2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License, version 2, as
4 * published by the Free Software Foundation.
6 * Copyright 2010-2011 Paul Mackerras, IBM Corp. <paulus@au1.ibm.com>
9 #include <linux/types.h>
10 #include <linux/string.h>
11 #include <linux/kvm.h>
12 #include <linux/kvm_host.h>
13 #include <linux/hugetlb.h>
14 #include <linux/module.h>
15 #include <linux/log2.h>
17 #include <asm/tlbflush.h>
18 #include <asm/trace.h>
19 #include <asm/kvm_ppc.h>
20 #include <asm/kvm_book3s.h>
21 #include <asm/book3s/64/mmu-hash.h>
22 #include <asm/hvcall.h>
23 #include <asm/synch.h>
24 #include <asm/ppc-opcode.h>
25 #include <asm/pte-walk.h>
27 /* Translate address of a vmalloc'd thing to a linear map address */
28 static void *real_vmalloc_addr(void *x)
30 unsigned long addr = (unsigned long) x;
33 * assume we don't have huge pages in vmalloc space...
34 * So don't worry about THP collapse/split. Called
35 * Only in realmode with MSR_EE = 0, hence won't need irq_save/restore.
37 p = find_init_mm_pte(addr, NULL);
38 if (!p || !pte_present(*p))
40 addr = (pte_pfn(*p) << PAGE_SHIFT) | (addr & ~PAGE_MASK);
44 /* Return 1 if we need to do a global tlbie, 0 if we can use tlbiel */
45 static int global_invalidates(struct kvm *kvm, unsigned long flags)
51 * If there is only one vcore, and it's currently running,
52 * as indicated by local_paca->kvm_hstate.kvm_vcpu being set,
53 * we can use tlbiel as long as we mark all other physical
54 * cores as potentially having stale TLB entries for this lpid.
55 * Otherwise, don't use tlbiel.
57 if (kvm->arch.online_vcores == 1 && local_paca->kvm_hstate.kvm_vcpu)
63 /* any other core might now have stale TLB entries... */
65 cpumask_setall(&kvm->arch.need_tlb_flush);
66 cpu = local_paca->kvm_hstate.kvm_vcore->pcpu;
68 * On POWER9, threads are independent but the TLB is shared,
69 * so use the bit for the first thread to represent the core.
71 if (cpu_has_feature(CPU_FTR_ARCH_300))
72 cpu = cpu_first_thread_sibling(cpu);
73 cpumask_clear_cpu(cpu, &kvm->arch.need_tlb_flush);
80 * Add this HPTE into the chain for the real page.
81 * Must be called with the chain locked; it unlocks the chain.
83 void kvmppc_add_revmap_chain(struct kvm *kvm, struct revmap_entry *rev,
84 unsigned long *rmap, long pte_index, int realmode)
86 struct revmap_entry *head, *tail;
89 if (*rmap & KVMPPC_RMAP_PRESENT) {
90 i = *rmap & KVMPPC_RMAP_INDEX;
91 head = &kvm->arch.hpt.rev[i];
93 head = real_vmalloc_addr(head);
94 tail = &kvm->arch.hpt.rev[head->back];
96 tail = real_vmalloc_addr(tail);
98 rev->back = head->back;
99 tail->forw = pte_index;
100 head->back = pte_index;
102 rev->forw = rev->back = pte_index;
103 *rmap = (*rmap & ~KVMPPC_RMAP_INDEX) |
104 pte_index | KVMPPC_RMAP_PRESENT;
108 EXPORT_SYMBOL_GPL(kvmppc_add_revmap_chain);
110 /* Update the changed page order field of an rmap entry */
111 void kvmppc_update_rmap_change(unsigned long *rmap, unsigned long psize)
117 order = ilog2(psize);
118 order <<= KVMPPC_RMAP_CHG_SHIFT;
119 if (order > (*rmap & KVMPPC_RMAP_CHG_ORDER))
120 *rmap = (*rmap & ~KVMPPC_RMAP_CHG_ORDER) | order;
122 EXPORT_SYMBOL_GPL(kvmppc_update_rmap_change);
124 /* Returns a pointer to the revmap entry for the page mapped by a HPTE */
125 static unsigned long *revmap_for_hpte(struct kvm *kvm, unsigned long hpte_v,
126 unsigned long hpte_gr)
128 struct kvm_memory_slot *memslot;
132 gfn = hpte_rpn(hpte_gr, hpte_page_size(hpte_v, hpte_gr));
133 memslot = __gfn_to_memslot(kvm_memslots_raw(kvm), gfn);
137 rmap = real_vmalloc_addr(&memslot->arch.rmap[gfn - memslot->base_gfn]);
141 /* Remove this HPTE from the chain for a real page */
142 static void remove_revmap_chain(struct kvm *kvm, long pte_index,
143 struct revmap_entry *rev,
144 unsigned long hpte_v, unsigned long hpte_r)
146 struct revmap_entry *next, *prev;
147 unsigned long ptel, head;
149 unsigned long rcbits;
151 rcbits = hpte_r & (HPTE_R_R | HPTE_R_C);
152 ptel = rev->guest_rpte |= rcbits;
153 rmap = revmap_for_hpte(kvm, hpte_v, ptel);
158 head = *rmap & KVMPPC_RMAP_INDEX;
159 next = real_vmalloc_addr(&kvm->arch.hpt.rev[rev->forw]);
160 prev = real_vmalloc_addr(&kvm->arch.hpt.rev[rev->back]);
161 next->back = rev->back;
162 prev->forw = rev->forw;
163 if (head == pte_index) {
165 if (head == pte_index)
166 *rmap &= ~(KVMPPC_RMAP_PRESENT | KVMPPC_RMAP_INDEX);
168 *rmap = (*rmap & ~KVMPPC_RMAP_INDEX) | head;
170 *rmap |= rcbits << KVMPPC_RMAP_RC_SHIFT;
171 if (rcbits & HPTE_R_C)
172 kvmppc_update_rmap_change(rmap, hpte_page_size(hpte_v, hpte_r));
176 long kvmppc_do_h_enter(struct kvm *kvm, unsigned long flags,
177 long pte_index, unsigned long pteh, unsigned long ptel,
178 pgd_t *pgdir, bool realmode, unsigned long *pte_idx_ret)
180 unsigned long i, pa, gpa, gfn, psize;
181 unsigned long slot_fn, hva;
183 struct revmap_entry *rev;
184 unsigned long g_ptel;
185 struct kvm_memory_slot *memslot;
186 unsigned hpage_shift;
190 unsigned int writing;
191 unsigned long mmu_seq;
192 unsigned long rcbits, irq_flags = 0;
194 if (kvm_is_radix(kvm))
196 psize = hpte_page_size(pteh, ptel);
199 writing = hpte_is_writable(ptel);
200 pteh &= ~(HPTE_V_HVLOCK | HPTE_V_ABSENT | HPTE_V_VALID);
201 ptel &= ~HPTE_GR_RESERVED;
204 /* used later to detect if we might have been invalidated */
205 mmu_seq = kvm->mmu_notifier_seq;
208 /* Find the memslot (if any) for this address */
209 gpa = (ptel & HPTE_R_RPN) & ~(psize - 1);
210 gfn = gpa >> PAGE_SHIFT;
211 memslot = __gfn_to_memslot(kvm_memslots_raw(kvm), gfn);
215 if (!(memslot && !(memslot->flags & KVM_MEMSLOT_INVALID))) {
216 /* Emulated MMIO - mark this with key=31 */
217 pteh |= HPTE_V_ABSENT;
218 ptel |= HPTE_R_KEY_HI | HPTE_R_KEY_LO;
222 /* Check if the requested page fits entirely in the memslot. */
223 if (!slot_is_aligned(memslot, psize))
225 slot_fn = gfn - memslot->base_gfn;
226 rmap = &memslot->arch.rmap[slot_fn];
228 /* Translate to host virtual address */
229 hva = __gfn_to_hva_memslot(memslot, gfn);
231 * If we had a page table table change after lookup, we would
232 * retry via mmu_notifier_retry.
235 local_irq_save(irq_flags);
237 * If called in real mode we have MSR_EE = 0. Otherwise
238 * we disable irq above.
240 ptep = __find_linux_pte(pgdir, hva, NULL, &hpage_shift);
243 unsigned int host_pte_size;
246 host_pte_size = 1ul << hpage_shift;
248 host_pte_size = PAGE_SIZE;
250 * We should always find the guest page size
251 * to <= host page size, if host is using hugepage
253 if (host_pte_size < psize) {
255 local_irq_restore(flags);
258 pte = kvmppc_read_update_linux_pte(ptep, writing);
259 if (pte_present(pte) && !pte_protnone(pte)) {
260 if (writing && !__pte_write(pte))
261 /* make the actual HPTE be read-only */
262 ptel = hpte_make_readonly(ptel);
264 pa = pte_pfn(pte) << PAGE_SHIFT;
265 pa |= hva & (host_pte_size - 1);
266 pa |= gpa & ~PAGE_MASK;
270 local_irq_restore(irq_flags);
272 ptel &= HPTE_R_KEY | HPTE_R_PP0 | (psize-1);
276 pteh |= HPTE_V_VALID;
278 pteh |= HPTE_V_ABSENT;
279 ptel &= ~(HPTE_R_KEY_HI | HPTE_R_KEY_LO);
282 /*If we had host pte mapping then Check WIMG */
283 if (ptep && !hpte_cache_flags_ok(ptel, is_ci)) {
287 * Allow guest to map emulated device memory as
288 * uncacheable, but actually make it cacheable.
290 ptel &= ~(HPTE_R_W|HPTE_R_I|HPTE_R_G);
294 /* Find and lock the HPTEG slot to use */
296 if (pte_index >= kvmppc_hpt_npte(&kvm->arch.hpt))
298 if (likely((flags & H_EXACT) == 0)) {
300 hpte = (__be64 *)(kvm->arch.hpt.virt + (pte_index << 4));
301 for (i = 0; i < 8; ++i) {
302 if ((be64_to_cpu(*hpte) & HPTE_V_VALID) == 0 &&
303 try_lock_hpte(hpte, HPTE_V_HVLOCK | HPTE_V_VALID |
310 * Since try_lock_hpte doesn't retry (not even stdcx.
311 * failures), it could be that there is a free slot
312 * but we transiently failed to lock it. Try again,
313 * actually locking each slot and checking it.
316 for (i = 0; i < 8; ++i) {
318 while (!try_lock_hpte(hpte, HPTE_V_HVLOCK))
320 pte = be64_to_cpu(hpte[0]);
321 if (!(pte & (HPTE_V_VALID | HPTE_V_ABSENT)))
323 __unlock_hpte(hpte, pte);
331 hpte = (__be64 *)(kvm->arch.hpt.virt + (pte_index << 4));
332 if (!try_lock_hpte(hpte, HPTE_V_HVLOCK | HPTE_V_VALID |
334 /* Lock the slot and check again */
337 while (!try_lock_hpte(hpte, HPTE_V_HVLOCK))
339 pte = be64_to_cpu(hpte[0]);
340 if (pte & (HPTE_V_VALID | HPTE_V_ABSENT)) {
341 __unlock_hpte(hpte, pte);
347 /* Save away the guest's idea of the second HPTE dword */
348 rev = &kvm->arch.hpt.rev[pte_index];
350 rev = real_vmalloc_addr(rev);
352 rev->guest_rpte = g_ptel;
353 note_hpte_modification(kvm, rev);
356 /* Link HPTE into reverse-map chain */
357 if (pteh & HPTE_V_VALID) {
359 rmap = real_vmalloc_addr(rmap);
361 /* Check for pending invalidations under the rmap chain lock */
362 if (mmu_notifier_retry(kvm, mmu_seq)) {
363 /* inval in progress, write a non-present HPTE */
364 pteh |= HPTE_V_ABSENT;
365 pteh &= ~HPTE_V_VALID;
366 ptel &= ~(HPTE_R_KEY_HI | HPTE_R_KEY_LO);
369 kvmppc_add_revmap_chain(kvm, rev, rmap, pte_index,
371 /* Only set R/C in real HPTE if already set in *rmap */
372 rcbits = *rmap >> KVMPPC_RMAP_RC_SHIFT;
373 ptel &= rcbits | ~(HPTE_R_R | HPTE_R_C);
377 /* Convert to new format on P9 */
378 if (cpu_has_feature(CPU_FTR_ARCH_300)) {
379 ptel = hpte_old_to_new_r(pteh, ptel);
380 pteh = hpte_old_to_new_v(pteh);
382 hpte[1] = cpu_to_be64(ptel);
384 /* Write the first HPTE dword, unlocking the HPTE and making it valid */
386 __unlock_hpte(hpte, pteh);
387 asm volatile("ptesync" : : : "memory");
389 *pte_idx_ret = pte_index;
392 EXPORT_SYMBOL_GPL(kvmppc_do_h_enter);
394 long kvmppc_h_enter(struct kvm_vcpu *vcpu, unsigned long flags,
395 long pte_index, unsigned long pteh, unsigned long ptel)
397 return kvmppc_do_h_enter(vcpu->kvm, flags, pte_index, pteh, ptel,
398 vcpu->arch.pgdir, true, &vcpu->arch.gpr[4]);
401 #ifdef __BIG_ENDIAN__
402 #define LOCK_TOKEN (*(u32 *)(&get_paca()->lock_token))
404 #define LOCK_TOKEN (*(u32 *)(&get_paca()->paca_index))
407 static inline int is_mmio_hpte(unsigned long v, unsigned long r)
409 return ((v & HPTE_V_ABSENT) &&
410 (r & (HPTE_R_KEY_HI | HPTE_R_KEY_LO)) ==
411 (HPTE_R_KEY_HI | HPTE_R_KEY_LO));
414 static inline int try_lock_tlbie(unsigned int *lock)
416 unsigned int tmp, old;
417 unsigned int token = LOCK_TOKEN;
419 asm volatile("1:lwarx %1,0,%2\n"
426 : "=&r" (tmp), "=&r" (old)
427 : "r" (lock), "r" (token)
432 static inline void fixup_tlbie_lpid(unsigned long rb_value, unsigned long lpid)
435 if (cpu_has_feature(CPU_FTR_P9_TLBIE_ERAT_BUG)) {
436 /* Radix flush for a hash guest */
438 unsigned long rb,rs,prs,r,ric;
440 rb = PPC_BIT(52); /* IS = 2 */
441 rs = 0; /* lpid = 0 */
442 prs = 0; /* partition scoped */
443 r = 1; /* radix format */
444 ric = 0; /* RIC_FLSUH_TLB */
447 * Need the extra ptesync to make sure we don't
450 asm volatile("ptesync": : :"memory");
451 asm volatile(PPC_TLBIE_5(%0, %4, %3, %2, %1)
452 : : "r"(rb), "i"(r), "i"(prs),
453 "i"(ric), "r"(rs) : "memory");
456 if (cpu_has_feature(CPU_FTR_P9_TLBIE_STQ_BUG)) {
457 asm volatile("ptesync": : :"memory");
458 asm volatile(PPC_TLBIE_5(%0,%1,0,0,0) : :
459 "r" (rb_value), "r" (lpid));
463 static void do_tlbies(struct kvm *kvm, unsigned long *rbvalues,
464 long npages, int global, bool need_sync)
469 * We use the POWER9 5-operand versions of tlbie and tlbiel here.
470 * Since we are using RIC=0 PRS=0 R=0, and P7/P8 tlbiel ignores
471 * the RS field, this is backwards-compatible with P7 and P8.
474 while (!try_lock_tlbie(&kvm->arch.tlbie_lock))
477 asm volatile("ptesync" : : : "memory");
478 for (i = 0; i < npages; ++i) {
479 asm volatile(PPC_TLBIE_5(%0,%1,0,0,0) : :
480 "r" (rbvalues[i]), "r" (kvm->arch.lpid));
483 fixup_tlbie_lpid(rbvalues[i - 1], kvm->arch.lpid);
484 asm volatile("eieio; tlbsync; ptesync" : : : "memory");
485 kvm->arch.tlbie_lock = 0;
488 asm volatile("ptesync" : : : "memory");
489 for (i = 0; i < npages; ++i) {
490 asm volatile(PPC_TLBIEL(%0,%1,0,0,0) : :
491 "r" (rbvalues[i]), "r" (0));
493 asm volatile("ptesync" : : : "memory");
497 long kvmppc_do_h_remove(struct kvm *kvm, unsigned long flags,
498 unsigned long pte_index, unsigned long avpn,
499 unsigned long *hpret)
502 unsigned long v, r, rb;
503 struct revmap_entry *rev;
504 u64 pte, orig_pte, pte_r;
506 if (kvm_is_radix(kvm))
508 if (pte_index >= kvmppc_hpt_npte(&kvm->arch.hpt))
510 hpte = (__be64 *)(kvm->arch.hpt.virt + (pte_index << 4));
511 while (!try_lock_hpte(hpte, HPTE_V_HVLOCK))
513 pte = orig_pte = be64_to_cpu(hpte[0]);
514 pte_r = be64_to_cpu(hpte[1]);
515 if (cpu_has_feature(CPU_FTR_ARCH_300)) {
516 pte = hpte_new_to_old_v(pte, pte_r);
517 pte_r = hpte_new_to_old_r(pte_r);
519 if ((pte & (HPTE_V_ABSENT | HPTE_V_VALID)) == 0 ||
520 ((flags & H_AVPN) && (pte & ~0x7fUL) != avpn) ||
521 ((flags & H_ANDCOND) && (pte & avpn) != 0)) {
522 __unlock_hpte(hpte, orig_pte);
526 rev = real_vmalloc_addr(&kvm->arch.hpt.rev[pte_index]);
527 v = pte & ~HPTE_V_HVLOCK;
528 if (v & HPTE_V_VALID) {
529 hpte[0] &= ~cpu_to_be64(HPTE_V_VALID);
530 rb = compute_tlbie_rb(v, pte_r, pte_index);
531 do_tlbies(kvm, &rb, 1, global_invalidates(kvm, flags), true);
533 * The reference (R) and change (C) bits in a HPT
534 * entry can be set by hardware at any time up until
535 * the HPTE is invalidated and the TLB invalidation
536 * sequence has completed. This means that when
537 * removing a HPTE, we need to re-read the HPTE after
538 * the invalidation sequence has completed in order to
539 * obtain reliable values of R and C.
541 remove_revmap_chain(kvm, pte_index, rev, v,
542 be64_to_cpu(hpte[1]));
544 r = rev->guest_rpte & ~HPTE_GR_RESERVED;
545 note_hpte_modification(kvm, rev);
546 unlock_hpte(hpte, 0);
548 if (is_mmio_hpte(v, pte_r))
549 atomic64_inc(&kvm->arch.mmio_update);
551 if (v & HPTE_V_ABSENT)
552 v = (v & ~HPTE_V_ABSENT) | HPTE_V_VALID;
557 EXPORT_SYMBOL_GPL(kvmppc_do_h_remove);
559 long kvmppc_h_remove(struct kvm_vcpu *vcpu, unsigned long flags,
560 unsigned long pte_index, unsigned long avpn)
562 return kvmppc_do_h_remove(vcpu->kvm, flags, pte_index, avpn,
566 long kvmppc_h_bulk_remove(struct kvm_vcpu *vcpu)
568 struct kvm *kvm = vcpu->kvm;
569 unsigned long *args = &vcpu->arch.gpr[4];
570 __be64 *hp, *hptes[4];
571 unsigned long tlbrb[4];
572 long int i, j, k, n, found, indexes[4];
573 unsigned long flags, req, pte_index, rcbits;
575 long int ret = H_SUCCESS;
576 struct revmap_entry *rev, *revs[4];
579 if (kvm_is_radix(kvm))
581 global = global_invalidates(kvm, 0);
582 for (i = 0; i < 4 && ret == H_SUCCESS; ) {
587 flags = pte_index >> 56;
588 pte_index &= ((1ul << 56) - 1);
591 if (req == 3) { /* no more requests */
595 if (req != 1 || flags == 3 ||
596 pte_index >= kvmppc_hpt_npte(&kvm->arch.hpt)) {
597 /* parameter error */
598 args[j] = ((0xa0 | flags) << 56) + pte_index;
602 hp = (__be64 *) (kvm->arch.hpt.virt + (pte_index << 4));
603 /* to avoid deadlock, don't spin except for first */
604 if (!try_lock_hpte(hp, HPTE_V_HVLOCK)) {
607 while (!try_lock_hpte(hp, HPTE_V_HVLOCK))
611 hp0 = be64_to_cpu(hp[0]);
612 hp1 = be64_to_cpu(hp[1]);
613 if (cpu_has_feature(CPU_FTR_ARCH_300)) {
614 hp0 = hpte_new_to_old_v(hp0, hp1);
615 hp1 = hpte_new_to_old_r(hp1);
617 if (hp0 & (HPTE_V_ABSENT | HPTE_V_VALID)) {
619 case 0: /* absolute */
622 case 1: /* andcond */
623 if (!(hp0 & args[j + 1]))
627 if ((hp0 & ~0x7fUL) == args[j + 1])
633 hp[0] &= ~cpu_to_be64(HPTE_V_HVLOCK);
634 args[j] = ((0x90 | flags) << 56) + pte_index;
638 args[j] = ((0x80 | flags) << 56) + pte_index;
639 rev = real_vmalloc_addr(&kvm->arch.hpt.rev[pte_index]);
640 note_hpte_modification(kvm, rev);
642 if (!(hp0 & HPTE_V_VALID)) {
643 /* insert R and C bits from PTE */
644 rcbits = rev->guest_rpte & (HPTE_R_R|HPTE_R_C);
645 args[j] |= rcbits << (56 - 5);
647 if (is_mmio_hpte(hp0, hp1))
648 atomic64_inc(&kvm->arch.mmio_update);
652 /* leave it locked */
653 hp[0] &= ~cpu_to_be64(HPTE_V_VALID);
654 tlbrb[n] = compute_tlbie_rb(hp0, hp1, pte_index);
664 /* Now that we've collected a batch, do the tlbies */
665 do_tlbies(kvm, tlbrb, n, global, true);
667 /* Read PTE low words after tlbie to get final R/C values */
668 for (k = 0; k < n; ++k) {
670 pte_index = args[j] & ((1ul << 56) - 1);
673 remove_revmap_chain(kvm, pte_index, rev,
674 be64_to_cpu(hp[0]), be64_to_cpu(hp[1]));
675 rcbits = rev->guest_rpte & (HPTE_R_R|HPTE_R_C);
676 args[j] |= rcbits << (56 - 5);
677 __unlock_hpte(hp, 0);
684 long kvmppc_h_protect(struct kvm_vcpu *vcpu, unsigned long flags,
685 unsigned long pte_index, unsigned long avpn,
688 struct kvm *kvm = vcpu->kvm;
690 struct revmap_entry *rev;
691 unsigned long v, r, rb, mask, bits;
694 if (kvm_is_radix(kvm))
696 if (pte_index >= kvmppc_hpt_npte(&kvm->arch.hpt))
699 hpte = (__be64 *)(kvm->arch.hpt.virt + (pte_index << 4));
700 while (!try_lock_hpte(hpte, HPTE_V_HVLOCK))
702 v = pte_v = be64_to_cpu(hpte[0]);
703 if (cpu_has_feature(CPU_FTR_ARCH_300))
704 v = hpte_new_to_old_v(v, be64_to_cpu(hpte[1]));
705 if ((v & (HPTE_V_ABSENT | HPTE_V_VALID)) == 0 ||
706 ((flags & H_AVPN) && (v & ~0x7fUL) != avpn)) {
707 __unlock_hpte(hpte, pte_v);
711 pte_r = be64_to_cpu(hpte[1]);
712 bits = (flags << 55) & HPTE_R_PP0;
713 bits |= (flags << 48) & HPTE_R_KEY_HI;
714 bits |= flags & (HPTE_R_PP | HPTE_R_N | HPTE_R_KEY_LO);
716 /* Update guest view of 2nd HPTE dword */
717 mask = HPTE_R_PP0 | HPTE_R_PP | HPTE_R_N |
718 HPTE_R_KEY_HI | HPTE_R_KEY_LO;
719 rev = real_vmalloc_addr(&kvm->arch.hpt.rev[pte_index]);
721 r = (rev->guest_rpte & ~mask) | bits;
723 note_hpte_modification(kvm, rev);
727 if (v & HPTE_V_VALID) {
729 * If the page is valid, don't let it transition from
730 * readonly to writable. If it should be writable, we'll
731 * take a trap and let the page fault code sort it out.
733 r = (pte_r & ~mask) | bits;
734 if (hpte_is_writable(r) && !hpte_is_writable(pte_r))
735 r = hpte_make_readonly(r);
736 /* If the PTE is changing, invalidate it first */
738 rb = compute_tlbie_rb(v, r, pte_index);
739 hpte[0] = cpu_to_be64((pte_v & ~HPTE_V_VALID) |
741 do_tlbies(kvm, &rb, 1, global_invalidates(kvm, flags),
743 /* Don't lose R/C bit updates done by hardware */
744 r |= be64_to_cpu(hpte[1]) & (HPTE_R_R | HPTE_R_C);
745 hpte[1] = cpu_to_be64(r);
748 unlock_hpte(hpte, pte_v & ~HPTE_V_HVLOCK);
749 asm volatile("ptesync" : : : "memory");
750 if (is_mmio_hpte(v, pte_r))
751 atomic64_inc(&kvm->arch.mmio_update);
756 long kvmppc_h_read(struct kvm_vcpu *vcpu, unsigned long flags,
757 unsigned long pte_index)
759 struct kvm *kvm = vcpu->kvm;
763 struct revmap_entry *rev = NULL;
765 if (kvm_is_radix(kvm))
767 if (pte_index >= kvmppc_hpt_npte(&kvm->arch.hpt))
769 if (flags & H_READ_4) {
773 rev = real_vmalloc_addr(&kvm->arch.hpt.rev[pte_index]);
774 for (i = 0; i < n; ++i, ++pte_index) {
775 hpte = (__be64 *)(kvm->arch.hpt.virt + (pte_index << 4));
776 v = be64_to_cpu(hpte[0]) & ~HPTE_V_HVLOCK;
777 r = be64_to_cpu(hpte[1]);
778 if (cpu_has_feature(CPU_FTR_ARCH_300)) {
779 v = hpte_new_to_old_v(v, r);
780 r = hpte_new_to_old_r(r);
782 if (v & HPTE_V_ABSENT) {
786 if (v & HPTE_V_VALID) {
787 r = rev[i].guest_rpte | (r & (HPTE_R_R | HPTE_R_C));
788 r &= ~HPTE_GR_RESERVED;
790 vcpu->arch.gpr[4 + i * 2] = v;
791 vcpu->arch.gpr[5 + i * 2] = r;
796 long kvmppc_h_clear_ref(struct kvm_vcpu *vcpu, unsigned long flags,
797 unsigned long pte_index)
799 struct kvm *kvm = vcpu->kvm;
801 unsigned long v, r, gr;
802 struct revmap_entry *rev;
804 long ret = H_NOT_FOUND;
806 if (kvm_is_radix(kvm))
808 if (pte_index >= kvmppc_hpt_npte(&kvm->arch.hpt))
811 rev = real_vmalloc_addr(&kvm->arch.hpt.rev[pte_index]);
812 hpte = (__be64 *)(kvm->arch.hpt.virt + (pte_index << 4));
813 while (!try_lock_hpte(hpte, HPTE_V_HVLOCK))
815 v = be64_to_cpu(hpte[0]);
816 r = be64_to_cpu(hpte[1]);
817 if (!(v & (HPTE_V_VALID | HPTE_V_ABSENT)))
820 gr = rev->guest_rpte;
821 if (rev->guest_rpte & HPTE_R_R) {
822 rev->guest_rpte &= ~HPTE_R_R;
823 note_hpte_modification(kvm, rev);
825 if (v & HPTE_V_VALID) {
826 gr |= r & (HPTE_R_R | HPTE_R_C);
828 kvmppc_clear_ref_hpte(kvm, hpte, pte_index);
829 rmap = revmap_for_hpte(kvm, v, gr);
832 *rmap |= KVMPPC_RMAP_REFERENCED;
837 vcpu->arch.gpr[4] = gr;
840 unlock_hpte(hpte, v & ~HPTE_V_HVLOCK);
844 long kvmppc_h_clear_mod(struct kvm_vcpu *vcpu, unsigned long flags,
845 unsigned long pte_index)
847 struct kvm *kvm = vcpu->kvm;
849 unsigned long v, r, gr;
850 struct revmap_entry *rev;
852 long ret = H_NOT_FOUND;
854 if (kvm_is_radix(kvm))
856 if (pte_index >= kvmppc_hpt_npte(&kvm->arch.hpt))
859 rev = real_vmalloc_addr(&kvm->arch.hpt.rev[pte_index]);
860 hpte = (__be64 *)(kvm->arch.hpt.virt + (pte_index << 4));
861 while (!try_lock_hpte(hpte, HPTE_V_HVLOCK))
863 v = be64_to_cpu(hpte[0]);
864 r = be64_to_cpu(hpte[1]);
865 if (!(v & (HPTE_V_VALID | HPTE_V_ABSENT)))
868 gr = rev->guest_rpte;
870 rev->guest_rpte &= ~HPTE_R_C;
871 note_hpte_modification(kvm, rev);
873 if (v & HPTE_V_VALID) {
874 /* need to make it temporarily absent so C is stable */
875 hpte[0] |= cpu_to_be64(HPTE_V_ABSENT);
876 kvmppc_invalidate_hpte(kvm, hpte, pte_index);
877 r = be64_to_cpu(hpte[1]);
878 gr |= r & (HPTE_R_R | HPTE_R_C);
880 unsigned long psize = hpte_page_size(v, r);
881 hpte[1] = cpu_to_be64(r & ~HPTE_R_C);
883 rmap = revmap_for_hpte(kvm, v, gr);
886 *rmap |= KVMPPC_RMAP_CHANGED;
887 kvmppc_update_rmap_change(rmap, psize);
892 vcpu->arch.gpr[4] = gr;
895 unlock_hpte(hpte, v & ~HPTE_V_HVLOCK);
899 void kvmppc_invalidate_hpte(struct kvm *kvm, __be64 *hptep,
900 unsigned long pte_index)
905 hptep[0] &= ~cpu_to_be64(HPTE_V_VALID);
906 hp0 = be64_to_cpu(hptep[0]);
907 hp1 = be64_to_cpu(hptep[1]);
908 if (cpu_has_feature(CPU_FTR_ARCH_300)) {
909 hp0 = hpte_new_to_old_v(hp0, hp1);
910 hp1 = hpte_new_to_old_r(hp1);
912 rb = compute_tlbie_rb(hp0, hp1, pte_index);
913 do_tlbies(kvm, &rb, 1, 1, true);
915 EXPORT_SYMBOL_GPL(kvmppc_invalidate_hpte);
917 void kvmppc_clear_ref_hpte(struct kvm *kvm, __be64 *hptep,
918 unsigned long pte_index)
924 hp0 = be64_to_cpu(hptep[0]);
925 hp1 = be64_to_cpu(hptep[1]);
926 if (cpu_has_feature(CPU_FTR_ARCH_300)) {
927 hp0 = hpte_new_to_old_v(hp0, hp1);
928 hp1 = hpte_new_to_old_r(hp1);
930 rb = compute_tlbie_rb(hp0, hp1, pte_index);
931 rbyte = (be64_to_cpu(hptep[1]) & ~HPTE_R_R) >> 8;
932 /* modify only the second-last byte, which contains the ref bit */
933 *((char *)hptep + 14) = rbyte;
934 do_tlbies(kvm, &rb, 1, 1, false);
936 EXPORT_SYMBOL_GPL(kvmppc_clear_ref_hpte);
938 static int slb_base_page_shift[4] = {
942 20, /* 1M, unsupported */
945 static struct mmio_hpte_cache_entry *mmio_cache_search(struct kvm_vcpu *vcpu,
946 unsigned long eaddr, unsigned long slb_v, long mmio_update)
948 struct mmio_hpte_cache_entry *entry = NULL;
952 for (i = 0; i < MMIO_HPTE_CACHE_SIZE; i++) {
953 entry = &vcpu->arch.mmio_cache.entry[i];
954 if (entry->mmio_update == mmio_update) {
955 pshift = entry->slb_base_pshift;
956 if ((entry->eaddr >> pshift) == (eaddr >> pshift) &&
957 entry->slb_v == slb_v)
964 static struct mmio_hpte_cache_entry *
965 next_mmio_cache_entry(struct kvm_vcpu *vcpu)
967 unsigned int index = vcpu->arch.mmio_cache.index;
969 vcpu->arch.mmio_cache.index++;
970 if (vcpu->arch.mmio_cache.index == MMIO_HPTE_CACHE_SIZE)
971 vcpu->arch.mmio_cache.index = 0;
973 return &vcpu->arch.mmio_cache.entry[index];
976 /* When called from virtmode, this func should be protected by
977 * preempt_disable(), otherwise, the holding of HPTE_V_HVLOCK
978 * can trigger deadlock issue.
980 long kvmppc_hv_find_lock_hpte(struct kvm *kvm, gva_t eaddr, unsigned long slb_v,
985 unsigned long somask;
986 unsigned long vsid, hash;
989 unsigned long mask, val;
990 unsigned long v, r, orig_v;
992 /* Get page shift, work out hash and AVPN etc. */
993 mask = SLB_VSID_B | HPTE_V_AVPN | HPTE_V_SECONDARY;
996 if (slb_v & SLB_VSID_L) {
997 mask |= HPTE_V_LARGE;
999 pshift = slb_base_page_shift[(slb_v & SLB_VSID_LP) >> 4];
1001 if (slb_v & SLB_VSID_B_1T) {
1002 somask = (1UL << 40) - 1;
1003 vsid = (slb_v & ~SLB_VSID_B) >> SLB_VSID_SHIFT_1T;
1006 somask = (1UL << 28) - 1;
1007 vsid = (slb_v & ~SLB_VSID_B) >> SLB_VSID_SHIFT;
1009 hash = (vsid ^ ((eaddr & somask) >> pshift)) & kvmppc_hpt_mask(&kvm->arch.hpt);
1010 avpn = slb_v & ~(somask >> 16); /* also includes B */
1011 avpn |= (eaddr & somask) >> 16;
1014 avpn &= ~((1UL << (pshift - 16)) - 1);
1020 hpte = (__be64 *)(kvm->arch.hpt.virt + (hash << 7));
1022 for (i = 0; i < 16; i += 2) {
1023 /* Read the PTE racily */
1024 v = be64_to_cpu(hpte[i]) & ~HPTE_V_HVLOCK;
1025 if (cpu_has_feature(CPU_FTR_ARCH_300))
1026 v = hpte_new_to_old_v(v, be64_to_cpu(hpte[i+1]));
1028 /* Check valid/absent, hash, segment size and AVPN */
1029 if (!(v & valid) || (v & mask) != val)
1032 /* Lock the PTE and read it under the lock */
1033 while (!try_lock_hpte(&hpte[i], HPTE_V_HVLOCK))
1035 v = orig_v = be64_to_cpu(hpte[i]) & ~HPTE_V_HVLOCK;
1036 r = be64_to_cpu(hpte[i+1]);
1037 if (cpu_has_feature(CPU_FTR_ARCH_300)) {
1038 v = hpte_new_to_old_v(v, r);
1039 r = hpte_new_to_old_r(r);
1043 * Check the HPTE again, including base page size
1045 if ((v & valid) && (v & mask) == val &&
1046 hpte_base_page_size(v, r) == (1ul << pshift))
1047 /* Return with the HPTE still locked */
1048 return (hash << 3) + (i >> 1);
1050 __unlock_hpte(&hpte[i], orig_v);
1053 if (val & HPTE_V_SECONDARY)
1055 val |= HPTE_V_SECONDARY;
1056 hash = hash ^ kvmppc_hpt_mask(&kvm->arch.hpt);
1060 EXPORT_SYMBOL(kvmppc_hv_find_lock_hpte);
1063 * Called in real mode to check whether an HPTE not found fault
1064 * is due to accessing a paged-out page or an emulated MMIO page,
1065 * or if a protection fault is due to accessing a page that the
1066 * guest wanted read/write access to but which we made read-only.
1067 * Returns a possibly modified status (DSISR) value if not
1068 * (i.e. pass the interrupt to the guest),
1069 * -1 to pass the fault up to host kernel mode code, -2 to do that
1070 * and also load the instruction word (for MMIO emulation),
1071 * or 0 if we should make the guest retry the access.
1073 long kvmppc_hpte_hv_fault(struct kvm_vcpu *vcpu, unsigned long addr,
1074 unsigned long slb_v, unsigned int status, bool data)
1076 struct kvm *kvm = vcpu->kvm;
1078 unsigned long v, r, gr, orig_v;
1080 unsigned long valid;
1081 struct revmap_entry *rev;
1082 unsigned long pp, key;
1083 struct mmio_hpte_cache_entry *cache_entry = NULL;
1084 long mmio_update = 0;
1086 /* For protection fault, expect to find a valid HPTE */
1087 valid = HPTE_V_VALID;
1088 if (status & DSISR_NOHPTE) {
1089 valid |= HPTE_V_ABSENT;
1090 mmio_update = atomic64_read(&kvm->arch.mmio_update);
1091 cache_entry = mmio_cache_search(vcpu, addr, slb_v, mmio_update);
1094 index = cache_entry->pte_index;
1095 v = cache_entry->hpte_v;
1096 r = cache_entry->hpte_r;
1097 gr = cache_entry->rpte;
1099 index = kvmppc_hv_find_lock_hpte(kvm, addr, slb_v, valid);
1101 if (status & DSISR_NOHPTE)
1102 return status; /* there really was no HPTE */
1103 return 0; /* for prot fault, HPTE disappeared */
1105 hpte = (__be64 *)(kvm->arch.hpt.virt + (index << 4));
1106 v = orig_v = be64_to_cpu(hpte[0]) & ~HPTE_V_HVLOCK;
1107 r = be64_to_cpu(hpte[1]);
1108 if (cpu_has_feature(CPU_FTR_ARCH_300)) {
1109 v = hpte_new_to_old_v(v, r);
1110 r = hpte_new_to_old_r(r);
1112 rev = real_vmalloc_addr(&kvm->arch.hpt.rev[index]);
1113 gr = rev->guest_rpte;
1115 unlock_hpte(hpte, orig_v);
1118 /* For not found, if the HPTE is valid by now, retry the instruction */
1119 if ((status & DSISR_NOHPTE) && (v & HPTE_V_VALID))
1122 /* Check access permissions to the page */
1123 pp = gr & (HPTE_R_PP0 | HPTE_R_PP);
1124 key = (vcpu->arch.shregs.msr & MSR_PR) ? SLB_VSID_KP : SLB_VSID_KS;
1125 status &= ~DSISR_NOHPTE; /* DSISR_NOHPTE == SRR1_ISI_NOPT */
1127 if (gr & (HPTE_R_N | HPTE_R_G))
1128 return status | SRR1_ISI_N_OR_G;
1129 if (!hpte_read_permission(pp, slb_v & key))
1130 return status | SRR1_ISI_PROT;
1131 } else if (status & DSISR_ISSTORE) {
1132 /* check write permission */
1133 if (!hpte_write_permission(pp, slb_v & key))
1134 return status | DSISR_PROTFAULT;
1136 if (!hpte_read_permission(pp, slb_v & key))
1137 return status | DSISR_PROTFAULT;
1140 /* Check storage key, if applicable */
1141 if (data && (vcpu->arch.shregs.msr & MSR_DR)) {
1142 unsigned int perm = hpte_get_skey_perm(gr, vcpu->arch.amr);
1143 if (status & DSISR_ISSTORE)
1146 return status | DSISR_KEYFAULT;
1149 /* Save HPTE info for virtual-mode handler */
1150 vcpu->arch.pgfault_addr = addr;
1151 vcpu->arch.pgfault_index = index;
1152 vcpu->arch.pgfault_hpte[0] = v;
1153 vcpu->arch.pgfault_hpte[1] = r;
1154 vcpu->arch.pgfault_cache = cache_entry;
1156 /* Check the storage key to see if it is possibly emulated MMIO */
1157 if ((r & (HPTE_R_KEY_HI | HPTE_R_KEY_LO)) ==
1158 (HPTE_R_KEY_HI | HPTE_R_KEY_LO)) {
1160 unsigned int pshift = 12;
1161 unsigned int pshift_index;
1163 if (slb_v & SLB_VSID_L) {
1164 pshift_index = ((slb_v & SLB_VSID_LP) >> 4);
1165 pshift = slb_base_page_shift[pshift_index];
1167 cache_entry = next_mmio_cache_entry(vcpu);
1168 cache_entry->eaddr = addr;
1169 cache_entry->slb_base_pshift = pshift;
1170 cache_entry->pte_index = index;
1171 cache_entry->hpte_v = v;
1172 cache_entry->hpte_r = r;
1173 cache_entry->rpte = gr;
1174 cache_entry->slb_v = slb_v;
1175 cache_entry->mmio_update = mmio_update;
1177 if (data && (vcpu->arch.shregs.msr & MSR_IR))
1178 return -2; /* MMIO emulation - load instr word */
1181 return -1; /* send fault up to host kernel mode */
projects / releases.git / blob