diff mbox series

[RFC,kvmtool,07/31] arm64: Add option to disable SVE

Message ID	20230127113932.166089-8-suzuki.poulose@arm.com
State	New
Headers	Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; From: Suzuki K Poulose <suzuki.poulose@arm.com> To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: suzuki.poulose@arm.com, Alexandru Elisei <alexandru.elisei@arm.com>, Andrew Jones <andrew.jones@linux.dev>, Christoffer Dall <christoffer.dall@arm.com>, Fuad Tabba <tabba@google.com>, Jean-Philippe Brucker <jean-philippe@linaro.org>, Joey Gouly <Joey.Gouly@arm.com>, Marc Zyngier <maz@kernel.org>, Mark Rutland <mark.rutland@arm.com>, Oliver Upton <oliver.upton@linux.dev>, Paolo Bonzini <pbonzini@redhat.com>, Quentin Perret <qperret@google.com>, Steven Price <steven.price@arm.com>, Thomas Huth <thuth@redhat.com>, Will Deacon <will@kernel.org>, Zenghui Yu <yuzenghui@huawei.com>, linux-coco@lists.linux.dev, kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org Subject: [RFC kvmtool 07/31] arm64: Add option to disable SVE Date: Fri, 27 Jan 2023 11:39:08 +0000 Message-Id: <20230127113932.166089-8-suzuki.poulose@arm.com> In-Reply-To: <20230127113932.166089-1-suzuki.poulose@arm.com> References: <20230127112248.136810-1-suzuki.poulose@arm.com> <20230127113932.166089-1-suzuki.poulose@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	arm64: Support for Arm Confidential Compute Architecture \| [RFC,kvmtool,00/31] arm64: Support for Arm Confidential Compute Architecture [RFC,kvmtool,01/31] arm64: Disable MTE when CFI flash is emulated [RFC,kvmtool,02/31] script: update_headers: Ignore missing architectures [RFC,kvmtool,03/31] hw: cfi flash: Handle errors in memory transitions [RFC,kvmtool,04/31] Add --nocompat option to disable compat warnings [RFC,kvmtool,05/31] arm64: Check pvtime support against the KVM instance [RFC,kvmtool,06/31] arm64: Check SVE capability on the VM instance [RFC,kvmtool,07/31] arm64: Add option to disable SVE [RFC,kvmtool,08/31] linux: Update kernel headers for RME support [RFC,kvmtool,09/31] arm64: Add --realm command line option [RFC,kvmtool,10/31] arm64: Create a realm virtual machine [RFC,kvmtool,11/31] arm64: Lock realm RAM in memory [RFC,kvmtool,12/31] arm64: Create Realm Descriptor [RFC,kvmtool,13/31] arm64: Add --measurement-algo command line option for a realm [RFC,kvmtool,14/31] arm64: Add configuration step for Realms [RFC,kvmtool,15/31] arm64: Add support for Realm Personalisation Value [RFC,kvmtool,16/31] arm64: Add support for specifying the SVE vector length for Realm [RFC,kvmtool,17/31] arm: Add kernel size to VM context [RFC,kvmtool,18/31] arm64: Populate initial realm contents [RFC,kvmtool,19/31] arm64: Don't try to set PSTATE for VCPUs belonging to a realm [RFC,kvmtool,20/31] arm64: Finalize realm VCPU after reset [RFC,kvmtool,21/31] init: Add last_{init, exit} list macros [RFC,kvmtool,22/31] arm64: Activate realm before the first VCPU is run [RFC,kvmtool,23/31] arm64: Specify SMC as the PSCI conduits for realms [RFC,kvmtool,24/31] arm64: Don't try to debug a realm [RFC,kvmtool,25/31] arm64: realm: Double the IPA space [RFC,kvmtool,26/31] virtio: Add a wrapper for get_host_features [RFC,kvmtool,27/31] virtio: Add arch specific hook for virtio host flags [RFC,kvmtool,28/31] arm64: realm: Enforce virtio F_ACCESS_PLATFORM flag [RFC,kvmtool,29/31] mmio: add arch hook for an unhandled MMIO access [RFC,kvmtool,30/31] arm64: realm: inject an abort on an unhandled MMIO access [RFC,kvmtool,31/31] arm64: Allow the user to create a realm

Commit Message

Suzuki K Poulose Jan. 27, 2023, 11:39 a.m. UTC

  kvmtool enables SVE whenever it is supported by the KVM.
However, Realm VMs may want controlled features, which gets
measured during the creation. Thus, provide an option to disable
the SVE, to preserve the current behavior of SVE on by default.

Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
---
 arm/aarch64/include/kvm/kvm-config-arch.h | 4 +++-
 arm/aarch64/kvm-cpu.c                     | 8 +++++---
 arm/include/arm-common/kvm-config-arch.h  | 1 +
 3 files changed, 9 insertions(+), 4 deletions(-)

diff mbox series

Patch

diff --git a/arm/aarch64/include/kvm/kvm-config-arch.h b/arm/aarch64/include/kvm/kvm-config-arch.h
index eae8080d..b055fef4 100644
--- a/arm/aarch64/include/kvm/kvm-config-arch.h
+++ b/arm/aarch64/include/kvm/kvm-config-arch.h
@@ -19,7 +19,9 @@  int vcpu_affinity_parser(const struct option *opt, const char *arg, int unset);
 			"Specify random seed for Kernel Address Space "	\
 			"Layout Randomization (KASLR)"),		\
 	OPT_BOOLEAN('\0', "no-pvtime", &(cfg)->no_pvtime, "Disable"	\
-			" stolen time"),
+			" stolen time"),				\
+	OPT_BOOLEAN('\0', "disable-sve", &(cfg)->disable_sve,		\
+			"Disable SVE"),
 #include "arm-common/kvm-config-arch.h"
 
 #endif /* KVM__KVM_CONFIG_ARCH_H */
diff --git a/arm/aarch64/kvm-cpu.c b/arm/aarch64/kvm-cpu.c
index da809806..e7649239 100644
--- a/arm/aarch64/kvm-cpu.c
+++ b/arm/aarch64/kvm-cpu.c
@@ -149,8 +149,9 @@  void kvm_cpu__select_features(struct kvm *kvm, struct kvm_vcpu_init *init)
 		init->features[0] |= 1UL << KVM_ARM_VCPU_PTRAUTH_GENERIC;
 	}
 
-	/* Enable SVE if available */
-	if (kvm__supports_vm_extension(kvm, KVM_CAP_ARM_SVE))
+	/* If SVE is not disabled explicitly, enable if available */
+	if (!kvm->cfg.arch.disable_sve &&
+	    kvm__supports_vm_extension(kvm, KVM_CAP_ARM_SVE))
 		init->features[0] |= 1UL << KVM_ARM_VCPU_SVE;
 }
 
@@ -158,7 +159,8 @@  int kvm_cpu__configure_features(struct kvm_cpu *vcpu)
 {
 	struct kvm *kvm = vcpu->kvm;
 
-	if (kvm__supports_vm_extension(kvm, KVM_CAP_ARM_SVE)) {
+	if (!kvm->cfg.arch.disable_sve &&
+	    kvm__supports_vm_extension(kvm, KVM_CAP_ARM_SVE)) {
 		int feature = KVM_ARM_VCPU_SVE;
 
 		if (ioctl(vcpu->vcpu_fd, KVM_ARM_VCPU_FINALIZE, &feature)) {
diff --git a/arm/include/arm-common/kvm-config-arch.h b/arm/include/arm-common/kvm-config-arch.h
index 9949bfe4..6599305b 100644
--- a/arm/include/arm-common/kvm-config-arch.h
+++ b/arm/include/arm-common/kvm-config-arch.h
@@ -15,6 +15,7 @@  struct kvm_config_arch {
 	enum irqchip_type irqchip;
 	u64		fw_addr;
 	bool no_pvtime;
+	bool		disable_sve;
 };
 
 int irqchip_parser(const struct option *opt, const char *arg, int unset);