New KVM patches

Signed-off-by: Wojciech Ozga <woz@zurich.ibm.com>

hypervisor/Makefile

@@ -72,24 +72,23 @@ rootfs: overlay
 
 kvmtool:
 	mkdir -p $(KVMTOOL_WORK_DIR) && cd $(KVMTOOL_WORK_DIR) ;\
-	if [ ! -f "${KVMTOOL_WORK_DIR}/dtc/build/libfdt.so" ]; then \
-		rm -rf ${KVMTOOL_WORK_DIR}/dtc ;\
-		git clone git://git.kernel.org/pub/scm/utils/dtc/dtc.git ;\
-		cd dtc ;\
-		ARCH=riscv CC="${CROSS_COMPILE}gcc -mabi=${PLATFORM_RISCV_ABI} -march=${PLATFORM_RISCV_ISA}" make NO_PYTHON=1 NO_YAML=1 DESTDIR=$($CC -print-sysroot) PREFIX=${KVMTOOL_WORK_DIR}/dtc/build LIBDIR=${KVMTOOL_WORK_DIR}/dtc/build/$($CC -dumpmachine) install-lib install-includes ;\
-		cp ${KVMTOOL_WORK_DIR}/dtc/build/include/* ${KVMTOOL_WORK_DIR}/dtc/build/ ;\
-		cd .. ;\
-	fi ;\
-	# if [ ! -f "${KVMTOOL_WORK_DIR}/kvmtool/lkvm-static" ]; then \
-		# rm -rf ${KVMTOOL_WORK_DIR}/kvmtool ;\
-		# git clone -b cove-integration-03072023 https://github.com/wojciechozga/kvmtool.git ;\
-		rsync -r /home/woz/kvmtool ${KVMTOOL_WORK_DIR}/ ;\
+    if [ ! -f "${KVMTOOL_WORK_DIR}/dtc/build/libfdt.so" ]; then \
+        rm -rf ${KVMTOOL_WORK_DIR}/dtc ;\
+        git clone git://git.kernel.org/pub/scm/utils/dtc/dtc.git ;\
+        cd dtc ;\
+        ARCH=riscv CC="${CROSS_COMPILE}gcc -mabi=${PLATFORM_RISCV_ABI} -march=${PLATFORM_RISCV_ISA}" make NO_PYTHON=1 NO_YAML=1 DESTDIR=$($CC -print-sysroot) PREFIX=${KVMTOOL_WORK_DIR}/dtc/build LIBDIR=${KVMTOOL_WORK_DIR}/dtc/build/$($CC -dumpmachine) install-lib install-includes ;\
+        cp ${KVMTOOL_WORK_DIR}/dtc/build/include/* ${KVMTOOL_WORK_DIR}/dtc/build/ ;\
+        cd .. ;\
+    fi ;\
+	if [ ! -f "${KVMTOOL_WORK_DIR}/kvmtool/lkvm-static" ]; then \
+		rm -rf ${KVMTOOL_WORK_DIR}/kvmtool ;\
+		git clone -b cove-integration-03072023 https://github.com/wojciechozga/kvmtool.git ;\
 		rm -f $(KVMTOOL_WORK_DIR)/kvmtool/lkvm-static ;\
 		cd $(KVMTOOL_WORK_DIR)/kvmtool ;\
 		ARCH=riscv LIBFDT_DIR=${KVMTOOL_WORK_DIR}/dtc/build/ make lkvm-static -j$(nproc) ;\
 		${CROSS_COMPILE}strip lkvm-static ;\
 		cd .. ;\
-	# fi
+	fi
 
 clean:
 	rm -rf $(HYPERVISOR_WORK_DIR)

hypervisor/patches/linux/6.3-rc4/0002-ace.patch

@@ -25,7 +25,7 @@ index 2ca9e01ad0e8..81cad924145b 100644
 
  endmenu # "Platform type"
 diff --git a/arch/riscv/include/asm/kvm_cove.h b/arch/riscv/include/asm/kvm_cove.h
-index afaea7c621bb..8819accdc3f8 100644
+index afaea7c621bb..f05c9a7191bc 100644
 --- a/arch/riscv/include/asm/kvm_cove.h
 +++ b/arch/riscv/include/asm/kvm_cove.h
 @@ -19,6 +19,13 @@
@@ -42,7 +42,17 @@ index afaea7c621bb..8819accdc3f8 100644
  #define KVM_COVE_PAGE_SIZE_4K	(1UL << 12)
  #define KVM_COVE_PAGE_SIZE_2MB	(1UL << 21)
  #define KVM_COVE_PAGE_SIZE_1GB	(1UL << 30)
-@@ -115,7 +122,8 @@ struct kvm_cove_tvm_context {
+@@ -85,6 +92,9 @@ struct kvm_cove_tvm_context {
+ 	/* TODO: This is not really a VMID as TSM returns the page owner ID instead of VMID */
+ 	unsigned long tvm_guest_id;
+
++	/* Address of TVM Attestation Payload (TAP) */
++	unsigned long cove_tap_addr;
++
+ 	/* Pages where TVM page table is stored */
+ 	struct kvm_riscv_cove_page pgtable;
+
+@@ -115,7 +125,8 @@ struct kvm_cove_tvm_context {
 
  static inline bool is_cove_vm(struct kvm *kvm)
  {
@@ -52,7 +62,7 @@ index afaea7c621bb..8819accdc3f8 100644
  }
 
  static inline bool is_cove_vcpu(struct kvm_vcpu *vcpu)
-@@ -123,20 +131,45 @@ static inline bool is_cove_vcpu(struct kvm_vcpu *vcpu)
+@@ -123,20 +134,45 @@ static inline bool is_cove_vcpu(struct kvm_vcpu *vcpu)
  	return is_cove_vm(vcpu->kvm);
  }
 
@@ -99,7 +109,7 @@ index afaea7c621bb..8819accdc3f8 100644
  void kvm_riscv_cove_vcpu_switchto(struct kvm_vcpu *vcpu, struct kvm_cpu_trap *trap);
  int kvm_riscv_cove_vcpu_sbi_ecall(struct kvm_vcpu *vcpu, struct kvm_run *run);
 
-@@ -158,19 +191,22 @@ int kvm_riscv_cove_aia_convert_imsic(struct kvm_vcpu *vcpu, phys_addr_t imsic_pa
+@@ -158,19 +194,22 @@ int kvm_riscv_cove_aia_convert_imsic(struct kvm_vcpu *vcpu, phys_addr_t imsic_pa
  int kvm_riscv_cove_vcpu_imsic_addr(struct kvm_vcpu *vcpu);
  #else
  static inline bool kvm_riscv_cove_enabled(void) {return false; };
@@ -177,10 +187,35 @@ index 03b0cc871242..b8e43c68d552 100644
  	unsigned long tvm_pages_needed;
 
 diff --git a/arch/riscv/include/uapi/asm/kvm.h b/arch/riscv/include/uapi/asm/kvm.h
-index 2a2434136e39..679a6727a143 100644
+index 2a2434136e39..5514e0dea69b 100644
 --- a/arch/riscv/include/uapi/asm/kvm.h
 +++ b/arch/riscv/include/uapi/asm/kvm.h
-@@ -149,6 +149,7 @@ enum KVM_RISCV_SBI_EXT_ID {
+@@ -99,6 +99,14 @@ struct kvm_riscv_timer {
+ };
+
+ /* Memory region details of a CoVE guest that is measured at boot time */
++enum KVM_RISCV_COVE_REGION {
++	KVM_RISCV_COVE_REGION_FIRMWARE = 0,
++	KVM_RISCV_COVE_REGION_KERNEL,
++	KVM_RISCV_COVE_REGION_FDT,
++	KVM_RISCV_COVE_REGION_INITRD,
++	KVM_RISCV_COVE_REGION_COVE_TAP,
++};
++
+ struct kvm_riscv_cove_measure_region {
+ 	/* Address of the user space where the VM code/data resides */
+ 	unsigned long userspace_addr;
+@@ -108,6 +116,9 @@ struct kvm_riscv_cove_measure_region {
+
+ 	/* Size of the region */
+ 	unsigned long size;
++
++	/* Type of the region */
++	enum KVM_RISCV_COVE_REGION type;
+ };
+
+ /*
+@@ -149,6 +160,7 @@ enum KVM_RISCV_SBI_EXT_ID {
  	KVM_RISCV_SBI_EXT_VENDOR,
  	KVM_RISCV_SBI_EXT_DBCN,
  	KVM_RISCV_SBI_EXT_COVG,
@@ -251,7 +286,7 @@ index 31f4dbd97b03..fba7ebd0cd72 100644
 -kvm-$(CONFIG_RISCV_COVE_HOST) += cove_sbi.o cove.o vcpu_sbi_covg.o
 +kvm-$(CONFIG_RISCV_COVE_HOST) += cove_sbi.o cove.o vcpu_sbi_covg.o vcpu_sbi_covh.o
 diff --git a/arch/riscv/kvm/cove.c b/arch/riscv/kvm/cove.c
-index ba596b7f2240..e29df99bb6a4 100644
+index ba596b7f2240..e364fc9153b9 100644
 --- a/arch/riscv/kvm/cove.c
 +++ b/arch/riscv/kvm/cove.c
 @@ -134,6 +134,10 @@ static int cove_convert_pages(unsigned long phys_addr, unsigned long npages, boo
@@ -313,7 +348,7 @@ index ba596b7f2240..e29df99bb6a4 100644
 
  	if (!kvm->arch.tvmc)
  		return;
-@@ -578,8 +602,13 @@ void noinstr kvm_riscv_cove_vcpu_switchto(struct kvm_vcpu *vcpu, struct kvm_cpu_
+@@ -578,8 +602,14 @@ void noinstr kvm_riscv_cove_vcpu_switchto(struct kvm_vcpu *vcpu, struct kvm_cpu_
  	nshmem = nacl_shmem();
  	/* Invoke finalize to mark TVM is ready run for the first time */
  	if (unlikely(!tvmc->finalized_done)) {
@@ -322,14 +357,15 @@ index ba596b7f2240..e29df99bb6a4 100644
 +		if (is_cove_vm_multi_step_initializing(vcpu->kvm)) {
 +			rc = sbi_covh_tsm_finalize_tvm(tvmc->tvm_guest_id, cntx->sepc, cntx->a1);
 +		} else if (is_cove_vm_single_step_initializing(vcpu->kvm)) {
-+			rc = sbi_covh_tsm_promote_to_tvm(cntx->a1, 0, cntx->sepc, &tvmc->tvm_guest_id);
++			rc = sbi_covh_tsm_promote_to_tvm(cntx->a1, tvmc->cove_tap_addr, cntx->sepc,
++							 &tvmc->tvm_guest_id);
 +		} else {
 +			rc = -EOPNOTSUPP;
 +		}
  		if (rc) {
  			kvm_err("TVM Finalized failed with %d\n", rc);
  			return;
-@@ -589,9 +618,9 @@ void noinstr kvm_riscv_cove_vcpu_switchto(struct kvm_vcpu *vcpu, struct kvm_cpu_
+@@ -589,9 +619,9 @@ void noinstr kvm_riscv_cove_vcpu_switchto(struct kvm_vcpu *vcpu, struct kvm_cpu_
 
  	/*
  	 * Bind the vsfile here instead during the new vsfile allocation because
@@ -341,7 +377,7 @@ index ba596b7f2240..e29df99bb6a4 100644
  		tvcpuc->imsic.bind_required = false;
  		rc = kvm_riscv_cove_vcpu_imsic_bind(vcpu, BIT(tvcpuc->imsic.vsfile_hgei));
  		if (rc) {
-@@ -619,21 +648,27 @@ void kvm_riscv_cove_vcpu_destroy(struct kvm_vcpu *vcpu)
+@@ -619,21 +649,27 @@ void kvm_riscv_cove_vcpu_destroy(struct kvm_vcpu *vcpu)
  	struct kvm_cove_tvm_vcpu_context *tvcpuc = vcpu->arch.tc;
  	struct kvm *kvm = vcpu->kvm;
 
@@ -372,7 +408,7 @@ index ba596b7f2240..e29df99bb6a4 100644
 
  	if (!vcpu)
  		return -EINVAL;
-@@ -654,6 +689,14 @@ int kvm_riscv_cove_vcpu_init(struct kvm_vcpu *vcpu)
+@@ -654,6 +690,14 @@ int kvm_riscv_cove_vcpu_init(struct kvm_vcpu *vcpu)
  	if (!tvcpuc)
  		return -ENOMEM;
 
@@ -387,7 +423,7 @@ index ba596b7f2240..e29df99bb6a4 100644
  	vcpus_page = alloc_pages(GFP_KERNEL | __GFP_ZERO,
  				 get_order_num_pages(tinfo.tvcpu_pages_needed));
  	if (!vcpus_page) {
-@@ -661,8 +704,6 @@ int kvm_riscv_cove_vcpu_init(struct kvm_vcpu *vcpu)
+@@ -661,8 +705,6 @@ int kvm_riscv_cove_vcpu_init(struct kvm_vcpu *vcpu)
  		goto alloc_page_failed;
  	}
 
@@ -396,7 +432,7 @@ index ba596b7f2240..e29df99bb6a4 100644
  	tvcpuc->vcpu_state.page = vcpus_page;
  	vcpus_phys_addr = page_to_phys(vcpus_page);
 
-@@ -674,8 +715,6 @@ int kvm_riscv_cove_vcpu_init(struct kvm_vcpu *vcpu)
+@@ -674,8 +716,6 @@ int kvm_riscv_cove_vcpu_init(struct kvm_vcpu *vcpu)
  	if (rc)
  		goto vcpu_create_failed;
 
@@ -405,25 +441,29 @@ index ba596b7f2240..e29df99bb6a4 100644
  	return 0;
 
  vcpu_create_failed:
-@@ -686,6 +725,7 @@ int kvm_riscv_cove_vcpu_init(struct kvm_vcpu *vcpu)
+@@ -686,6 +726,7 @@ int kvm_riscv_cove_vcpu_init(struct kvm_vcpu *vcpu)
  	__free_pages(vcpus_page, get_order_num_pages(tinfo.tvcpu_pages_needed));
 
  alloc_page_failed:
 +	vcpu->arch.tc = NULL;
  	kfree(tvcpuc);
  	return rc;
  }
-@@ -706,6 +746,9 @@ int kvm_riscv_cove_vm_measure_pages(struct kvm *kvm, struct kvm_riscv_cove_measu
+@@ -706,6 +747,13 @@ int kvm_riscv_cove_vm_measure_pages(struct kvm *kvm, struct kvm_riscv_cove_measu
  		return -EINVAL;
  	}
 
++	if (mr->type == KVM_RISCV_COVE_REGION_COVE_TAP) {
++		tvmc->cove_tap_addr = mr->gpa;
++	}
++
 +	if (!is_cove_vm_multi_step_initializing(kvm))
 +		return 0;
 +
  	num_pages = bytes_to_pages(mr->size);
  	conf = &tvmc->confidential_region;
 
-@@ -844,6 +887,9 @@ void kvm_riscv_cove_vm_destroy(struct kvm *kvm)
+@@ -844,6 +892,9 @@ void kvm_riscv_cove_vm_destroy(struct kvm *kvm)
  		return;
  	}
 
@@ -433,7 +473,7 @@ index ba596b7f2240..e29df99bb6a4 100644
  	cove_delete_page_list(kvm, &tvmc->reclaim_pending_pages, false);
  	cove_delete_page_list(kvm, &tvmc->measured_pages, false);
  	cove_delete_page_list(kvm, &tvmc->zero_pages, true);
-@@ -869,22 +915,48 @@ void kvm_riscv_cove_vm_destroy(struct kvm *kvm)
+@@ -869,22 +920,48 @@ void kvm_riscv_cove_vm_destroy(struct kvm *kvm)
  	if (rc)
  		goto reclaim_failed;
 
@@ -486,7 +526,7 @@ index ba596b7f2240..e29df99bb6a4 100644
  	tvmc = kzalloc(sizeof(*tvmc), GFP_KERNEL);
  	if (!tvmc)
  		return -ENOMEM;
-@@ -955,6 +1027,7 @@ int kvm_riscv_cove_vm_init(struct kvm *kvm)
+@@ -955,6 +1032,7 @@ int kvm_riscv_cove_vm_init(struct kvm *kvm)
  		goto tvm_init_failed;
 
  	tvmc->kvm = kvm;
@@ -1187,7 +1227,7 @@ index f059e148c680..b654eaa53c71 100644
  		 * NACL shmem interface when first time VCPU is run. so we read it in
  		 * kvm_riscv_cove_vcpu_switchto() where we enter VCPUs.
 diff --git a/arch/riscv/kvm/vm.c b/arch/riscv/kvm/vm.c
-index 8a1460dba76c..5096276e380c 100644
+index 8a1460dba76c..af7dc301e0b6 100644
 --- a/arch/riscv/kvm/vm.c
 +++ b/arch/riscv/kvm/vm.c
 @@ -42,17 +42,22 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
@@ -1228,15 +1268,15 @@ index 8a1460dba76c..5096276e380c 100644
  		kvm_riscv_cove_vm_destroy(kvm);
  }
 
-@@ -232,7 +237,7 @@ long kvm_arch_vm_ioctl(struct file *filp,
+@@ -232,8 +237,6 @@ long kvm_arch_vm_ioctl(struct file *filp,
 
  	switch (ioctl) {
  	case KVM_RISCV_COVE_MEASURE_REGION:
 -		if (!is_cove_vm(kvm))
-+		if (!is_cove_vm_multi_step_initializing(kvm))
- 			return -EINVAL;
+-			return -EINVAL;
  		if (copy_from_user(&mr, argp, sizeof(mr)))
  			return -EFAULT;
+
 diff --git a/arch/riscv/kvm/vmid.c b/arch/riscv/kvm/vmid.c
 index dc03601a6e4c..6f5a293235bb 100644
 --- a/arch/riscv/kvm/vmid.c