diff --git a/Makefile b/Makefile index 24a5264..7fdceb1 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -KERNEL_VERSION = linux-6.6.44 +KERNEL_VERSION = linux-6.6.52 KERNEL_REMOTE = https://cdn.kernel.org/pub/linux/kernel/v6.x/$(KERNEL_VERSION).tar.xz KERNEL_TARBALL = tarballs/$(KERNEL_VERSION).tar.xz KERNEL_SOURCES = $(KERNEL_VERSION) @@ -6,8 +6,8 @@ KERNEL_PATCHES = $(shell find patches/ -name "0*.patch" | sort) KERNEL_C_BUNDLE = kernel.c ABI_VERSION = 4 -FULL_VERSION = 4.3.1 -TIMESTAMP = "Sat Sep 7 00:58:59 CEST 2024" +FULL_VERSION = 4.4.0 +TIMESTAMP = "Wed Sep 25 18:24:59 CEST 2024" KERNEL_FLAGS = KBUILD_BUILD_TIMESTAMP=$(TIMESTAMP) KERNEL_FLAGS += KBUILD_BUILD_USER=root diff --git a/patches-sev/0012-virtio-enable-DMA-API-if-memory-is-restricted.patch b/patches-sev/0001-virtio-enable-DMA-API-if-memory-is-restricted.patch similarity index 90% rename from patches-sev/0012-virtio-enable-DMA-API-if-memory-is-restricted.patch rename to patches-sev/0001-virtio-enable-DMA-API-if-memory-is-restricted.patch index 1648244..e6a9fbc 100644 --- a/patches-sev/0012-virtio-enable-DMA-API-if-memory-is-restricted.patch +++ b/patches-sev/0001-virtio-enable-DMA-API-if-memory-is-restricted.patch @@ -1,7 +1,7 @@ -From aa2644a251efee27236a017487fc30f82227cb1e Mon Sep 17 00:00:00 2001 +From 6616593252269d81b003d7aa1e7e4dd156d1a629 Mon Sep 17 00:00:00 2001 From: Sergio Lopez Date: Fri, 10 Sep 2021 13:05:01 +0200 -Subject: [PATCH 12/15] virtio: enable DMA API if memory is restricted +Subject: [PATCH 1/4] virtio: enable DMA API if memory is restricted When running on a system with restricted memory access, the driver can't have direct access to the memory. In this scenario, @@ -32,7 +32,7 @@ index 71dee622b771..f92475dbca43 100644 if (!virtio_has_feature(dev, VIRTIO_F_VERSION_1)) diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c -index 6f7e5010a673..d40dbac45284 100644 +index 80669e05bf0e..438b4f6c5cdb 100644 --- a/drivers/virtio/virtio_ring.c +++ b/drivers/virtio/virtio_ring.c @@ -6,6 +6,7 @@ @@ -54,5 +54,5 @@ index 6f7e5010a673..d40dbac45284 100644 /* * In theory, it's possible to have a buggy QEMU-supposed -- -2.45.2 +2.46.0 diff --git a/patches-sev/0013-x86-sev-write-AP-reset-vector.patch b/patches-sev/0002-x86-sev-write-AP-reset-vector.patch similarity index 92% rename from patches-sev/0013-x86-sev-write-AP-reset-vector.patch rename to patches-sev/0002-x86-sev-write-AP-reset-vector.patch index 8d51606..511b51b 100644 --- a/patches-sev/0013-x86-sev-write-AP-reset-vector.patch +++ b/patches-sev/0002-x86-sev-write-AP-reset-vector.patch @@ -1,7 +1,7 @@ -From ba40cb466eac33c12dc2d285f7af8f45e0cfbfd7 Mon Sep 17 00:00:00 2001 +From ecbb6d5db802293ef27575a672336e17e8c2abfd Mon Sep 17 00:00:00 2001 From: Sergio Lopez Date: Thu, 20 Oct 2022 10:23:16 +0200 -Subject: [PATCH 13/15] x86/sev: write AP reset vector +Subject: [PATCH 2/4] x86/sev: write AP reset vector If a jump table can't be found, write the SEV-ES trampoline location into the AP reset vector used by libkrun's qboot. @@ -55,5 +55,5 @@ index 9905dc0e0b09..38df85fd1324 100644 /* Check if AP Jump Table is page-aligned */ if (jump_table_addr & ~PAGE_MASK) -- -2.45.2 +2.46.0 diff --git a/patches-sev/0014-Implement-driver-to-retrieve-secrets-from-cmdline.patch b/patches-sev/0003-Implement-driver-to-retrieve-secrets-from-cmdline.patch similarity index 98% rename from patches-sev/0014-Implement-driver-to-retrieve-secrets-from-cmdline.patch rename to patches-sev/0003-Implement-driver-to-retrieve-secrets-from-cmdline.patch index 0f8989d..df1835a 100644 --- a/patches-sev/0014-Implement-driver-to-retrieve-secrets-from-cmdline.patch +++ b/patches-sev/0003-Implement-driver-to-retrieve-secrets-from-cmdline.patch @@ -1,7 +1,7 @@ -From 49e3dd72da01fff91a85f4d4bc0e705dbde9ae67 Mon Sep 17 00:00:00 2001 +From 0738c09d916b06afa162facb0edc84ffe121c35a Mon Sep 17 00:00:00 2001 From: Sergio Lopez Date: Wed, 3 Aug 2022 12:35:12 +0200 -Subject: [PATCH 14/15] Implement driver to retrieve secrets from cmdline +Subject: [PATCH 3/4] Implement driver to retrieve secrets from cmdline When CMDLINE_OVERRIDE is enabled, the contents originally present in the location passed on the cmdline pointer of the zero page are @@ -292,5 +292,5 @@ index c787e94cc898..2fb8a8af9af6 100644 /* -- -2.45.2 +2.46.0 diff --git a/patches-sev/0015-x86-sev-Avoid-using-native_cpuid.patch b/patches-sev/0004-x86-sev-Avoid-using-native_cpuid.patch similarity index 93% rename from patches-sev/0015-x86-sev-Avoid-using-native_cpuid.patch rename to patches-sev/0004-x86-sev-Avoid-using-native_cpuid.patch index 9d23f29..ac632e6 100644 --- a/patches-sev/0015-x86-sev-Avoid-using-native_cpuid.patch +++ b/patches-sev/0004-x86-sev-Avoid-using-native_cpuid.patch @@ -1,7 +1,7 @@ -From 3fcf7bfe438218d884d8aa36159bcf6ec37e23eb Mon Sep 17 00:00:00 2001 +From 95ae01ac9240b47dcdeda540e59a24ba0bdaf963 Mon Sep 17 00:00:00 2001 From: Sergio Lopez Date: Wed, 5 Jun 2024 16:20:08 +0200 -Subject: [PATCH 15/15] x86/sev: Avoid using native_cpuid +Subject: [PATCH 4/4] x86/sev: Avoid using native_cpuid In the state we get into the kernel from qboot-krunfw we can't return from #VC properly, so avoid calling native_cpuid in the early stages @@ -61,5 +61,5 @@ index cc47a818a640..a2b5b08eee23 100644 /* Check the SEV MSR whether SEV or SME is enabled */ RIP_REL_REF(sev_status) = msr = __rdmsr(MSR_AMD64_SEV); -- -2.45.2 +2.46.0 diff --git a/patches/0001-krunfw-Don-t-panic-when-init-dies.patch b/patches/0001-krunfw-Don-t-panic-when-init-dies.patch index 95df744..64af668 100644 --- a/patches/0001-krunfw-Don-t-panic-when-init-dies.patch +++ b/patches/0001-krunfw-Don-t-panic-when-init-dies.patch @@ -1,7 +1,7 @@ -From 2b01861f2623f4434d90e484448e8c9e45c1242c Mon Sep 17 00:00:00 2001 +From 7f18f75689b7b0f34ca711daa4e29e2d4ae5f910 Mon Sep 17 00:00:00 2001 From: Sergio Lopez Date: Thu, 2 Mar 2023 07:34:49 +0100 -Subject: [PATCH 01/15] krunfw: Don't panic when init dies +Subject: [PATCH 01/17] krunfw: Don't panic when init dies In libkrun, the isolated process runs as PID 1. When it exits, trigger an orderly reboot instead of panic'ing. @@ -58,5 +58,5 @@ index 6ebef11c8876..4323caa5b871 100644 machine_restart(cmd); } -- -2.45.2 +2.46.0 diff --git a/patches/0002-krunfw-Ignore-run_cmd-on-orderly-reboot.patch b/patches/0002-krunfw-Ignore-run_cmd-on-orderly-reboot.patch index 0126b37..4850491 100644 --- a/patches/0002-krunfw-Ignore-run_cmd-on-orderly-reboot.patch +++ b/patches/0002-krunfw-Ignore-run_cmd-on-orderly-reboot.patch @@ -1,7 +1,7 @@ -From 887e1f887d0c04fe8ccf511a9521c38e2a817a2d Mon Sep 17 00:00:00 2001 +From 5ed6edb3e75df34958f788bca363748cea75eea1 Mon Sep 17 00:00:00 2001 From: Sergio Lopez Date: Mon, 16 May 2022 16:04:27 +0200 -Subject: [PATCH 02/15] krunfw: Ignore run_cmd on orderly reboot +Subject: [PATCH 02/17] krunfw: Ignore run_cmd on orderly reboot We don't really support restarting the conventional way, so ignore "run_cmd" so we can fall back to an emergency sync and reboot. @@ -28,5 +28,5 @@ index 4323caa5b871..d9d6f0dd2ebc 100644 if (ret) { pr_warn("Failed to start orderly reboot: forcing the issue\n"); -- -2.45.2 +2.46.0 diff --git a/patches/0003-vsock-dgram-generalize-recvmsg-and-drop-transport-dg.patch b/patches/0003-vsock-dgram-generalize-recvmsg-and-drop-transport-dg.patch index 3d350f2..f94ba60 100644 --- a/patches/0003-vsock-dgram-generalize-recvmsg-and-drop-transport-dg.patch +++ b/patches/0003-vsock-dgram-generalize-recvmsg-and-drop-transport-dg.patch @@ -1,7 +1,7 @@ -From 0334eb653db47ada29d2e523b2e7651dee2fb4e2 Mon Sep 17 00:00:00 2001 +From 06a9c813b4f59d92edf78a6011a719629323081c Mon Sep 17 00:00:00 2001 From: Bobby Eshleman Date: Sat, 10 Jun 2023 00:58:28 +0000 -Subject: [PATCH 03/15] vsock/dgram: generalize recvmsg and drop +Subject: [PATCH 03/17] vsock/dgram: generalize recvmsg and drop transport->dgram_dequeue This commit drops the transport->dgram_dequeue callback and makes @@ -14,13 +14,13 @@ Signed-off-by: Bobby Eshleman drivers/vhost/vsock.c | 4 +- include/linux/virtio_vsock.h | 3 ++ include/net/af_vsock.h | 13 ++++- - net/vmw_vsock/af_vsock.c | 51 ++++++++++++++++++- + net/vmw_vsock/af_vsock.c | 58 +++++++++++++++++++-- net/vmw_vsock/hyperv_transport.c | 17 +++++-- net/vmw_vsock/virtio_transport.c | 4 +- net/vmw_vsock/virtio_transport_common.c | 18 +++++++ net/vmw_vsock/vmci_transport.c | 68 ++++++++++--------------- net/vmw_vsock/vsock_loopback.c | 4 +- - 9 files changed, 132 insertions(+), 50 deletions(-) + 9 files changed, 137 insertions(+), 52 deletions(-) diff --git a/drivers/vhost/vsock.c b/drivers/vhost/vsock.c index d94a06008ff6..549158375086 100644 @@ -54,7 +54,7 @@ index fbf30721bac9..1098a4c0d738 100644 int virtio_transport_connect(struct vsock_sock *vsk); diff --git a/include/net/af_vsock.h b/include/net/af_vsock.h -index dc3cb16835b6..3fee8b8bb3e0 100644 +index f8b09a82f62e..7a342d406c34 100644 --- a/include/net/af_vsock.h +++ b/include/net/af_vsock.h @@ -120,11 +120,20 @@ struct vsock_transport { @@ -81,28 +81,24 @@ index dc3cb16835b6..3fee8b8bb3e0 100644 /* STREAM. */ /* TODO: stream_bind() */ diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c -index 4afb6a541cf3..c66d3def5e6e 100644 +index f5eb737a677d..c3fdb22cfd39 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c -@@ -1273,11 +1273,15 @@ static int vsock_dgram_connect(struct socket *sock, - int vsock_dgram_recvmsg(struct socket *sock, struct msghdr *msg, - size_t len, int flags) +@@ -1273,10 +1273,62 @@ static int vsock_dgram_connect(struct socket *sock, + int __vsock_dgram_recvmsg(struct socket *sock, struct msghdr *msg, + size_t len, int flags) { +- struct sock *sk = sock->sk; +- struct vsock_sock *vsk = vsock_sk(sk); + const struct vsock_transport *transport; - #ifdef CONFIG_BPF_SYSCALL - const struct proto *prot; - #endif - struct vsock_sock *vsk; ++ struct vsock_sock *vsk; + struct sk_buff *skb; + size_t payload_len; - struct sock *sk; ++ struct sock *sk; + int err; - - sk = sock->sk; - vsk = vsock_sk(sk); -@@ -1288,7 +1292,52 @@ int vsock_dgram_recvmsg(struct socket *sock, struct msghdr *msg, - return prot->recvmsg(sk, msg, len, flags, NULL); - #endif ++ ++ sk = sock->sk; ++ vsk = vsock_sk(sk); - return vsk->transport->dgram_dequeue(vsk, msg, len, flags); + if (flags & MSG_OOB || flags & MSG_ERRQUEUE) @@ -152,8 +148,8 @@ index 4afb6a541cf3..c66d3def5e6e 100644 + skb_free_datagram(&vsk->sk, skb); + return err; } - EXPORT_SYMBOL_GPL(vsock_dgram_recvmsg); + int vsock_dgram_recvmsg(struct socket *sock, struct msghdr *msg, diff --git a/net/vmw_vsock/hyperv_transport.c b/net/vmw_vsock/hyperv_transport.c index e2157e387217..a83b30d366af 100644 --- a/net/vmw_vsock/hyperv_transport.c @@ -352,5 +348,5 @@ index 0ce65d0a4a44..6b19e308a140 100644 .stream_dequeue = virtio_transport_stream_dequeue, .stream_enqueue = virtio_transport_stream_enqueue, -- -2.45.2 +2.46.0 diff --git a/patches/0004-vsock-refactor-transport-lookup-code.patch b/patches/0004-vsock-refactor-transport-lookup-code.patch index e6e87fa..bbdde21 100644 --- a/patches/0004-vsock-refactor-transport-lookup-code.patch +++ b/patches/0004-vsock-refactor-transport-lookup-code.patch @@ -1,7 +1,7 @@ -From 5981f2c4b9ec44a6195d2ba892100e1cdbe80d24 Mon Sep 17 00:00:00 2001 +From 5a2b5b9c1a9f473836c361153b15c10eab012e9a Mon Sep 17 00:00:00 2001 From: Bobby Eshleman Date: Sat, 10 Jun 2023 00:58:29 +0000 -Subject: [PATCH 04/15] vsock: refactor transport lookup code +Subject: [PATCH 04/17] vsock: refactor transport lookup code Introduce new reusable function vsock_connectible_lookup_transport() that performs the transport lookup logic. @@ -14,7 +14,7 @@ Signed-off-by: Bobby Eshleman 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c -index c66d3def5e6e..813588bee10f 100644 +index c3fdb22cfd39..5a517638deed 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -424,6 +424,22 @@ static void vsock_deassign_transport(struct vsock_sock *vsk) @@ -57,5 +57,5 @@ index c66d3def5e6e..813588bee10f 100644 default: return -ESOCKTNOSUPPORT; -- -2.45.2 +2.46.0 diff --git a/patches/0005-vsock-support-multi-transport-datagrams.patch b/patches/0005-vsock-support-multi-transport-datagrams.patch index 61d5f88..0728692 100644 --- a/patches/0005-vsock-support-multi-transport-datagrams.patch +++ b/patches/0005-vsock-support-multi-transport-datagrams.patch @@ -1,7 +1,7 @@ -From 0eca7ac3da42ac518e6410fa91d754ee40371886 Mon Sep 17 00:00:00 2001 +From 10b18bb2d94abcf35e199c76fcf9921de1dbb9ae Mon Sep 17 00:00:00 2001 From: Bobby Eshleman Date: Sat, 10 Jun 2023 00:58:30 +0000 -Subject: [PATCH 05/15] vsock: support multi-transport datagrams +Subject: [PATCH 05/17] vsock: support multi-transport datagrams This patch adds support for multi-transport datagrams. @@ -82,7 +82,7 @@ index 1098a4c0d738..26339021418d 100644 int virtio_transport_dgram_get_cid(struct sk_buff *skb, unsigned int *cid); int virtio_transport_dgram_get_port(struct sk_buff *skb, unsigned int *port); diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c -index 813588bee10f..2567641a829f 100644 +index 5a517638deed..afe28d3b0b74 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -440,6 +440,18 @@ vsock_connectible_lookup_transport(unsigned int cid, __u8 flags) @@ -304,5 +304,5 @@ index 6b19e308a140..21a4debde550 100644 .dgram_allow = virtio_transport_dgram_allow, .dgram_get_cid = virtio_transport_dgram_get_cid, -- -2.45.2 +2.46.0 diff --git a/patches/0006-vsock-make-vsock-bind-reusable.patch b/patches/0006-vsock-make-vsock-bind-reusable.patch index 2632b1e..e2f0ca4 100644 --- a/patches/0006-vsock-make-vsock-bind-reusable.patch +++ b/patches/0006-vsock-make-vsock-bind-reusable.patch @@ -1,7 +1,7 @@ -From a01abc12504a5819737fc8dcb6026eb2c52e67de Mon Sep 17 00:00:00 2001 +From 9b076ce6da60de7904d340289a2187325efee512 Mon Sep 17 00:00:00 2001 From: Bobby Eshleman Date: Sat, 10 Jun 2023 00:58:31 +0000 -Subject: [PATCH 06/15] vsock: make vsock bind reusable +Subject: [PATCH 06/17] vsock: make vsock bind reusable This commit makes the bind table management functions in vsock usable for different bind tables. For use by datagrams in a future patch. @@ -12,7 +12,7 @@ Signed-off-by: Bobby Eshleman 1 file changed, 26 insertions(+), 7 deletions(-) diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c -index 2567641a829f..034c3db91fc3 100644 +index afe28d3b0b74..6a94a623dd07 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -232,11 +232,12 @@ static void __vsock_remove_connected(struct vsock_sock *vsk) @@ -102,5 +102,5 @@ index 2567641a829f..034c3db91fc3 100644 struct sockaddr_vm *addr) { -- -2.45.2 +2.46.0 diff --git a/patches/0007-virtio-vsock-add-VIRTIO_VSOCK_F_DGRAM-feature-bit.patch b/patches/0007-virtio-vsock-add-VIRTIO_VSOCK_F_DGRAM-feature-bit.patch index 98545d2..1617b51 100644 --- a/patches/0007-virtio-vsock-add-VIRTIO_VSOCK_F_DGRAM-feature-bit.patch +++ b/patches/0007-virtio-vsock-add-VIRTIO_VSOCK_F_DGRAM-feature-bit.patch @@ -1,7 +1,7 @@ -From db9dd067e0ef890d720617635023919a106ac70e Mon Sep 17 00:00:00 2001 +From f9c572bf348f3eda2d0763ecf0e212cf6861d769 Mon Sep 17 00:00:00 2001 From: Bobby Eshleman Date: Sat, 10 Jun 2023 00:58:32 +0000 -Subject: [PATCH 07/15] virtio/vsock: add VIRTIO_VSOCK_F_DGRAM feature bit +Subject: [PATCH 07/17] virtio/vsock: add VIRTIO_VSOCK_F_DGRAM feature bit This commit adds a feature bit for virtio vsock to support datagrams. @@ -24,5 +24,5 @@ index 64738838bee5..9c25f267bbc0 100644 struct virtio_vsock_config { __le64 guest_cid; -- -2.45.2 +2.46.0 diff --git a/patches/0008-virtio-vsock-support-dgrams.patch b/patches/0008-virtio-vsock-support-dgrams.patch index e1bac9a..9ce0df8 100644 --- a/patches/0008-virtio-vsock-support-dgrams.patch +++ b/patches/0008-virtio-vsock-support-dgrams.patch @@ -1,7 +1,7 @@ -From 49d36822cfdca63ffbb3b1632cf613eb20a2a02c Mon Sep 17 00:00:00 2001 +From cea879931c45169784b8b2301ae02ee45c4aa20d Mon Sep 17 00:00:00 2001 From: Bobby Eshleman Date: Sat, 10 Jun 2023 00:58:33 +0000 -Subject: [PATCH 08/15] virtio/vsock: support dgrams +Subject: [PATCH 08/17] virtio/vsock: support dgrams This commit adds support for datagrams over virtio/vsock. @@ -133,7 +133,7 @@ index 26339021418d..ca5aeb0f9c2e 100644 +int virtio_transport_dgram_get_length(struct sk_buff *skb, size_t *len); #endif /* _LINUX_VIRTIO_VSOCK_H */ diff --git a/include/net/af_vsock.h b/include/net/af_vsock.h -index 3fee8b8bb3e0..0c1ff966ab27 100644 +index 7a342d406c34..92c1b7f46789 100644 --- a/include/net/af_vsock.h +++ b/include/net/af_vsock.h @@ -224,6 +224,7 @@ void vsock_for_each_connected_socket(struct vsock_transport *transport, @@ -157,7 +157,7 @@ index 9c25f267bbc0..27b4b2b8bf13 100644 enum virtio_vsock_op { diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c -index 034c3db91fc3..c59bbd0e1e1c 100644 +index 6a94a623dd07..391ee534246a 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -116,6 +116,7 @@ @@ -741,5 +741,5 @@ index 21a4debde550..20f5b123bde5 100644 { return true; -- -2.45.2 +2.46.0 diff --git a/patches/0009-tests-add-vsock-dgram-tests.patch b/patches/0009-tests-add-vsock-dgram-tests.patch index 9ff1c80..61a8fc3 100644 --- a/patches/0009-tests-add-vsock-dgram-tests.patch +++ b/patches/0009-tests-add-vsock-dgram-tests.patch @@ -1,7 +1,7 @@ -From 6befcab4d48cb38c8e34f13a6f5f1b7b45c5449e Mon Sep 17 00:00:00 2001 +From aacd77363c0f5c8515f9ef55889cd367d42d06f9 Mon Sep 17 00:00:00 2001 From: Jiang Wang Date: Sat, 10 Jun 2023 00:58:35 +0000 -Subject: [PATCH 09/15] tests: add vsock dgram tests +Subject: [PATCH 09/17] tests: add vsock dgram tests This patch adds tests for vsock datagram. @@ -667,5 +667,5 @@ index 5dc7767039f6..7c66e934341a 100644 {}, }; -- -2.45.2 +2.46.0 diff --git a/patches/0010-Transparent-Socket-Impersonation-implementation.patch b/patches/0010-Transparent-Socket-Impersonation-implementation.patch index cb9cd84..9d5aae6 100644 --- a/patches/0010-Transparent-Socket-Impersonation-implementation.patch +++ b/patches/0010-Transparent-Socket-Impersonation-implementation.patch @@ -1,7 +1,7 @@ -From 399d3ee078cad45dafe6c00d17edfb31377963c6 Mon Sep 17 00:00:00 2001 +From b4ce449d32a4a9c71041052c1e4599f3a01eccfa Mon Sep 17 00:00:00 2001 From: Sergio Lopez Date: Thu, 19 May 2022 22:38:26 +0200 -Subject: [PATCH 10/15] Transparent Socket Impersonation implementation +Subject: [PATCH 10/21] Transparent Socket Impersonation implementation Transparent Socket Impersonation (AF_TSI) is an address family that provides sockets presenting two simultaneous personalities, AF_INET @@ -30,9 +30,9 @@ Signed-off-by: Sergio Lopez net/tsi/Makefile | 4 + net/tsi/af_tsi.c | 1280 +++++++++++++++++++++++++++ net/tsi/af_tsi.h | 100 +++ - security/selinux/hooks.c | 2 +- - security/selinux/include/classmap.h | 2 +- - 10 files changed, 1399 insertions(+), 3 deletions(-) + security/selinux/hooks.c | 4 +- + security/selinux/include/classmap.h | 4 +- + 10 files changed, 1403 insertions(+), 3 deletions(-) create mode 100644 net/tsi/Kconfig create mode 100644 net/tsi/Makefile create mode 100644 net/tsi/af_tsi.c @@ -83,7 +83,7 @@ index 4c4dc535453d..b07f65c0ef56 100644 obj-$(CONFIG_NET_HANDSHAKE) += handshake/ +obj-$(CONFIG_TSI) += tsi/ diff --git a/net/socket.c b/net/socket.c -index 8d83c4bb163b..91ef12312a0a 100644 +index 9db33cd4a71b..8b92dd098235 100644 --- a/net/socket.c +++ b/net/socket.c @@ -218,6 +218,7 @@ static const char * const pf_family_names[] = { @@ -1510,23 +1510,34 @@ index 000000000000..cf381734bebe + +#endif diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c -index 53cfeefb2f19..428801687e5c 100644 +index d4a99d98ec77..82fd1f975ef6 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c -@@ -1295,7 +1295,7 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc +@@ -1295,7 +1295,9 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc return SECCLASS_XDP_SOCKET; case PF_MCTP: return SECCLASS_MCTP_SOCKET; -#if PF_MAX > 46 ++ case PF_TSI: ++ return SECCLASS_TSI_SOCKET; +#if PF_MAX > 47 #error New address family defined, please update this function. #endif } diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h -index a3c380775d41..06cb017611f8 100644 +index a3c380775d41..4640eb408c06 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h -@@ -259,6 +259,6 @@ const struct security_class_mapping secclass_map[] = { +@@ -248,6 +248,8 @@ const struct security_class_mapping secclass_map[] = { + { COMMON_SOCK_PERMS, NULL } }, + { "mctp_socket", + { COMMON_SOCK_PERMS, NULL } }, ++ { "tsi_socket", ++ { COMMON_SOCK_PERMS, NULL } }, + { "perf_event", + { "open", "cpu", "kernel", "tracepoint", "read", "write", NULL } }, + { "anon_inode", +@@ -259,6 +261,6 @@ const struct security_class_mapping secclass_map[] = { { NULL } }; diff --git a/patches/0011-tsi-allow-hijacking-sockets-tsi_hijack.patch b/patches/0011-tsi-allow-hijacking-sockets-tsi_hijack.patch index adc5439..07c6fbf 100644 --- a/patches/0011-tsi-allow-hijacking-sockets-tsi_hijack.patch +++ b/patches/0011-tsi-allow-hijacking-sockets-tsi_hijack.patch @@ -1,7 +1,7 @@ -From 1d7f6a16e8494cecaff51fb653eb1c0fe6def05d Mon Sep 17 00:00:00 2001 +From 38643ecb3d75f3c156249b6488b76ef608e990cb Mon Sep 17 00:00:00 2001 From: Sergio Lopez Date: Thu, 19 May 2022 22:42:01 +0200 -Subject: [PATCH 11/15] tsi: allow hijacking sockets (tsi_hijack) +Subject: [PATCH 11/17] tsi: allow hijacking sockets (tsi_hijack) Add a kernel command line option (tsi_hijack) enabling users to request the kernel to hijack AF_INET(SOCK_STREAM || SOCK_DGRAM) @@ -14,7 +14,7 @@ Signed-off-by: Sergio Lopez 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/net/socket.c b/net/socket.c -index 91ef12312a0a..7a1305a4159b 100644 +index 8b92dd098235..ab2bd178bcc7 100644 --- a/net/socket.c +++ b/net/socket.c @@ -115,6 +115,10 @@ unsigned int sysctl_net_busy_read __read_mostly; @@ -69,5 +69,5 @@ index eda6c4ba7961..6cf01d7ce8f5 100644 int err; -- -2.45.2 +2.46.0 diff --git a/patches/0012-arm64-cpufeature-Unify-SCOPE_LOCAL_CPU-early-late-be.patch b/patches/0012-arm64-cpufeature-Unify-SCOPE_LOCAL_CPU-early-late-be.patch new file mode 100644 index 0000000..c7eebf7 --- /dev/null +++ b/patches/0012-arm64-cpufeature-Unify-SCOPE_LOCAL_CPU-early-late-be.patch @@ -0,0 +1,85 @@ +From d5eb37359e9bf9c208f252ac01c345fb6947d74b Mon Sep 17 00:00:00 2001 +From: Asahi Lina +Date: Wed, 25 Sep 2024 16:35:34 +0200 +Subject: [PATCH 12/17] arm64: cpufeature: Unify SCOPE_LOCAL_CPU early & late + behavior + +SCOPE_LOCAL_CPU is mostly used for CPU errata. The early feature logic +prior to this patch will enable a feature if any secondary matches it, +but will not do anything once the feature is already enabled. + +However, the late CPU verification logic is more flexible, with flags: + +- ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU means "any cpu" logic applies +- ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU means "all cpus" logic applies + +This means the early secondary feature code right now behaves as if +OPTIONAL && !PERMITTED was specified (it ignores secondaries missing the +feature and forces the system state to active if any secondary has the +feature). + +Change this so that the early feature detection code inspects the flags +too and applies the logic to make feature state consistent: + +- If a feature is NOT OPTIONAL and missing on a secondary, remove it + from the system set (we can do this before finalization) +- If a feature is PERMITTED and missing on the boot CPU, don't enable it + but rather leave it off. + +This allows SCOPE_LOCAL_CPU to be used for feature detection as well as +CPU errata. + +Signed-off-by: Asahi Lina +--- + arch/arm64/kernel/cpufeature.c | 34 +++++++++++++++++++++++++++++++--- + 1 file changed, 31 insertions(+), 3 deletions(-) + +diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c +index 7e9660455900..6802a8eeb6a6 100644 +--- a/arch/arm64/kernel/cpufeature.c ++++ b/arch/arm64/kernel/cpufeature.c +@@ -2986,10 +2986,38 @@ static void update_cpu_capabilities(u16 scope_mask) + + scope_mask &= ARM64_CPUCAP_SCOPE_MASK; + for (i = 0; i < ARM64_NCAPS; i++) { ++ bool matches; ++ + caps = cpucap_ptrs[i]; +- if (!caps || !(caps->type & scope_mask) || +- cpus_have_cap(caps->capability) || +- !caps->matches(caps, cpucap_default_scope(caps))) ++ if (!caps || !(caps->type & scope_mask)) ++ continue; ++ ++ if (!(scope_mask & SCOPE_LOCAL_CPU) && cpus_have_cap(caps->capability)) ++ continue; ++ ++ matches = caps->matches(caps, cpucap_default_scope(caps)); ++ ++ if (matches == cpus_have_cap(caps->capability)) ++ continue; ++ ++ if (!matches) { ++ /* ++ * Cap detected on boot CPU but not this CPU, ++ * disable it if not optional. ++ */ ++ if (!cpucap_late_cpu_optional(caps)) { ++ __clear_bit(caps->capability, system_cpucaps); ++ pr_info("missing on secondary: %s\n", caps->desc); ++ } ++ continue; ++ } ++ ++ if (!(scope_mask & (SCOPE_BOOT_CPU | SCOPE_SYSTEM)) && ++ cpucap_late_cpu_permitted(caps)) ++ /* ++ * Cap detected on this CPU but not boot CPU, ++ * skip it if permitted for late CPUs. ++ */ + continue; + + if (caps->desc) +-- +2.46.0 + diff --git a/patches/0016-prctl-Introduce-PR_-SET-GET-_MEM_MODEL.patch b/patches/0013-prctl-Introduce-PR_-SET-GET-_MEM_MODEL.patch similarity index 91% rename from patches/0016-prctl-Introduce-PR_-SET-GET-_MEM_MODEL.patch rename to patches/0013-prctl-Introduce-PR_-SET-GET-_MEM_MODEL.patch index 8050d8a..edf5b72 100644 --- a/patches/0016-prctl-Introduce-PR_-SET-GET-_MEM_MODEL.patch +++ b/patches/0013-prctl-Introduce-PR_-SET-GET-_MEM_MODEL.patch @@ -1,7 +1,7 @@ -From e7f3885e24d060ae36aeccde44c03894ff4e3d6b Mon Sep 17 00:00:00 2001 +From eda97730a842489f539f86f74f07495645a7c972 Mon Sep 17 00:00:00 2001 From: Hector Martin Date: Thu, 11 Apr 2024 09:51:20 +0900 -Subject: [PATCH 1/4] prctl: Introduce PR_{SET,GET}_MEM_MODEL +Subject: [PATCH 13/17] prctl: Introduce PR_{SET,GET}_MEM_MODEL On some architectures, it is possible to query and/or change the CPU memory model. This allows userspace to switch to a stricter memory model @@ -43,7 +43,7 @@ Reviewed-by: Neal Gompa diff --git a/include/linux/memory_ordering_model.h b/include/linux/memory_ordering_model.h new file mode 100644 -index 000000000..267a12ca6 +index 000000000000..267a12ca6630 --- /dev/null +++ b/include/linux/memory_ordering_model.h @@ -0,0 +1,11 @@ @@ -59,7 +59,7 @@ index 000000000..267a12ca6 + +#endif diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h -index 370ed14b1..961216093 100644 +index 370ed14b1ae0..961216093f11 100644 --- a/include/uapi/linux/prctl.h +++ b/include/uapi/linux/prctl.h @@ -306,4 +306,9 @@ struct prctl_mm_map { @@ -73,7 +73,7 @@ index 370ed14b1..961216093 100644 + #endif /* _LINUX_PRCTL_H */ diff --git a/kernel/sys.c b/kernel/sys.c -index 7a4ae6d5a..54cff3b34 100644 +index 44b575990333..2db751ce25a2 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -45,6 +45,7 @@ @@ -84,7 +84,7 @@ index 7a4ae6d5a..54cff3b34 100644 #include #include -@@ -2429,6 +2430,16 @@ static int prctl_get_auxv(void __user *addr, unsigned long len) +@@ -2432,6 +2433,16 @@ static int prctl_get_auxv(void __user *addr, unsigned long len) return sizeof(mm->saved_auxv); } @@ -101,7 +101,7 @@ index 7a4ae6d5a..54cff3b34 100644 SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, unsigned long, arg4, unsigned long, arg5) { -@@ -2744,6 +2755,16 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, +@@ -2747,6 +2758,16 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, case PR_RISCV_V_GET_CONTROL: error = RISCV_V_GET_CONTROL(); break; @@ -119,5 +119,5 @@ index 7a4ae6d5a..54cff3b34 100644 error = -EINVAL; break; -- -2.45.1 +2.46.0 diff --git a/patches/0017-arm64-Implement-PR_-GET-SET-_MEM_MODEL-for-always-TS.patch b/patches/0014-arm64-Implement-PR_-GET-SET-_MEM_MODEL-for-always-TS.patch similarity index 92% rename from patches/0017-arm64-Implement-PR_-GET-SET-_MEM_MODEL-for-always-TS.patch rename to patches/0014-arm64-Implement-PR_-GET-SET-_MEM_MODEL-for-always-TS.patch index 5cfad0a..d58fa12 100644 --- a/patches/0017-arm64-Implement-PR_-GET-SET-_MEM_MODEL-for-always-TS.patch +++ b/patches/0014-arm64-Implement-PR_-GET-SET-_MEM_MODEL-for-always-TS.patch @@ -1,7 +1,7 @@ -From 37e470e60bc5c0dad986f211ff05629bed0b9d47 Mon Sep 17 00:00:00 2001 -From: Sergio Lopez +From 55e5da0ad8c673f5f8e07524210bba70b5714ff3 Mon Sep 17 00:00:00 2001 +From: Hector Martin Date: Mon, 6 May 2024 16:47:51 +0200 -Subject: [PATCH 2/4] arm64: Implement PR_{GET,SET}_MEM_MODEL for always-TSO +Subject: [PATCH 14/17] arm64: Implement PR_{GET,SET}_MEM_MODEL for always-TSO CPUs Some ARM64 implementations are known to always use the TSO memory model. @@ -27,10 +27,10 @@ Reviewed-by: Neal Gompa create mode 100644 arch/arm64/kernel/cpufeature_impdef.c diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig -index b5df38c2a..dade81d8f 100644 +index 9e0c1ac3d13e..741833d2f1a0 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig -@@ -2160,6 +2160,15 @@ config ARM64_DEBUG_PRIORITY_MASKING +@@ -2198,6 +2198,15 @@ config ARM64_DEBUG_PRIORITY_MASKING If unsure, say N endif # ARM64_PSEUDO_NMI @@ -47,7 +47,7 @@ index b5df38c2a..dade81d8f 100644 bool "Build a relocatable kernel image" if EXPERT select ARCH_HAS_RELR diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h -index 5bba39376..f83f951be 100644 +index 5bba39376055..f83f951bec94 100644 --- a/arch/arm64/include/asm/cpufeature.h +++ b/arch/arm64/include/asm/cpufeature.h @@ -924,6 +924,10 @@ extern struct arm64_ftr_override arm64_sw_feature_override; @@ -62,7 +62,7 @@ index 5bba39376..f83f951be 100644 #endif diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile -index d95b3d6b4..2a86fc69c 100644 +index d95b3d6b471a..2a86fc69ccea 100644 --- a/arch/arm64/kernel/Makefile +++ b/arch/arm64/kernel/Makefile @@ -34,7 +34,7 @@ obj-y := debug-monitors.o entry.o irq.o fpsimd.o \ @@ -75,7 +75,7 @@ index d95b3d6b4..2a86fc69c 100644 obj-$(CONFIG_COMPAT) += sys32.o signal32.o \ sys_compat.o diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c -index 444a73c2e..2f3b99ea5 100644 +index 6802a8eeb6a6..ceebd3ccbe4a 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -965,7 +965,7 @@ static void init_cpu_ftr_reg(u32 sys_reg, u64 new) @@ -125,7 +125,7 @@ index 444a73c2e..2f3b99ea5 100644 const struct cpumask *system_32bit_el0_cpumask(void) diff --git a/arch/arm64/kernel/cpufeature_impdef.c b/arch/arm64/kernel/cpufeature_impdef.c new file mode 100644 -index 000000000..bb04a8e3d +index 000000000000..de784a1fb49b --- /dev/null +++ b/arch/arm64/kernel/cpufeature_impdef.c @@ -0,0 +1,38 @@ @@ -156,7 +156,7 @@ index 000000000..bb04a8e3d + { + .desc = "TSO memory model (Fixed)", + .capability = ARM64_HAS_TSO_FIXED, -+ .type = ARM64_CPUCAP_SYSTEM_FEATURE, ++ .type = SCOPE_LOCAL_CPU | ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU, + .matches = has_tso_fixed, + }, +#endif @@ -168,7 +168,7 @@ index 000000000..bb04a8e3d + init_cpucap_indirect_list_from_array(arm64_impdef_features); +} diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c -index 0fcc4eb1a..2f37a56a4 100644 +index 0fcc4eb1a7ab..2f37a56a4a4b 100644 --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -41,6 +41,7 @@ @@ -217,7 +217,7 @@ index 0fcc4eb1a..2f37a56a4 100644 #ifdef CONFIG_ARM64_TAGGED_ADDR_ABI diff --git a/arch/arm64/tools/cpucaps b/arch/arm64/tools/cpucaps -index 5511bee15..419810c21 100644 +index c251ef3caae5..cedae062dbdd 100644 --- a/arch/arm64/tools/cpucaps +++ b/arch/arm64/tools/cpucaps @@ -50,6 +50,7 @@ HAS_STAGE2_FWB @@ -229,5 +229,5 @@ index 5511bee15..419810c21 100644 HAS_WFXT HW_DBM -- -2.45.1 +2.46.0 diff --git a/patches/0018-arm64-Introduce-scaffolding-to-add-ACTLR_EL1-to-thre.patch b/patches/0015-arm64-Introduce-scaffolding-to-add-ACTLR_EL1-to-thre.patch similarity index 91% rename from patches/0018-arm64-Introduce-scaffolding-to-add-ACTLR_EL1-to-thre.patch rename to patches/0015-arm64-Introduce-scaffolding-to-add-ACTLR_EL1-to-thre.patch index 21c1197..05a7eb4 100644 --- a/patches/0018-arm64-Introduce-scaffolding-to-add-ACTLR_EL1-to-thre.patch +++ b/patches/0015-arm64-Introduce-scaffolding-to-add-ACTLR_EL1-to-thre.patch @@ -1,7 +1,7 @@ -From c3564a75278be85e3e585fad1b1834a631b6e0e9 Mon Sep 17 00:00:00 2001 +From 0f5f434bc794b2a46105b8ae9aed8b99c7f9dea4 Mon Sep 17 00:00:00 2001 From: Hector Martin Date: Thu, 11 Apr 2024 09:51:22 +0900 -Subject: [PATCH 3/4] arm64: Introduce scaffolding to add ACTLR_EL1 to thread +Subject: [PATCH 15/17] arm64: Introduce scaffolding to add ACTLR_EL1 to thread state Some CPUs expose IMPDEF features in ACTLR_EL1 that can be meaningfully @@ -24,7 +24,7 @@ Reviewed-by: Neal Gompa 5 files changed, 44 insertions(+) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig -index dade81d8f..c6c8bb46b 100644 +index 741833d2f1a0..cefb705dc3c7 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -409,6 +409,9 @@ config KASAN_SHADOW_OFFSET @@ -38,7 +38,7 @@ index dade81d8f..c6c8bb46b 100644 menu "Kernel Features" diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h -index f83f951be..8c5d5a03b 100644 +index f83f951bec94..8c5d5a03b2af 100644 --- a/arch/arm64/include/asm/cpufeature.h +++ b/arch/arm64/include/asm/cpufeature.h @@ -908,6 +908,11 @@ static inline unsigned int get_vmid_bits(u64 mmfr1) @@ -54,7 +54,7 @@ index f83f951be..8c5d5a03b 100644 struct arm64_ftr_reg *get_arm64_ftr_reg(u32 sys_id); diff --git a/arch/arm64/include/asm/processor.h b/arch/arm64/include/asm/processor.h -index e5bc54522..e1ca89202 100644 +index e5bc54522e71..e1ca89202619 100644 --- a/arch/arm64/include/asm/processor.h +++ b/arch/arm64/include/asm/processor.h @@ -179,6 +179,9 @@ struct thread_struct { @@ -68,7 +68,7 @@ index e5bc54522..e1ca89202 100644 static inline unsigned int thread_get_vl(struct thread_struct *thread, diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c -index 2f37a56a4..235c965eb 100644 +index 2f37a56a4a4b..235c965ebbc3 100644 --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -375,6 +375,11 @@ int copy_thread(struct task_struct *p, const struct kernel_clone_args *args) @@ -118,10 +118,10 @@ index 2f37a56a4..235c965eb 100644 /* * Complete any pending TLB or cache maintenance on this CPU in case diff --git a/arch/arm64/kernel/setup.c b/arch/arm64/kernel/setup.c -index 417a8a86b..4580297d0 100644 +index c583d1f335f8..86e0631df0c1 100644 --- a/arch/arm64/kernel/setup.c +++ b/arch/arm64/kernel/setup.c -@@ -382,6 +382,14 @@ void __init __no_sanitize_address setup_arch(char **cmdline_p) +@@ -379,6 +379,14 @@ void __init __no_sanitize_address setup_arch(char **cmdline_p) */ init_task.thread_info.ttbr0 = phys_to_ttbr(__pa_symbol(reserved_pg_dir)); #endif @@ -137,5 +137,5 @@ index 417a8a86b..4580297d0 100644 if (boot_args[1] || boot_args[2] || boot_args[3]) { pr_err("WARNING: x1-x3 nonzero in violation of boot protocol:\n" -- -2.45.1 +2.46.0 diff --git a/patches/0019-arm64-Implement-Apple-IMPDEF-TSO-memory-model-contro.patch b/patches/0016-arm64-Implement-Apple-IMPDEF-TSO-memory-model-contro.patch similarity index 72% rename from patches/0019-arm64-Implement-Apple-IMPDEF-TSO-memory-model-contro.patch rename to patches/0016-arm64-Implement-Apple-IMPDEF-TSO-memory-model-contro.patch index fbb3afd..8daba8d 100644 --- a/patches/0019-arm64-Implement-Apple-IMPDEF-TSO-memory-model-contro.patch +++ b/patches/0016-arm64-Implement-Apple-IMPDEF-TSO-memory-model-contro.patch @@ -1,7 +1,7 @@ -From bab76e17f7b70036d6c9d85efbd77d503a0743dc Mon Sep 17 00:00:00 2001 +From a32ac5f90f7acfa73651a6fa726d05a207333e3a Mon Sep 17 00:00:00 2001 From: Hector Martin Date: Thu, 11 Apr 2024 09:51:23 +0900 -Subject: [PATCH 4/4] arm64: Implement Apple IMPDEF TSO memory model control +Subject: [PATCH 16/17] arm64: Implement Apple IMPDEF TSO memory model control Apple CPUs may implement the TSO memory model as an optional configurable mode. This allows x86 emulators to simplify their @@ -17,20 +17,20 @@ earlier. Signed-off-by: Hector Martin Reviewed-by: Neal Gompa --- - arch/arm64/Kconfig | 2 ++ - arch/arm64/include/asm/apple_cpufeature.h | 15 +++++++++++++++ - arch/arm64/include/asm/cpufeature.h | 3 ++- - arch/arm64/kernel/cpufeature_impdef.c | 23 +++++++++++++++++++++++ - arch/arm64/kernel/process.c | 22 ++++++++++++++++++++++ + arch/arm64/Kconfig | 2 + + arch/arm64/include/asm/apple_cpufeature.h | 15 +++++++ + arch/arm64/include/asm/cpufeature.h | 3 +- + arch/arm64/kernel/cpufeature_impdef.c | 52 +++++++++++++++++++++++ + arch/arm64/kernel/process.c | 22 ++++++++++ arch/arm64/tools/cpucaps | 1 + - 6 files changed, 65 insertions(+), 1 deletion(-) + 6 files changed, 94 insertions(+), 1 deletion(-) create mode 100644 arch/arm64/include/asm/apple_cpufeature.h diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig -index c6c8bb46b..b4a54e3e2 100644 +index cefb705dc3c7..8302d602a6f9 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig -@@ -2165,6 +2165,8 @@ endif # ARM64_PSEUDO_NMI +@@ -2203,6 +2203,8 @@ endif # ARM64_PSEUDO_NMI config ARM64_MEMORY_MODEL_CONTROL bool "Runtime memory model control" @@ -41,7 +41,7 @@ index c6c8bb46b..b4a54e3e2 100644 model, which can be useful to emulate other CPU architectures diff --git a/arch/arm64/include/asm/apple_cpufeature.h b/arch/arm64/include/asm/apple_cpufeature.h new file mode 100644 -index 000000000..4370d91ff +index 000000000000..4370d91ffa3e --- /dev/null +++ b/arch/arm64/include/asm/apple_cpufeature.h @@ -0,0 +1,15 @@ @@ -61,7 +61,7 @@ index 000000000..4370d91ff + +#endif diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h -index 8c5d5a03b..fb2e732c4 100644 +index 8c5d5a03b2af..fb2e732c407f 100644 --- a/arch/arm64/include/asm/cpufeature.h +++ b/arch/arm64/include/asm/cpufeature.h @@ -910,7 +910,8 @@ static inline unsigned int get_vmid_bits(u64 mmfr1) @@ -75,20 +75,26 @@ index 8c5d5a03b..fb2e732c4 100644 s64 arm64_ftr_safe_value(const struct arm64_ftr_bits *ftrp, s64 new, s64 cur); diff --git a/arch/arm64/kernel/cpufeature_impdef.c b/arch/arm64/kernel/cpufeature_impdef.c -index bb04a8e3d..9325d1eb1 100644 +index de784a1fb49b..d82ff2e80426 100644 --- a/arch/arm64/kernel/cpufeature_impdef.c +++ b/arch/arm64/kernel/cpufeature_impdef.c -@@ -4,8 +4,21 @@ +@@ -3,9 +3,51 @@ + * Contains implementation-defined CPU feature definitions. */ ++#define pr_fmt(fmt) "CPU features: " fmt ++ #include +#include ++#include ++#include ++#include #ifdef CONFIG_ARM64_MEMORY_MODEL_CONTROL +static bool has_apple_feature(const struct arm64_cpu_capabilities *entry, int scope) +{ + u64 val; -+ WARN_ON(scope != SCOPE_SYSTEM); ++ WARN_ON(scope == SCOPE_LOCAL_CPU && preemptible()); + + if (read_cpuid_implementor() != ARM_CPU_IMP_APPLE) + return false; @@ -96,19 +102,43 @@ index bb04a8e3d..9325d1eb1 100644 + val = read_sysreg(aidr_el1); + return cpufeature_matches(val, entry); +} ++ ++static bool has_apple_tso(const struct arm64_cpu_capabilities *entry, int scope) ++{ ++ u64 val; ++ ++ if (!has_apple_feature(entry, scope)) ++ return false; ++ ++ /* ++ * KVM and old versions of the macOS hypervisor will advertise TSO in ++ * AIDR_EL1, but then ignore writes to ACTLR_EL1. Test that the bit is ++ * actually writable before enabling TSO. ++ */ ++ ++ val = read_sysreg(actlr_el1); ++ write_sysreg(val ^ ACTLR_APPLE_TSO, actlr_el1); ++ if (!((val ^ read_sysreg(actlr_el1)) & ACTLR_APPLE_TSO)) { ++ pr_info_once("CPU advertises Apple TSO but it is broken, ignoring\n"); ++ return false; ++ } ++ ++ write_sysreg(val, actlr_el1); ++ return true; ++} + static bool has_tso_fixed(const struct arm64_cpu_capabilities *entry, int scope) { /* List of CPUs that always use the TSO memory model */ -@@ -22,6 +35,16 @@ static bool has_tso_fixed(const struct arm64_cpu_capabilities *entry, int scope) +@@ -22,6 +64,16 @@ static bool has_tso_fixed(const struct arm64_cpu_capabilities *entry, int scope) static const struct arm64_cpu_capabilities arm64_impdef_features[] = { #ifdef CONFIG_ARM64_MEMORY_MODEL_CONTROL + { + .desc = "TSO memory model (Apple)", + .capability = ARM64_HAS_TSO_APPLE, -+ .type = ARM64_CPUCAP_SYSTEM_FEATURE, -+ .matches = has_apple_feature, ++ .type = SCOPE_LOCAL_CPU | ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU, ++ .matches = has_apple_tso, + .field_pos = AIDR_APPLE_TSO_SHIFT, + .field_width = 1, + .sign = FTR_UNSIGNED, @@ -118,7 +148,7 @@ index bb04a8e3d..9325d1eb1 100644 .desc = "TSO memory model (Fixed)", .capability = ARM64_HAS_TSO_FIXED, diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c -index 235c965eb..9cb54aa3b 100644 +index 235c965ebbc3..9cb54aa3b731 100644 --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -44,6 +44,7 @@ @@ -165,7 +195,7 @@ index 235c965eb..9cb54aa3b 100644 return 0; diff --git a/arch/arm64/tools/cpucaps b/arch/arm64/tools/cpucaps -index 419810c21..f887e1742 100644 +index cedae062dbdd..cee02bfc4633 100644 --- a/arch/arm64/tools/cpucaps +++ b/arch/arm64/tools/cpucaps @@ -50,6 +50,7 @@ HAS_STAGE2_FWB @@ -177,5 +207,5 @@ index 419810c21..f887e1742 100644 HAS_VIRT_HOST_EXTN HAS_WFXT -- -2.45.1 +2.46.0 diff --git a/patches/0017-drm-virtio-Support-fence-passing-feature.patch b/patches/0017-drm-virtio-Support-fence-passing-feature.patch new file mode 100644 index 0000000..867df07 --- /dev/null +++ b/patches/0017-drm-virtio-Support-fence-passing-feature.patch @@ -0,0 +1,454 @@ +From 81c1338fa3e17c7fd327224ea2466a517a92d914 Mon Sep 17 00:00:00 2001 +From: Dmitry Osipenko +Date: Sat, 7 Oct 2023 22:47:47 +0300 +Subject: [PATCH 17/17] drm/virtio: Support fence-passing feature + +Support extended version of VIRTIO_GPU_CMD_SUBMIT_3D command that allows +passing in-fence IDs to host for waiting, removing need to do expensive +host-guest roundtrips in a case of waiting for fences on a guest side. + +Guest userspace must enable new VIRTGPU_CONTEXT_PARAM_FENCE_PASSING flag +and host must support new VIRTIO_GPU_F_FENCE_PASSING feature in order to +activate the fence passing for a given virtio-gpu context. Array of +in-fence IDs is then prepended to the VIRTIO_GPU_CMD_SUBMIT_3D's data, +the previously unused padding field of the command is reused for the +number of in-fences. + +A new VIRTGPU_EXECBUF_SHARED_FENCE flag is added to the job submission +UAPI and must be set by userspace if it wants to make fence shareable +with/on host. Certain jobs won't want to share fence, in particular Venus +will benefit from this flag. + +Link: https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/1138 +Link: https://gitlab.freedesktop.org/digetx/qemu/-/commits/native-context-iris +Link: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4679609 +Signed-off-by: Dmitry Osipenko +--- + drivers/gpu/drm/virtio/virtgpu_drv.c | 1 + + drivers/gpu/drm/virtio/virtgpu_drv.h | 11 ++- + drivers/gpu/drm/virtio/virtgpu_fence.c | 15 +++- + drivers/gpu/drm/virtio/virtgpu_ioctl.c | 11 ++- + drivers/gpu/drm/virtio/virtgpu_kms.c | 8 +- + drivers/gpu/drm/virtio/virtgpu_submit.c | 99 ++++++++++++++++++++++++- + drivers/gpu/drm/virtio/virtgpu_vq.c | 7 +- + include/uapi/drm/virtgpu_drm.h | 3 + + include/uapi/linux/virtio_gpu.h | 11 ++- + 9 files changed, 152 insertions(+), 14 deletions(-) + +diff --git a/drivers/gpu/drm/virtio/virtgpu_drv.c b/drivers/gpu/drm/virtio/virtgpu_drv.c +index c5716fd0aed3..450ce481b1f8 100644 +--- a/drivers/gpu/drm/virtio/virtgpu_drv.c ++++ b/drivers/gpu/drm/virtio/virtgpu_drv.c +@@ -149,6 +149,7 @@ static unsigned int features[] = { + VIRTIO_GPU_F_RESOURCE_UUID, + VIRTIO_GPU_F_RESOURCE_BLOB, + VIRTIO_GPU_F_CONTEXT_INIT, ++ VIRTIO_GPU_F_FENCE_PASSING, + }; + static struct virtio_driver virtio_gpu_driver = { + .feature_table = features, +diff --git a/drivers/gpu/drm/virtio/virtgpu_drv.h b/drivers/gpu/drm/virtio/virtgpu_drv.h +index 4126c384286b..13507700e6da 100644 +--- a/drivers/gpu/drm/virtio/virtgpu_drv.h ++++ b/drivers/gpu/drm/virtio/virtgpu_drv.h +@@ -149,6 +149,7 @@ struct virtio_gpu_fence { + struct virtio_gpu_fence_event *e; + struct virtio_gpu_fence_driver *drv; + struct list_head node; ++ bool host_shareable; + }; + + struct virtio_gpu_vbuffer { +@@ -246,6 +247,7 @@ struct virtio_gpu_device { + bool has_resource_blob; + bool has_host_visible; + bool has_context_init; ++ bool has_fence_passing; + struct virtio_shm_region host_visible_region; + struct drm_mm host_visible_mm; + +@@ -273,6 +275,7 @@ struct virtio_gpu_fpriv { + uint32_t num_rings; + uint64_t base_fence_ctx; + uint64_t ring_idx_mask; ++ bool fence_passing_enabled; + struct mutex context_lock; + }; + +@@ -369,7 +372,9 @@ void virtio_gpu_cmd_submit(struct virtio_gpu_device *vgdev, + void *data, uint32_t data_size, + uint32_t ctx_id, + struct virtio_gpu_object_array *objs, +- struct virtio_gpu_fence *fence); ++ struct virtio_gpu_fence *fence, ++ uint32_t cmd_size, ++ unsigned int num_in_fences); + void virtio_gpu_cmd_transfer_from_host_3d(struct virtio_gpu_device *vgdev, + uint32_t ctx_id, + uint64_t offset, uint32_t level, +@@ -425,6 +430,9 @@ virtio_gpu_cmd_set_scanout_blob(struct virtio_gpu_device *vgdev, + uint32_t width, uint32_t height, + uint32_t x, uint32_t y); + ++void virtio_gpu_cmd_in_fence(struct virtio_gpu_device *vgdev, ++ uint32_t ctx_id, uint64_t fence_id); ++ + /* virtgpu_display.c */ + int virtio_gpu_modeset_init(struct virtio_gpu_device *vgdev); + void virtio_gpu_modeset_fini(struct virtio_gpu_device *vgdev); +@@ -444,6 +452,7 @@ void virtio_gpu_fence_emit(struct virtio_gpu_device *vgdev, + struct virtio_gpu_fence *fence); + void virtio_gpu_fence_event_process(struct virtio_gpu_device *vdev, + u64 fence_id); ++struct virtio_gpu_fence *to_virtio_gpu_fence(struct dma_fence *dma_fence); + + /* virtgpu_object.c */ + void virtio_gpu_cleanup_object(struct virtio_gpu_object *bo); +diff --git a/drivers/gpu/drm/virtio/virtgpu_fence.c b/drivers/gpu/drm/virtio/virtgpu_fence.c +index f28357dbde35..1fd3cfeca2f5 100644 +--- a/drivers/gpu/drm/virtio/virtgpu_fence.c ++++ b/drivers/gpu/drm/virtio/virtgpu_fence.c +@@ -27,9 +27,6 @@ + + #include "virtgpu_drv.h" + +-#define to_virtio_gpu_fence(x) \ +- container_of(x, struct virtio_gpu_fence, f) +- + static const char *virtio_gpu_get_driver_name(struct dma_fence *f) + { + return "virtio_gpu"; +@@ -71,6 +68,14 @@ static const struct dma_fence_ops virtio_gpu_fence_ops = { + .timeline_value_str = virtio_gpu_timeline_value_str, + }; + ++struct virtio_gpu_fence *to_virtio_gpu_fence(struct dma_fence *dma_fence) ++{ ++ if (dma_fence->ops != &virtio_gpu_fence_ops) ++ return NULL; ++ ++ return container_of(dma_fence, struct virtio_gpu_fence, f); ++} ++ + struct virtio_gpu_fence *virtio_gpu_fence_alloc(struct virtio_gpu_device *vgdev, + uint64_t base_fence_ctx, + uint32_t ring_idx) +@@ -122,6 +127,10 @@ void virtio_gpu_fence_emit(struct virtio_gpu_device *vgdev, + cpu_to_le32(VIRTIO_GPU_FLAG_INFO_RING_IDX); + cmd_hdr->ring_idx = (u8)fence->ring_idx; + } ++ ++ if (fence->host_shareable) ++ cmd_hdr->flags |= ++ cpu_to_le32(VIRTIO_GPU_FLAG_FENCE_SHAREABLE); + } + + void virtio_gpu_fence_event_process(struct virtio_gpu_device *vgdev, +diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c +index b24b11f25197..3028786c59cd 100644 +--- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c ++++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c +@@ -514,7 +514,8 @@ static int virtio_gpu_resource_create_blob_ioctl(struct drm_device *dev, + return PTR_ERR(buf); + + virtio_gpu_cmd_submit(vgdev, buf, rc_blob->cmd_size, +- vfpriv->ctx_id, NULL, NULL); ++ vfpriv->ctx_id, NULL, NULL, ++ rc_blob->cmd_size, 0); + } + + if (guest_blob) +@@ -642,6 +643,14 @@ static int virtio_gpu_context_init_ioctl(struct drm_device *dev, + + vfpriv->ring_idx_mask = value; + break; ++ case VIRTGPU_CONTEXT_PARAM_FENCE_PASSING: ++ if (!vgdev->has_fence_passing && value) { ++ ret = -EINVAL; ++ goto out_unlock; ++ } ++ ++ vfpriv->fence_passing_enabled = !!value; ++ break; + default: + ret = -EINVAL; + goto out_unlock; +diff --git a/drivers/gpu/drm/virtio/virtgpu_kms.c b/drivers/gpu/drm/virtio/virtgpu_kms.c +index 5a3b5aaed1f3..9f4617a75edd 100644 +--- a/drivers/gpu/drm/virtio/virtgpu_kms.c ++++ b/drivers/gpu/drm/virtio/virtgpu_kms.c +@@ -197,12 +197,16 @@ int virtio_gpu_init(struct virtio_device *vdev, struct drm_device *dev) + if (virtio_has_feature(vgdev->vdev, VIRTIO_GPU_F_CONTEXT_INIT)) { + vgdev->has_context_init = true; + } ++ if (virtio_has_feature(vgdev->vdev, VIRTIO_GPU_F_FENCE_PASSING)) { ++ vgdev->has_fence_passing = true; ++ } + +- DRM_INFO("features: %cvirgl %cedid %cresource_blob %chost_visible", ++ DRM_INFO("features: %cvirgl %cedid %cresource_blob %chost_visible %cfence_passing", + vgdev->has_virgl_3d ? '+' : '-', + vgdev->has_edid ? '+' : '-', + vgdev->has_resource_blob ? '+' : '-', +- vgdev->has_host_visible ? '+' : '-'); ++ vgdev->has_host_visible ? '+' : '-', ++ vgdev->has_fence_passing ? '+' : '-'); + + DRM_INFO("features: %ccontext_init\n", + vgdev->has_context_init ? '+' : '-'); +diff --git a/drivers/gpu/drm/virtio/virtgpu_submit.c b/drivers/gpu/drm/virtio/virtgpu_submit.c +index d530c058f53e..5274035425df 100644 +--- a/drivers/gpu/drm/virtio/virtgpu_submit.c ++++ b/drivers/gpu/drm/virtio/virtgpu_submit.c +@@ -25,6 +25,11 @@ struct virtio_gpu_submit_post_dep { + u64 point; + }; + ++struct virtio_gpu_in_fence { ++ u64 id; ++ u32 context; ++}; ++ + struct virtio_gpu_submit { + struct virtio_gpu_submit_post_dep *post_deps; + unsigned int num_out_syncobjs; +@@ -32,6 +37,9 @@ struct virtio_gpu_submit { + struct drm_syncobj **in_syncobjs; + unsigned int num_in_syncobjs; + ++ struct virtio_gpu_in_fence *in_fences; ++ unsigned int num_in_fences; ++ + struct virtio_gpu_object_array *buflist; + struct drm_virtgpu_execbuffer *exbuf; + struct virtio_gpu_fence *out_fence; +@@ -41,6 +49,8 @@ struct virtio_gpu_submit { + struct drm_file *file; + int out_fence_fd; + u64 fence_ctx; ++ u32 data_size; ++ u32 cmd_size; + u32 ring_idx; + void *buf; + }; +@@ -48,11 +58,44 @@ struct virtio_gpu_submit { + static int virtio_gpu_do_fence_wait(struct virtio_gpu_submit *submit, + struct dma_fence *in_fence) + { ++ struct virtio_gpu_fence *fence = to_virtio_gpu_fence(in_fence); + u64 context = submit->fence_ctx + submit->ring_idx; ++ struct virtio_gpu_in_fence *vfence, *in_fences; ++ u32 i; + + if (dma_fence_match_context(in_fence, context)) + return 0; + ++ if (fence && fence->host_shareable && ++ submit->vfpriv->fence_passing_enabled) { ++ /* ++ * Merge sync_file + syncobj in-fences to avoid sending more ++ * than one fence per-context to host. Use latest fence from ++ * the same context. ++ */ ++ for (i = 0; i < submit->num_in_fences; i++) { ++ vfence = &submit->in_fences[i]; ++ ++ if (dma_fence_match_context(in_fence, vfence->context)) { ++ vfence->id = max(vfence->id, fence->fence_id); ++ return 0; ++ } ++ } ++ ++ in_fences = krealloc_array(submit->in_fences, ++ submit->num_in_fences + 1, ++ sizeof(*in_fences), GFP_KERNEL); ++ if (!in_fences) ++ return -ENOMEM; ++ ++ in_fences[submit->num_in_fences].id = fence->fence_id; ++ in_fences[submit->num_in_fences].context = context; ++ submit->in_fences = in_fences; ++ submit->num_in_fences++; ++ ++ return 0; ++ } ++ + return dma_fence_wait(in_fence, true); + } + +@@ -331,6 +374,7 @@ static void virtio_gpu_cleanup_submit(struct virtio_gpu_submit *submit) + virtio_gpu_reset_syncobjs(submit->in_syncobjs, submit->num_in_syncobjs); + virtio_gpu_free_syncobjs(submit->in_syncobjs, submit->num_in_syncobjs); + virtio_gpu_free_post_deps(submit->post_deps, submit->num_out_syncobjs); ++ kfree(submit->in_fences); + + if (!IS_ERR(submit->buf)) + kvfree(submit->buf); +@@ -348,12 +392,51 @@ static void virtio_gpu_cleanup_submit(struct virtio_gpu_submit *submit) + fput(submit->sync_file->file); + } + +-static void virtio_gpu_submit(struct virtio_gpu_submit *submit) ++static int virtio_gpu_attach_in_fences(struct virtio_gpu_submit *submit) + { +- virtio_gpu_cmd_submit(submit->vgdev, submit->buf, submit->exbuf->size, ++ size_t in_fences_size = sizeof(u64) * submit->num_in_fences; ++ size_t new_data_size = submit->data_size + in_fences_size; ++ void *buf = submit->buf; ++ u64 *in_fences; ++ unsigned int i; ++ ++ if (new_data_size < submit->data_size) ++ return -EINVAL; ++ ++ buf = kvrealloc(buf, submit->data_size, new_data_size, GFP_KERNEL); ++ if (!buf) ++ return -ENOMEM; ++ ++ memmove(buf + in_fences_size, buf, submit->data_size); ++ in_fences = buf; ++ ++ for (i = 0; i < submit->num_in_fences; i++) ++ in_fences[i] = cpu_to_le64(submit->in_fences[i].id); ++ ++ submit->data_size = new_data_size; ++ submit->buf = buf; ++ ++ return 0; ++} ++ ++static int virtio_gpu_submit(struct virtio_gpu_submit *submit) ++{ ++ int err; ++ ++ if (submit->num_in_fences) { ++ err = virtio_gpu_attach_in_fences(submit); ++ if (err) ++ return err; ++ } ++ ++ virtio_gpu_cmd_submit(submit->vgdev, submit->buf, submit->data_size, + submit->vfpriv->ctx_id, submit->buflist, +- submit->out_fence); ++ submit->out_fence, submit->cmd_size, ++ submit->num_in_fences); ++ + virtio_gpu_notify(submit->vgdev); ++ ++ return 0; + } + + static void virtio_gpu_complete_submit(struct virtio_gpu_submit *submit) +@@ -400,6 +483,12 @@ static int virtio_gpu_init_submit(struct virtio_gpu_submit *submit, + } + } + ++ if ((exbuf->flags & VIRTGPU_EXECBUF_SHARED_FENCE) && ++ vfpriv->fence_passing_enabled && out_fence) ++ out_fence->host_shareable = true; ++ ++ submit->data_size = exbuf->size; ++ submit->cmd_size = exbuf->size; + submit->out_fence = out_fence; + submit->fence_ctx = fence_ctx; + submit->ring_idx = ring_idx; +@@ -526,7 +615,9 @@ int virtio_gpu_execbuffer_ioctl(struct drm_device *dev, void *data, + if (ret) + goto cleanup; + +- virtio_gpu_submit(&submit); ++ ret = virtio_gpu_submit(&submit); ++ if (ret) ++ goto cleanup; + + /* + * Set up usr-out data after submitting the job to optimize +diff --git a/drivers/gpu/drm/virtio/virtgpu_vq.c b/drivers/gpu/drm/virtio/virtgpu_vq.c +index b1a00c0c25a7..29d462b69bad 100644 +--- a/drivers/gpu/drm/virtio/virtgpu_vq.c ++++ b/drivers/gpu/drm/virtio/virtgpu_vq.c +@@ -1079,7 +1079,9 @@ void virtio_gpu_cmd_submit(struct virtio_gpu_device *vgdev, + void *data, uint32_t data_size, + uint32_t ctx_id, + struct virtio_gpu_object_array *objs, +- struct virtio_gpu_fence *fence) ++ struct virtio_gpu_fence *fence, ++ uint32_t cmd_size, ++ unsigned int num_in_fences) + { + struct virtio_gpu_cmd_submit *cmd_p; + struct virtio_gpu_vbuffer *vbuf; +@@ -1093,7 +1095,8 @@ void virtio_gpu_cmd_submit(struct virtio_gpu_device *vgdev, + + cmd_p->hdr.type = cpu_to_le32(VIRTIO_GPU_CMD_SUBMIT_3D); + cmd_p->hdr.ctx_id = cpu_to_le32(ctx_id); +- cmd_p->size = cpu_to_le32(data_size); ++ cmd_p->size = cpu_to_le32(cmd_size); ++ cmd_p->num_in_fences = cpu_to_le32(num_in_fences); + + virtio_gpu_queue_fenced_ctrl_buffer(vgdev, vbuf, fence); + } +diff --git a/include/uapi/drm/virtgpu_drm.h b/include/uapi/drm/virtgpu_drm.h +index b1d0e56565bc..fd486fdf0441 100644 +--- a/include/uapi/drm/virtgpu_drm.h ++++ b/include/uapi/drm/virtgpu_drm.h +@@ -52,10 +52,12 @@ extern "C" { + #define VIRTGPU_EXECBUF_FENCE_FD_IN 0x01 + #define VIRTGPU_EXECBUF_FENCE_FD_OUT 0x02 + #define VIRTGPU_EXECBUF_RING_IDX 0x04 ++#define VIRTGPU_EXECBUF_SHARED_FENCE 0x08 + #define VIRTGPU_EXECBUF_FLAGS (\ + VIRTGPU_EXECBUF_FENCE_FD_IN |\ + VIRTGPU_EXECBUF_FENCE_FD_OUT |\ + VIRTGPU_EXECBUF_RING_IDX |\ ++ VIRTGPU_EXECBUF_SHARED_FENCE |\ + 0) + + struct drm_virtgpu_map { +@@ -198,6 +200,7 @@ struct drm_virtgpu_resource_create_blob { + #define VIRTGPU_CONTEXT_PARAM_CAPSET_ID 0x0001 + #define VIRTGPU_CONTEXT_PARAM_NUM_RINGS 0x0002 + #define VIRTGPU_CONTEXT_PARAM_POLL_RINGS_MASK 0x0003 ++#define VIRTGPU_CONTEXT_PARAM_FENCE_PASSING 0x0004 + struct drm_virtgpu_context_set_param { + __u64 param; + __u64 value; +diff --git a/include/uapi/linux/virtio_gpu.h b/include/uapi/linux/virtio_gpu.h +index f556fde07b76..c3182c8255cf 100644 +--- a/include/uapi/linux/virtio_gpu.h ++++ b/include/uapi/linux/virtio_gpu.h +@@ -65,6 +65,11 @@ + */ + #define VIRTIO_GPU_F_CONTEXT_INIT 4 + ++/* ++ * VIRTIO_GPU_CMD_SUBMIT_3D ++ */ ++#define VIRTIO_GPU_F_FENCE_PASSING 5 ++ + enum virtio_gpu_ctrl_type { + VIRTIO_GPU_UNDEFINED = 0, + +@@ -133,6 +138,10 @@ enum virtio_gpu_shm_id { + * of the command ring that needs to used when creating the fence + */ + #define VIRTIO_GPU_FLAG_INFO_RING_IDX (1 << 1) ++/* ++ * The fence is shareable between host contexts if flag is set. ++ */ ++#define VIRTIO_GPU_FLAG_FENCE_SHAREABLE (1 << 2) + + struct virtio_gpu_ctrl_hdr { + __le32 type; +@@ -304,7 +313,7 @@ struct virtio_gpu_ctx_resource { + struct virtio_gpu_cmd_submit { + struct virtio_gpu_ctrl_hdr hdr; + __le32 size; +- __le32 padding; ++ __le32 num_in_fences; + }; + + #define VIRTIO_GPU_CAPSET_VIRGL 1 +-- +2.46.0 +