search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
x86/xen: resume timer irqs early
[linux/fpc-iii.git] / arch / arm / kvm / mmu.c
blobfe59e4a1902225a31e96f76fa2891efc620f94de
1 /*
2 * Copyright (C) 2012 - Virtual Open Systems and Columbia University
3 * Author: Christoffer Dall <c.dall@virtualopensystems.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License, version 2, as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 */
18
19 #include <linux/mman.h>
20 #include <linux/kvm_host.h>
21 #include <linux/io.h>
22 #include <trace/events/kvm.h>
23 #include <asm/pgalloc.h>
24 #include <asm/cacheflush.h>
25 #include <asm/kvm_arm.h>
26 #include <asm/kvm_mmu.h>
27 #include <asm/kvm_mmio.h>
28 #include <asm/kvm_asm.h>
29 #include <asm/kvm_emulate.h>
30
31 #include "trace.h"
32
33 extern char __hyp_idmap_text_start[], __hyp_idmap_text_end[];
34
35 static pgd_t *boot_hyp_pgd;
36 static pgd_t *hyp_pgd;
37 static DEFINE_MUTEX(kvm_hyp_pgd_mutex);
38
39 static void *init_bounce_page;
40 static unsigned long hyp_idmap_start;
41 static unsigned long hyp_idmap_end;
42 static phys_addr_t hyp_idmap_vector;
43
44 #define pgd_order get_order(PTRS_PER_PGD * sizeof(pgd_t))
45
46 static void kvm_tlb_flush_vmid_ipa(struct kvm *kvm, phys_addr_t ipa)
47 {
48 /*
49 * This function also gets called when dealing with HYP page
50 * tables. As HYP doesn't have an associated struct kvm (and
51 * the HYP page tables are fairly static), we don't do
52 * anything there.
53 */
54 if (kvm)
55 kvm_call_hyp(__kvm_tlb_flush_vmid_ipa, kvm, ipa);
56 }
57
58 static int mmu_topup_memory_cache(struct kvm_mmu_memory_cache *cache,
59 int min, int max)
60 {
61 void *page;
62
63 BUG_ON(max > KVM_NR_MEM_OBJS);
64 if (cache->nobjs >= min)
65 return 0;
66 while (cache->nobjs < max) {
67 page = (void *)__get_free_page(PGALLOC_GFP);
68 if (!page)
69 return -ENOMEM;
70 cache->objects[cache->nobjs++] = page;
71 }
72 return 0;
73 }
74
75 static void mmu_free_memory_cache(struct kvm_mmu_memory_cache *mc)
76 {
77 while (mc->nobjs)
78 free_page((unsigned long)mc->objects[--mc->nobjs]);
79 }
80
81 static void *mmu_memory_cache_alloc(struct kvm_mmu_memory_cache *mc)
82 {
83 void *p;
84
85 BUG_ON(!mc || !mc->nobjs);
86 p = mc->objects[--mc->nobjs];
87 return p;
88 }
89
90 static bool page_empty(void *ptr)
91 {
92 struct page *ptr_page = virt_to_page(ptr);
93 return page_count(ptr_page) == 1;
94 }
95
96 static void clear_pud_entry(struct kvm *kvm, pud_t *pud, phys_addr_t addr)
97 {
98 pmd_t *pmd_table = pmd_offset(pud, 0);
99 pud_clear(pud);
100 kvm_tlb_flush_vmid_ipa(kvm, addr);
101 pmd_free(NULL, pmd_table);
102 put_page(virt_to_page(pud));
103 }
104
105 static void clear_pmd_entry(struct kvm *kvm, pmd_t *pmd, phys_addr_t addr)
106 {
107 pte_t *pte_table = pte_offset_kernel(pmd, 0);
108 pmd_clear(pmd);
109 kvm_tlb_flush_vmid_ipa(kvm, addr);
110 pte_free_kernel(NULL, pte_table);
111 put_page(virt_to_page(pmd));
112 }
113
114 static void clear_pte_entry(struct kvm *kvm, pte_t *pte, phys_addr_t addr)
115 {
116 if (pte_present(*pte)) {
117 kvm_set_pte(pte, __pte(0));
118 put_page(virt_to_page(pte));
119 kvm_tlb_flush_vmid_ipa(kvm, addr);
120 }
121 }
122
123 static void unmap_range(struct kvm *kvm, pgd_t *pgdp,
124 unsigned long long start, u64 size)
125 {
126 pgd_t *pgd;
127 pud_t *pud;
128 pmd_t *pmd;
129 pte_t *pte;
130 unsigned long long addr = start, end = start + size;
131 u64 next;
132
133 while (addr < end) {
134 pgd = pgdp + pgd_index(addr);
135 pud = pud_offset(pgd, addr);
136 if (pud_none(*pud)) {
137 addr = pud_addr_end(addr, end);
138 continue;
139 }
140
141 pmd = pmd_offset(pud, addr);
142 if (pmd_none(*pmd)) {
143 addr = pmd_addr_end(addr, end);
144 continue;
145 }
146
147 pte = pte_offset_kernel(pmd, addr);
148 clear_pte_entry(kvm, pte, addr);
149 next = addr + PAGE_SIZE;
150
151 /* If we emptied the pte, walk back up the ladder */
152 if (page_empty(pte)) {
153 clear_pmd_entry(kvm, pmd, addr);
154 next = pmd_addr_end(addr, end);
155 if (page_empty(pmd) && !page_empty(pud)) {
156 clear_pud_entry(kvm, pud, addr);
157 next = pud_addr_end(addr, end);
158 }
159 }
160
161 addr = next;
162 }
163 }
164
165 /**
166 * free_boot_hyp_pgd - free HYP boot page tables
167 *
168 * Free the HYP boot page tables. The bounce page is also freed.
169 */
170 void free_boot_hyp_pgd(void)
171 {
172 mutex_lock(&kvm_hyp_pgd_mutex);
173
174 if (boot_hyp_pgd) {
175 unmap_range(NULL, boot_hyp_pgd, hyp_idmap_start, PAGE_SIZE);
176 unmap_range(NULL, boot_hyp_pgd, TRAMPOLINE_VA, PAGE_SIZE);
177 free_pages((unsigned long)boot_hyp_pgd, pgd_order);
178 boot_hyp_pgd = NULL;
179 }
180
181 if (hyp_pgd)
182 unmap_range(NULL, hyp_pgd, TRAMPOLINE_VA, PAGE_SIZE);
183
184 free_page((unsigned long)init_bounce_page);
185 init_bounce_page = NULL;
186
187 mutex_unlock(&kvm_hyp_pgd_mutex);
188 }
189
190 /**
191 * free_hyp_pgds - free Hyp-mode page tables
192 *
193 * Assumes hyp_pgd is a page table used strictly in Hyp-mode and
194 * therefore contains either mappings in the kernel memory area (above
195 * PAGE_OFFSET), or device mappings in the vmalloc range (from
196 * VMALLOC_START to VMALLOC_END).
197 *
198 * boot_hyp_pgd should only map two pages for the init code.
199 */
200 void free_hyp_pgds(void)
201 {
202 unsigned long addr;
203
204 free_boot_hyp_pgd();
205
206 mutex_lock(&kvm_hyp_pgd_mutex);
207
208 if (hyp_pgd) {
209 for (addr = PAGE_OFFSET; virt_addr_valid(addr); addr += PGDIR_SIZE)
210 unmap_range(NULL, hyp_pgd, KERN_TO_HYP(addr), PGDIR_SIZE);
211 for (addr = VMALLOC_START; is_vmalloc_addr((void*)addr); addr += PGDIR_SIZE)
212 unmap_range(NULL, hyp_pgd, KERN_TO_HYP(addr), PGDIR_SIZE);
213
214 free_pages((unsigned long)hyp_pgd, pgd_order);
215 hyp_pgd = NULL;
216 }
217
218 mutex_unlock(&kvm_hyp_pgd_mutex);
219 }
220
221 static void create_hyp_pte_mappings(pmd_t *pmd, unsigned long start,
222 unsigned long end, unsigned long pfn,
223 pgprot_t prot)
224 {
225 pte_t *pte;
226 unsigned long addr;
227
228 addr = start;
229 do {
230 pte = pte_offset_kernel(pmd, addr);
231 kvm_set_pte(pte, pfn_pte(pfn, prot));
232 get_page(virt_to_page(pte));
233 kvm_flush_dcache_to_poc(pte, sizeof(*pte));
234 pfn++;
235 } while (addr += PAGE_SIZE, addr != end);
236 }
237
238 static int create_hyp_pmd_mappings(pud_t *pud, unsigned long start,
239 unsigned long end, unsigned long pfn,
240 pgprot_t prot)
241 {
242 pmd_t *pmd;
243 pte_t *pte;
244 unsigned long addr, next;
245
246 addr = start;
247 do {
248 pmd = pmd_offset(pud, addr);
249
250 BUG_ON(pmd_sect(*pmd));
251
252 if (pmd_none(*pmd)) {
253 pte = pte_alloc_one_kernel(NULL, addr);
254 if (!pte) {
255 kvm_err("Cannot allocate Hyp pte\n");
256 return -ENOMEM;
257 }
258 pmd_populate_kernel(NULL, pmd, pte);
259 get_page(virt_to_page(pmd));
260 kvm_flush_dcache_to_poc(pmd, sizeof(*pmd));
261 }
262
263 next = pmd_addr_end(addr, end);
264
265 create_hyp_pte_mappings(pmd, addr, next, pfn, prot);
266 pfn += (next - addr) >> PAGE_SHIFT;
267 } while (addr = next, addr != end);
268
269 return 0;
270 }
271
272 static int __create_hyp_mappings(pgd_t *pgdp,
273 unsigned long start, unsigned long end,
274 unsigned long pfn, pgprot_t prot)
275 {
276 pgd_t *pgd;
277 pud_t *pud;
278 pmd_t *pmd;
279 unsigned long addr, next;
280 int err = 0;
281
282 mutex_lock(&kvm_hyp_pgd_mutex);
283 addr = start & PAGE_MASK;
284 end = PAGE_ALIGN(end);
285 do {
286 pgd = pgdp + pgd_index(addr);
287 pud = pud_offset(pgd, addr);
288
289 if (pud_none_or_clear_bad(pud)) {
290 pmd = pmd_alloc_one(NULL, addr);
291 if (!pmd) {
292 kvm_err("Cannot allocate Hyp pmd\n");
293 err = -ENOMEM;
294 goto out;
295 }
296 pud_populate(NULL, pud, pmd);
297 get_page(virt_to_page(pud));
298 kvm_flush_dcache_to_poc(pud, sizeof(*pud));
299 }
300
301 next = pgd_addr_end(addr, end);
302 err = create_hyp_pmd_mappings(pud, addr, next, pfn, prot);
303 if (err)
304 goto out;
305 pfn += (next - addr) >> PAGE_SHIFT;
306 } while (addr = next, addr != end);
307 out:
308 mutex_unlock(&kvm_hyp_pgd_mutex);
309 return err;
310 }
311
312 static phys_addr_t kvm_kaddr_to_phys(void *kaddr)
313 {
314 if (!is_vmalloc_addr(kaddr)) {
315 BUG_ON(!virt_addr_valid(kaddr));
316 return __pa(kaddr);
317 } else {
318 return page_to_phys(vmalloc_to_page(kaddr)) +
319 offset_in_page(kaddr);
320 }
321 }
322
323 /**
324 * create_hyp_mappings - duplicate a kernel virtual address range in Hyp mode
325 * @from: The virtual kernel start address of the range
326 * @to: The virtual kernel end address of the range (exclusive)
327 *
328 * The same virtual address as the kernel virtual address is also used
329 * in Hyp-mode mapping (modulo HYP_PAGE_OFFSET) to the same underlying
330 * physical pages.
331 */
332 int create_hyp_mappings(void *from, void *to)
333 {
334 phys_addr_t phys_addr;
335 unsigned long virt_addr;
336 unsigned long start = KERN_TO_HYP((unsigned long)from);
337 unsigned long end = KERN_TO_HYP((unsigned long)to);
338
339 start = start & PAGE_MASK;
340 end = PAGE_ALIGN(end);
341
342 for (virt_addr = start; virt_addr < end; virt_addr += PAGE_SIZE) {
343 int err;
344
345 phys_addr = kvm_kaddr_to_phys(from + virt_addr - start);
346 err = __create_hyp_mappings(hyp_pgd, virt_addr,
347 virt_addr + PAGE_SIZE,
348 __phys_to_pfn(phys_addr),
349 PAGE_HYP);
350 if (err)
351 return err;
352 }
353
354 return 0;
355 }
356
357 /**
358 * create_hyp_io_mappings - duplicate a kernel IO mapping into Hyp mode
359 * @from: The kernel start VA of the range
360 * @to: The kernel end VA of the range (exclusive)
361 * @phys_addr: The physical start address which gets mapped
362 *
363 * The resulting HYP VA is the same as the kernel VA, modulo
364 * HYP_PAGE_OFFSET.
365 */
366 int create_hyp_io_mappings(void *from, void *to, phys_addr_t phys_addr)
367 {
368 unsigned long start = KERN_TO_HYP((unsigned long)from);
369 unsigned long end = KERN_TO_HYP((unsigned long)to);
370
371 /* Check for a valid kernel IO mapping */
372 if (!is_vmalloc_addr(from) || !is_vmalloc_addr(to - 1))
373 return -EINVAL;
374
375 return __create_hyp_mappings(hyp_pgd, start, end,
376 __phys_to_pfn(phys_addr), PAGE_HYP_DEVICE);
377 }
378
379 /**
380 * kvm_alloc_stage2_pgd - allocate level-1 table for stage-2 translation.
381 * @kvm: The KVM struct pointer for the VM.
382 *
383 * Allocates the 1st level table only of size defined by S2_PGD_ORDER (can
384 * support either full 40-bit input addresses or limited to 32-bit input
385 * addresses). Clears the allocated pages.
386 *
387 * Note we don't need locking here as this is only called when the VM is
388 * created, which can only be done once.
389 */
390 int kvm_alloc_stage2_pgd(struct kvm *kvm)
391 {
392 pgd_t *pgd;
393
394 if (kvm->arch.pgd != NULL) {
395 kvm_err("kvm_arch already initialized?\n");
396 return -EINVAL;
397 }
398
399 pgd = (pgd_t *)__get_free_pages(GFP_KERNEL, S2_PGD_ORDER);
400 if (!pgd)
401 return -ENOMEM;
402
403 memset(pgd, 0, PTRS_PER_S2_PGD * sizeof(pgd_t));
404 kvm_clean_pgd(pgd);
405 kvm->arch.pgd = pgd;
406
407 return 0;
408 }
409
410 /**
411 * unmap_stage2_range -- Clear stage2 page table entries to unmap a range
412 * @kvm: The VM pointer
413 * @start: The intermediate physical base address of the range to unmap
414 * @size: The size of the area to unmap
415 *
416 * Clear a range of stage-2 mappings, lowering the various ref-counts. Must
417 * be called while holding mmu_lock (unless for freeing the stage2 pgd before
418 * destroying the VM), otherwise another faulting VCPU may come in and mess
419 * with things behind our backs.
420 */
421 static void unmap_stage2_range(struct kvm *kvm, phys_addr_t start, u64 size)
422 {
423 unmap_range(kvm, kvm->arch.pgd, start, size);
424 }
425
426 /**
427 * kvm_free_stage2_pgd - free all stage-2 tables
428 * @kvm: The KVM struct pointer for the VM.
429 *
430 * Walks the level-1 page table pointed to by kvm->arch.pgd and frees all
431 * underlying level-2 and level-3 tables before freeing the actual level-1 table
432 * and setting the struct pointer to NULL.
433 *
434 * Note we don't need locking here as this is only called when the VM is
435 * destroyed, which can only be done once.
436 */
437 void kvm_free_stage2_pgd(struct kvm *kvm)
438 {
439 if (kvm->arch.pgd == NULL)
440 return;
441
442 unmap_stage2_range(kvm, 0, KVM_PHYS_SIZE);
443 free_pages((unsigned long)kvm->arch.pgd, S2_PGD_ORDER);
444 kvm->arch.pgd = NULL;
445 }
446
447
448 static int stage2_set_pte(struct kvm *kvm, struct kvm_mmu_memory_cache *cache,
449 phys_addr_t addr, const pte_t *new_pte, bool iomap)
450 {
451 pgd_t *pgd;
452 pud_t *pud;
453 pmd_t *pmd;
454 pte_t *pte, old_pte;
455
456 /* Create 2nd stage page table mapping - Level 1 */
457 pgd = kvm->arch.pgd + pgd_index(addr);
458 pud = pud_offset(pgd, addr);
459 if (pud_none(*pud)) {
460 if (!cache)
461 return 0; /* ignore calls from kvm_set_spte_hva */
462 pmd = mmu_memory_cache_alloc(cache);
463 pud_populate(NULL, pud, pmd);
464 get_page(virt_to_page(pud));
465 }
466
467 pmd = pmd_offset(pud, addr);
468
469 /* Create 2nd stage page table mapping - Level 2 */
470 if (pmd_none(*pmd)) {
471 if (!cache)
472 return 0; /* ignore calls from kvm_set_spte_hva */
473 pte = mmu_memory_cache_alloc(cache);
474 kvm_clean_pte(pte);
475 pmd_populate_kernel(NULL, pmd, pte);
476 get_page(virt_to_page(pmd));
477 }
478
479 pte = pte_offset_kernel(pmd, addr);
480
481 if (iomap && pte_present(*pte))
482 return -EFAULT;
483
484 /* Create 2nd stage page table mapping - Level 3 */
485 old_pte = *pte;
486 kvm_set_pte(pte, *new_pte);
487 if (pte_present(old_pte))
488 kvm_tlb_flush_vmid_ipa(kvm, addr);
489 else
490 get_page(virt_to_page(pte));
491
492 return 0;
493 }
494
495 /**
496 * kvm_phys_addr_ioremap - map a device range to guest IPA
497 *
498 * @kvm: The KVM pointer
499 * @guest_ipa: The IPA at which to insert the mapping
500 * @pa: The physical address of the device
501 * @size: The size of the mapping
502 */
503 int kvm_phys_addr_ioremap(struct kvm *kvm, phys_addr_t guest_ipa,
504 phys_addr_t pa, unsigned long size)
505 {
506 phys_addr_t addr, end;
507 int ret = 0;
508 unsigned long pfn;
509 struct kvm_mmu_memory_cache cache = { 0, };
510
511 end = (guest_ipa + size + PAGE_SIZE - 1) & PAGE_MASK;
512 pfn = __phys_to_pfn(pa);
513
514 for (addr = guest_ipa; addr < end; addr += PAGE_SIZE) {
515 pte_t pte = pfn_pte(pfn, PAGE_S2_DEVICE);
516
517 ret = mmu_topup_memory_cache(&cache, 2, 2);
518 if (ret)
519 goto out;
520 spin_lock(&kvm->mmu_lock);
521 ret = stage2_set_pte(kvm, &cache, addr, &pte, true);
522 spin_unlock(&kvm->mmu_lock);
523 if (ret)
524 goto out;
525
526 pfn++;
527 }
528
529 out:
530 mmu_free_memory_cache(&cache);
531 return ret;
532 }
533
534 static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa,
535 gfn_t gfn, struct kvm_memory_slot *memslot,
536 unsigned long fault_status)
537 {
538 pte_t new_pte;
539 pfn_t pfn;
540 int ret;
541 bool write_fault, writable;
542 unsigned long mmu_seq;
543 struct kvm_mmu_memory_cache *memcache = &vcpu->arch.mmu_page_cache;
544
545 write_fault = kvm_is_write_fault(kvm_vcpu_get_hsr(vcpu));
546 if (fault_status == FSC_PERM && !write_fault) {
547 kvm_err("Unexpected L2 read permission error\n");
548 return -EFAULT;
549 }
550
551 /* We need minimum second+third level pages */
552 ret = mmu_topup_memory_cache(memcache, 2, KVM_NR_MEM_OBJS);
553 if (ret)
554 return ret;
555
556 mmu_seq = vcpu->kvm->mmu_notifier_seq;
557 /*
558 * Ensure the read of mmu_notifier_seq happens before we call
559 * gfn_to_pfn_prot (which calls get_user_pages), so that we don't risk
560 * the page we just got a reference to gets unmapped before we have a
561 * chance to grab the mmu_lock, which ensure that if the page gets
562 * unmapped afterwards, the call to kvm_unmap_hva will take it away
563 * from us again properly. This smp_rmb() interacts with the smp_wmb()
564 * in kvm_mmu_notifier_invalidate_<page|range_end>.
565 */
566 smp_rmb();
567
568 pfn = gfn_to_pfn_prot(vcpu->kvm, gfn, write_fault, &writable);
569 if (is_error_pfn(pfn))
570 return -EFAULT;
571
572 new_pte = pfn_pte(pfn, PAGE_S2);
573 coherent_icache_guest_page(vcpu->kvm, gfn);
574
575 spin_lock(&vcpu->kvm->mmu_lock);
576 if (mmu_notifier_retry(vcpu->kvm, mmu_seq))
577 goto out_unlock;
578 if (writable) {
579 kvm_set_s2pte_writable(&new_pte);
580 kvm_set_pfn_dirty(pfn);
581 }
582 stage2_set_pte(vcpu->kvm, memcache, fault_ipa, &new_pte, false);
583
584 out_unlock:
585 spin_unlock(&vcpu->kvm->mmu_lock);
586 kvm_release_pfn_clean(pfn);
587 return 0;
588 }
589
590 /**
591 * kvm_handle_guest_abort - handles all 2nd stage aborts
592 * @vcpu: the VCPU pointer
593 * @run: the kvm_run structure
594 *
595 * Any abort that gets to the host is almost guaranteed to be caused by a
596 * missing second stage translation table entry, which can mean that either the
597 * guest simply needs more memory and we must allocate an appropriate page or it
598 * can mean that the guest tried to access I/O memory, which is emulated by user
599 * space. The distinction is based on the IPA causing the fault and whether this
600 * memory region has been registered as standard RAM by user space.
601 */
602 int kvm_handle_guest_abort(struct kvm_vcpu *vcpu, struct kvm_run *run)
603 {
604 unsigned long fault_status;
605 phys_addr_t fault_ipa;
606 struct kvm_memory_slot *memslot;
607 bool is_iabt;
608 gfn_t gfn;
609 int ret, idx;
610
611 is_iabt = kvm_vcpu_trap_is_iabt(vcpu);
612 fault_ipa = kvm_vcpu_get_fault_ipa(vcpu);
613
614 trace_kvm_guest_fault(*vcpu_pc(vcpu), kvm_vcpu_get_hsr(vcpu),
615 kvm_vcpu_get_hfar(vcpu), fault_ipa);
616
617 /* Check the stage-2 fault is trans. fault or write fault */
618 fault_status = kvm_vcpu_trap_get_fault(vcpu);
619 if (fault_status != FSC_FAULT && fault_status != FSC_PERM) {
620 kvm_err("Unsupported fault status: EC=%#x DFCS=%#lx\n",
621 kvm_vcpu_trap_get_class(vcpu), fault_status);
622 return -EFAULT;
623 }
624
625 idx = srcu_read_lock(&vcpu->kvm->srcu);
626
627 gfn = fault_ipa >> PAGE_SHIFT;
628 if (!kvm_is_visible_gfn(vcpu->kvm, gfn)) {
629 if (is_iabt) {
630 /* Prefetch Abort on I/O address */
631 kvm_inject_pabt(vcpu, kvm_vcpu_get_hfar(vcpu));
632 ret = 1;
633 goto out_unlock;
634 }
635
636 if (fault_status != FSC_FAULT) {
637 kvm_err("Unsupported fault status on io memory: %#lx\n",
638 fault_status);
639 ret = -EFAULT;
640 goto out_unlock;
641 }
642
643 /*
644 * The IPA is reported as [MAX:12], so we need to
645 * complement it with the bottom 12 bits from the
646 * faulting VA. This is always 12 bits, irrespective
647 * of the page size.
648 */
649 fault_ipa |= kvm_vcpu_get_hfar(vcpu) & ((1 << 12) - 1);
650 ret = io_mem_abort(vcpu, run, fault_ipa);
651 goto out_unlock;
652 }
653
654 memslot = gfn_to_memslot(vcpu->kvm, gfn);
655
656 ret = user_mem_abort(vcpu, fault_ipa, gfn, memslot, fault_status);
657 if (ret == 0)
658 ret = 1;
659 out_unlock:
660 srcu_read_unlock(&vcpu->kvm->srcu, idx);
661 return ret;
662 }
663
664 static void handle_hva_to_gpa(struct kvm *kvm,
665 unsigned long start,
666 unsigned long end,
667 void (*handler)(struct kvm *kvm,
668 gpa_t gpa, void *data),
669 void *data)
670 {
671 struct kvm_memslots *slots;
672 struct kvm_memory_slot *memslot;
673
674 slots = kvm_memslots(kvm);
675
676 /* we only care about the pages that the guest sees */
677 kvm_for_each_memslot(memslot, slots) {
678 unsigned long hva_start, hva_end;
679 gfn_t gfn, gfn_end;
680
681 hva_start = max(start, memslot->userspace_addr);
682 hva_end = min(end, memslot->userspace_addr +
683 (memslot->npages << PAGE_SHIFT));
684 if (hva_start >= hva_end)
685 continue;
686
687 /*
688 * {gfn(page) | page intersects with [hva_start, hva_end)} =
689 * {gfn_start, gfn_start+1, ..., gfn_end-1}.
690 */
691 gfn = hva_to_gfn_memslot(hva_start, memslot);
692 gfn_end = hva_to_gfn_memslot(hva_end + PAGE_SIZE - 1, memslot);
693
694 for (; gfn < gfn_end; ++gfn) {
695 gpa_t gpa = gfn << PAGE_SHIFT;
696 handler(kvm, gpa, data);
697 }
698 }
699 }
700
701 static void kvm_unmap_hva_handler(struct kvm *kvm, gpa_t gpa, void *data)
702 {
703 unmap_stage2_range(kvm, gpa, PAGE_SIZE);
704 }
705
706 int kvm_unmap_hva(struct kvm *kvm, unsigned long hva)
707 {
708 unsigned long end = hva + PAGE_SIZE;
709
710 if (!kvm->arch.pgd)
711 return 0;
712
713 trace_kvm_unmap_hva(hva);
714 handle_hva_to_gpa(kvm, hva, end, &kvm_unmap_hva_handler, NULL);
715 return 0;
716 }
717
718 int kvm_unmap_hva_range(struct kvm *kvm,
719 unsigned long start, unsigned long end)
720 {
721 if (!kvm->arch.pgd)
722 return 0;
723
724 trace_kvm_unmap_hva_range(start, end);
725 handle_hva_to_gpa(kvm, start, end, &kvm_unmap_hva_handler, NULL);
726 return 0;
727 }
728
729 static void kvm_set_spte_handler(struct kvm *kvm, gpa_t gpa, void *data)
730 {
731 pte_t *pte = (pte_t *)data;
732
733 stage2_set_pte(kvm, NULL, gpa, pte, false);
734 }
735
736
737 void kvm_set_spte_hva(struct kvm *kvm, unsigned long hva, pte_t pte)
738 {
739 unsigned long end = hva + PAGE_SIZE;
740 pte_t stage2_pte;
741
742 if (!kvm->arch.pgd)
743 return;
744
745 trace_kvm_set_spte_hva(hva);
746 stage2_pte = pfn_pte(pte_pfn(pte), PAGE_S2);
747 handle_hva_to_gpa(kvm, hva, end, &kvm_set_spte_handler, &stage2_pte);
748 }
749
750 void kvm_mmu_free_memory_caches(struct kvm_vcpu *vcpu)
751 {
752 mmu_free_memory_cache(&vcpu->arch.mmu_page_cache);
753 }
754
755 phys_addr_t kvm_mmu_get_httbr(void)
756 {
757 return virt_to_phys(hyp_pgd);
758 }
759
760 phys_addr_t kvm_mmu_get_boot_httbr(void)
761 {
762 return virt_to_phys(boot_hyp_pgd);
763 }
764
765 phys_addr_t kvm_get_idmap_vector(void)
766 {
767 return hyp_idmap_vector;
768 }
769
770 int kvm_mmu_init(void)
771 {
772 int err;
773
774 hyp_idmap_start = virt_to_phys(__hyp_idmap_text_start);
775 hyp_idmap_end = virt_to_phys(__hyp_idmap_text_end);
776 hyp_idmap_vector = virt_to_phys(__kvm_hyp_init);
777
778 if ((hyp_idmap_start ^ hyp_idmap_end) & PAGE_MASK) {
779 /*
780 * Our init code is crossing a page boundary. Allocate
781 * a bounce page, copy the code over and use that.
782 */
783 size_t len = __hyp_idmap_text_end - __hyp_idmap_text_start;
784 phys_addr_t phys_base;
785
786 init_bounce_page = (void *)__get_free_page(GFP_KERNEL);
787 if (!init_bounce_page) {
788 kvm_err("Couldn't allocate HYP init bounce page\n");
789 err = -ENOMEM;
790 goto out;
791 }
792
793 memcpy(init_bounce_page, __hyp_idmap_text_start, len);
794 /*
795 * Warning: the code we just copied to the bounce page
796 * must be flushed to the point of coherency.
797 * Otherwise, the data may be sitting in L2, and HYP
798 * mode won't be able to observe it as it runs with
799 * caches off at that point.
800 */
801 kvm_flush_dcache_to_poc(init_bounce_page, len);
802
803 phys_base = virt_to_phys(init_bounce_page);
804 hyp_idmap_vector += phys_base - hyp_idmap_start;
805 hyp_idmap_start = phys_base;
806 hyp_idmap_end = phys_base + len;
807
808 kvm_info("Using HYP init bounce page @%lx\n",
809 (unsigned long)phys_base);
810 }
811
812 hyp_pgd = (pgd_t *)__get_free_pages(GFP_KERNEL | __GFP_ZERO, pgd_order);
813 boot_hyp_pgd = (pgd_t *)__get_free_pages(GFP_KERNEL | __GFP_ZERO, pgd_order);
814
815 if (!hyp_pgd || !boot_hyp_pgd) {
816 kvm_err("Hyp mode PGD not allocated\n");
817 err = -ENOMEM;
818 goto out;
819 }
820
821 /* Create the idmap in the boot page tables */
822 err = __create_hyp_mappings(boot_hyp_pgd,
823 hyp_idmap_start, hyp_idmap_end,
824 __phys_to_pfn(hyp_idmap_start),
825 PAGE_HYP);
826
827 if (err) {
828 kvm_err("Failed to idmap %lx-%lx\n",
829 hyp_idmap_start, hyp_idmap_end);
830 goto out;
831 }
832
833 /* Map the very same page at the trampoline VA */
834 err = __create_hyp_mappings(boot_hyp_pgd,
835 TRAMPOLINE_VA, TRAMPOLINE_VA + PAGE_SIZE,
836 __phys_to_pfn(hyp_idmap_start),
837 PAGE_HYP);
838 if (err) {
839 kvm_err("Failed to map trampoline @%lx into boot HYP pgd\n",
840 TRAMPOLINE_VA);
841 goto out;
842 }
843
844 /* Map the same page again into the runtime page tables */
845 err = __create_hyp_mappings(hyp_pgd,
846 TRAMPOLINE_VA, TRAMPOLINE_VA + PAGE_SIZE,
847 __phys_to_pfn(hyp_idmap_start),
848 PAGE_HYP);
849 if (err) {
850 kvm_err("Failed to map trampoline @%lx into runtime HYP pgd\n",
851 TRAMPOLINE_VA);
852 goto out;
853 }
854
855 return 0;
856 out:
857 free_hyp_pgds();
858 return err;
859 }
Linux with added FPC-III support