arm64/kvm: Prohibit guest LOR accesses

author Mark Rutland <mark.rutland@arm.com>

Tue, 13 Feb 2018 13:39:23 +0000 (13:39 +0000)

committer Christoffer Dall <christoffer.dall@linaro.org>

Mon, 26 Feb 2018 09:48:01 +0000 (10:48 +0100)
author Mark Rutland <mark.rutland@arm.com>
Tue, 13 Feb 2018 13:39:23 +0000 (13:39 +0000)
committer Christoffer Dall <christoffer.dall@linaro.org>
Mon, 26 Feb 2018 09:48:01 +0000 (10:48 +0100)
diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h

index b0c84171e6a315391ad9c04cd008a4d18b45fd2d..1b438c3344639f93234a8e9a56eb90897c1d2698 100644 (file)
--- a/arch/arm64/include/asm/kvm_arm.h
+++ b/arch/arm64/include/asm/kvm_arm.h
@@ -25,6 +25,7 @@
  /* Hyp Configuration Register (HCR) bits */
  #define HCR_TEA                (UL(1) << 37)
  #define HCR_TERR       (UL(1) << 36)
+#define HCR_TLOR       (UL(1) << 35)
  #define HCR_E2H                (UL(1) << 34)
  #define HCR_ID         (UL(1) << 33)
  #define HCR_CD         (UL(1) << 32)
@@ -64,6 +65,7 @@
  
  /*
   * The bits we set in HCR:
+ * TLOR:       Trap LORegion register accesses
   * RW:         64bit by default, can be overridden for 32bit VMs
   * TAC:                Trap ACTLR
   * TSC:                Trap SMC
@@ -81,7 +83,7 @@
   */
  #define HCR_GUEST_FLAGS (HCR_TSC | HCR_TSW | HCR_TWE | HCR_TWI | HCR_VM | \
                          HCR_TVM | HCR_BSU_IS | HCR_FB | HCR_TAC | \
-                        HCR_AMO | HCR_SWIO | HCR_TIDCP | HCR_RW)
+                        HCR_AMO | HCR_SWIO | HCR_TIDCP | HCR_RW | HCR_TLOR)
  #define HCR_VIRT_EXCP_MASK (HCR_VSE | HCR_VI | HCR_VF)
  #define HCR_INT_OVERRIDE   (HCR_FMO | HCR_IMO)
  #define HCR_HOST_VHE_FLAGS (HCR_RW | HCR_TGE | HCR_E2H)
diff --git a/arch/arm64/include/asm/sysreg.h b/arch/arm64/include/asm/sysreg.h

index 0e1960c59197aa581c4c0e1ee4fb1f5558f902f6..69a99856461c0311e8392b6e765459962482f389 100644 (file)
--- a/arch/arm64/include/asm/sysreg.h
+++ b/arch/arm64/include/asm/sysreg.h
@@ -288,6 +288,12 @@
  #define SYS_MAIR_EL1                   sys_reg(3, 0, 10, 2, 0)
  #define SYS_AMAIR_EL1                  sys_reg(3, 0, 10, 3, 0)
  
+#define SYS_LORSA_EL1                  sys_reg(3, 0, 10, 4, 0)
+#define SYS_LOREA_EL1                  sys_reg(3, 0, 10, 4, 1)
+#define SYS_LORN_EL1                   sys_reg(3, 0, 10, 4, 2)
+#define SYS_LORC_EL1                   sys_reg(3, 0, 10, 4, 3)
+#define SYS_LORID_EL1                  sys_reg(3, 0, 10, 4, 7)
+
  #define SYS_VBAR_EL1                   sys_reg(3, 0, 12, 0, 0)
  #define SYS_DISR_EL1                   sys_reg(3, 0, 12, 1, 1)
  
diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S

index 2b6b8b24e5ab99f3c46572094d828b34575bc688..b0853069702f73b1597b3b44d3d5282373a9c47c 100644 (file)
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -577,6 +577,13 @@ set_hcr:
  7:
         msr     mdcr_el2, x3                    // Configure debug traps
  
+       /* LORegions */
+       mrs     x1, id_aa64mmfr1_el1
+       ubfx    x0, x1, #ID_AA64MMFR1_LOR_SHIFT, 4
+       cbz     x0, 1f
+       msr_s   SYS_LORC_EL1, xzr
+1:
+
         /* Stage-2 translation */
         msr     vttbr_el2, xzr
  
diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c

index 50a43c7b97ca0f0a7e38b2e47f3034ecbb75cb9e..55982b565eb2105ce2f497736bd874f1c39ebcaf 100644 (file)
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -175,6 +175,14 @@ static bool trap_raz_wi(struct kvm_vcpu *vcpu,
                 return read_zero(vcpu, p);
  }
  
+static bool trap_undef(struct kvm_vcpu *vcpu,
+                      struct sys_reg_params *p,
+                      const struct sys_reg_desc *r)
+{
+       kvm_inject_undefined(vcpu);
+       return false;
+}
+
  static bool trap_oslsr_el1(struct kvm_vcpu *vcpu,
                            struct sys_reg_params *p,
                            const struct sys_reg_desc *r)
@@ -893,6 +901,12 @@ static u64 read_id_reg(struct sys_reg_desc const *r, bool raz)
                                     task_pid_nr(current));
  
                 val &= ~(0xfUL << ID_AA64PFR0_SVE_SHIFT);
+       } else if (id == SYS_ID_AA64MMFR1_EL1) {
+               if (val & (0xfUL << ID_AA64MMFR1_LOR_SHIFT))
+                       pr_err_once("kvm [%i]: LORegions unsupported for guests, suppressing\n",
+                                   task_pid_nr(current));
+
+               val &= ~(0xfUL << ID_AA64MMFR1_LOR_SHIFT);
         }
  
         return val;
@@ -1178,6 +1192,12 @@ static const struct sys_reg_desc sys_reg_descs[] = {
         { SYS_DESC(SYS_MAIR_EL1), access_vm_reg, reset_unknown, MAIR_EL1 },
         { SYS_DESC(SYS_AMAIR_EL1), access_vm_reg, reset_amair_el1, AMAIR_EL1 },
  
+       { SYS_DESC(SYS_LORSA_EL1), trap_undef },
+       { SYS_DESC(SYS_LOREA_EL1), trap_undef },
+       { SYS_DESC(SYS_LORN_EL1), trap_undef },
+       { SYS_DESC(SYS_LORC_EL1), trap_undef },
+       { SYS_DESC(SYS_LORID_EL1), trap_undef },
+
         { SYS_DESC(SYS_VBAR_EL1), NULL, reset_val, VBAR_EL1, 0 },
         { SYS_DESC(SYS_DISR_EL1), NULL, reset_val, DISR_EL1, 0 },
author	Mark Rutland <mark.rutland@arm.com>
	Tue, 13 Feb 2018 13:39:23 +0000 (13:39 +0000)
committer	Christoffer Dall <christoffer.dall@linaro.org>
	Mon, 26 Feb 2018 09:48:01 +0000 (10:48 +0100)
arch/arm64/include/asm/kvm_arm.h		patch \| blob \| blame \| history
arch/arm64/include/asm/sysreg.h		patch \| blob \| blame \| history
arch/arm64/kernel/head.S		patch \| blob \| blame \| history
arch/arm64/kvm/sys_regs.c		patch \| blob \| blame \| history