Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/Documentation/virt/kvm/arm/psci.rst 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  1) .. SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  2) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  3) =========================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  4) Power State Coordination Interface (PSCI)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  5) =========================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  6) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  7) KVM implements the PSCI (Power State Coordination Interface)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  8) specification in order to provide services such as CPU on/off, reset
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  9) and power-off to the guest.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) The PSCI specification is regularly updated to provide new features,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) and KVM implements these updates if they make sense from a virtualization
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) point of view.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) This means that a guest booted on two different versions of KVM can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) observe two different "firmware" revisions. This could cause issues if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) a given guest is tied to a particular PSCI revision (unlikely), or if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) a migration causes a different PSCI version to be exposed out of the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) blue to an unsuspecting guest.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) In order to remedy this situation, KVM exposes a set of "firmware
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) pseudo-registers" that can be manipulated using the GET/SET_ONE_REG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) interface. These registers can be saved/restored by userspace, and set
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) to a convenient value if required.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) The following register is defined:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) * KVM_REG_ARM_PSCI_VERSION:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30)   - Only valid if the vcpu has the KVM_ARM_VCPU_PSCI_0_2 feature set
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31)     (and thus has already been initialized)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32)   - Returns the current PSCI version on GET_ONE_REG (defaulting to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33)     highest PSCI version implemented by KVM and compatible with v0.2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34)   - Allows any PSCI version implemented by KVM and compatible with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35)     v0.2 to be set with SET_ONE_REG
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36)   - Affects the whole VM (even if the register view is per-vcpu)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) * KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39)     Holds the state of the firmware support to mitigate CVE-2017-5715, as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40)     offered by KVM to the guest via a HVC call. The workaround is described
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41)     under SMCCC_ARCH_WORKAROUND_1 in [1].
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43)   Accepted values are:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45)     KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_NOT_AVAIL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46)       KVM does not offer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47)       firmware support for the workaround. The mitigation status for the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48)       guest is unknown.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49)     KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_AVAIL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50)       The workaround HVC call is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51)       available to the guest and required for the mitigation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52)     KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_NOT_REQUIRED:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)       The workaround HVC call
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54)       is available to the guest, but it is not needed on this VCPU.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) * KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57)     Holds the state of the firmware support to mitigate CVE-2018-3639, as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58)     offered by KVM to the guest via a HVC call. The workaround is described
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59)     under SMCCC_ARCH_WORKAROUND_2 in [1]_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61)   Accepted values are:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63)     KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_AVAIL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64)       A workaround is not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65)       available. KVM does not offer firmware support for the workaround.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66)     KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_UNKNOWN:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67)       The workaround state is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68)       unknown. KVM does not offer firmware support for the workaround.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69)     KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_AVAIL:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70)       The workaround is available,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71)       and can be disabled by a vCPU. If
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72)       KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_ENABLED is set, it is active for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73)       this vCPU.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74)     KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_REQUIRED:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75)       The workaround is always active on this vCPU or it is not needed.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) .. [1] https://developer.arm.com/-/media/developer/pdf/ARM_DEN_0070A_Firmware_interfaces_for_mitigating_CVE-2017-5715.pdf
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.