1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2015, 2016 ARM Ltd. 4 */ 5 6 #include <linux/uaccess.h> 7 #include <linux/interrupt.h> 8 #include <linux/cpu.h> 9 #include <linux/kvm_host.h> 10 #include <kvm/arm_vgic.h> 11 #include <asm/kvm_emulate.h> 12 #include <asm/kvm_mmu.h> 13 #include "vgic.h" 14 15 /* 16 * Initialization rules: there are multiple stages to the vgic 17 * initialization, both for the distributor and the CPU interfaces. The basic 18 * idea is that even though the VGIC is not functional or not requested from 19 * user space, the critical path of the run loop can still call VGIC functions 20 * that just won't do anything, without them having to check additional 21 * initialization flags to ensure they don't look at uninitialized data 22 * structures. 23 * 24 * Distributor: 25 * 26 * - kvm_vgic_early_init(): initialization of static data that doesn't 27 * depend on any sizing information or emulation type. No allocation 28 * is allowed there. 29 * 30 * - vgic_init(): allocation and initialization of the generic data 31 * structures that depend on sizing information (number of CPUs, 32 * number of interrupts). Also initializes the vcpu specific data 33 * structures. Can be executed lazily for GICv2. 34 * 35 * CPU Interface: 36 * 37 * - kvm_vgic_vcpu_init(): initialization of static data that 38 * doesn't depend on any sizing information or emulation type. No 39 * allocation is allowed there. 40 */ 41 42 /* EARLY INIT */ 43 44 /** 45 * kvm_vgic_early_init() - Initialize static VGIC VCPU data structures 46 * @kvm: The VM whose VGIC districutor should be initialized 47 * 48 * Only do initialization of static structures that don't require any 49 * allocation or sizing information from userspace. vgic_init() called 50 * kvm_vgic_dist_init() which takes care of the rest. 51 */ 52 void kvm_vgic_early_init(struct kvm *kvm) 53 { 54 struct vgic_dist *dist = &kvm->arch.vgic; 55 56 INIT_LIST_HEAD(&dist->lpi_list_head); 57 INIT_LIST_HEAD(&dist->lpi_translation_cache); 58 raw_spin_lock_init(&dist->lpi_list_lock); 59 } 60 61 /* CREATION */ 62 63 /** 64 * kvm_vgic_create: triggered by the instantiation of the VGIC device by 65 * user space, either through the legacy KVM_CREATE_IRQCHIP ioctl (v2 only) 66 * or through the generic KVM_CREATE_DEVICE API ioctl. 67 * irqchip_in_kernel() tells you if this function succeeded or not. 68 * @kvm: kvm struct pointer 69 * @type: KVM_DEV_TYPE_ARM_VGIC_V[23] 70 */ 71 int kvm_vgic_create(struct kvm *kvm, u32 type) 72 { 73 struct kvm_vcpu *vcpu; 74 unsigned long i; 75 int ret; 76 77 if (irqchip_in_kernel(kvm)) 78 return -EEXIST; 79 80 /* 81 * This function is also called by the KVM_CREATE_IRQCHIP handler, 82 * which had no chance yet to check the availability of the GICv2 83 * emulation. So check this here again. KVM_CREATE_DEVICE does 84 * the proper checks already. 85 */ 86 if (type == KVM_DEV_TYPE_ARM_VGIC_V2 && 87 !kvm_vgic_global_state.can_emulate_gicv2) 88 return -ENODEV; 89 90 ret = -EBUSY; 91 if (!lock_all_vcpus(kvm)) 92 return ret; 93 94 kvm_for_each_vcpu(i, vcpu, kvm) { 95 if (vcpu_has_run_once(vcpu)) 96 goto out_unlock; 97 } 98 ret = 0; 99 100 if (type == KVM_DEV_TYPE_ARM_VGIC_V2) 101 kvm->max_vcpus = VGIC_V2_MAX_CPUS; 102 else 103 kvm->max_vcpus = VGIC_V3_MAX_CPUS; 104 105 if (atomic_read(&kvm->online_vcpus) > kvm->max_vcpus) { 106 ret = -E2BIG; 107 goto out_unlock; 108 } 109 110 kvm->arch.vgic.in_kernel = true; 111 kvm->arch.vgic.vgic_model = type; 112 113 kvm->arch.vgic.vgic_dist_base = VGIC_ADDR_UNDEF; 114 115 if (type == KVM_DEV_TYPE_ARM_VGIC_V2) 116 kvm->arch.vgic.vgic_cpu_base = VGIC_ADDR_UNDEF; 117 else 118 INIT_LIST_HEAD(&kvm->arch.vgic.rd_regions); 119 120 out_unlock: 121 unlock_all_vcpus(kvm); 122 return ret; 123 } 124 125 /* INIT/DESTROY */ 126 127 /** 128 * kvm_vgic_dist_init: initialize the dist data structures 129 * @kvm: kvm struct pointer 130 * @nr_spis: number of spis, frozen by caller 131 */ 132 static int kvm_vgic_dist_init(struct kvm *kvm, unsigned int nr_spis) 133 { 134 struct vgic_dist *dist = &kvm->arch.vgic; 135 struct kvm_vcpu *vcpu0 = kvm_get_vcpu(kvm, 0); 136 int i; 137 138 dist->spis = kcalloc(nr_spis, sizeof(struct vgic_irq), GFP_KERNEL_ACCOUNT); 139 if (!dist->spis) 140 return -ENOMEM; 141 142 /* 143 * In the following code we do not take the irq struct lock since 144 * no other action on irq structs can happen while the VGIC is 145 * not initialized yet: 146 * If someone wants to inject an interrupt or does a MMIO access, we 147 * require prior initialization in case of a virtual GICv3 or trigger 148 * initialization when using a virtual GICv2. 149 */ 150 for (i = 0; i < nr_spis; i++) { 151 struct vgic_irq *irq = &dist->spis[i]; 152 153 irq->intid = i + VGIC_NR_PRIVATE_IRQS; 154 INIT_LIST_HEAD(&irq->ap_list); 155 raw_spin_lock_init(&irq->irq_lock); 156 irq->vcpu = NULL; 157 irq->target_vcpu = vcpu0; 158 kref_init(&irq->refcount); 159 switch (dist->vgic_model) { 160 case KVM_DEV_TYPE_ARM_VGIC_V2: 161 irq->targets = 0; 162 irq->group = 0; 163 break; 164 case KVM_DEV_TYPE_ARM_VGIC_V3: 165 irq->mpidr = 0; 166 irq->group = 1; 167 break; 168 default: 169 kfree(dist->spis); 170 dist->spis = NULL; 171 return -EINVAL; 172 } 173 } 174 return 0; 175 } 176 177 /** 178 * kvm_vgic_vcpu_init() - Initialize static VGIC VCPU data 179 * structures and register VCPU-specific KVM iodevs 180 * 181 * @vcpu: pointer to the VCPU being created and initialized 182 * 183 * Only do initialization, but do not actually enable the 184 * VGIC CPU interface 185 */ 186 int kvm_vgic_vcpu_init(struct kvm_vcpu *vcpu) 187 { 188 struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu; 189 struct vgic_dist *dist = &vcpu->kvm->arch.vgic; 190 int ret = 0; 191 int i; 192 193 vgic_cpu->rd_iodev.base_addr = VGIC_ADDR_UNDEF; 194 195 INIT_LIST_HEAD(&vgic_cpu->ap_list_head); 196 raw_spin_lock_init(&vgic_cpu->ap_list_lock); 197 atomic_set(&vgic_cpu->vgic_v3.its_vpe.vlpi_count, 0); 198 199 /* 200 * Enable and configure all SGIs to be edge-triggered and 201 * configure all PPIs as level-triggered. 202 */ 203 for (i = 0; i < VGIC_NR_PRIVATE_IRQS; i++) { 204 struct vgic_irq *irq = &vgic_cpu->private_irqs[i]; 205 206 INIT_LIST_HEAD(&irq->ap_list); 207 raw_spin_lock_init(&irq->irq_lock); 208 irq->intid = i; 209 irq->vcpu = NULL; 210 irq->target_vcpu = vcpu; 211 kref_init(&irq->refcount); 212 if (vgic_irq_is_sgi(i)) { 213 /* SGIs */ 214 irq->enabled = 1; 215 irq->config = VGIC_CONFIG_EDGE; 216 } else { 217 /* PPIs */ 218 irq->config = VGIC_CONFIG_LEVEL; 219 } 220 } 221 222 if (!irqchip_in_kernel(vcpu->kvm)) 223 return 0; 224 225 /* 226 * If we are creating a VCPU with a GICv3 we must also register the 227 * KVM io device for the redistributor that belongs to this VCPU. 228 */ 229 if (dist->vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3) { 230 mutex_lock(&vcpu->kvm->lock); 231 ret = vgic_register_redist_iodev(vcpu); 232 mutex_unlock(&vcpu->kvm->lock); 233 } 234 return ret; 235 } 236 237 static void kvm_vgic_vcpu_enable(struct kvm_vcpu *vcpu) 238 { 239 if (kvm_vgic_global_state.type == VGIC_V2) 240 vgic_v2_enable(vcpu); 241 else 242 vgic_v3_enable(vcpu); 243 } 244 245 /* 246 * vgic_init: allocates and initializes dist and vcpu data structures 247 * depending on two dimensioning parameters: 248 * - the number of spis 249 * - the number of vcpus 250 * The function is generally called when nr_spis has been explicitly set 251 * by the guest through the KVM DEVICE API. If not nr_spis is set to 256. 252 * vgic_initialized() returns true when this function has succeeded. 253 * Must be called with kvm->lock held! 254 */ 255 int vgic_init(struct kvm *kvm) 256 { 257 struct vgic_dist *dist = &kvm->arch.vgic; 258 struct kvm_vcpu *vcpu; 259 int ret = 0, i; 260 unsigned long idx; 261 262 if (vgic_initialized(kvm)) 263 return 0; 264 265 /* Are we also in the middle of creating a VCPU? */ 266 if (kvm->created_vcpus != atomic_read(&kvm->online_vcpus)) 267 return -EBUSY; 268 269 /* freeze the number of spis */ 270 if (!dist->nr_spis) 271 dist->nr_spis = VGIC_NR_IRQS_LEGACY - VGIC_NR_PRIVATE_IRQS; 272 273 ret = kvm_vgic_dist_init(kvm, dist->nr_spis); 274 if (ret) 275 goto out; 276 277 /* Initialize groups on CPUs created before the VGIC type was known */ 278 kvm_for_each_vcpu(idx, vcpu, kvm) { 279 struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu; 280 281 for (i = 0; i < VGIC_NR_PRIVATE_IRQS; i++) { 282 struct vgic_irq *irq = &vgic_cpu->private_irqs[i]; 283 switch (dist->vgic_model) { 284 case KVM_DEV_TYPE_ARM_VGIC_V3: 285 irq->group = 1; 286 irq->mpidr = kvm_vcpu_get_mpidr_aff(vcpu); 287 break; 288 case KVM_DEV_TYPE_ARM_VGIC_V2: 289 irq->group = 0; 290 irq->targets = 1U << idx; 291 break; 292 default: 293 ret = -EINVAL; 294 goto out; 295 } 296 } 297 } 298 299 if (vgic_has_its(kvm)) 300 vgic_lpi_translation_cache_init(kvm); 301 302 /* 303 * If we have GICv4.1 enabled, unconditionnaly request enable the 304 * v4 support so that we get HW-accelerated vSGIs. Otherwise, only 305 * enable it if we present a virtual ITS to the guest. 306 */ 307 if (vgic_supports_direct_msis(kvm)) { 308 ret = vgic_v4_init(kvm); 309 if (ret) 310 goto out; 311 } 312 313 kvm_for_each_vcpu(idx, vcpu, kvm) 314 kvm_vgic_vcpu_enable(vcpu); 315 316 ret = kvm_vgic_setup_default_irq_routing(kvm); 317 if (ret) 318 goto out; 319 320 vgic_debug_init(kvm); 321 322 /* 323 * If userspace didn't set the GIC implementation revision, 324 * default to the latest and greatest. You know want it. 325 */ 326 if (!dist->implementation_rev) 327 dist->implementation_rev = KVM_VGIC_IMP_REV_LATEST; 328 dist->initialized = true; 329 330 out: 331 return ret; 332 } 333 334 static void kvm_vgic_dist_destroy(struct kvm *kvm) 335 { 336 struct vgic_dist *dist = &kvm->arch.vgic; 337 struct vgic_redist_region *rdreg, *next; 338 339 dist->ready = false; 340 dist->initialized = false; 341 342 kfree(dist->spis); 343 dist->spis = NULL; 344 dist->nr_spis = 0; 345 dist->vgic_dist_base = VGIC_ADDR_UNDEF; 346 347 if (dist->vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3) { 348 list_for_each_entry_safe(rdreg, next, &dist->rd_regions, list) 349 vgic_v3_free_redist_region(rdreg); 350 INIT_LIST_HEAD(&dist->rd_regions); 351 } else { 352 dist->vgic_cpu_base = VGIC_ADDR_UNDEF; 353 } 354 355 if (vgic_has_its(kvm)) 356 vgic_lpi_translation_cache_destroy(kvm); 357 358 if (vgic_supports_direct_msis(kvm)) 359 vgic_v4_teardown(kvm); 360 } 361 362 void kvm_vgic_vcpu_destroy(struct kvm_vcpu *vcpu) 363 { 364 struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu; 365 366 /* 367 * Retire all pending LPIs on this vcpu anyway as we're 368 * going to destroy it. 369 */ 370 vgic_flush_pending_lpis(vcpu); 371 372 INIT_LIST_HEAD(&vgic_cpu->ap_list_head); 373 vgic_cpu->rd_iodev.base_addr = VGIC_ADDR_UNDEF; 374 } 375 376 /* To be called with kvm->lock held */ 377 static void __kvm_vgic_destroy(struct kvm *kvm) 378 { 379 struct kvm_vcpu *vcpu; 380 unsigned long i; 381 382 vgic_debug_destroy(kvm); 383 384 kvm_for_each_vcpu(i, vcpu, kvm) 385 kvm_vgic_vcpu_destroy(vcpu); 386 387 kvm_vgic_dist_destroy(kvm); 388 } 389 390 void kvm_vgic_destroy(struct kvm *kvm) 391 { 392 mutex_lock(&kvm->lock); 393 __kvm_vgic_destroy(kvm); 394 mutex_unlock(&kvm->lock); 395 } 396 397 /** 398 * vgic_lazy_init: Lazy init is only allowed if the GIC exposed to the guest 399 * is a GICv2. A GICv3 must be explicitly initialized by the guest using the 400 * KVM_DEV_ARM_VGIC_GRP_CTRL KVM_DEVICE group. 401 * @kvm: kvm struct pointer 402 */ 403 int vgic_lazy_init(struct kvm *kvm) 404 { 405 int ret = 0; 406 407 if (unlikely(!vgic_initialized(kvm))) { 408 /* 409 * We only provide the automatic initialization of the VGIC 410 * for the legacy case of a GICv2. Any other type must 411 * be explicitly initialized once setup with the respective 412 * KVM device call. 413 */ 414 if (kvm->arch.vgic.vgic_model != KVM_DEV_TYPE_ARM_VGIC_V2) 415 return -EBUSY; 416 417 mutex_lock(&kvm->lock); 418 ret = vgic_init(kvm); 419 mutex_unlock(&kvm->lock); 420 } 421 422 return ret; 423 } 424 425 /* RESOURCE MAPPING */ 426 427 /** 428 * Map the MMIO regions depending on the VGIC model exposed to the guest 429 * called on the first VCPU run. 430 * Also map the virtual CPU interface into the VM. 431 * v2 calls vgic_init() if not already done. 432 * v3 and derivatives return an error if the VGIC is not initialized. 433 * vgic_ready() returns true if this function has succeeded. 434 * @kvm: kvm struct pointer 435 */ 436 int kvm_vgic_map_resources(struct kvm *kvm) 437 { 438 struct vgic_dist *dist = &kvm->arch.vgic; 439 int ret = 0; 440 441 if (likely(vgic_ready(kvm))) 442 return 0; 443 444 mutex_lock(&kvm->lock); 445 if (vgic_ready(kvm)) 446 goto out; 447 448 if (!irqchip_in_kernel(kvm)) 449 goto out; 450 451 if (dist->vgic_model == KVM_DEV_TYPE_ARM_VGIC_V2) 452 ret = vgic_v2_map_resources(kvm); 453 else 454 ret = vgic_v3_map_resources(kvm); 455 456 if (ret) 457 __kvm_vgic_destroy(kvm); 458 else 459 dist->ready = true; 460 461 out: 462 mutex_unlock(&kvm->lock); 463 return ret; 464 } 465 466 /* GENERIC PROBE */ 467 468 static int vgic_init_cpu_starting(unsigned int cpu) 469 { 470 enable_percpu_irq(kvm_vgic_global_state.maint_irq, 0); 471 return 0; 472 } 473 474 475 static int vgic_init_cpu_dying(unsigned int cpu) 476 { 477 disable_percpu_irq(kvm_vgic_global_state.maint_irq); 478 return 0; 479 } 480 481 static irqreturn_t vgic_maintenance_handler(int irq, void *data) 482 { 483 /* 484 * We cannot rely on the vgic maintenance interrupt to be 485 * delivered synchronously. This means we can only use it to 486 * exit the VM, and we perform the handling of EOIed 487 * interrupts on the exit path (see vgic_fold_lr_state). 488 */ 489 return IRQ_HANDLED; 490 } 491 492 static struct gic_kvm_info *gic_kvm_info; 493 494 void __init vgic_set_kvm_info(const struct gic_kvm_info *info) 495 { 496 BUG_ON(gic_kvm_info != NULL); 497 gic_kvm_info = kmalloc(sizeof(*info), GFP_KERNEL); 498 if (gic_kvm_info) 499 *gic_kvm_info = *info; 500 } 501 502 /** 503 * kvm_vgic_init_cpu_hardware - initialize the GIC VE hardware 504 * 505 * For a specific CPU, initialize the GIC VE hardware. 506 */ 507 void kvm_vgic_init_cpu_hardware(void) 508 { 509 BUG_ON(preemptible()); 510 511 /* 512 * We want to make sure the list registers start out clear so that we 513 * only have the program the used registers. 514 */ 515 if (kvm_vgic_global_state.type == VGIC_V2) 516 vgic_v2_init_lrs(); 517 else 518 kvm_call_hyp(__vgic_v3_init_lrs); 519 } 520 521 /** 522 * kvm_vgic_hyp_init: populates the kvm_vgic_global_state variable 523 * according to the host GIC model. Accordingly calls either 524 * vgic_v2/v3_probe which registers the KVM_DEVICE that can be 525 * instantiated by a guest later on . 526 */ 527 int kvm_vgic_hyp_init(void) 528 { 529 bool has_mask; 530 int ret; 531 532 if (!gic_kvm_info) 533 return -ENODEV; 534 535 has_mask = !gic_kvm_info->no_maint_irq_mask; 536 537 if (has_mask && !gic_kvm_info->maint_irq) { 538 kvm_err("No vgic maintenance irq\n"); 539 return -ENXIO; 540 } 541 542 /* 543 * If we get one of these oddball non-GICs, taint the kernel, 544 * as we have no idea of how they *really* behave. 545 */ 546 if (gic_kvm_info->no_hw_deactivation) { 547 kvm_info("Non-architectural vgic, tainting kernel\n"); 548 add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK); 549 kvm_vgic_global_state.no_hw_deactivation = true; 550 } 551 552 switch (gic_kvm_info->type) { 553 case GIC_V2: 554 ret = vgic_v2_probe(gic_kvm_info); 555 break; 556 case GIC_V3: 557 ret = vgic_v3_probe(gic_kvm_info); 558 if (!ret) { 559 static_branch_enable(&kvm_vgic_global_state.gicv3_cpuif); 560 kvm_info("GIC system register CPU interface enabled\n"); 561 } 562 break; 563 default: 564 ret = -ENODEV; 565 } 566 567 kvm_vgic_global_state.maint_irq = gic_kvm_info->maint_irq; 568 569 kfree(gic_kvm_info); 570 gic_kvm_info = NULL; 571 572 if (ret) 573 return ret; 574 575 if (!has_mask) 576 return 0; 577 578 ret = request_percpu_irq(kvm_vgic_global_state.maint_irq, 579 vgic_maintenance_handler, 580 "vgic", kvm_get_running_vcpus()); 581 if (ret) { 582 kvm_err("Cannot register interrupt %d\n", 583 kvm_vgic_global_state.maint_irq); 584 return ret; 585 } 586 587 ret = cpuhp_setup_state(CPUHP_AP_KVM_ARM_VGIC_INIT_STARTING, 588 "kvm/arm/vgic:starting", 589 vgic_init_cpu_starting, vgic_init_cpu_dying); 590 if (ret) { 591 kvm_err("Cannot register vgic CPU notifier\n"); 592 goto out_free_irq; 593 } 594 595 kvm_info("vgic interrupt IRQ%d\n", kvm_vgic_global_state.maint_irq); 596 return 0; 597 598 out_free_irq: 599 free_percpu_irq(kvm_vgic_global_state.maint_irq, 600 kvm_get_running_vcpus()); 601 return ret; 602 } 603