
	bh=0KTIZ/BsAXUFEI2iaae3XhjiZCEBM5hWuzmqdk8v8UY=;
	b=TLpDqLAWw89rQ2T3lAo4xKtx/fg4ZsuQTHar4WPhSKOf6+LFbIlF5o3dwfuLjSDmDxIcXzVB7eHpptwEj2Rwd5Q4NAi98S6As93wCSDNA+jI0o02P1D/WCUawhauXRDJyQk2l/nFe5GwR8xQTfkh/SBK5vLaQnTtGPBxZi/HtjQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of vger.kernel.org designates 23.128.96.18 as
 permitted sender)  smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
	dmarc=pass header.from=<kaleshsingh@google.com> (p=reject dis=none)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by
 mx.zohomail.com
	with SMTP id 1644533237252753.9320434598393;
 Thu, 10 Feb 2022 14:47:17 -0800 (PST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345224AbiBJWrP (ORCPT <rfc822;importer2@patchew.org>);
        Thu, 10 Feb 2022 17:47:15 -0500
Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:35866 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S242109AbiBJWrO (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 10 Feb 2022 17:47:14 -0500
Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com
 [IPv6:2607:f8b0:4864:20::b49])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 986EB5F46
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:47:14 -0800 (PST)
Received: by mail-yb1-xb49.google.com with SMTP id
 h6-20020a253a06000000b0061de83305f2so15006198yba.19
        for <linux-kernel@vger.kernel.org>;
 Thu, 10 Feb 2022 14:47:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:in-reply-to:message-id:mime-version:references:subject:from:cc;
        bh=0KTIZ/BsAXUFEI2iaae3XhjiZCEBM5hWuzmqdk8v8UY=;
        b=ZHZcx5xA7EHUTHCEaadFyiIjhdIRYxHvTFae4ko0TI3GsIog1bV3SjKx1jRojQWUj9
         9YmFQDHXzEGOwzo0jbIx2p05gWQot0LfhQEneSFTIQDTsEvDEu3cbgpbhfSSiOKTck7B
         XnA5mt4AM4oFT952jp0wtfNf7wV5ozC6f4FRX17E75v7SVOIT6Qq311evP23Cd+WxpCL
         t4yqScsbIWIhUS/HOMp6RY2OVDmFmetiuTA2yxdyMmNDQyRHtrtm3pjz0CB+NKSsCK+K
         F7SOpuTg/HVJ5A4DPQFaIsMVgylVqHlTpMjmwpbi8GWIswYd63eFghrQb2JVt08OjyHt
         AohA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:in-reply-to:message-id:mime-version
         :references:subject:from:cc;
        bh=0KTIZ/BsAXUFEI2iaae3XhjiZCEBM5hWuzmqdk8v8UY=;
        b=HmJB2ERXclMiXKqPH6fLFIdLz1OkBawwkoRRiMvqrYPZhkfmRajklsbuFV2OPgBKm7
         CRf1ub7n0YYHuB0FRJfAnXpGDCcW8WfMye7exJJwiEUqkbuj5Oil+P4q6ljiS6UzD1SM
         M7dba0alLnonrCkjQj9NLxYmLJHmeSedhceIe/ZBBkEnI7nIpuvsX2AUPd8UCrcU3aVI
         /POQTyTz8kbUA4V8whhzghoNcsTtwnuBHNYo0SMmpk+qj2+RBtNywpGov782qiTsHuPV
         2S0SJLGAPYRHtTpmbUAZsbEkQVWxNMS5/DKv9IO4O+9Klp+d/9BEwaGvb9cz65nkjn0R
         zXIg==
X-Gm-Message-State: AOAM533SmH3EiGmi/Me4pYOdYONVzBq9ZMACfS8ivIzyBD5o6G6Kln4n
        XIchY/Rddl1PkLSfwOx/1kWpu8RIpeTcjVtDIg==
X-Google-Smtp-Source: 
 ABdhPJw5p/Uh7hAVUUQUoiuUOWMwTt8ZLF4sqcEFxLAvSzIjy7oy/SoNwO/Prk3wKZ7puGZ6SI+A+MoEUcuHAzw3bA==
X-Received: from kaleshsingh.mtv.corp.google.com
 ([2620:15c:211:200:8f02:232:ad86:2ab2])
 (user=kaleshsingh job=sendgmr) by 2002:a81:b650:: with SMTP id
 h16mr9312369ywk.238.1644533233863; Thu, 10 Feb 2022 14:47:13 -0800 (PST)
Date: Thu, 10 Feb 2022 14:41:48 -0800
In-Reply-To: <20220210224220.4076151-1-kaleshsingh@google.com>
Message-Id: <20220210224220.4076151-8-kaleshsingh@google.com>
Mime-Version: 1.0
References: <20220210224220.4076151-1-kaleshsingh@google.com>
X-Mailer: git-send-email 2.35.1.265.g69c8d7142f-goog
Subject: [PATCH 7/7] KVM: arm64: Symbolize the nVHE HYP backtrace
From: Kalesh Singh <kaleshsingh@google.com>
Cc: will@kernel.org, maz@kernel.org, qperret@google.com,
        tabba@google.com, surenb@google.com, kernel-team@android.com,
        Kalesh Singh <kaleshsingh@google.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        James Morse <james.morse@arm.com>,
        Alexandru Elisei <alexandru.elisei@arm.com>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        Ard Biesheuvel <ardb@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Pasha Tatashin <pasha.tatashin@soleen.com>,
        Joey Gouly <joey.gouly@arm.com>,
        Peter Collingbourne <pcc@google.com>,
        Andrew Walbran <qwandor@google.com>,
        Andrew Scull <ascull@google.com>,
        linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        kvmarm@lists.cs.columbia.edu
X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MISSING_HEADERS,
        RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
        USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
To: unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-ZohoMail-DKIM: pass (identity @google.com)
X-ZM-MESSAGEID: 1644533239167100001
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Reintroduce the __kvm_nvhe_ symbols in kallsyms, ignoring the local
symbols in this namespace. The local symbols are not informative and
can cause aliasing issues when symbolizing the addresses.

With the necessary symbols now in kallsyms we can symbolize nVHE
stacktrace addresses using the %pB print format specifier.

Some sample call traces:

-------
[  167.018598][  T407] kvm [407]: nVHE hyp panic at: [<ffffffc0116145cc>] _=
_kvm_nvhe_overflow_stack+0x10/0x34!
[  167.020841][  T407] kvm [407]: nVHE HYP call trace:
[  167.021371][  T407] kvm [407]: [<ffffffc011614934>] __kvm_nvhe_hyp_panic=
_bad_stack+0xc/0x10
[  167.021972][  T407] kvm [407]: [<ffffffc01160fa48>] __kvm_nvhe___kvm_hyp=
_host_vector+0x248/0x794
[  167.022572][  T407] kvm [407]: [<ffffffc0116145dc>] __kvm_nvhe_overflow_=
stack+0x20/0x34
[  167.023135][  T407] kvm [407]: [<ffffffc0116145dc>] __kvm_nvhe_overflow_=
stack+0x20/0x34
[  167.023699][  T407] kvm [407]: [<ffffffc0116145dc>] __kvm_nvhe_overflow_=
stack+0x20/0x34
[  167.024261][  T407] kvm [407]: [<ffffffc0116145dc>] __kvm_nvhe_overflow_=
stack+0x20/0x34
. . .

-------
[  166.161699][  T409] kvm [409]: Invalid host exception to nVHE hyp!
[  166.163789][  T409] kvm [409]: nVHE HYP call trace:
[  166.164709][  T409] kvm [409]: [<ffffffc011614fa0>] __kvm_nvhe_handle___=
kvm_vcpu_run+0x198/0x21c
[  166.165352][  T409] kvm [409]: [<ffffffc011614980>] __kvm_nvhe_handle_tr=
ap+0xa4/0x124
[  166.165911][  T409] kvm [409]: [<ffffffc01160f060>] __kvm_nvhe___host_ex=
it+0x60/0x64
[  166.166657][  T409] Kernel panic - not syncing: HYP panic:
. . .
-------

Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---
 arch/arm64/kvm/handle_exit.c | 11 +++--------
 arch/arm64/kvm/stacktrace.c  |  2 +-
 scripts/kallsyms.c           |  2 +-
 3 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c
index b038c32a3236..d7f0f295aebf 100644
--- a/arch/arm64/kvm/handle_exit.c
+++ b/arch/arm64/kvm/handle_exit.c
@@ -296,13 +296,8 @@ void __noreturn __cold nvhe_hyp_panic_handler(u64 esr,=
 u64 spsr,
 	u64 elr_in_kimg =3D __phys_to_kimg(elr_phys);
 	u64 hyp_offset =3D elr_in_kimg - kaslr_offset() - elr_virt;
 	u64 mode =3D spsr & PSR_MODE_MASK;
+	u64 panic_addr =3D elr_virt + hyp_offset;
=20
-	/*
-	 * The nVHE hyp symbols are not included by kallsyms to avoid issues
-	 * with aliasing. That means that the symbols cannot be printed with the
-	 * "%pS" format specifier, so fall back to the vmlinux address if
-	 * there's no better option.
-	 */
 	if (mode !=3D PSR_MODE_EL2t && mode !=3D PSR_MODE_EL2h) {
 		kvm_err("Invalid host exception to nVHE hyp!\n");
 	} else if (ESR_ELx_EC(esr) =3D=3D ESR_ELx_EC_BRK64 &&
@@ -322,9 +317,9 @@ void __noreturn __cold nvhe_hyp_panic_handler(u64 esr, =
u64 spsr,
 		if (file)
 			kvm_err("nVHE hyp BUG at: %s:%u!\n", file, line);
 		else
-			kvm_err("nVHE hyp BUG at: %016llx!\n", elr_virt + hyp_offset);
+			kvm_err("nVHE hyp BUG at: [<%016llx>] %pB!\n", panic_addr, panic_addr);
 	} else {
-		kvm_err("nVHE hyp panic at: %016llx!\n", elr_virt + hyp_offset);
+		kvm_err("nVHE hyp panic at: [<%016llx>] %pB!\n", panic_addr, panic_addr);
 	}
=20
 	hyp_dump_backtrace(hyp_offset);
diff --git a/arch/arm64/kvm/stacktrace.c b/arch/arm64/kvm/stacktrace.c
index 3990a616ab66..4d12ffee9cc6 100644
--- a/arch/arm64/kvm/stacktrace.c
+++ b/arch/arm64/kvm/stacktrace.c
@@ -261,7 +261,7 @@ static void hyp_dump_backtrace_entry(unsigned long hyp_=
pc, unsigned long hyp_off
 	hyp_pc &=3D va_mask;
 	hyp_pc +=3D hyp_offset;
=20
-	kvm_err(" [<%016llx>]\n", hyp_pc);
+	kvm_err("[<%016llx>] %pB\n", hyp_pc, hyp_pc);
 }
=20
 void hyp_dump_backtrace(unsigned long hyp_offset)
diff --git a/scripts/kallsyms.c b/scripts/kallsyms.c
index 54ad86d13784..19aba43d9da4 100644
--- a/scripts/kallsyms.c
+++ b/scripts/kallsyms.c
@@ -111,7 +111,7 @@ static bool is_ignored_symbol(const char *name, char ty=
pe)
 		".LASANPC",		/* s390 kasan local symbols */
 		"__crc_",		/* modversions */
 		"__efistub_",		/* arm64 EFI stub namespace */
-		"__kvm_nvhe_",		/* arm64 non-VHE KVM namespace */
+		"__kvm_nvhe_$",		/* arm64 local symbols in non-VHE KVM namespace */
 		"__AArch64ADRPThunk_",	/* arm64 lld */
 		"__ARMV5PILongThunk_",	/* arm lld */
 		"__ARMV7PILongThunk_",
--=20
2.35.1.265.g69c8d7142f-goog