Commit a8308b3f authored by Oliver Upton's avatar Oliver Upton Committed by Marc Zyngier

KVM: arm64: Refactor hvc filtering to support different actions

KVM presently allows userspace to filter guest hypercalls with bitmaps
expressed via pseudo-firmware registers. These bitmaps have a narrow
scope and, of course, can only allow/deny a particular call. A
subsequent change to KVM will introduce a generalized UAPI for filtering
hypercalls, allowing functions to be forwarded to userspace.

Refactor the existing hypercall filtering logic to make room for more
than two actions. While at it, generalize the function names around
SMCCC as it is the basis for the upcoming UAPI.

No functional change intended.
Reviewed-by: default avatarSuzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: default avatarOliver Upton <oliver.upton@linux.dev>
Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20230404154050.2270077-7-oliver.upton@linux.dev
parent c2d2e9b3
...@@ -469,6 +469,15 @@ enum { ...@@ -469,6 +469,15 @@ enum {
/* run->fail_entry.hardware_entry_failure_reason codes. */ /* run->fail_entry.hardware_entry_failure_reason codes. */
#define KVM_EXIT_FAIL_ENTRY_CPU_UNSUPPORTED (1ULL << 0) #define KVM_EXIT_FAIL_ENTRY_CPU_UNSUPPORTED (1ULL << 0)
enum kvm_smccc_filter_action {
KVM_SMCCC_FILTER_HANDLE = 0,
KVM_SMCCC_FILTER_DENY,
#ifdef __KERNEL__
NR_SMCCC_FILTER_ACTIONS
#endif
};
#endif #endif
#endif /* __ARM_KVM_H__ */ #endif /* __ARM_KVM_H__ */
...@@ -65,7 +65,7 @@ static void kvm_ptp_get_time(struct kvm_vcpu *vcpu, u64 *val) ...@@ -65,7 +65,7 @@ static void kvm_ptp_get_time(struct kvm_vcpu *vcpu, u64 *val)
val[3] = lower_32_bits(cycles); val[3] = lower_32_bits(cycles);
} }
static bool kvm_hvc_call_default_allowed(u32 func_id) static bool kvm_smccc_default_allowed(u32 func_id)
{ {
switch (func_id) { switch (func_id) {
/* /*
...@@ -93,7 +93,7 @@ static bool kvm_hvc_call_default_allowed(u32 func_id) ...@@ -93,7 +93,7 @@ static bool kvm_hvc_call_default_allowed(u32 func_id)
} }
} }
static bool kvm_hvc_call_allowed(struct kvm_vcpu *vcpu, u32 func_id) static bool kvm_smccc_test_fw_bmap(struct kvm_vcpu *vcpu, u32 func_id)
{ {
struct kvm_smccc_features *smccc_feat = &vcpu->kvm->arch.smccc_feat; struct kvm_smccc_features *smccc_feat = &vcpu->kvm->arch.smccc_feat;
...@@ -117,20 +117,38 @@ static bool kvm_hvc_call_allowed(struct kvm_vcpu *vcpu, u32 func_id) ...@@ -117,20 +117,38 @@ static bool kvm_hvc_call_allowed(struct kvm_vcpu *vcpu, u32 func_id)
return test_bit(KVM_REG_ARM_VENDOR_HYP_BIT_PTP, return test_bit(KVM_REG_ARM_VENDOR_HYP_BIT_PTP,
&smccc_feat->vendor_hyp_bmap); &smccc_feat->vendor_hyp_bmap);
default: default:
return kvm_hvc_call_default_allowed(func_id); return false;
} }
} }
static u8 kvm_smccc_get_action(struct kvm_vcpu *vcpu, u32 func_id)
{
if (kvm_smccc_test_fw_bmap(vcpu, func_id) ||
kvm_smccc_default_allowed(func_id))
return KVM_SMCCC_FILTER_HANDLE;
return KVM_SMCCC_FILTER_DENY;
}
int kvm_smccc_call_handler(struct kvm_vcpu *vcpu) int kvm_smccc_call_handler(struct kvm_vcpu *vcpu)
{ {
struct kvm_smccc_features *smccc_feat = &vcpu->kvm->arch.smccc_feat; struct kvm_smccc_features *smccc_feat = &vcpu->kvm->arch.smccc_feat;
u32 func_id = smccc_get_function(vcpu); u32 func_id = smccc_get_function(vcpu);
u64 val[4] = {SMCCC_RET_NOT_SUPPORTED}; u64 val[4] = {SMCCC_RET_NOT_SUPPORTED};
u32 feature; u32 feature;
u8 action;
gpa_t gpa; gpa_t gpa;
if (!kvm_hvc_call_allowed(vcpu, func_id)) action = kvm_smccc_get_action(vcpu, func_id);
switch (action) {
case KVM_SMCCC_FILTER_HANDLE:
break;
case KVM_SMCCC_FILTER_DENY:
goto out;
default:
WARN_RATELIMIT(1, "Unhandled SMCCC filter action: %d\n", action);
goto out; goto out;
}
switch (func_id) { switch (func_id) {
case ARM_SMCCC_VERSION_FUNC_ID: case ARM_SMCCC_VERSION_FUNC_ID:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment