virt/kvm/arm/psci.c

   1 /*
   2  * Copyright (C) 2012 - ARM Ltd
   3  * Author: Marc Zyngier <marc.zyngier@arm.com>
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License version 2 as
   7  * published by the Free Software Foundation.
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  * GNU General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU General Public License
  15  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16  */
  17
  18 #include <linux/arm-smccc.h>
  19 #include <linux/preempt.h>
  20 #include <linux/kvm_host.h>
  21 #include <linux/uaccess.h>
  22 #include <linux/wait.h>
  23
  24 #include <asm/cputype.h>
  25 #include <asm/kvm_emulate.h>
  26 #include <asm/kvm_host.h>
  27
  28 #include <kvm/arm_psci.h>
  29
  30 /*
  31  * This is an implementation of the Power State Coordination Interface
  32  * as described in ARM document number ARM DEN 0022A.
  33  */
  34
  35 #define AFFINITY_MASK(level)    ~((0x1UL << ((level) * MPIDR_LEVEL_BITS)) - 1)
  36
  37 static u32 smccc_get_function(struct kvm_vcpu *vcpu)
  38 {
  39         return vcpu_get_reg(vcpu, 0);
  40 }
  41
  42 static unsigned long smccc_get_arg1(struct kvm_vcpu *vcpu)
  43 {
  44         return vcpu_get_reg(vcpu, 1);
  45 }
  46
  47 static unsigned long smccc_get_arg2(struct kvm_vcpu *vcpu)
  48 {
  49         return vcpu_get_reg(vcpu, 2);
  50 }
  51
  52 static unsigned long smccc_get_arg3(struct kvm_vcpu *vcpu)
  53 {
  54         return vcpu_get_reg(vcpu, 3);
  55 }
  56
  57 static void smccc_set_retval(struct kvm_vcpu *vcpu,
  58                              unsigned long a0,
  59                              unsigned long a1,
  60                              unsigned long a2,
  61                              unsigned long a3)
  62 {
  63         vcpu_set_reg(vcpu, 0, a0);
  64         vcpu_set_reg(vcpu, 1, a1);
  65         vcpu_set_reg(vcpu, 2, a2);
  66         vcpu_set_reg(vcpu, 3, a3);
  67 }
  68
  69 static unsigned long psci_affinity_mask(unsigned long affinity_level)
  70 {
  71         if (affinity_level <= 3)
  72                 return MPIDR_HWID_BITMASK & AFFINITY_MASK(affinity_level);
  73
  74         return 0;
  75 }
  76
  77 static unsigned long kvm_psci_vcpu_suspend(struct kvm_vcpu *vcpu)
  78 {
  79         /*
  80          * NOTE: For simplicity, we make VCPU suspend emulation to be
  81          * same-as WFI (Wait-for-interrupt) emulation.
  82          *
  83          * This means for KVM the wakeup events are interrupts and
  84          * this is consistent with intended use of StateID as described
  85          * in section 5.4.1 of PSCI v0.2 specification (ARM DEN 0022A).
  86          *
  87          * Further, we also treat power-down request to be same as
  88          * stand-by request as-per section 5.4.2 clause 3 of PSCI v0.2
  89          * specification (ARM DEN 0022A). This means all suspend states
  90          * for KVM will preserve the register state.
  91          */
  92         kvm_vcpu_block(vcpu);
  93         kvm_clear_request(KVM_REQ_UNHALT, vcpu);
  94
  95         return PSCI_RET_SUCCESS;
  96 }
  97
  98 static void kvm_psci_vcpu_off(struct kvm_vcpu *vcpu)
  99 {
 100         vcpu->arch.power_off = true;
 101         kvm_make_request(KVM_REQ_SLEEP, vcpu);
 102         kvm_vcpu_kick(vcpu);
 103 }
 104
 105 static unsigned long kvm_psci_vcpu_on(struct kvm_vcpu *source_vcpu)
 106 {
 107         struct vcpu_reset_state *reset_state;
 108         struct kvm *kvm = source_vcpu->kvm;
 109         struct kvm_vcpu *vcpu = NULL;
 110         unsigned long cpu_id;
 111
 112         cpu_id = smccc_get_arg1(source_vcpu) & MPIDR_HWID_BITMASK;
 113         if (vcpu_mode_is_32bit(source_vcpu))
 114                 cpu_id &= ~((u32) 0);
 115
 116         vcpu = kvm_mpidr_to_vcpu(kvm, cpu_id);
 117
 118         /*
 119          * Make sure the caller requested a valid CPU and that the CPU is
 120          * turned off.
 121          */
 122         if (!vcpu)
 123                 return PSCI_RET_INVALID_PARAMS;
 124         if (!vcpu->arch.power_off) {
 125                 if (kvm_psci_version(source_vcpu, kvm) != KVM_ARM_PSCI_0_1)
 126                         return PSCI_RET_ALREADY_ON;
 127                 else
 128                         return PSCI_RET_INVALID_PARAMS;
 129         }
 130
 131         reset_state = &vcpu->arch.reset_state;
 132
 133         reset_state->pc = smccc_get_arg2(source_vcpu);
 134
 135         /* Propagate caller endianness */
 136         reset_state->be = kvm_vcpu_is_be(source_vcpu);
 137
 138         /*
 139          * NOTE: We always update r0 (or x0) because for PSCI v0.1
 140          * the general puspose registers are undefined upon CPU_ON.
 141          */
 142         reset_state->r0 = smccc_get_arg3(source_vcpu);
 143
 144         WRITE_ONCE(reset_state->reset, true);
 145         kvm_make_request(KVM_REQ_VCPU_RESET, vcpu);
 146
 147         /*
 148          * Make sure the reset request is observed if the change to
 149          * power_state is observed.
 150          */
 151         smp_wmb();
 152
 153         vcpu->arch.power_off = false;
 154         kvm_vcpu_wake_up(vcpu);
 155
 156         return PSCI_RET_SUCCESS;
 157 }
 158
 159 static unsigned long kvm_psci_vcpu_affinity_info(struct kvm_vcpu *vcpu)
 160 {
 161         int i, matching_cpus = 0;
 162         unsigned long mpidr;
 163         unsigned long target_affinity;
 164         unsigned long target_affinity_mask;
 165         unsigned long lowest_affinity_level;
 166         struct kvm *kvm = vcpu->kvm;
 167         struct kvm_vcpu *tmp;
 168
 169         target_affinity = smccc_get_arg1(vcpu);
 170         lowest_affinity_level = smccc_get_arg2(vcpu);
 171
 172         /* Determine target affinity mask */
 173         target_affinity_mask = psci_affinity_mask(lowest_affinity_level);
 174         if (!target_affinity_mask)
 175                 return PSCI_RET_INVALID_PARAMS;
 176
 177         /* Ignore other bits of target affinity */
 178         target_affinity &= target_affinity_mask;
 179
 180         /*
 181          * If one or more VCPU matching target affinity are running
 182          * then ON else OFF
 183          */
 184         kvm_for_each_vcpu(i, tmp, kvm) {
 185                 mpidr = kvm_vcpu_get_mpidr_aff(tmp);
 186                 if ((mpidr & target_affinity_mask) == target_affinity) {
 187                         matching_cpus++;
 188                         if (!tmp->arch.power_off)
 189                                 return PSCI_0_2_AFFINITY_LEVEL_ON;
 190                 }
 191         }
 192
 193         if (!matching_cpus)
 194                 return PSCI_RET_INVALID_PARAMS;
 195
 196         return PSCI_0_2_AFFINITY_LEVEL_OFF;
 197 }
 198
 199 static void kvm_prepare_system_event(struct kvm_vcpu *vcpu, u32 type)
 200 {
 201         int i;
 202         struct kvm_vcpu *tmp;
 203
 204         /*
 205          * The KVM ABI specifies that a system event exit may call KVM_RUN
 206          * again and may perform shutdown/reboot at a later time that when the
 207          * actual request is made.  Since we are implementing PSCI and a
 208          * caller of PSCI reboot and shutdown expects that the system shuts
 209          * down or reboots immediately, let's make sure that VCPUs are not run
 210          * after this call is handled and before the VCPUs have been
 211          * re-initialized.
 212          */
 213         kvm_for_each_vcpu(i, tmp, vcpu->kvm)
 214                 tmp->arch.power_off = true;
 215         kvm_make_all_cpus_request(vcpu->kvm, KVM_REQ_SLEEP);
 216
 217         memset(&vcpu->run->system_event, 0, sizeof(vcpu->run->system_event));
 218         vcpu->run->system_event.type = type;
 219         vcpu->run->exit_reason = KVM_EXIT_SYSTEM_EVENT;
 220 }
 221
 222 static void kvm_psci_system_off(struct kvm_vcpu *vcpu)
 223 {
 224         kvm_prepare_system_event(vcpu, KVM_SYSTEM_EVENT_SHUTDOWN);
 225 }
 226
 227 static void kvm_psci_system_reset(struct kvm_vcpu *vcpu)
 228 {
 229         kvm_prepare_system_event(vcpu, KVM_SYSTEM_EVENT_RESET);
 230 }
 231
 232 static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)
 233 {
 234         struct kvm *kvm = vcpu->kvm;
 235         u32 psci_fn = smccc_get_function(vcpu);
 236         unsigned long val;
 237         int ret = 1;
 238
 239         switch (psci_fn) {
 240         case PSCI_0_2_FN_PSCI_VERSION:
 241                 /*
 242                  * Bits[31:16] = Major Version = 0
 243                  * Bits[15:0] = Minor Version = 2
 244                  */
 245                 val = KVM_ARM_PSCI_0_2;
 246                 break;
 247         case PSCI_0_2_FN_CPU_SUSPEND:
 248         case PSCI_0_2_FN64_CPU_SUSPEND:
 249                 val = kvm_psci_vcpu_suspend(vcpu);
 250                 break;
 251         case PSCI_0_2_FN_CPU_OFF:
 252                 kvm_psci_vcpu_off(vcpu);
 253                 val = PSCI_RET_SUCCESS;
 254                 break;
 255         case PSCI_0_2_FN_CPU_ON:
 256         case PSCI_0_2_FN64_CPU_ON:
 257                 mutex_lock(&kvm->lock);
 258                 val = kvm_psci_vcpu_on(vcpu);
 259                 mutex_unlock(&kvm->lock);
 260                 break;
 261         case PSCI_0_2_FN_AFFINITY_INFO:
 262         case PSCI_0_2_FN64_AFFINITY_INFO:
 263                 val = kvm_psci_vcpu_affinity_info(vcpu);
 264                 break;
 265         case PSCI_0_2_FN_MIGRATE_INFO_TYPE:
 266                 /*
 267                  * Trusted OS is MP hence does not require migration
 268                  * or
 269                  * Trusted OS is not present
 270                  */
 271                 val = PSCI_0_2_TOS_MP;
 272                 break;
 273         case PSCI_0_2_FN_SYSTEM_OFF:
 274                 kvm_psci_system_off(vcpu);
 275                 /*
 276                  * We should'nt be going back to guest VCPU after
 277                  * receiving SYSTEM_OFF request.
 278                  *
 279                  * If user space accidently/deliberately resumes
 280                  * guest VCPU after SYSTEM_OFF request then guest
 281                  * VCPU should see internal failure from PSCI return
 282                  * value. To achieve this, we preload r0 (or x0) with
 283                  * PSCI return value INTERNAL_FAILURE.
 284                  */
 285                 val = PSCI_RET_INTERNAL_FAILURE;
 286                 ret = 0;
 287                 break;
 288         case PSCI_0_2_FN_SYSTEM_RESET:
 289                 kvm_psci_system_reset(vcpu);
 290                 /*
 291                  * Same reason as SYSTEM_OFF for preloading r0 (or x0)
 292                  * with PSCI return value INTERNAL_FAILURE.
 293                  */
 294                 val = PSCI_RET_INTERNAL_FAILURE;
 295                 ret = 0;
 296                 break;
 297         default:
 298                 val = PSCI_RET_NOT_SUPPORTED;
 299                 break;
 300         }
 301
 302         smccc_set_retval(vcpu, val, 0, 0, 0);
 303         return ret;
 304 }
 305
 306 static int kvm_psci_1_0_call(struct kvm_vcpu *vcpu)
 307 {
 308         u32 psci_fn = smccc_get_function(vcpu);
 309         u32 feature;
 310         unsigned long val;
 311         int ret = 1;
 312
 313         switch(psci_fn) {
 314         case PSCI_0_2_FN_PSCI_VERSION:
 315                 val = KVM_ARM_PSCI_1_0;
 316                 break;
 317         case PSCI_1_0_FN_PSCI_FEATURES:
 318                 feature = smccc_get_arg1(vcpu);
 319                 switch(feature) {
 320                 case PSCI_0_2_FN_PSCI_VERSION:
 321                 case PSCI_0_2_FN_CPU_SUSPEND:
 322                 case PSCI_0_2_FN64_CPU_SUSPEND:
 323                 case PSCI_0_2_FN_CPU_OFF:
 324                 case PSCI_0_2_FN_CPU_ON:
 325                 case PSCI_0_2_FN64_CPU_ON:
 326                 case PSCI_0_2_FN_AFFINITY_INFO:
 327                 case PSCI_0_2_FN64_AFFINITY_INFO:
 328                 case PSCI_0_2_FN_MIGRATE_INFO_TYPE:
 329                 case PSCI_0_2_FN_SYSTEM_OFF:
 330                 case PSCI_0_2_FN_SYSTEM_RESET:
 331                 case PSCI_1_0_FN_PSCI_FEATURES:
 332                 case ARM_SMCCC_VERSION_FUNC_ID:
 333                         val = 0;
 334                         break;
 335                 default:
 336                         val = PSCI_RET_NOT_SUPPORTED;
 337                         break;
 338                 }
 339                 break;
 340         default:
 341                 return kvm_psci_0_2_call(vcpu);
 342         }
 343
 344         smccc_set_retval(vcpu, val, 0, 0, 0);
 345         return ret;
 346 }
 347
 348 static int kvm_psci_0_1_call(struct kvm_vcpu *vcpu)
 349 {
 350         struct kvm *kvm = vcpu->kvm;
 351         u32 psci_fn = smccc_get_function(vcpu);
 352         unsigned long val;
 353
 354         switch (psci_fn) {
 355         case KVM_PSCI_FN_CPU_OFF:
 356                 kvm_psci_vcpu_off(vcpu);
 357                 val = PSCI_RET_SUCCESS;
 358                 break;
 359         case KVM_PSCI_FN_CPU_ON:
 360                 mutex_lock(&kvm->lock);
 361                 val = kvm_psci_vcpu_on(vcpu);
 362                 mutex_unlock(&kvm->lock);
 363                 break;
 364         default:
 365                 val = PSCI_RET_NOT_SUPPORTED;
 366                 break;
 367         }
 368
 369         smccc_set_retval(vcpu, val, 0, 0, 0);
 370         return 1;
 371 }
 372
 373 /**
 374  * kvm_psci_call - handle PSCI call if r0 value is in range
 375  * @vcpu: Pointer to the VCPU struct
 376  *
 377  * Handle PSCI calls from guests through traps from HVC instructions.
 378  * The calling convention is similar to SMC calls to the secure world
 379  * where the function number is placed in r0.
 380  *
 381  * This function returns: > 0 (success), 0 (success but exit to user
 382  * space), and < 0 (errors)
 383  *
 384  * Errors:
 385  * -EINVAL: Unrecognized PSCI function
 386  */
 387 static int kvm_psci_call(struct kvm_vcpu *vcpu)
 388 {
 389         switch (kvm_psci_version(vcpu, vcpu->kvm)) {
 390         case KVM_ARM_PSCI_1_0:
 391                 return kvm_psci_1_0_call(vcpu);
 392         case KVM_ARM_PSCI_0_2:
 393                 return kvm_psci_0_2_call(vcpu);
 394         case KVM_ARM_PSCI_0_1:
 395                 return kvm_psci_0_1_call(vcpu);
 396         default:
 397                 return -EINVAL;
 398         };
 399 }
 400
 401 int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)
 402 {
 403         u32 func_id = smccc_get_function(vcpu);
 404         u32 val = SMCCC_RET_NOT_SUPPORTED;
 405         u32 feature;
 406
 407         switch (func_id) {
 408         case ARM_SMCCC_VERSION_FUNC_ID:
 409                 val = ARM_SMCCC_VERSION_1_1;
 410                 break;
 411         case ARM_SMCCC_ARCH_FEATURES_FUNC_ID:
 412                 feature = smccc_get_arg1(vcpu);
 413                 switch(feature) {
 414                 case ARM_SMCCC_ARCH_WORKAROUND_1:
 415                         if (kvm_arm_harden_branch_predictor())
 416                                 val = SMCCC_RET_SUCCESS;
 417                         break;
 418                 case ARM_SMCCC_ARCH_WORKAROUND_2:
 419                         switch (kvm_arm_have_ssbd()) {
 420                         case KVM_SSBD_FORCE_DISABLE:
 421                         case KVM_SSBD_UNKNOWN:
 422                                 break;
 423                         case KVM_SSBD_KERNEL:
 424                                 val = SMCCC_RET_SUCCESS;
 425                                 break;
 426                         case KVM_SSBD_FORCE_ENABLE:
 427                         case KVM_SSBD_MITIGATED:
 428                                 val = SMCCC_RET_NOT_REQUIRED;
 429                                 break;
 430                         }
 431                         break;
 432                 }
 433                 break;
 434         default:
 435                 return kvm_psci_call(vcpu);
 436         }
 437
 438         smccc_set_retval(vcpu, val, 0, 0, 0);
 439         return 1;
 440 }
 441
 442 int kvm_arm_get_fw_num_regs(struct kvm_vcpu *vcpu)
 443 {
 444         return 1;               /* PSCI version */
 445 }
 446
 447 int kvm_arm_copy_fw_reg_indices(struct kvm_vcpu *vcpu, u64 __user *uindices)
 448 {
 449         if (put_user(KVM_REG_ARM_PSCI_VERSION, uindices))
 450                 return -EFAULT;
 451
 452         return 0;
 453 }
 454
 455 int kvm_arm_get_fw_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)
 456 {
 457         if (reg->id == KVM_REG_ARM_PSCI_VERSION) {
 458                 void __user *uaddr = (void __user *)(long)reg->addr;
 459                 u64 val;
 460
 461                 val = kvm_psci_version(vcpu, vcpu->kvm);
 462                 if (copy_to_user(uaddr, &val, KVM_REG_SIZE(reg->id)))
 463                         return -EFAULT;
 464
 465                 return 0;
 466         }
 467
 468         return -EINVAL;
 469 }
 470
 471 int kvm_arm_set_fw_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg)
 472 {
 473         if (reg->id == KVM_REG_ARM_PSCI_VERSION) {
 474                 void __user *uaddr = (void __user *)(long)reg->addr;
 475                 bool wants_02;
 476                 u64 val;
 477
 478                 if (copy_from_user(&val, uaddr, KVM_REG_SIZE(reg->id)))
 479                         return -EFAULT;
 480
 481                 wants_02 = test_bit(KVM_ARM_VCPU_PSCI_0_2, vcpu->arch.features);
 482
 483                 switch (val) {
 484                 case KVM_ARM_PSCI_0_1:
 485                         if (wants_02)
 486                                 return -EINVAL;
 487                         vcpu->kvm->arch.psci_version = val;
 488                         return 0;
 489                 case KVM_ARM_PSCI_0_2:
 490                 case KVM_ARM_PSCI_1_0:
 491                         if (!wants_02)
 492                                 return -EINVAL;
 493                         vcpu->kvm->arch.psci_version = val;
 494                         return 0;
 495                 }
 496         }
 497
 498         return -EINVAL;
 499 }