[RFC kvmtool 22/31] arm64: Activate realm before the first VCPU is run

From: Suzuki K Poulose
Date: Fri Jan 27 2023 - 07:16:40 EST

Next message: Alexey Kardashevskiy: "Re: [Question PATCH kernel] x86/amd/sev/nmi+vc: Fix stack handling (why is this happening?)"
Previous message: Krzysztof Kozlowski: "[PATCH] dt-bindings: usb: qcom,dwc3: allow required-opps"
In reply to: Suzuki K Poulose: "[RFC kvmtool 21/31] init: Add last_{init, exit} list macros"
Next in thread: Suzuki K Poulose: "[RFC kvmtool 18/31] arm64: Populate initial realm contents"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alexandru Elisei <alexandru.elisei@xxxxxxx>

Before KVM can run a VCPU belong to a realm, the realm be activated.
Activating a realm prevents the adding of new object and seals the
cryptographic measurement of that realm. The VCPU state is part of the
measurement, which means that realm activation must be performed after
all VCPUs have been reset.

Current RMM implementation can only create RECs in the order of their
MPIDRs. VCPUs get assigned MPIDRs by KVM based on their VCPU id. Reset the
VCPUs in the order they were created from the main thread instead of doing
it from their own thread, which doesn't guarantee any ordering.

Signed-off-by: Alexandru Elisei <alexandru.elisei@xxxxxxx>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@xxxxxxx>
---
arm/aarch64/kvm-cpu.c | 4 ++++
arm/aarch64/realm.c | 35 +++++++++++++++++++++++++++++++
arm/include/arm-common/kvm-arch.h | 1 +
3 files changed, 40 insertions(+)

diff --git a/arm/aarch64/kvm-cpu.c b/arm/aarch64/kvm-cpu.c
index 24e570c4..32fa7609 100644
--- a/arm/aarch64/kvm-cpu.c
+++ b/arm/aarch64/kvm-cpu.c
@@ -187,6 +187,10 @@ void kvm_cpu__reset_vcpu(struct kvm_cpu *vcpu)
cpu_set_t *affinity;
int ret;

+ /* VCPU reset is done before activating the realm. */
+ if (kvm->arch.realm_is_active)
+ return;
+
affinity = kvm->arch.vcpu_affinity_cpuset;
if (affinity) {
ret = sched_setaffinity(0, sizeof(cpu_set_t), affinity);
diff --git a/arm/aarch64/realm.c b/arm/aarch64/realm.c
index eddccece..808d39c5 100644
--- a/arm/aarch64/realm.c
+++ b/arm/aarch64/realm.c
@@ -1,4 +1,5 @@
#include "kvm/kvm.h"
+#include "kvm/kvm-cpu.h"

#include <linux/byteorder.h>
#include <asm/image.h>
@@ -192,3 +193,37 @@ void kvm_arm_realm_populate_dtb(struct kvm *kvm)
if (end > start)
realm_populate(kvm, start, end - start);
}
+
+static void kvm_arm_realm_activate_realm(struct kvm *kvm)
+{
+ struct kvm_enable_cap activate_realm = {
+ .cap = KVM_CAP_ARM_RME,
+ .args[0] = KVM_CAP_ARM_RME_ACTIVATE_REALM,
+ };
+
+ if (ioctl(kvm->vm_fd, KVM_ENABLE_CAP, &activate_realm) < 0)
+ die_perror("KVM_CAP_ARM_RME(KVM_CAP_ARM_RME_ACTIVATE_REALM)");
+
+ kvm->arch.realm_is_active = true;
+}
+
+static int kvm_arm_realm_finalize(struct kvm *kvm)
+{
+ int i;
+
+ if (!kvm->cfg.arch.is_realm)
+ return 0;
+
+ /*
+ * VCPU reset must happen before the realm is activated, because their
+ * state is part of the cryptographic measurement for the realm.
+ */
+ for (i = 0; i < kvm->nrcpus; i++)
+ kvm_cpu__reset_vcpu(kvm->cpus[i]);
+
+ /* Activate and seal the measurement for the realm. */
+ kvm_arm_realm_activate_realm(kvm);
+
+ return 0;
+}
+last_init(kvm_arm_realm_finalize)
diff --git a/arm/include/arm-common/kvm-arch.h b/arm/include/arm-common/kvm-arch.h
index b5a4b851..6d48e13c 100644
--- a/arm/include/arm-common/kvm-arch.h
+++ b/arm/include/arm-common/kvm-arch.h
@@ -116,6 +116,7 @@ struct kvm_arch {
cpu_set_t *vcpu_affinity_cpuset;
u64 measurement_algo;
u64 sve_vq;
+ bool realm_is_active;
};

#endif /* ARM_COMMON__KVM_ARCH_H */
--
2.34.1

Next message: Alexey Kardashevskiy: "Re: [Question PATCH kernel] x86/amd/sev/nmi+vc: Fix stack handling (why is this happening?)"
Previous message: Krzysztof Kozlowski: "[PATCH] dt-bindings: usb: qcom,dwc3: allow required-opps"
In reply to: Suzuki K Poulose: "[RFC kvmtool 21/31] init: Add last_{init, exit} list macros"
Next in thread: Suzuki K Poulose: "[RFC kvmtool 18/31] arm64: Populate initial realm contents"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]