Re: [PATCH v4 00/21] arm64: Early CPU feature override, and applications to VHE, BTI and PAuth

From: David Brazdil
Date: Mon Jan 18 2021 - 09:55:58 EST

Next message: Daniel Vetter: "Re: [PATCH 00/29] [Set 15] Finally rid W=1 warnings from GPU!"
Previous message: Mika Westerberg: "Re: Multiple MODALIAS= in uevent file confuses userspace"
In reply to: Catalin Marinas: "Re: [PATCH v4 19/21] arm64: cpufeatures: Allow disabling of BTI from the command-line"
Next in thread: Marc Zyngier: "[PATCH v4 15/21] arm64: Add an aliasing facility for the idreg override"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 18, 2021 at 09:45:12AM +0000, Marc Zyngier wrote:
> It recently came to light that there is a need to be able to override
> some CPU features very early on, before the kernel is fully up and
> running. The reasons for this range from specific feature support
> (such as using Protected KVM on VHE HW, which is the main motivation
> for this work) to errata workaround (a feature is broken on a CPU and
> needs to be turned off, or rather not enabled).
>
> This series tries to offer a limited framework for this kind of
> problems, by allowing a set of options to be passed on the
> command-line and altering the feature set that the cpufeature
> subsystem exposes to the rest of the kernel. Note that this doesn't
> change anything for code that directly uses the CPU ID registers.
>
> The series completely changes the way a VHE-capable system boots, by
> *always* booting non-VHE first, and then upgrading to VHE when deemed
> capable. Although it sounds scary, this is actually simple to
> implement (and I wish I had done that five years ago). The "upgrade to
> VHE" path is then conditioned on the VHE feature not being disabled
> from the command-line.
>
> Said command-line parsing borrows a lot from the kaslr code, and
> subsequently allows the "nokaslr" option to be moved to the new
> infrastructure (though it all looks a bit... odd).
>
> Further patches now add support for disabling BTI and PAuth, the
> latter being based on an initial series by Srinivas Ramana[0]. There
> is some ongoing discussions about being able to disable MTE, but no
> clear resolution on that subject yet.
>
> This has been tested on multiple VHE and non-VHE systems.
>
> * From v3 [3]:
> - Fixed the VHE_RESTART stub (duh!)
> - Switched to using arm64_ftr_safe_value() instead of the user
> provided value
> - Per-feature override warning
>
> * From v2 [2]:
> - Simplify the VHE_RESTART stub
> - Fixed a number of spelling mistakes, and hopefully introduced a
> few more
> - Override features in __read_sysreg_by_encoding()
> - Allow both BTI and PAuth to be overridden on the command line
> - Rebased on -rc3
>
> * From v1 [1]:
> - Fix SPE init on VHE when EL2 doesn't own SPE
> - Fix re-init when KASLR is used
> - Handle the resume path
> - Rebased to 5.11-rc2
>
> [0] https://lore.kernel.org/r/1610152163-16554-1-git-send-email-sramana@xxxxxxxxxxxxxx
> [1] https://lore.kernel.org/r/20201228104958.1848833-1-maz@xxxxxxxxxx
> [2] https://lore.kernel.org/r/20210104135011.2063104-1-maz@xxxxxxxxxx
> [3] https://lore.kernel.org/r/20210111132811.2455113-1-maz@xxxxxxxxxx

Pretty cool! Left a few minor comments here and there, other than that:
Acked-by: David Brazdil <dbrazdil@xxxxxxxxxx>

Next message: Daniel Vetter: "Re: [PATCH 00/29] [Set 15] Finally rid W=1 warnings from GPU!"
Previous message: Mika Westerberg: "Re: Multiple MODALIAS= in uevent file confuses userspace"
In reply to: Catalin Marinas: "Re: [PATCH v4 19/21] arm64: cpufeatures: Allow disabling of BTI from the command-line"
Next in thread: Marc Zyngier: "[PATCH v4 15/21] arm64: Add an aliasing facility for the idreg override"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]