Re: [PATCH V3 02/16] arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register
On 05/05/2020 04:12 PM, Will Deacon wrote:
> On Tue, May 05, 2020 at 12:20:41PM +0530, Anshuman Khandual wrote:
>> On 05/05/2020 01:54 AM, Will Deacon wrote:
>>> On Sat, May 02, 2020 at 07:03:51PM +0530, Anshuman Khandual wrote:
ID_DFR0 based TraceFilt feature should not be exposed to guests. Hence lets
drop it.
Cc: Catalin Marinas
Cc: Will Deacon
Cc: Marc Zyngier
Cc: Mark Rutland
Cc: James Morse
Cc: Suzuki K Poulose
Cc: linux-arm-ker...@lists.infradead.org
Cc: linux-kernel@vger.kernel.org
Suggested-by: Mark Rutland
Reviewed-by: Suzuki K Poulose
Signed-off-by: Anshuman Khandual
---
arch/arm64/kernel/cpufeature.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/arch/arm64/kernel/cpufeature.c
b/arch/arm64/kernel/cpufeature.c
index 6d032fbe416f..51386dade423 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -435,7 +435,6 @@ static const struct arm64_ftr_bits ftr_id_pfr1[] = {
};
static const struct arm64_ftr_bits ftr_id_dfr0[] = {
- ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 28, 4, 0),
>>>
>>> Hmm, this still confuses me. Is this not now FTR_NONSTRICT? Why is that ok?
>>
>> Mark had mentioned about it earlier
>> (https://patchwork.kernel.org/patch/11287805/)
>> Did I misinterpret the first part ? Could not figure "capping the emulated
>> debug
>> features" part. Probably, Mark could give some more details.
>>
>> From the earlier discussion:
>>
>> * ID_DFR0 fields need more thought; we should limit what we expose here.
>> I don't think it's valid for us to expose TraceFilt, and I suspect we
>> need to add capping for debug features we currently emulate.
>
> Sorry, I for confused (again) by the cpufeature code :) I'm going to add
> the following to my comment:
>
>
> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> index c1d44d127baa..9b05843d67af 100644
> --- a/arch/arm64/kernel/cpufeature.c
> +++ b/arch/arm64/kernel/cpufeature.c
> @@ -53,6 +53,11 @@
> * arbitrary physical CPUs, but some features not present on the host are
> * also advertised and emulated. Look at sys_reg_descs[] for the gory
> * details.
> + *
> + * - If the arm64_ftr_bits[] for a register has a missing field, then this
> + * field is treated as STRICT RES0, including for read_sanitised_ftr_reg().
> + * This is stronger than FTR_HIDDEN and can be used to hide features from
> + * KVM guests.
> */
>
> #define pr_fmt(fmt) "CPU features: " fmt
>
Wondering if you will take this comment via a separate patch/branch or
should I fold it here instead.
>
> However, I think we really want to get rid of ftr_generic_32bits[] entirely
> and spell out all of the register fields, even just using comments for the
> fields we're omitting:
Should we do that later or in this series itself ?
>
>
> @@ -425,7 +430,7 @@ static const struct arm64_ftr_bits ftr_id_pfr1[] = {
> };
>
> static const struct arm64_ftr_bits ftr_id_dfr0[] = {
> - ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 28, 4, 0),
> + /* 31:28TraceFilt */
> S_ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 24, 4, 0xf),
> /* PerfMon */
> ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 20, 4, 0),
> ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 16, 4, 0),
>
>
> Longer term, I think we'll probably want to handle these within
> ARM64_FTR_BITS, as we may end up with features that we want to hide from
> KVM guests but not from the host kernel.
Sure, but for now will fold the above changes here.
Re: [PATCH V3 02/16] arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register
On Tue, May 05, 2020 at 12:20:41PM +0530, Anshuman Khandual wrote:
> On 05/05/2020 01:54 AM, Will Deacon wrote:
> > On Sat, May 02, 2020 at 07:03:51PM +0530, Anshuman Khandual wrote:
> >> ID_DFR0 based TraceFilt feature should not be exposed to guests. Hence lets
> >> drop it.
> >>
> >> Cc: Catalin Marinas
> >> Cc: Will Deacon
> >> Cc: Marc Zyngier
> >> Cc: Mark Rutland
> >> Cc: James Morse
> >> Cc: Suzuki K Poulose
> >> Cc: linux-arm-ker...@lists.infradead.org
> >> Cc: linux-kernel@vger.kernel.org
> >>
> >> Suggested-by: Mark Rutland
> >> Reviewed-by: Suzuki K Poulose
> >> Signed-off-by: Anshuman Khandual
> >> ---
> >> arch/arm64/kernel/cpufeature.c | 1 -
> >> 1 file changed, 1 deletion(-)
> >>
> >> diff --git a/arch/arm64/kernel/cpufeature.c
> >> b/arch/arm64/kernel/cpufeature.c
> >> index 6d032fbe416f..51386dade423 100644
> >> --- a/arch/arm64/kernel/cpufeature.c
> >> +++ b/arch/arm64/kernel/cpufeature.c
> >> @@ -435,7 +435,6 @@ static const struct arm64_ftr_bits ftr_id_pfr1[] = {
> >> };
> >>
> >> static const struct arm64_ftr_bits ftr_id_dfr0[] = {
> >> - ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 28, 4, 0),
> >
> > Hmm, this still confuses me. Is this not now FTR_NONSTRICT? Why is that ok?
>
> Mark had mentioned about it earlier
> (https://patchwork.kernel.org/patch/11287805/)
> Did I misinterpret the first part ? Could not figure "capping the emulated
> debug
> features" part. Probably, Mark could give some more details.
>
> From the earlier discussion:
>
> * ID_DFR0 fields need more thought; we should limit what we expose here.
> I don't think it's valid for us to expose TraceFilt, and I suspect we
> need to add capping for debug features we currently emulate.
Sorry, I for confused (again) by the cpufeature code :) I'm going to add
the following to my comment:
diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
index c1d44d127baa..9b05843d67af 100644
--- a/arch/arm64/kernel/cpufeature.c
+++ b/arch/arm64/kernel/cpufeature.c
@@ -53,6 +53,11 @@
* arbitrary physical CPUs, but some features not present on the host are
* also advertised and emulated. Look at sys_reg_descs[] for the gory
* details.
+ *
+ * - If the arm64_ftr_bits[] for a register has a missing field, then this
+ * field is treated as STRICT RES0, including for read_sanitised_ftr_reg().
+ * This is stronger than FTR_HIDDEN and can be used to hide features from
+ * KVM guests.
*/
#define pr_fmt(fmt) "CPU features: " fmt
However, I think we really want to get rid of ftr_generic_32bits[] entirely
and spell out all of the register fields, even just using comments for the
fields we're omitting:
@@ -425,7 +430,7 @@ static const struct arm64_ftr_bits ftr_id_pfr1[] = {
};
static const struct arm64_ftr_bits ftr_id_dfr0[] = {
- ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 28, 4, 0),
+ /* 31:28TraceFilt */
S_ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 24, 4, 0xf),
/* PerfMon */
ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 20, 4, 0),
ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 16, 4, 0),
Longer term, I think we'll probably want to handle these within
ARM64_FTR_BITS, as we may end up with features that we want to hide from
KVM guests but not from the host kernel.
Will
Re: [PATCH V3 02/16] arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register
On 05/05/2020 01:54 AM, Will Deacon wrote:
> On Sat, May 02, 2020 at 07:03:51PM +0530, Anshuman Khandual wrote:
>> ID_DFR0 based TraceFilt feature should not be exposed to guests. Hence lets
>> drop it.
>>
>> Cc: Catalin Marinas
>> Cc: Will Deacon
>> Cc: Marc Zyngier
>> Cc: Mark Rutland
>> Cc: James Morse
>> Cc: Suzuki K Poulose
>> Cc: linux-arm-ker...@lists.infradead.org
>> Cc: linux-kernel@vger.kernel.org
>>
>> Suggested-by: Mark Rutland
>> Reviewed-by: Suzuki K Poulose
>> Signed-off-by: Anshuman Khandual
>> ---
>> arch/arm64/kernel/cpufeature.c | 1 -
>> 1 file changed, 1 deletion(-)
>>
>> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
>> index 6d032fbe416f..51386dade423 100644
>> --- a/arch/arm64/kernel/cpufeature.c
>> +++ b/arch/arm64/kernel/cpufeature.c
>> @@ -435,7 +435,6 @@ static const struct arm64_ftr_bits ftr_id_pfr1[] = {
>> };
>>
>> static const struct arm64_ftr_bits ftr_id_dfr0[] = {
>> -ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 28, 4, 0),
>
> Hmm, this still confuses me. Is this not now FTR_NONSTRICT? Why is that ok?
Mark had mentioned about it earlier
(https://patchwork.kernel.org/patch/11287805/)
Did I misinterpret the first part ? Could not figure "capping the emulated debug
features" part. Probably, Mark could give some more details.
>From the earlier discussion:
* ID_DFR0 fields need more thought; we should limit what we expose here.
I don't think it's valid for us to expose TraceFilt, and I suspect we
need to add capping for debug features we currently emulate.
Re: [PATCH V3 02/16] arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register
On Sat, May 02, 2020 at 07:03:51PM +0530, Anshuman Khandual wrote:
> ID_DFR0 based TraceFilt feature should not be exposed to guests. Hence lets
> drop it.
>
> Cc: Catalin Marinas
> Cc: Will Deacon
> Cc: Marc Zyngier
> Cc: Mark Rutland
> Cc: James Morse
> Cc: Suzuki K Poulose
> Cc: linux-arm-ker...@lists.infradead.org
> Cc: linux-kernel@vger.kernel.org
>
> Suggested-by: Mark Rutland
> Reviewed-by: Suzuki K Poulose
> Signed-off-by: Anshuman Khandual
> ---
> arch/arm64/kernel/cpufeature.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> index 6d032fbe416f..51386dade423 100644
> --- a/arch/arm64/kernel/cpufeature.c
> +++ b/arch/arm64/kernel/cpufeature.c
> @@ -435,7 +435,6 @@ static const struct arm64_ftr_bits ftr_id_pfr1[] = {
> };
>
> static const struct arm64_ftr_bits ftr_id_dfr0[] = {
> - ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 28, 4, 0),
Hmm, this still confuses me. Is this not now FTR_NONSTRICT? Why is that ok?
Will
