From c0dc717dcac24f3dd1358773257401fee0ce1dec Mon Sep 17 00:00:00 2001 From: Marc Zyngier Date: Wed, 5 Jan 2022 16:01:21 +0000 Subject: [PATCH] ANDROID: KVM: arm64: Introduce vcpu_is_protected() helper Instead of poking into the internals of the host KVM structure, stick to the shadow structures when trying to work out whether a vcpu is part of a protected VM or not. Take this opportunity to sprinkle a couple of unlikely(), just because. Signed-off-by: Marc Zyngier Bug: 209580772 Change-Id: I22a096e1e3cfe34cd2658684b02d8bac486416c4 Signed-off-by: Will Deacon --- arch/arm64/kvm/hyp/include/nvhe/pkvm.h | 8 ++++++++ arch/arm64/kvm/hyp/nvhe/switch.c | 6 ++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h index 8024006a32ad..ddb64ba46aa4 100644 --- a/arch/arm64/kvm/hyp/include/nvhe/pkvm.h +++ b/arch/arm64/kvm/hyp/include/nvhe/pkvm.h @@ -52,6 +52,14 @@ struct kvm_shadow_vm { struct shadow_vcpu_state shadow_vcpus[0]; }; +static inline bool vcpu_is_protected(struct kvm_vcpu *vcpu) +{ + if (!is_protected_kvm_enabled()) + return false; + + return vcpu->arch.pkvm.shadow_vm->arch.pkvm.enabled; +} + extern struct kvm_shadow_vm **shadow_table; extern phys_addr_t pvmfw_base; diff --git a/arch/arm64/kvm/hyp/nvhe/switch.c b/arch/arm64/kvm/hyp/nvhe/switch.c index 8d18560ee015..87338775288c 100644 --- a/arch/arm64/kvm/hyp/nvhe/switch.c +++ b/arch/arm64/kvm/hyp/nvhe/switch.c @@ -216,7 +216,7 @@ static const exit_handler_fn pvm_exit_handlers[] = { static const exit_handler_fn *kvm_get_exit_handler_array(struct kvm_vcpu *vcpu) { - if (unlikely(kvm_vm_is_protected(kern_hyp_va(vcpu->kvm)))) + if (unlikely(vcpu_is_protected(vcpu))) return pvm_exit_handlers; return hyp_exit_handlers; @@ -235,9 +235,7 @@ static const exit_handler_fn *kvm_get_exit_handler_array(struct kvm_vcpu *vcpu) */ static void early_exit_filter(struct kvm_vcpu *vcpu, u64 *exit_code) { - struct kvm *kvm = kern_hyp_va(vcpu->kvm); - - if (kvm_vm_is_protected(kvm) && vcpu_mode_is_32bit(vcpu)) { + if (unlikely(vcpu_is_protected(vcpu) && vcpu_mode_is_32bit(vcpu))) { /* * As we have caught the guest red-handed, decide that it isn't * fit for purpose anymore by making the vcpu invalid. The VMM