Merge tag 'kvmarm-5.9' of...

	  If unsure, say Y.

config HARDEN_EL2_VECTORS

	bool "Harden EL2 vector mapping against system register leak" if EXPERT

	default y

	help

	  Speculation attacks against some high-performance processors can

	  be used to leak privileged information such as the vector base

	  register, resulting in a potential defeat of the EL2 layout

	  randomization.

	  This config option will map the vectors to a fixed location,

	  independent of the EL2 code mapping, so that revealing VBAR_EL2

	  to an attacker does not give away any extra information. This

	  only gets enabled on affected CPUs.

	  If unsure, say Y.

config ARM64_SSBD

	bool "Speculative Store Bypass Disable" if EXPERT

	default y

config ARM64_PTR_AUTH

	bool "Enable support for pointer authentication"

	default y

	depends on !KVM || ARM64_VHE

	depends on (CC_HAS_SIGN_RETURN_ADDRESS || CC_HAS_BRANCH_PROT_PAC_RET) && AS_HAS_PAC

	# Modern compilers insert a .note.gnu.property section note for PAC

	# which is only understood by binutils starting with version 2.33.1.

	  The feature is detected at runtime. If the feature is not present in

	  hardware it will not be advertised to userspace/KVM guest nor will it

	  be enabled. However, KVM guest also require VHE mode and hence

	  CONFIG_ARM64_VHE=y option to use this feature.

	  be enabled.

	  If the feature is present on the boot CPU but not on a late CPU, then

	  the late CPU will be parked. Also, if the boot CPU does not have

#include <linux/mm.h>

/* Translate a kernel address of @sym into its equivalent linear mapping */

#define kvm_ksym_ref(sym)						\

/*

 * Translate name of a symbol defined in nVHE hyp to the name seen

 * by kernel proper. All nVHE symbols are prefixed by the build system

 * to avoid clashes with the VHE variants.

 */

#define kvm_nvhe_sym(sym)	__kvm_nvhe_##sym

#define DECLARE_KVM_VHE_SYM(sym)	extern char sym[]

#define DECLARE_KVM_NVHE_SYM(sym)	extern char kvm_nvhe_sym(sym)[]

/*

 * Define a pair of symbols sharing the same name but one defined in

 * VHE and the other in nVHE hyp implementations.

 */

#define DECLARE_KVM_HYP_SYM(sym)		\

	DECLARE_KVM_VHE_SYM(sym);		\

	DECLARE_KVM_NVHE_SYM(sym)

#define CHOOSE_VHE_SYM(sym)	sym

#define CHOOSE_NVHE_SYM(sym)	kvm_nvhe_sym(sym)

#ifndef __KVM_NVHE_HYPERVISOR__

/*

 * BIG FAT WARNINGS:

 *

 * - Don't be tempted to change the following is_kernel_in_hyp_mode()

 *   to has_vhe(). has_vhe() is implemented as a *final* capability,

 *   while this is used early at boot time, when the capabilities are

 *   not final yet....

 *

 * - Don't let the nVHE hypervisor have access to this, as it will

 *   pick the *wrong* symbol (yes, it runs at EL2...).

 */

#define CHOOSE_HYP_SYM(sym)	(is_kernel_in_hyp_mode() ? CHOOSE_VHE_SYM(sym) \

					   : CHOOSE_NVHE_SYM(sym))

#else

/* The nVHE hypervisor shouldn't even try to access anything */

extern void *__nvhe_undefined_symbol;

#define CHOOSE_HYP_SYM(sym)	__nvhe_undefined_symbol

#endif

/* Translate a kernel address @ptr into its equivalent linear mapping */

#define kvm_ksym_ref(ptr)						\

	({								\

		void *val = &sym;					\

		void *val = (ptr);					\

		if (!is_kernel_in_hyp_mode())				\

			val = lm_alias(&sym);				\

			val = lm_alias((ptr));				\

		val;							\

	 })

#define kvm_ksym_ref_nvhe(sym)	kvm_ksym_ref(kvm_nvhe_sym(sym))

struct kvm;

struct kvm_vcpu;

struct kvm_s2_mmu;

extern char __kvm_hyp_init[];

extern char __kvm_hyp_init_end[];

DECLARE_KVM_NVHE_SYM(__kvm_hyp_init);

DECLARE_KVM_HYP_SYM(__kvm_hyp_vector);

#define __kvm_hyp_init		CHOOSE_NVHE_SYM(__kvm_hyp_init)

#define __kvm_hyp_vector	CHOOSE_HYP_SYM(__kvm_hyp_vector)

extern char __kvm_hyp_vector[];

#ifdef CONFIG_KVM_INDIRECT_VECTORS

extern atomic_t arm64_el2_vector_last_slot;

DECLARE_KVM_HYP_SYM(__bp_harden_hyp_vecs);

#define __bp_harden_hyp_vecs	CHOOSE_HYP_SYM(__bp_harden_hyp_vecs)

#endif

extern void __kvm_flush_vm_context(void);

extern void __kvm_tlb_flush_vmid_ipa(struct kvm *kvm, phys_addr_t ipa);

extern void __kvm_tlb_flush_vmid(struct kvm *kvm);

extern void __kvm_tlb_flush_local_vmid(struct kvm_vcpu *vcpu);

extern void __kvm_tlb_flush_vmid_ipa(struct kvm_s2_mmu *mmu, phys_addr_t ipa,

				     int level);

extern void __kvm_tlb_flush_vmid(struct kvm_s2_mmu *mmu);

extern void __kvm_tlb_flush_local_vmid(struct kvm_s2_mmu *mmu);

extern void __kvm_timer_set_cntvoff(u64 cntvoff);

extern int kvm_vcpu_run_vhe(struct kvm_vcpu *vcpu);

extern int __kvm_vcpu_run_nvhe(struct kvm_vcpu *vcpu);

extern int __kvm_vcpu_run(struct kvm_vcpu *vcpu);

extern void __kvm_enable_ssbs(void);

.macro get_vcpu_ptr vcpu, ctxt

	get_host_ctxt \ctxt, \vcpu

	ldr	\vcpu, [\ctxt, #HOST_CONTEXT_VCPU]

	kern_hyp_va	\vcpu

.endm

#endif

	size_t num;

};

struct kvm_sys_reg_target_table {

	struct kvm_sys_reg_table table64;

	struct kvm_sys_reg_table table32;

};

void kvm_register_target_sys_reg_table(unsigned int target,

				       struct kvm_sys_reg_target_table *table);

int kvm_handle_cp14_load_store(struct kvm_vcpu *vcpu);

int kvm_handle_cp14_32(struct kvm_vcpu *vcpu);

int kvm_handle_cp14_64(struct kvm_vcpu *vcpu);

static __always_inline unsigned long *vcpu_pc(const struct kvm_vcpu *vcpu)

{

	return (unsigned long *)&vcpu_gp_regs(vcpu)->regs.pc;

}

static inline unsigned long *__vcpu_elr_el1(const struct kvm_vcpu *vcpu)

{

	return (unsigned long *)&vcpu_gp_regs(vcpu)->elr_el1;

}

static inline unsigned long vcpu_read_elr_el1(const struct kvm_vcpu *vcpu)

{

	if (vcpu->arch.sysregs_loaded_on_cpu)

		return read_sysreg_el1(SYS_ELR);

	else

		return *__vcpu_elr_el1(vcpu);

}

static inline void vcpu_write_elr_el1(const struct kvm_vcpu *vcpu, unsigned long v)

{

	if (vcpu->arch.sysregs_loaded_on_cpu)

		write_sysreg_el1(v, SYS_ELR);

	else

		*__vcpu_elr_el1(vcpu) = v;

	return (unsigned long *)&vcpu_gp_regs(vcpu)->pc;

}

static __always_inline unsigned long *vcpu_cpsr(const struct kvm_vcpu *vcpu)

{

	return (unsigned long *)&vcpu_gp_regs(vcpu)->regs.pstate;

	return (unsigned long *)&vcpu_gp_regs(vcpu)->pstate;

}

static __always_inline bool vcpu_mode_is_32bit(const struct kvm_vcpu *vcpu)

static __always_inline unsigned long vcpu_get_reg(const struct kvm_vcpu *vcpu,

					 u8 reg_num)

{

	return (reg_num == 31) ? 0 : vcpu_gp_regs(vcpu)->regs.regs[reg_num];

	return (reg_num == 31) ? 0 : vcpu_gp_regs(vcpu)->regs[reg_num];

}

static __always_inline void vcpu_set_reg(struct kvm_vcpu *vcpu, u8 reg_num,

				unsigned long val)

{

	if (reg_num != 31)

		vcpu_gp_regs(vcpu)->regs.regs[reg_num] = val;

		vcpu_gp_regs(vcpu)->regs[reg_num] = val;

}

static inline unsigned long vcpu_read_spsr(const struct kvm_vcpu *vcpu)

	if (vcpu->arch.sysregs_loaded_on_cpu)

		return read_sysreg_el1(SYS_SPSR);

	else

		return vcpu_gp_regs(vcpu)->spsr[KVM_SPSR_EL1];

		return __vcpu_sys_reg(vcpu, SPSR_EL1);

}

static inline void vcpu_write_spsr(struct kvm_vcpu *vcpu, unsigned long v)

	if (vcpu->arch.sysregs_loaded_on_cpu)

		write_sysreg_el1(v, SYS_SPSR);

	else

		vcpu_gp_regs(vcpu)->spsr[KVM_SPSR_EL1] = v;

		__vcpu_sys_reg(vcpu, SPSR_EL1) = v;

}

/*

	return mode != PSR_MODE_EL0t;

}

static __always_inline u32 kvm_vcpu_get_hsr(const struct kvm_vcpu *vcpu)

static __always_inline u32 kvm_vcpu_get_esr(const struct kvm_vcpu *vcpu)

{

	return vcpu->arch.fault.esr_el2;

}

static __always_inline int kvm_vcpu_get_condition(const struct kvm_vcpu *vcpu)

{

	u32 esr = kvm_vcpu_get_hsr(vcpu);

	u32 esr = kvm_vcpu_get_esr(vcpu);

	if (esr & ESR_ELx_CV)

		return (esr & ESR_ELx_COND_MASK) >> ESR_ELx_COND_SHIFT;

static inline u32 kvm_vcpu_hvc_get_imm(const struct kvm_vcpu *vcpu)

{

	return kvm_vcpu_get_hsr(vcpu) & ESR_ELx_xVC_IMM_MASK;

	return kvm_vcpu_get_esr(vcpu) & ESR_ELx_xVC_IMM_MASK;

}

static __always_inline bool kvm_vcpu_dabt_isvalid(const struct kvm_vcpu *vcpu)

{

	return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_ISV);

	return !!(kvm_vcpu_get_esr(vcpu) & ESR_ELx_ISV);

}

static inline unsigned long kvm_vcpu_dabt_iss_nisv_sanitized(const struct kvm_vcpu *vcpu)

{

	return kvm_vcpu_get_hsr(vcpu) & (ESR_ELx_CM | ESR_ELx_WNR | ESR_ELx_FSC);

	return kvm_vcpu_get_esr(vcpu) & (ESR_ELx_CM | ESR_ELx_WNR | ESR_ELx_FSC);

}

static inline bool kvm_vcpu_dabt_issext(const struct kvm_vcpu *vcpu)

{

	return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_SSE);

	return !!(kvm_vcpu_get_esr(vcpu) & ESR_ELx_SSE);

}

static inline bool kvm_vcpu_dabt_issf(const struct kvm_vcpu *vcpu)

{

	return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_SF);

	return !!(kvm_vcpu_get_esr(vcpu) & ESR_ELx_SF);

}

static __always_inline int kvm_vcpu_dabt_get_rd(const struct kvm_vcpu *vcpu)

{

	return (kvm_vcpu_get_hsr(vcpu) & ESR_ELx_SRT_MASK) >> ESR_ELx_SRT_SHIFT;

	return (kvm_vcpu_get_esr(vcpu) & ESR_ELx_SRT_MASK) >> ESR_ELx_SRT_SHIFT;

}

static __always_inline bool kvm_vcpu_dabt_iss1tw(const struct kvm_vcpu *vcpu)

{

	return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_S1PTW);

	return !!(kvm_vcpu_get_esr(vcpu) & ESR_ELx_S1PTW);

}

static __always_inline bool kvm_vcpu_dabt_iswrite(const struct kvm_vcpu *vcpu)

{

	return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_WNR) ||

	return !!(kvm_vcpu_get_esr(vcpu) & ESR_ELx_WNR) ||

		kvm_vcpu_dabt_iss1tw(vcpu); /* AF/DBM update */

}

static inline bool kvm_vcpu_dabt_is_cm(const struct kvm_vcpu *vcpu)

{

	return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_CM);

	return !!(kvm_vcpu_get_esr(vcpu) & ESR_ELx_CM);

}

static __always_inline unsigned int kvm_vcpu_dabt_get_as(const struct kvm_vcpu *vcpu)

{

	return 1 << ((kvm_vcpu_get_hsr(vcpu) & ESR_ELx_SAS) >> ESR_ELx_SAS_SHIFT);

	return 1 << ((kvm_vcpu_get_esr(vcpu) & ESR_ELx_SAS) >> ESR_ELx_SAS_SHIFT);

}

/* This one is not specific to Data Abort */

static __always_inline bool kvm_vcpu_trap_il_is32bit(const struct kvm_vcpu *vcpu)

{

	return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_IL);

	return !!(kvm_vcpu_get_esr(vcpu) & ESR_ELx_IL);

}

static __always_inline u8 kvm_vcpu_trap_get_class(const struct kvm_vcpu *vcpu)

{

	return ESR_ELx_EC(kvm_vcpu_get_hsr(vcpu));

	return ESR_ELx_EC(kvm_vcpu_get_esr(vcpu));

}

static inline bool kvm_vcpu_trap_is_iabt(const struct kvm_vcpu *vcpu)

static __always_inline u8 kvm_vcpu_trap_get_fault(const struct kvm_vcpu *vcpu)

{

	return kvm_vcpu_get_hsr(vcpu) & ESR_ELx_FSC;

	return kvm_vcpu_get_esr(vcpu) & ESR_ELx_FSC;

}

static __always_inline u8 kvm_vcpu_trap_get_fault_type(const struct kvm_vcpu *vcpu)

{

	return kvm_vcpu_get_hsr(vcpu) & ESR_ELx_FSC_TYPE;

	return kvm_vcpu_get_esr(vcpu) & ESR_ELx_FSC_TYPE;

}

static __always_inline bool kvm_vcpu_dabt_isextabt(const struct kvm_vcpu *vcpu)

static __always_inline bool kvm_vcpu_abt_issea(const struct kvm_vcpu *vcpu)

{

	switch (kvm_vcpu_trap_get_fault(vcpu)) {

	case FSC_SEA:

static __always_inline int kvm_vcpu_sys_get_rt(struct kvm_vcpu *vcpu)

{

	u32 esr = kvm_vcpu_get_hsr(vcpu);

	u32 esr = kvm_vcpu_get_esr(vcpu);

	return ESR_ELx_SYS64_ISS_RT(esr);

}

 * Skip an instruction which has been emulated at hyp while most guest sysregs

 * are live.

 */

static __always_inline void __hyp_text __kvm_skip_instr(struct kvm_vcpu *vcpu)

static __always_inline void __kvm_skip_instr(struct kvm_vcpu *vcpu)

{

	*vcpu_pc(vcpu) = read_sysreg_el2(SYS_ELR);

	vcpu->arch.ctxt.gp_regs.regs.pstate = read_sysreg_el2(SYS_SPSR);

	vcpu_gp_regs(vcpu)->pstate = read_sysreg_el2(SYS_SPSR);

	kvm_skip_instr(vcpu, kvm_vcpu_trap_il_is32bit(vcpu));

	write_sysreg_el2(vcpu->arch.ctxt.gp_regs.regs.pstate, SYS_SPSR);

	write_sysreg_el2(vcpu_gp_regs(vcpu)->pstate, SYS_SPSR);

	write_sysreg_el2(*vcpu_pc(vcpu), SYS_ELR);

}

	u32    vmid;

};

struct kvm_arch {

struct kvm_s2_mmu {

	struct kvm_vmid vmid;

	/* stage2 entry level table */

	/*

	 * stage2 entry level table

	 *

	 * Two kvm_s2_mmu structures in the same VM can point to the same

	 * pgd here.  This happens when running a guest using a

	 * translation regime that isn't affected by its own stage-2

	 * translation, such as a non-VHE hypervisor running at vEL2, or

	 * for vEL1/EL0 with vHCR_EL2.VM == 0.  In that case, we use the

	 * canonical stage-2 page tables.

	 */

	pgd_t		*pgd;

	phys_addr_t	pgd_phys;

	/* VTCR_EL2 value for this VM */

	u64    vtcr;

	/* The last vcpu id that ran on each physical CPU */

	int __percpu *last_vcpu_ran;

	struct kvm *kvm;

};

struct kvm_arch {

	struct kvm_s2_mmu mmu;

	/* VTCR_EL2 value for this VM */

	u64    vtcr;

	/* The maximum number of vCPUs depends on the used GIC model */

	int max_vcpus;

	APGAKEYLO_EL1,

	APGAKEYHI_EL1,

	ELR_EL1,

	SP_EL1,

	SPSR_EL1,

	CNTVOFF_EL2,

	CNTV_CVAL_EL0,

	CNTV_CTL_EL0,

	CNTP_CVAL_EL0,

	CNTP_CTL_EL0,

	/* 32bit specific registers. Keep them at the end of the range */

	DACR32_EL2,	/* Domain Access Control Register */

	IFSR32_EL2,	/* Instruction Fault Status Register */

#define NR_COPRO_REGS	(NR_SYS_REGS * 2)

struct kvm_cpu_context {

	struct kvm_regs	gp_regs;

	struct user_pt_regs regs;	/* sp = sp_el0 */

	u64	spsr_abt;

	u64	spsr_und;

	u64	spsr_irq;

	u64	spsr_fiq;

	struct user_fpsimd_state fp_regs;

	union {

		u64 sys_regs[NR_SYS_REGS];

		u32 copro[NR_COPRO_REGS];

	void *sve_state;

	unsigned int sve_max_vl;

	/* Stage 2 paging state used by the hardware on next switch */

	struct kvm_s2_mmu *hw_mmu;

	/* HYP configuration */

	u64 hcr_el2;

	u32 mdcr_el2;

	struct vcpu_reset_state	reset_state;

	/* True when deferrable sysregs are loaded on the physical CPU,

	 * see kvm_vcpu_load_sysregs and kvm_vcpu_put_sysregs. */

	 * see kvm_vcpu_load_sysregs_vhe and kvm_vcpu_put_sysregs_vhe. */

	bool sysregs_loaded_on_cpu;

	/* Guest PV state */

#define vcpu_has_ptrauth(vcpu)		false

#endif

#define vcpu_gp_regs(v)		(&(v)->arch.ctxt.gp_regs)

#define vcpu_gp_regs(v)		(&(v)->arch.ctxt.regs)

/*

 * Only use __vcpu_sys_reg if you know you want the memory backed version of a

 * register, and not the one most recently accessed by a running VCPU.  For

 * example, for userspace access or for system registers that are never context

 * switched, but only emulated.

 * Only use __vcpu_sys_reg/ctxt_sys_reg if you know you want the

 * memory backed version of a register, and not the one most recently

 * accessed by a running VCPU.  For example, for userspace access or

 * for system registers that are never context switched, but only

 * emulated.

 */

#define __vcpu_sys_reg(v,r)	((v)->arch.ctxt.sys_regs[(r)])

#define __ctxt_sys_reg(c,r)	(&(c)->sys_regs[(r)])

#define ctxt_sys_reg(c,r)	(*__ctxt_sys_reg(c,r))

#define __vcpu_sys_reg(v,r)	(ctxt_sys_reg(&(v)->arch.ctxt, (r)))

u64 vcpu_read_sys_reg(const struct kvm_vcpu *vcpu, int reg);

void vcpu_write_sys_reg(struct kvm_vcpu *vcpu, u64 val, int reg);

u64 __kvm_call_hyp(void *hypfn, ...);

#define kvm_call_hyp_nvhe(f, ...)					\

	do {								\

		DECLARE_KVM_NVHE_SYM(f);				\

		__kvm_call_hyp(kvm_ksym_ref_nvhe(f), ##__VA_ARGS__);	\

	} while(0)

#define kvm_call_hyp_nvhe_ret(f, ...)					\

	({								\

		DECLARE_KVM_NVHE_SYM(f);				\

		__kvm_call_hyp(kvm_ksym_ref_nvhe(f), ##__VA_ARGS__);	\

	})

/*

 * The couple of isb() below are there to guarantee the same behaviour

 * on VHE as on !VHE, where the eret to EL1 acts as a context

			f(__VA_ARGS__);					\

			isb();						\

		} else {						\

			__kvm_call_hyp(kvm_ksym_ref(f), ##__VA_ARGS__); \

			kvm_call_hyp_nvhe(f, ##__VA_ARGS__);		\

		}							\

	} while(0)

			ret = f(__VA_ARGS__);				\

			isb();						\

		} else {						\

			ret = __kvm_call_hyp(kvm_ksym_ref(f),		\

					     ##__VA_ARGS__);		\

			ret = kvm_call_hyp_nvhe_ret(f, ##__VA_ARGS__);	\

		}							\

									\

		ret;							\

static inline void kvm_init_host_cpu_context(struct kvm_cpu_context *cpu_ctxt)

{

	/* The host's MPIDR is immutable, so let's set it up at boot time */

	cpu_ctxt->sys_regs[MPIDR_EL1] = read_cpuid_mpidr();

	ctxt_sys_reg(cpu_ctxt, MPIDR_EL1) = read_cpuid_mpidr();

}

static inline bool kvm_arch_requires_vhe(void)

	}

}

void kvm_vcpu_load_sysregs(struct kvm_vcpu *vcpu);

void kvm_vcpu_put_sysregs(struct kvm_vcpu *vcpu);

void kvm_vcpu_load_sysregs_vhe(struct kvm_vcpu *vcpu);

void kvm_vcpu_put_sysregs_vhe(struct kvm_vcpu *vcpu);

int kvm_set_ipa_limit(void);