1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2015, 2016 ARM Ltd. 4 */ 5 6 #include <linux/uaccess.h> 7 #include <linux/interrupt.h> 8 #include <linux/cpu.h> 9 #include <linux/kvm_host.h> 10 #include <kvm/arm_vgic.h> 11 #include <asm/kvm_emulate.h> 12 #include <asm/kvm_mmu.h> 13 #include "vgic.h" 14 15 /* 16 * Initialization rules: there are multiple stages to the vgic 17 * initialization, both for the distributor and the CPU interfaces. The basic 18 * idea is that even though the VGIC is not functional or not requested from 19 * user space, the critical path of the run loop can still call VGIC functions 20 * that just won't do anything, without them having to check additional 21 * initialization flags to ensure they don't look at uninitialized data 22 * structures. 23 * 24 * Distributor: 25 * 26 * - kvm_vgic_early_init(): initialization of static data that doesn't 27 * depend on any sizing information or emulation type. No allocation 28 * is allowed there. 29 * 30 * - vgic_init(): allocation and initialization of the generic data 31 * structures that depend on sizing information (number of CPUs, 32 * number of interrupts). Also initializes the vcpu specific data 33 * structures. Can be executed lazily for GICv2. 34 * 35 * CPU Interface: 36 * 37 * - kvm_vgic_vcpu_init(): initialization of static data that doesn't depend 38 * on any sizing information. Private interrupts are allocated if not 39 * already allocated at vgic-creation time. 40 */ 41 42 /* EARLY INIT */ 43 44 /** 45 * kvm_vgic_early_init() - Initialize static VGIC VCPU data structures 46 * @kvm: The VM whose VGIC districutor should be initialized 47 * 48 * Only do initialization of static structures that don't require any 49 * allocation or sizing information from userspace. vgic_init() called 50 * kvm_vgic_dist_init() which takes care of the rest. 51 */ 52 void kvm_vgic_early_init(struct kvm *kvm) 53 { 54 struct vgic_dist *dist = &kvm->arch.vgic; 55 56 xa_init_flags(&dist->lpi_xa, XA_FLAGS_LOCK_IRQ); 57 } 58 59 /* CREATION */ 60 61 static int vgic_allocate_private_irqs_locked(struct kvm_vcpu *vcpu, u32 type); 62 63 /** 64 * kvm_vgic_create: triggered by the instantiation of the VGIC device by 65 * user space, either through the legacy KVM_CREATE_IRQCHIP ioctl (v2 only) 66 * or through the generic KVM_CREATE_DEVICE API ioctl. 67 * irqchip_in_kernel() tells you if this function succeeded or not. 68 * @kvm: kvm struct pointer 69 * @type: KVM_DEV_TYPE_ARM_VGIC_V[235] 70 */ 71 int kvm_vgic_create(struct kvm *kvm, u32 type) 72 { 73 struct kvm_vcpu *vcpu; 74 unsigned long i; 75 int ret; 76 77 /* 78 * This function is also called by the KVM_CREATE_IRQCHIP handler, 79 * which had no chance yet to check the availability of the GICv2 80 * emulation. So check this here again. KVM_CREATE_DEVICE does 81 * the proper checks already. 82 */ 83 if (type == KVM_DEV_TYPE_ARM_VGIC_V2 && 84 !kvm_vgic_global_state.can_emulate_gicv2) 85 return -ENODEV; 86 87 /* 88 * Ensure mutual exclusion with vCPU creation and any vCPU ioctls by: 89 * 90 * - Holding kvm->lock to prevent KVM_CREATE_VCPU from reaching 91 * kvm_arch_vcpu_precreate() and ensuring created_vcpus is stable. 92 * This alone is insufficient, as kvm_vm_ioctl_create_vcpu() drops 93 * the kvm->lock before completing the vCPU creation. 94 */ 95 lockdep_assert_held(&kvm->lock); 96 97 /* 98 * - Acquiring the vCPU mutex for every *online* vCPU to prevent 99 * concurrent vCPU ioctls for vCPUs already visible to userspace. 100 */ 101 ret = -EBUSY; 102 if (kvm_trylock_all_vcpus(kvm)) 103 return ret; 104 105 /* 106 * - Taking the config_lock which protects VGIC data structures such 107 * as the per-vCPU arrays of private IRQs (SGIs, PPIs). 108 */ 109 mutex_lock(&kvm->arch.config_lock); 110 111 /* 112 * - Bailing on the entire thing if a vCPU is in the middle of creation, 113 * dropped the kvm->lock, but hasn't reached kvm_arch_vcpu_create(). 114 * 115 * The whole combination of this guarantees that no vCPU can get into 116 * KVM with a VGIC configuration inconsistent with the VM's VGIC. 117 */ 118 if (kvm->created_vcpus != atomic_read(&kvm->online_vcpus)) 119 goto out_unlock; 120 121 if (irqchip_in_kernel(kvm)) { 122 ret = -EEXIST; 123 goto out_unlock; 124 } 125 126 kvm_for_each_vcpu(i, vcpu, kvm) { 127 if (vcpu_has_run_once(vcpu)) 128 goto out_unlock; 129 } 130 ret = 0; 131 132 if (type == KVM_DEV_TYPE_ARM_VGIC_V2) 133 kvm->max_vcpus = VGIC_V2_MAX_CPUS; 134 else if (type == KVM_DEV_TYPE_ARM_VGIC_V3) 135 kvm->max_vcpus = VGIC_V3_MAX_CPUS; 136 else if (type == KVM_DEV_TYPE_ARM_VGIC_V5) 137 kvm->max_vcpus = min(VGIC_V5_MAX_CPUS, 138 kvm_vgic_global_state.max_gic_vcpus); 139 140 if (atomic_read(&kvm->online_vcpus) > kvm->max_vcpus) { 141 ret = -E2BIG; 142 goto out_unlock; 143 } 144 145 kvm->arch.vgic.in_kernel = true; 146 kvm->arch.vgic.vgic_model = type; 147 kvm->arch.vgic.implementation_rev = KVM_VGIC_IMP_REV_LATEST; 148 kvm->arch.vgic.vgic_dist_base = VGIC_ADDR_UNDEF; 149 150 switch (type) { 151 case KVM_DEV_TYPE_ARM_VGIC_V2: 152 kvm->arch.vgic.vgic_cpu_base = VGIC_ADDR_UNDEF; 153 break; 154 case KVM_DEV_TYPE_ARM_VGIC_V3: 155 INIT_LIST_HEAD(&kvm->arch.vgic.rd_regions); 156 break; 157 } 158 159 /* 160 * We've now created the GIC. Update the system register state 161 * to accurately reflect what we've created. 162 */ 163 kvm_vgic_finalize_idregs(kvm); 164 165 kvm_for_each_vcpu(i, vcpu, kvm) { 166 ret = vgic_allocate_private_irqs_locked(vcpu, type); 167 if (ret) 168 break; 169 } 170 171 if (ret) { 172 kvm_for_each_vcpu(i, vcpu, kvm) { 173 struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu; 174 kfree(vgic_cpu->private_irqs); 175 vgic_cpu->private_irqs = NULL; 176 } 177 178 kvm->arch.vgic.vgic_model = 0; 179 goto out_unlock; 180 } 181 182 if (type == KVM_DEV_TYPE_ARM_VGIC_V3) 183 kvm->arch.vgic.nassgicap = system_supports_direct_sgis(); 184 185 /* 186 * We now know that we have a GICv5. The Arch Timer PPI interrupts may 187 * have been initialised at this stage, but will have done so assuming 188 * that we have an older GIC, meaning that the IntIDs won't be 189 * correct. We init them again, and this time they will be correct. 190 */ 191 if (type == KVM_DEV_TYPE_ARM_VGIC_V5) 192 kvm_timer_init_vm(kvm); 193 194 out_unlock: 195 mutex_unlock(&kvm->arch.config_lock); 196 kvm_unlock_all_vcpus(kvm); 197 return ret; 198 } 199 200 /* INIT/DESTROY */ 201 202 /** 203 * kvm_vgic_dist_init: initialize the dist data structures 204 * @kvm: kvm struct pointer 205 * @nr_spis: number of spis, frozen by caller 206 */ 207 static int kvm_vgic_dist_init(struct kvm *kvm, unsigned int nr_spis) 208 { 209 struct vgic_dist *dist = &kvm->arch.vgic; 210 struct kvm_vcpu *vcpu0 = kvm_get_vcpu(kvm, 0); 211 int i; 212 213 dist->active_spis = (atomic_t)ATOMIC_INIT(0); 214 dist->spis = kzalloc_objs(struct vgic_irq, nr_spis, GFP_KERNEL_ACCOUNT); 215 if (!dist->spis) 216 return -ENOMEM; 217 218 /* 219 * In the following code we do not take the irq struct lock since 220 * no other action on irq structs can happen while the VGIC is 221 * not initialized yet: 222 * If someone wants to inject an interrupt or does a MMIO access, we 223 * require prior initialization in case of a virtual GICv3 or trigger 224 * initialization when using a virtual GICv2. 225 */ 226 for (i = 0; i < nr_spis; i++) { 227 struct vgic_irq *irq = &dist->spis[i]; 228 229 irq->intid = i + VGIC_NR_PRIVATE_IRQS; 230 INIT_LIST_HEAD(&irq->ap_list); 231 raw_spin_lock_init(&irq->irq_lock); 232 irq->vcpu = NULL; 233 irq->target_vcpu = vcpu0; 234 refcount_set(&irq->refcount, 0); 235 switch (dist->vgic_model) { 236 case KVM_DEV_TYPE_ARM_VGIC_V2: 237 irq->targets = 0; 238 irq->group = 0; 239 break; 240 case KVM_DEV_TYPE_ARM_VGIC_V3: 241 irq->mpidr = 0; 242 irq->group = 1; 243 break; 244 default: 245 kfree(dist->spis); 246 dist->spis = NULL; 247 return -EINVAL; 248 } 249 } 250 return 0; 251 } 252 253 /* Default GICv3 Maintenance Interrupt INTID, as per SBSA */ 254 #define DEFAULT_MI_INTID 25 255 256 int kvm_vgic_vcpu_nv_init(struct kvm_vcpu *vcpu) 257 { 258 int ret; 259 260 guard(mutex)(&vcpu->kvm->arch.config_lock); 261 262 /* 263 * Matching the tradition established with the timers, provide 264 * a default PPI for the maintenance interrupt. It makes 265 * things easier to reason about. 266 */ 267 if (vcpu->kvm->arch.vgic.mi_intid == 0) 268 vcpu->kvm->arch.vgic.mi_intid = DEFAULT_MI_INTID; 269 ret = kvm_vgic_set_owner(vcpu, vcpu->kvm->arch.vgic.mi_intid, vcpu); 270 271 return ret; 272 } 273 274 static void vgic_setup_private_irq(struct kvm_vcpu *vcpu, struct vgic_irq *irq, 275 u32 type) 276 { 277 irq->intid = irq - &vcpu->arch.vgic_cpu.private_irqs[0]; 278 279 if (vgic_irq_is_sgi(irq->intid)) { 280 /* SGIs */ 281 irq->enabled = 1; 282 irq->config = VGIC_CONFIG_EDGE; 283 } else { 284 /* PPIs */ 285 irq->config = VGIC_CONFIG_LEVEL; 286 } 287 288 switch (type) { 289 case KVM_DEV_TYPE_ARM_VGIC_V3: 290 irq->group = 1; 291 irq->mpidr = kvm_vcpu_get_mpidr_aff(vcpu); 292 break; 293 case KVM_DEV_TYPE_ARM_VGIC_V2: 294 irq->group = 0; 295 irq->targets = BIT(vcpu->vcpu_id); 296 break; 297 } 298 } 299 300 static void vgic_v5_setup_private_irq(struct kvm_vcpu *vcpu, struct vgic_irq *irq) 301 { 302 int i = irq - &vcpu->arch.vgic_cpu.private_irqs[0]; 303 304 irq->intid = vgic_v5_make_ppi(i); 305 306 /* The only Edge architected PPI is the SW_PPI */ 307 if (i == GICV5_ARCH_PPI_SW_PPI) 308 irq->config = VGIC_CONFIG_EDGE; 309 else 310 irq->config = VGIC_CONFIG_LEVEL; 311 312 /* Register the GICv5-specific PPI ops */ 313 vgic_v5_set_ppi_ops(vcpu, irq->intid); 314 } 315 316 static int vgic_allocate_private_irqs_locked(struct kvm_vcpu *vcpu, u32 type) 317 { 318 struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu; 319 u32 num_private_irqs; 320 int i; 321 322 lockdep_assert_held(&vcpu->kvm->arch.config_lock); 323 324 if (vgic_cpu->private_irqs) 325 return 0; 326 327 if (vgic_is_v5(vcpu->kvm)) 328 num_private_irqs = VGIC_V5_NR_PRIVATE_IRQS; 329 else 330 num_private_irqs = VGIC_NR_PRIVATE_IRQS; 331 332 vgic_cpu->private_irqs = kzalloc_objs(struct vgic_irq, 333 num_private_irqs, 334 GFP_KERNEL_ACCOUNT); 335 336 if (!vgic_cpu->private_irqs) 337 return -ENOMEM; 338 339 for (i = 0; i < num_private_irqs; i++) { 340 struct vgic_irq *irq = &vcpu->arch.vgic_cpu.private_irqs[i]; 341 342 INIT_LIST_HEAD(&irq->ap_list); 343 raw_spin_lock_init(&irq->irq_lock); 344 irq->vcpu = NULL; 345 irq->target_vcpu = vcpu; 346 refcount_set(&irq->refcount, 0); 347 348 if (vgic_is_v5(vcpu->kvm)) 349 vgic_v5_setup_private_irq(vcpu, irq); 350 else 351 vgic_setup_private_irq(vcpu, irq, type); 352 } 353 354 return 0; 355 } 356 357 static int vgic_allocate_private_irqs(struct kvm_vcpu *vcpu, u32 type) 358 { 359 int ret; 360 361 mutex_lock(&vcpu->kvm->arch.config_lock); 362 ret = vgic_allocate_private_irqs_locked(vcpu, type); 363 mutex_unlock(&vcpu->kvm->arch.config_lock); 364 365 return ret; 366 } 367 368 /** 369 * kvm_vgic_vcpu_init() - Initialize static VGIC VCPU data 370 * structures and register VCPU-specific KVM iodevs 371 * 372 * @vcpu: pointer to the VCPU being created and initialized 373 * 374 * Only do initialization, but do not actually enable the 375 * VGIC CPU interface 376 */ 377 int kvm_vgic_vcpu_init(struct kvm_vcpu *vcpu) 378 { 379 struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu; 380 struct vgic_dist *dist = &vcpu->kvm->arch.vgic; 381 int ret = 0; 382 383 vgic_cpu->rd_iodev.base_addr = VGIC_ADDR_UNDEF; 384 385 INIT_LIST_HEAD(&vgic_cpu->ap_list_head); 386 raw_spin_lock_init(&vgic_cpu->ap_list_lock); 387 atomic_set(&vgic_cpu->vgic_v3.its_vpe.vlpi_count, 0); 388 389 if (!irqchip_in_kernel(vcpu->kvm)) 390 return 0; 391 392 ret = vgic_allocate_private_irqs(vcpu, dist->vgic_model); 393 if (ret) 394 return ret; 395 396 /* 397 * If we are creating a VCPU with a GICv3 we must also register the 398 * KVM io device for the redistributor that belongs to this VCPU. 399 */ 400 if (dist->vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3) { 401 mutex_lock(&vcpu->kvm->slots_lock); 402 ret = vgic_register_redist_iodev(vcpu); 403 mutex_unlock(&vcpu->kvm->slots_lock); 404 } 405 return ret; 406 } 407 408 static void kvm_vgic_vcpu_reset(struct kvm_vcpu *vcpu) 409 { 410 const struct vgic_dist *dist = &vcpu->kvm->arch.vgic; 411 412 if (dist->vgic_model == KVM_DEV_TYPE_ARM_VGIC_V5) 413 vgic_v5_reset(vcpu); 414 else if (kvm_vgic_global_state.type == VGIC_V2) 415 vgic_v2_reset(vcpu); 416 else 417 vgic_v3_reset(vcpu); 418 } 419 420 /* 421 * vgic_init: allocates and initializes dist and vcpu data structures 422 * depending on two dimensioning parameters: 423 * - the number of spis 424 * - the number of vcpus 425 * The function is generally called when nr_spis has been explicitly set 426 * by the guest through the KVM DEVICE API. If not nr_spis is set to 256. 427 * vgic_initialized() returns true when this function has succeeded. 428 */ 429 int vgic_init(struct kvm *kvm) 430 { 431 struct vgic_dist *dist = &kvm->arch.vgic; 432 struct kvm_vcpu *vcpu; 433 int ret = 0; 434 unsigned long idx; 435 436 lockdep_assert_held(&kvm->arch.config_lock); 437 438 if (vgic_initialized(kvm)) 439 return 0; 440 441 /* Are we also in the middle of creating a VCPU? */ 442 if (kvm->created_vcpus != atomic_read(&kvm->online_vcpus)) 443 return -EBUSY; 444 445 if (!vgic_is_v5(kvm)) { 446 /* freeze the number of spis */ 447 if (!dist->nr_spis) 448 dist->nr_spis = VGIC_NR_IRQS_LEGACY - VGIC_NR_PRIVATE_IRQS; 449 450 ret = kvm_vgic_dist_init(kvm, dist->nr_spis); 451 if (ret) 452 return ret; 453 454 /* 455 * Ensure vPEs are allocated if direct IRQ injection (e.g. vSGIs, 456 * vLPIs) is supported. 457 */ 458 if (vgic_supports_direct_irqs(kvm)) { 459 ret = vgic_v4_init(kvm); 460 if (ret) 461 return ret; 462 } 463 } else { 464 ret = vgic_v5_init(kvm); 465 if (ret) 466 return ret; 467 } 468 469 kvm_for_each_vcpu(idx, vcpu, kvm) 470 kvm_vgic_vcpu_reset(vcpu); 471 472 ret = kvm_vgic_setup_default_irq_routing(kvm); 473 if (ret) 474 return ret; 475 476 vgic_debug_init(kvm); 477 dist->initialized = true; 478 479 return 0; 480 } 481 482 static void kvm_vgic_dist_destroy(struct kvm *kvm) 483 { 484 struct vgic_dist *dist = &kvm->arch.vgic; 485 struct vgic_redist_region *rdreg, *next; 486 487 dist->ready = false; 488 dist->initialized = false; 489 490 kfree(dist->spis); 491 dist->spis = NULL; 492 dist->nr_spis = 0; 493 dist->vgic_dist_base = VGIC_ADDR_UNDEF; 494 495 if (dist->vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3) { 496 list_for_each_entry_safe(rdreg, next, &dist->rd_regions, list) 497 vgic_v3_free_redist_region(kvm, rdreg); 498 INIT_LIST_HEAD(&dist->rd_regions); 499 } else { 500 dist->vgic_cpu_base = VGIC_ADDR_UNDEF; 501 } 502 503 if (vgic_supports_direct_irqs(kvm)) 504 vgic_v4_teardown(kvm); 505 506 xa_destroy(&dist->lpi_xa); 507 } 508 509 static void __kvm_vgic_vcpu_destroy(struct kvm_vcpu *vcpu) 510 { 511 struct vgic_cpu *vgic_cpu = &vcpu->arch.vgic_cpu; 512 513 /* 514 * Retire all pending LPIs on this vcpu anyway as we're 515 * going to destroy it. 516 */ 517 vgic_flush_pending_lpis(vcpu); 518 519 INIT_LIST_HEAD(&vgic_cpu->ap_list_head); 520 kfree(vgic_cpu->private_irqs); 521 vgic_cpu->private_irqs = NULL; 522 523 if (vcpu->kvm->arch.vgic.vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3) { 524 /* 525 * If this vCPU is being destroyed because of a failed creation 526 * then unregister the redistributor to avoid leaving behind a 527 * dangling pointer to the vCPU struct. 528 * 529 * vCPUs that have been successfully created (i.e. added to 530 * kvm->vcpu_array) get unregistered in kvm_vgic_destroy(), as 531 * this function gets called while holding kvm->arch.config_lock 532 * in the VM teardown path and would otherwise introduce a lock 533 * inversion w.r.t. kvm->srcu. 534 * 535 * vCPUs that failed creation are torn down outside of the 536 * kvm->arch.config_lock and do not get unregistered in 537 * kvm_vgic_destroy(), meaning it is both safe and necessary to 538 * do so here. 539 */ 540 if (kvm_get_vcpu_by_id(vcpu->kvm, vcpu->vcpu_id) != vcpu) 541 vgic_unregister_redist_iodev(vcpu); 542 543 vgic_cpu->rd_iodev.base_addr = VGIC_ADDR_UNDEF; 544 } 545 } 546 547 void kvm_vgic_vcpu_destroy(struct kvm_vcpu *vcpu) 548 { 549 struct kvm *kvm = vcpu->kvm; 550 551 mutex_lock(&kvm->slots_lock); 552 __kvm_vgic_vcpu_destroy(vcpu); 553 mutex_unlock(&kvm->slots_lock); 554 } 555 556 void kvm_vgic_destroy(struct kvm *kvm) 557 { 558 struct kvm_vcpu *vcpu; 559 unsigned long i; 560 561 mutex_lock(&kvm->slots_lock); 562 mutex_lock(&kvm->arch.config_lock); 563 564 vgic_debug_destroy(kvm); 565 566 kvm_for_each_vcpu(i, vcpu, kvm) 567 __kvm_vgic_vcpu_destroy(vcpu); 568 569 kvm_vgic_dist_destroy(kvm); 570 571 mutex_unlock(&kvm->arch.config_lock); 572 573 if (kvm->arch.vgic.vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3) 574 kvm_for_each_vcpu(i, vcpu, kvm) 575 vgic_unregister_redist_iodev(vcpu); 576 577 mutex_unlock(&kvm->slots_lock); 578 } 579 580 /** 581 * vgic_lazy_init: Lazy init is only allowed if the GIC exposed to the guest 582 * is a GICv2. A GICv3 must be explicitly initialized by userspace using the 583 * KVM_DEV_ARM_VGIC_GRP_CTRL KVM_DEVICE group. 584 * @kvm: kvm struct pointer 585 */ 586 int vgic_lazy_init(struct kvm *kvm) 587 { 588 int ret = 0; 589 590 if (unlikely(!vgic_initialized(kvm))) { 591 /* 592 * We only provide the automatic initialization of the VGIC 593 * for the legacy case of a GICv2. Any other type must 594 * be explicitly initialized once setup with the respective 595 * KVM device call. 596 */ 597 if (kvm->arch.vgic.vgic_model != KVM_DEV_TYPE_ARM_VGIC_V2) 598 return -EBUSY; 599 600 mutex_lock(&kvm->arch.config_lock); 601 ret = vgic_init(kvm); 602 mutex_unlock(&kvm->arch.config_lock); 603 } 604 605 return ret; 606 } 607 608 /* RESOURCE MAPPING */ 609 610 /** 611 * kvm_vgic_map_resources - map the MMIO regions 612 * @kvm: kvm struct pointer 613 * 614 * Map the MMIO regions depending on the VGIC model exposed to the guest 615 * called on the first VCPU run. 616 * Also map the virtual CPU interface into the VM. 617 * v2 calls vgic_init() if not already done. 618 * v3 and derivatives return an error if the VGIC is not initialized. 619 */ 620 int kvm_vgic_map_resources(struct kvm *kvm) 621 { 622 struct vgic_dist *dist = &kvm->arch.vgic; 623 bool needs_dist = true; 624 enum vgic_type type; 625 gpa_t dist_base; 626 int ret = 0; 627 628 if (likely(smp_load_acquire(&dist->ready))) 629 return 0; 630 631 mutex_lock(&kvm->slots_lock); 632 mutex_lock(&kvm->arch.config_lock); 633 if (dist->ready) 634 goto out; 635 636 if (!irqchip_in_kernel(kvm)) 637 goto out; 638 639 if (dist->vgic_model == KVM_DEV_TYPE_ARM_VGIC_V2) { 640 ret = vgic_v2_map_resources(kvm); 641 type = VGIC_V2; 642 } else if (dist->vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3) { 643 ret = vgic_v3_map_resources(kvm); 644 type = VGIC_V3; 645 } else { 646 ret = vgic_v5_map_resources(kvm); 647 type = VGIC_V5; 648 needs_dist = false; 649 } 650 651 if (ret) 652 goto out; 653 654 if (needs_dist) { 655 dist_base = dist->vgic_dist_base; 656 mutex_unlock(&kvm->arch.config_lock); 657 658 ret = vgic_register_dist_iodev(kvm, dist_base, type); 659 if (ret) { 660 kvm_err("Unable to register VGIC dist MMIO regions\n"); 661 goto out_slots; 662 } 663 } else { 664 mutex_unlock(&kvm->arch.config_lock); 665 } 666 667 smp_store_release(&dist->ready, true); 668 goto out_slots; 669 out: 670 mutex_unlock(&kvm->arch.config_lock); 671 out_slots: 672 if (ret) 673 kvm_vm_dead(kvm); 674 675 mutex_unlock(&kvm->slots_lock); 676 677 return ret; 678 } 679 680 void kvm_vgic_finalize_idregs(struct kvm *kvm) 681 { 682 u32 type = kvm->arch.vgic.vgic_model; 683 u64 aa64pfr0, aa64pfr2, pfr1; 684 685 aa64pfr0 = kvm_read_vm_id_reg(kvm, SYS_ID_AA64PFR0_EL1) & ~ID_AA64PFR0_EL1_GIC; 686 aa64pfr2 = kvm_read_vm_id_reg(kvm, SYS_ID_AA64PFR2_EL1) & ~ID_AA64PFR2_EL1_GCIE; 687 pfr1 = kvm_read_vm_id_reg(kvm, SYS_ID_PFR1_EL1) & ~ID_PFR1_EL1_GIC; 688 689 switch (type) { 690 case KVM_DEV_TYPE_ARM_VGIC_V2: 691 break; 692 case KVM_DEV_TYPE_ARM_VGIC_V3: 693 aa64pfr0 |= SYS_FIELD_PREP_ENUM(ID_AA64PFR0_EL1, GIC, IMP); 694 if (kvm_supports_32bit_el0()) 695 pfr1 |= SYS_FIELD_PREP_ENUM(ID_PFR1_EL1, GIC, GICv3); 696 break; 697 case KVM_DEV_TYPE_ARM_VGIC_V5: 698 aa64pfr2 |= SYS_FIELD_PREP_ENUM(ID_AA64PFR2_EL1, GCIE, IMP); 699 break; 700 default: 701 WARN_ONCE(1, "Unknown VGIC type!!!\n"); 702 } 703 704 kvm_set_vm_id_reg(kvm, SYS_ID_AA64PFR0_EL1, aa64pfr0); 705 kvm_set_vm_id_reg(kvm, SYS_ID_AA64PFR2_EL1, aa64pfr2); 706 kvm_set_vm_id_reg(kvm, SYS_ID_PFR1_EL1, pfr1); 707 } 708 709 /* GENERIC PROBE */ 710 711 void kvm_vgic_cpu_up(void) 712 { 713 enable_percpu_irq(kvm_vgic_global_state.maint_irq, 0); 714 } 715 716 717 void kvm_vgic_cpu_down(void) 718 { 719 disable_percpu_irq(kvm_vgic_global_state.maint_irq); 720 } 721 722 static irqreturn_t vgic_maintenance_handler(int irq, void *data) 723 { 724 struct kvm_vcpu *vcpu = *(struct kvm_vcpu **)data; 725 726 /* 727 * We cannot rely on the vgic maintenance interrupt to be 728 * delivered synchronously. This means we can only use it to 729 * exit the VM, and we perform the handling of EOIed 730 * interrupts on the exit path (see vgic_fold_lr_state). 731 * 732 * Of course, NV throws a wrench in this plan, and needs 733 * something special. 734 */ 735 if (vcpu && vgic_state_is_nested(vcpu)) 736 vgic_v3_handle_nested_maint_irq(vcpu); 737 738 return IRQ_HANDLED; 739 } 740 741 static struct gic_kvm_info *gic_kvm_info; 742 743 void __init vgic_set_kvm_info(const struct gic_kvm_info *info) 744 { 745 BUG_ON(gic_kvm_info != NULL); 746 gic_kvm_info = kmalloc_obj(*gic_kvm_info); 747 if (gic_kvm_info) 748 *gic_kvm_info = *info; 749 } 750 751 /** 752 * kvm_vgic_init_cpu_hardware - initialize the GIC VE hardware 753 * 754 * For a specific CPU, initialize the GIC VE hardware. 755 */ 756 void kvm_vgic_init_cpu_hardware(void) 757 { 758 BUG_ON(preemptible()); 759 760 /* 761 * We want to make sure the list registers start out clear so that we 762 * only have the program the used registers. 763 */ 764 if (kvm_vgic_global_state.type == VGIC_V2) { 765 vgic_v2_init_lrs(); 766 } else if (kvm_vgic_global_state.type == VGIC_V3 || 767 kvm_vgic_global_state.has_gcie_v3_compat) { 768 kvm_call_hyp(__vgic_v3_init_lrs); 769 } 770 } 771 772 /** 773 * kvm_vgic_hyp_init: populates the kvm_vgic_global_state variable 774 * according to the host GIC model. Accordingly calls either 775 * vgic_v2/v3_probe which registers the KVM_DEVICE that can be 776 * instantiated by a guest later on . 777 */ 778 int kvm_vgic_hyp_init(void) 779 { 780 bool has_mask; 781 int ret; 782 783 if (!gic_kvm_info) 784 return -ENODEV; 785 786 has_mask = !gic_kvm_info->no_maint_irq_mask; 787 788 if (has_mask && !gic_kvm_info->maint_irq) { 789 kvm_err("No vgic maintenance irq\n"); 790 return -ENXIO; 791 } 792 793 /* 794 * If we get one of these oddball non-GICs, taint the kernel, 795 * as we have no idea of how they *really* behave. 796 */ 797 if (gic_kvm_info->no_hw_deactivation) { 798 kvm_info("Non-architectural vgic, tainting kernel\n"); 799 add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK); 800 kvm_vgic_global_state.no_hw_deactivation = true; 801 } 802 803 switch (gic_kvm_info->type) { 804 case GIC_V2: 805 ret = vgic_v2_probe(gic_kvm_info); 806 break; 807 case GIC_V3: 808 ret = vgic_v3_probe(gic_kvm_info); 809 if (!ret) { 810 static_branch_enable(&kvm_vgic_global_state.gicv3_cpuif); 811 kvm_info("GIC system register CPU interface enabled\n"); 812 } 813 break; 814 case GIC_V5: 815 ret = vgic_v5_probe(gic_kvm_info); 816 break; 817 default: 818 ret = -ENODEV; 819 } 820 821 kvm_vgic_global_state.maint_irq = gic_kvm_info->maint_irq; 822 823 kfree(gic_kvm_info); 824 gic_kvm_info = NULL; 825 826 if (ret) 827 return ret; 828 829 if (!has_mask && !kvm_vgic_global_state.maint_irq) 830 return 0; 831 832 ret = request_percpu_irq(kvm_vgic_global_state.maint_irq, 833 vgic_maintenance_handler, 834 "vgic", kvm_get_running_vcpus()); 835 if (ret) { 836 kvm_err("Cannot register interrupt %d\n", 837 kvm_vgic_global_state.maint_irq); 838 return ret; 839 } 840 841 kvm_info("vgic interrupt IRQ%d\n", kvm_vgic_global_state.maint_irq); 842 return 0; 843 } 844