1 /*
2  * Copyright 2019 The Hafnium Authors.
3  *
4  * Use of this source code is governed by a BSD-style
5  * license that can be found in the LICENSE file or at
6  * https://opensource.org/licenses/BSD-3-Clause.
7  */
8 
9 #include "hf/arch/vm.h"
10 
11 #include "hypervisor/feature_id.h"
12 
arch_vm_features_set(struct vm * vm)13 void arch_vm_features_set(struct vm *vm)
14 {
15 	/* Features to trap for all VMs. */
16 
17 	/*
18 	 * It is not safe to enable this yet, in part, because the feature's
19 	 * registers are not context switched in Hafnium.
20 	 */
21 	vm->arch.trapped_features |= HF_FEATURE_LOR;
22 
23 	vm->arch.trapped_features |= HF_FEATURE_SPE;
24 
25 	vm->arch.trapped_features |= HF_FEATURE_TRACE;
26 
27 	vm->arch.trapped_features |= HF_FEATURE_DEBUG;
28 
29 	if (vm->id != HF_PRIMARY_VM_ID) {
30 		/* Features to trap only for the secondary VMs. */
31 
32 		vm->arch.trapped_features |= HF_FEATURE_PERFMON;
33 
34 		/*
35 		 * TODO(b/132395845): Access to RAS registers is not trapped at
36 		 * the moment for the primary VM, only for the secondaries. RAS
37 		 * register access isn't needed now, but it might be
38 		 * required for debugging. When Hafnium introduces debug vs
39 		 * release builds, trap accesses for primary VMs in release
40 		 * builds, but do not trap them in debug builds.
41 		 */
42 		vm->arch.trapped_features |= HF_FEATURE_RAS;
43 
44 		/*
45 		 * The PAuth mechanism holds state in the key registers. Only
46 		 * the primary VM is allowed to use the PAuth functionality for
47 		 * now. This prevents Hafnium from having to save/restore the
48 		 * key register on a VM switch.
49 		 */
50 		vm->arch.trapped_features |= HF_FEATURE_PAUTH;
51 	}
52 }
53