1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2020 Google LLC
4 * Author: Will Deacon <will@kernel.org>
5 */
6
7 #ifndef __ARM64_KVM_PGTABLE_H__
8 #define __ARM64_KVM_PGTABLE_H__
9
10 #include <linux/bits.h>
11 #include <linux/kvm_host.h>
12 #include <linux/types.h>
13
14 #define KVM_PGTABLE_MAX_LEVELS 4U
15
16 /*
17 * The largest supported block sizes for KVM (no 52-bit PA support):
18 * - 4K (level 1): 1GB
19 * - 16K (level 2): 32MB
20 * - 64K (level 2): 512MB
21 */
22 #ifdef CONFIG_ARM64_4K_PAGES
23 #define KVM_PGTABLE_MIN_BLOCK_LEVEL 1U
24 #else
25 #define KVM_PGTABLE_MIN_BLOCK_LEVEL 2U
26 #endif
27
kvm_get_parange(u64 mmfr0)28 static inline u64 kvm_get_parange(u64 mmfr0)
29 {
30 u64 parange = cpuid_feature_extract_unsigned_field(mmfr0,
31 ID_AA64MMFR0_EL1_PARANGE_SHIFT);
32 if (parange > ID_AA64MMFR0_EL1_PARANGE_MAX)
33 parange = ID_AA64MMFR0_EL1_PARANGE_MAX;
34
35 return parange;
36 }
37
38 typedef u64 kvm_pte_t;
39
40 #define KVM_PTE_VALID BIT(0)
41
42 #define KVM_PTE_ADDR_MASK GENMASK(47, PAGE_SHIFT)
43 #define KVM_PTE_ADDR_51_48 GENMASK(15, 12)
44
45 #define KVM_PHYS_INVALID (-1ULL)
46
47 #define KVM_PTE_TYPE BIT(1)
48 #define KVM_PTE_TYPE_BLOCK 0
49 #define KVM_PTE_TYPE_PAGE 1
50 #define KVM_PTE_TYPE_TABLE 1
51
52 #define KVM_PTE_LEAF_ATTR_LO GENMASK(11, 2)
53
54 #define KVM_PTE_LEAF_ATTR_LO_S1_ATTRIDX GENMASK(4, 2)
55 #define KVM_PTE_LEAF_ATTR_LO_S1_AP GENMASK(7, 6)
56 #define KVM_PTE_LEAF_ATTR_LO_S1_AP_RO 3
57 #define KVM_PTE_LEAF_ATTR_LO_S1_AP_RW 1
58 #define KVM_PTE_LEAF_ATTR_LO_S1_SH GENMASK(9, 8)
59 #define KVM_PTE_LEAF_ATTR_LO_S1_SH_IS 3
60 #define KVM_PTE_LEAF_ATTR_LO_S1_AF BIT(10)
61
62 #define KVM_PTE_LEAF_ATTR_LO_S2_MEMATTR GENMASK(5, 2)
63 #define KVM_PTE_LEAF_ATTR_LO_S2_S2AP_R BIT(6)
64 #define KVM_PTE_LEAF_ATTR_LO_S2_S2AP_W BIT(7)
65 #define KVM_PTE_LEAF_ATTR_LO_S2_SH GENMASK(9, 8)
66 #define KVM_PTE_LEAF_ATTR_LO_S2_SH_IS 3
67 #define KVM_PTE_LEAF_ATTR_LO_S2_AF BIT(10)
68
69 #define KVM_PTE_LEAF_ATTR_HI GENMASK(63, 51)
70
71 #define KVM_PTE_LEAF_ATTR_HI_SW GENMASK(58, 55)
72
73 #define KVM_PTE_LEAF_ATTR_HI_S1_XN BIT(54)
74
75 #define KVM_PTE_LEAF_ATTR_HI_S2_XN_PXN 1
76 #define KVM_PTE_LEAF_ATTR_HI_S2_XN_UXN 3
77 #define KVM_PTE_LEAF_ATTR_HI_S2_XN_XN 2
78 #define KVM_PTE_LEAF_ATTR_HI_S2_XN GENMASK(54, 53)
79
kvm_pte_valid(kvm_pte_t pte)80 static inline bool kvm_pte_valid(kvm_pte_t pte)
81 {
82 return pte & KVM_PTE_VALID;
83 }
84
kvm_pte_to_phys(kvm_pte_t pte)85 static inline u64 kvm_pte_to_phys(kvm_pte_t pte)
86 {
87 u64 pa = pte & KVM_PTE_ADDR_MASK;
88
89 if (PAGE_SHIFT == 16)
90 pa |= FIELD_GET(KVM_PTE_ADDR_51_48, pte) << 48;
91
92 return pa;
93 }
94
kvm_phys_to_pte(u64 pa)95 static inline kvm_pte_t kvm_phys_to_pte(u64 pa)
96 {
97 kvm_pte_t pte = pa & KVM_PTE_ADDR_MASK;
98
99 if (PAGE_SHIFT == 16) {
100 pa &= GENMASK(51, 48);
101 pte |= FIELD_PREP(KVM_PTE_ADDR_51_48, pa >> 48);
102 }
103
104 return pte;
105 }
106
kvm_granule_shift(u32 level)107 static inline u64 kvm_granule_shift(u32 level)
108 {
109 /* Assumes KVM_PGTABLE_MAX_LEVELS is 4 */
110 return ARM64_HW_PGTABLE_LEVEL_SHIFT(level);
111 }
112
kvm_granule_size(u32 level)113 static inline u64 kvm_granule_size(u32 level)
114 {
115 return BIT(kvm_granule_shift(level));
116 }
117
kvm_level_supports_block_mapping(u32 level)118 static inline bool kvm_level_supports_block_mapping(u32 level)
119 {
120 return level >= KVM_PGTABLE_MIN_BLOCK_LEVEL;
121 }
122
kvm_pte_table(kvm_pte_t pte,u32 level)123 static inline bool kvm_pte_table(kvm_pte_t pte, u32 level)
124 {
125 if (level == KVM_PGTABLE_MAX_LEVELS - 1)
126 return false;
127
128 if (!kvm_pte_valid(pte))
129 return false;
130
131 return FIELD_GET(KVM_PTE_TYPE, pte) == KVM_PTE_TYPE_TABLE;
132 }
133
134 /**
135 * struct kvm_pgtable_mm_ops - Memory management callbacks.
136 * @zalloc_page: Allocate a single zeroed memory page.
137 * The @arg parameter can be used by the walker
138 * to pass a memcache. The initial refcount of
139 * the page is 1.
140 * @zalloc_pages_exact: Allocate an exact number of zeroed memory pages.
141 * The @size parameter is in bytes, and is rounded
142 * up to the next page boundary. The resulting
143 * allocation is physically contiguous.
144 * @free_pages_exact: Free an exact number of memory pages previously
145 * allocated by zalloc_pages_exact.
146 * @get_page: Increment the refcount on a page.
147 * @put_page: Decrement the refcount on a page. When the
148 * refcount reaches 0 the page is automatically
149 * freed.
150 * @page_count: Return the refcount of a page.
151 * @phys_to_virt: Convert a physical address into a virtual
152 * address mapped in the current context.
153 * @virt_to_phys: Convert a virtual address mapped in the current
154 * context into a physical address.
155 * @dcache_clean_inval_poc: Clean and invalidate the data cache to the PoC
156 * for the specified memory address range.
157 * @icache_inval_pou: Invalidate the instruction cache to the PoU
158 * for the specified memory address range.
159 */
160 struct kvm_pgtable_mm_ops {
161 void* (*zalloc_page)(void *arg);
162 void* (*zalloc_pages_exact)(size_t size);
163 void (*free_pages_exact)(void *addr, size_t size);
164 void (*get_page)(void *addr);
165 void (*put_page)(void *addr);
166 int (*page_count)(void *addr);
167 void* (*phys_to_virt)(phys_addr_t phys);
168 phys_addr_t (*virt_to_phys)(void *addr);
169 void (*dcache_clean_inval_poc)(void *addr, size_t size);
170 void (*icache_inval_pou)(void *addr, size_t size);
171 };
172
kvm_pte_follow(kvm_pte_t pte,struct kvm_pgtable_mm_ops * mm_ops)173 static inline kvm_pte_t *kvm_pte_follow(kvm_pte_t pte, struct kvm_pgtable_mm_ops *mm_ops)
174 {
175 return mm_ops->phys_to_virt(kvm_pte_to_phys(pte));
176 }
177
178 /**
179 * enum kvm_pgtable_stage2_flags - Stage-2 page-table flags.
180 * @KVM_PGTABLE_S2_NOFWB: Don't enforce Normal-WB even if the CPUs have
181 * ARM64_HAS_STAGE2_FWB.
182 * @KVM_PGTABLE_S2_IDMAP: Only use identity mappings.
183 */
184 enum kvm_pgtable_stage2_flags {
185 KVM_PGTABLE_S2_NOFWB = BIT(0),
186 KVM_PGTABLE_S2_IDMAP = BIT(1),
187 };
188
189 /**
190 * enum kvm_pgtable_prot - Page-table permissions and attributes.
191 * @KVM_PGTABLE_PROT_X: Execute permission.
192 * @KVM_PGTABLE_PROT_W: Write permission.
193 * @KVM_PGTABLE_PROT_R: Read permission.
194 * @KVM_PGTABLE_PROT_DEVICE: Device attributes.
195 * @KVM_PGTABLE_PROT_NC: Normal non-cacheable attributes.
196 * @KVM_PGTABLE_PROT_PXN: Privileged execute-never.
197 * @KVM_PGTABLE_PROT_UXN: Unprivileged execute-never.
198 * @KVM_PGTABLE_PROT_SW0: Software bit 0.
199 * @KVM_PGTABLE_PROT_SW1: Software bit 1.
200 * @KVM_PGTABLE_PROT_SW2: Software bit 2.
201 * @KVM_PGTABLE_PROT_SW3: Software bit 3.
202 */
203 enum kvm_pgtable_prot {
204 KVM_PGTABLE_PROT_X = BIT(0),
205 KVM_PGTABLE_PROT_W = BIT(1),
206 KVM_PGTABLE_PROT_R = BIT(2),
207
208 KVM_PGTABLE_PROT_DEVICE = BIT(3),
209 KVM_PGTABLE_PROT_NC = BIT(4),
210 KVM_PGTABLE_PROT_PXN = BIT(5),
211 KVM_PGTABLE_PROT_UXN = BIT(6),
212
213 KVM_PGTABLE_PROT_SW0 = BIT(55),
214 KVM_PGTABLE_PROT_SW1 = BIT(56),
215 KVM_PGTABLE_PROT_SW2 = BIT(57),
216 KVM_PGTABLE_PROT_SW3 = BIT(58),
217 };
218
219 #define KVM_PGTABLE_PROT_RW (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_W)
220 #define KVM_PGTABLE_PROT_RWX (KVM_PGTABLE_PROT_RW | KVM_PGTABLE_PROT_X)
221
222 #define PKVM_HOST_MEM_PROT KVM_PGTABLE_PROT_RWX
223 #define PKVM_HOST_MMIO_PROT KVM_PGTABLE_PROT_RW
224
225 #define KVM_HOST_S2_DEFAULT_MASK (KVM_PTE_LEAF_ATTR_HI | \
226 KVM_PTE_LEAF_ATTR_LO)
227
228 #define KVM_HOST_S2_DEFAULT_MEM_PTE \
229 (PTE_S2_MEMATTR(MT_S2_NORMAL) | \
230 KVM_PTE_LEAF_ATTR_LO_S2_S2AP_R | \
231 KVM_PTE_LEAF_ATTR_LO_S2_S2AP_W | \
232 KVM_PTE_LEAF_ATTR_LO_S2_AF | \
233 FIELD_PREP(KVM_PTE_LEAF_ATTR_LO_S2_SH, KVM_PTE_LEAF_ATTR_LO_S2_SH_IS))
234
235 #define KVM_HOST_S2_DEFAULT_MMIO_PTE \
236 (KVM_HOST_S2_DEFAULT_MEM_PTE | \
237 FIELD_PREP(KVM_PTE_LEAF_ATTR_HI_S2_XN, KVM_PTE_LEAF_ATTR_HI_S2_XN_XN))
238
239 #define PAGE_HYP KVM_PGTABLE_PROT_RW
240 #define PAGE_HYP_EXEC (KVM_PGTABLE_PROT_R | KVM_PGTABLE_PROT_X)
241 #define PAGE_HYP_RO (KVM_PGTABLE_PROT_R)
242 #define PAGE_HYP_DEVICE (PAGE_HYP | KVM_PGTABLE_PROT_DEVICE)
243
244 typedef bool (*kvm_pgtable_force_pte_cb_t)(u64 addr, u64 end,
245 enum kvm_pgtable_prot prot);
246
247 typedef bool (*kvm_pgtable_pte_is_counted_cb_t)(kvm_pte_t pte, u32 level);
248
249 /**
250 * struct kvm_pgtable_pte_ops - PTE callbacks.
251 * @force_pte_cb: Force the mapping granularity to pages and
252 * return true if we support this instead of
253 * block mappings.
254 * @pte_is_counted_cb Verify the attributes of the @pte argument
255 * and return true if the descriptor needs to be
256 * refcounted, otherwise return false.
257 */
258 struct kvm_pgtable_pte_ops {
259 kvm_pgtable_force_pte_cb_t force_pte_cb;
260 kvm_pgtable_pte_is_counted_cb_t pte_is_counted_cb;
261 };
262
263 /**
264 * struct kvm_pgtable - KVM page-table.
265 * @ia_bits: Maximum input address size, in bits.
266 * @start_level: Level at which the page-table walk starts.
267 * @pgd: Pointer to the first top-level entry of the page-table.
268 * @mm_ops: Memory management callbacks.
269 * @mmu: Stage-2 KVM MMU struct. Unused for stage-1 page-tables.
270 * @flags: Stage-2 page-table flags.
271 * @pte_ops: PTE callbacks.
272 */
273 struct kvm_pgtable {
274 u32 ia_bits;
275 u32 start_level;
276 kvm_pte_t *pgd;
277 struct kvm_pgtable_mm_ops *mm_ops;
278
279 /* Stage-2 only */
280 struct kvm_s2_mmu *mmu;
281 enum kvm_pgtable_stage2_flags flags;
282 struct kvm_pgtable_pte_ops *pte_ops;
283 };
284
285 /**
286 * enum kvm_pgtable_walk_flags - Flags to control a depth-first page-table walk.
287 * @KVM_PGTABLE_WALK_LEAF: Visit leaf entries, including invalid
288 * entries.
289 * @KVM_PGTABLE_WALK_TABLE_PRE: Visit table entries before their
290 * children.
291 * @KVM_PGTABLE_WALK_TABLE_POST: Visit table entries after their
292 * children.
293 */
294 enum kvm_pgtable_walk_flags {
295 KVM_PGTABLE_WALK_LEAF = BIT(0),
296 KVM_PGTABLE_WALK_TABLE_PRE = BIT(1),
297 KVM_PGTABLE_WALK_TABLE_POST = BIT(2),
298 };
299
300 typedef int (*kvm_pgtable_visitor_fn_t)(u64 addr, u64 end, u32 level,
301 kvm_pte_t *ptep,
302 enum kvm_pgtable_walk_flags flag,
303 void * const arg);
304
305 /**
306 * struct kvm_pgtable_walker - Hook into a page-table walk.
307 * @cb: Callback function to invoke during the walk.
308 * @arg: Argument passed to the callback function.
309 * @flags: Bitwise-OR of flags to identify the entry types on which to
310 * invoke the callback function.
311 */
312 struct kvm_pgtable_walker {
313 const kvm_pgtable_visitor_fn_t cb;
314 void * const arg;
315 const enum kvm_pgtable_walk_flags flags;
316 };
317
318 /**
319 * kvm_pgtable_hyp_init() - Initialise a hypervisor stage-1 page-table.
320 * @pgt: Uninitialised page-table structure to initialise.
321 * @va_bits: Maximum virtual address bits.
322 * @mm_ops: Memory management callbacks.
323 *
324 * Return: 0 on success, negative error code on failure.
325 */
326 int kvm_pgtable_hyp_init(struct kvm_pgtable *pgt, u32 va_bits,
327 struct kvm_pgtable_mm_ops *mm_ops);
328
329 /**
330 * kvm_pgtable_hyp_destroy() - Destroy an unused hypervisor stage-1 page-table.
331 * @pgt: Page-table structure initialised by kvm_pgtable_hyp_init().
332 *
333 * The page-table is assumed to be unreachable by any hardware walkers prior
334 * to freeing and therefore no TLB invalidation is performed.
335 */
336 void kvm_pgtable_hyp_destroy(struct kvm_pgtable *pgt);
337
338 /**
339 * kvm_pgtable_hyp_map() - Install a mapping in a hypervisor stage-1 page-table.
340 * @pgt: Page-table structure initialised by kvm_pgtable_hyp_init().
341 * @addr: Virtual address at which to place the mapping.
342 * @size: Size of the mapping.
343 * @phys: Physical address of the memory to map.
344 * @prot: Permissions and attributes for the mapping.
345 *
346 * The offset of @addr within a page is ignored, @size is rounded-up to
347 * the next page boundary and @phys is rounded-down to the previous page
348 * boundary.
349 *
350 * If device attributes are not explicitly requested in @prot, then the
351 * mapping will be normal, cacheable. Attempts to install a new mapping
352 * for a virtual address that is already mapped will be rejected with an
353 * error and a WARN().
354 *
355 * Return: 0 on success, negative error code on failure.
356 */
357 int kvm_pgtable_hyp_map(struct kvm_pgtable *pgt, u64 addr, u64 size, u64 phys,
358 enum kvm_pgtable_prot prot);
359
360 /**
361 * kvm_pgtable_hyp_unmap() - Remove a mapping from a hypervisor stage-1 page-table.
362 * @pgt: Page-table structure initialised by kvm_pgtable_hyp_init().
363 * @addr: Virtual address from which to remove the mapping.
364 * @size: Size of the mapping.
365 *
366 * The offset of @addr within a page is ignored, @size is rounded-up to
367 * the next page boundary and @phys is rounded-down to the previous page
368 * boundary.
369 *
370 * TLB invalidation is performed for each page-table entry cleared during the
371 * unmapping operation and the reference count for the page-table page
372 * containing the cleared entry is decremented, with unreferenced pages being
373 * freed. The unmapping operation will stop early if it encounters either an
374 * invalid page-table entry or a valid block mapping which maps beyond the range
375 * being unmapped.
376 *
377 * Return: Number of bytes unmapped, which may be 0.
378 */
379 u64 kvm_pgtable_hyp_unmap(struct kvm_pgtable *pgt, u64 addr, u64 size);
380
381 /**
382 * kvm_get_vtcr() - Helper to construct VTCR_EL2
383 * @mmfr0: Sanitized value of SYS_ID_AA64MMFR0_EL1 register.
384 * @mmfr1: Sanitized value of SYS_ID_AA64MMFR1_EL1 register.
385 * @phys_shfit: Value to set in VTCR_EL2.T0SZ.
386 *
387 * The VTCR value is common across all the physical CPUs on the system.
388 * We use system wide sanitised values to fill in different fields,
389 * except for Hardware Management of Access Flags. HA Flag is set
390 * unconditionally on all CPUs, as it is safe to run with or without
391 * the feature and the bit is RES0 on CPUs that don't support it.
392 *
393 * Return: VTCR_EL2 value
394 */
395 u64 kvm_get_vtcr(u64 mmfr0, u64 mmfr1, u32 phys_shift);
396
397 /**
398 * kvm_pgtable_stage2_pgd_size() - Helper to compute size of a stage-2 PGD
399 * @vtcr: Content of the VTCR register.
400 *
401 * Return: the size (in bytes) of the stage-2 PGD
402 */
403 size_t kvm_pgtable_stage2_pgd_size(u64 vtcr);
404
405 /**
406 * __kvm_pgtable_stage2_init() - Initialise a guest stage-2 page-table.
407 * @pgt: Uninitialised page-table structure to initialise.
408 * @mmu: S2 MMU context for this S2 translation
409 * @mm_ops: Memory management callbacks.
410 * @flags: Stage-2 configuration flags.
411 * @pte_ops: PTE callbacks.
412 *
413 * Return: 0 on success, negative error code on failure.
414 */
415 int __kvm_pgtable_stage2_init(struct kvm_pgtable *pgt, struct kvm_s2_mmu *mmu,
416 struct kvm_pgtable_mm_ops *mm_ops,
417 enum kvm_pgtable_stage2_flags flags,
418 struct kvm_pgtable_pte_ops *pte_ops);
419
420 #define kvm_pgtable_stage2_init(pgt, mmu, mm_ops, pte_ops) \
421 __kvm_pgtable_stage2_init(pgt, mmu, mm_ops, 0, pte_ops)
422
423 /**
424 * kvm_pgtable_stage2_destroy() - Destroy an unused guest stage-2 page-table.
425 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
426 *
427 * The page-table is assumed to be unreachable by any hardware walkers prior
428 * to freeing and therefore no TLB invalidation is performed.
429 */
430 void kvm_pgtable_stage2_destroy(struct kvm_pgtable *pgt);
431
432 /**
433 * kvm_pgtable_stage2_map() - Install a mapping in a guest stage-2 page-table.
434 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
435 * @addr: Intermediate physical address at which to place the mapping.
436 * @size: Size of the mapping.
437 * @phys: Physical address of the memory to map.
438 * @prot: Permissions and attributes for the mapping.
439 * @mc: Cache of pre-allocated and zeroed memory from which to allocate
440 * page-table pages.
441 *
442 * The offset of @addr within a page is ignored, @size is rounded-up to
443 * the next page boundary and @phys is rounded-down to the previous page
444 * boundary.
445 *
446 * If device attributes are not explicitly requested in @prot, then the
447 * mapping will be normal, cacheable.
448 *
449 * Note that the update of a valid leaf PTE in this function will be aborted,
450 * if it's trying to recreate the exact same mapping or only change the access
451 * permissions. Instead, the vCPU will exit one more time from guest if still
452 * needed and then go through the path of relaxing permissions.
453 *
454 * Note that this function will both coalesce existing table entries and split
455 * existing block mappings, relying on page-faults to fault back areas outside
456 * of the new mapping lazily.
457 *
458 * Return: 0 on success, negative error code on failure.
459 */
460 int kvm_pgtable_stage2_map(struct kvm_pgtable *pgt, u64 addr, u64 size,
461 u64 phys, enum kvm_pgtable_prot prot,
462 void *mc);
463
464 /**
465 * kvm_pgtable_stage2_annotate() - Unmap and annotate pages in the IPA space
466 * to track ownership (and more).
467 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
468 * @addr: Base intermediate physical address to annotate.
469 * @size: Size of the annotated range.
470 * @mc: Cache of pre-allocated and zeroed memory from which to allocate
471 * page-table pages.
472 * @annotation: A 63 bit value that will be stored in the page tables.
473 * @annotation[0] must be 0, and @annotation[63:1] is stored
474 * in the page tables.
475 *
476 * By default, all page-tables are owned by identifier 0. This function can be
477 * used to mark portions of the IPA space as owned by other entities. When a
478 * stage 2 is used with identity-mappings, these annotations allow to use the
479 * page-table data structure as a simple rmap.
480 *
481 * Return: 0 on success, negative error code on failure.
482 */
483 int kvm_pgtable_stage2_annotate(struct kvm_pgtable *pgt, u64 addr, u64 size,
484 void *mc, kvm_pte_t annotation);
485
486 /**
487 * kvm_pgtable_stage2_unmap() - Remove a mapping from a guest stage-2 page-table.
488 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
489 * @addr: Intermediate physical address from which to remove the mapping.
490 * @size: Size of the mapping.
491 *
492 * The offset of @addr within a page is ignored and @size is rounded-up to
493 * the next page boundary.
494 *
495 * TLB invalidation is performed for each page-table entry cleared during the
496 * unmapping operation and the reference count for the page-table page
497 * containing the cleared entry is decremented, with unreferenced pages being
498 * freed. Unmapping a cacheable page will ensure that it is clean to the PoC if
499 * FWB is not supported by the CPU.
500 *
501 * Return: 0 on success, negative error code on failure.
502 */
503 int kvm_pgtable_stage2_unmap(struct kvm_pgtable *pgt, u64 addr, u64 size);
504
505 /**
506 * kvm_pgtable_stage2_reclaim_leaves() - Attempt to reclaim leaf page-table
507 * pages by coalescing table entries into
508 * block mappings.
509 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
510 * @addr: Intermediate physical address from which to reclaim leaves.
511 * @size: Size of the range.
512 *
513 * The offset of @addr within a page is ignored and @size is rounded-up to
514 * the next page boundary.
515 *
516 * Return: 0 on success, negative error code on failure.
517 */
518 int kvm_pgtable_stage2_reclaim_leaves(struct kvm_pgtable *pgt, u64 addr, u64 size);
519
520 /**
521 * kvm_pgtable_stage2_wrprotect() - Write-protect guest stage-2 address range
522 * without TLB invalidation.
523 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
524 * @addr: Intermediate physical address from which to write-protect,
525 * @size: Size of the range.
526 *
527 * The offset of @addr within a page is ignored and @size is rounded-up to
528 * the next page boundary.
529 *
530 * Note that it is the caller's responsibility to invalidate the TLB after
531 * calling this function to ensure that the updated permissions are visible
532 * to the CPUs.
533 *
534 * Return: 0 on success, negative error code on failure.
535 */
536 int kvm_pgtable_stage2_wrprotect(struct kvm_pgtable *pgt, u64 addr, u64 size);
537
538 /**
539 * kvm_pgtable_stage2_mkyoung() - Set the access flag in a page-table entry.
540 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
541 * @addr: Intermediate physical address to identify the page-table entry.
542 *
543 * The offset of @addr within a page is ignored.
544 *
545 * If there is a valid, leaf page-table entry used to translate @addr, then
546 * set the access flag in that entry.
547 *
548 * Return: The old page-table entry prior to setting the flag, 0 on failure.
549 */
550 kvm_pte_t kvm_pgtable_stage2_mkyoung(struct kvm_pgtable *pgt, u64 addr);
551
552 /**
553 * kvm_pgtable_stage2_mkold() - Clear the access flag in a page-table entry.
554 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
555 * @addr: Intermediate physical address to identify the page-table entry.
556 *
557 * The offset of @addr within a page is ignored.
558 *
559 * If there is a valid, leaf page-table entry used to translate @addr, then
560 * clear the access flag in that entry.
561 *
562 * Note that it is the caller's responsibility to invalidate the TLB after
563 * calling this function to ensure that the updated permissions are visible
564 * to the CPUs.
565 *
566 * Return: The old page-table entry prior to clearing the flag, 0 on failure.
567 */
568 kvm_pte_t kvm_pgtable_stage2_mkold(struct kvm_pgtable *pgt, u64 addr);
569
570 /**
571 * kvm_pgtable_stage2_relax_perms() - Relax the permissions enforced by a
572 * page-table entry.
573 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
574 * @addr: Intermediate physical address to identify the page-table entry.
575 * @prot: Additional permissions to grant for the mapping.
576 *
577 * The offset of @addr within a page is ignored.
578 *
579 * If there is a valid, leaf page-table entry used to translate @addr, then
580 * relax the permissions in that entry according to the read, write and
581 * execute permissions specified by @prot. No permissions are removed, and
582 * TLB invalidation is performed after updating the entry. Software bits cannot
583 * be set or cleared using kvm_pgtable_stage2_relax_perms().
584 *
585 * Return: 0 on success, negative error code on failure.
586 */
587 int kvm_pgtable_stage2_relax_perms(struct kvm_pgtable *pgt, u64 addr,
588 enum kvm_pgtable_prot prot);
589
590 /**
591 * kvm_pgtable_stage2_is_young() - Test whether a page-table entry has the
592 * access flag set.
593 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
594 * @addr: Intermediate physical address to identify the page-table entry.
595 *
596 * The offset of @addr within a page is ignored.
597 *
598 * Return: True if the page-table entry has the access flag set, false otherwise.
599 */
600 bool kvm_pgtable_stage2_is_young(struct kvm_pgtable *pgt, u64 addr);
601
602 /**
603 * kvm_pgtable_stage2_flush_range() - Clean and invalidate data cache to Point
604 * of Coherency for guest stage-2 address
605 * range.
606 * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*().
607 * @addr: Intermediate physical address from which to flush.
608 * @size: Size of the range.
609 *
610 * The offset of @addr within a page is ignored and @size is rounded-up to
611 * the next page boundary.
612 *
613 * Return: 0 on success, negative error code on failure.
614 */
615 int kvm_pgtable_stage2_flush(struct kvm_pgtable *pgt, u64 addr, u64 size);
616
617 /**
618 * kvm_pgtable_walk() - Walk a page-table.
619 * @pgt: Page-table structure initialised by kvm_pgtable_*_init().
620 * @addr: Input address for the start of the walk.
621 * @size: Size of the range to walk.
622 * @walker: Walker callback description.
623 *
624 * The offset of @addr within a page is ignored and @size is rounded-up to
625 * the next page boundary.
626 *
627 * The walker will walk the page-table entries corresponding to the input
628 * address range specified, visiting entries according to the walker flags.
629 * Invalid entries are treated as leaf entries. Leaf entries are reloaded
630 * after invoking the walker callback, allowing the walker to descend into
631 * a newly installed table.
632 *
633 * Returning a negative error code from the walker callback function will
634 * terminate the walk immediately with the same error code.
635 *
636 * Return: 0 on success, negative error code on failure.
637 */
638 int kvm_pgtable_walk(struct kvm_pgtable *pgt, u64 addr, u64 size,
639 struct kvm_pgtable_walker *walker);
640
641 /**
642 * kvm_pgtable_get_leaf() - Walk a page-table and retrieve the leaf entry
643 * with its level.
644 * @pgt: Page-table structure initialised by kvm_pgtable_*_init()
645 * or a similar initialiser.
646 * @addr: Input address for the start of the walk.
647 * @ptep: Pointer to storage for the retrieved PTE.
648 * @level: Pointer to storage for the level of the retrieved PTE.
649 *
650 * The offset of @addr within a page is ignored.
651 *
652 * The walker will walk the page-table entries corresponding to the input
653 * address specified, retrieving the leaf corresponding to this address.
654 * Invalid entries are treated as leaf entries.
655 *
656 * Return: 0 on success, negative error code on failure.
657 */
658 int kvm_pgtable_get_leaf(struct kvm_pgtable *pgt, u64 addr,
659 kvm_pte_t *ptep, u32 *level);
660
661 /**
662 * kvm_pgtable_stage2_pte_prot() - Retrieve the protection attributes of a
663 * stage-2 Page-Table Entry.
664 * @pte: Page-table entry
665 *
666 * Return: protection attributes of the page-table entry in the enum
667 * kvm_pgtable_prot format.
668 */
669 enum kvm_pgtable_prot kvm_pgtable_stage2_pte_prot(kvm_pte_t pte);
670
671 /**
672 * kvm_pgtable_hyp_pte_prot() - Retrieve the protection attributes of a stage-1
673 * Page-Table Entry.
674 * @pte: Page-table entry
675 *
676 * Return: protection attributes of the page-table entry in the enum
677 * kvm_pgtable_prot format.
678 */
679 enum kvm_pgtable_prot kvm_pgtable_hyp_pte_prot(kvm_pte_t pte);
680 #endif /* __ARM64_KVM_PGTABLE_H__ */
681