From: Kristina Martsenko <kristina.martsenko@arm.com>
To: stable@vger.kernel.org
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Christoffer Dall <christoffer.dall@arm.com>,
Marc Zyngier <marc.zyngier@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
Will Deacon <will.deacon@arm.com>
Subject: [PATCH 4.4 2/2] arm64: Don't trap host pointer auth use to EL2
Date: Fri, 18 Jan 2019 17:55:54 +0000 [thread overview]
Message-ID: <20190118175554.6359-2-kristina.martsenko@arm.com> (raw)
In-Reply-To: <20190118175554.6359-1-kristina.martsenko@arm.com>
From: Mark Rutland <mark.rutland@arm.com>
[ Backport of upstream commit b3669b1e1c09890d61109a1a8ece2c5b66804714 ]
To allow EL0 (and/or EL1) to use pointer authentication functionality,
we must ensure that pointer authentication instructions and accesses to
pointer authentication keys are not trapped to EL2.
This patch ensures that HCR_EL2 is configured appropriately when the
kernel is booted at EL2. For non-VHE kernels we set HCR_EL2.{API,APK},
ensuring that EL1 can access keys and permit EL0 use of instructions.
For VHE kernels host EL0 (TGE && E2H) is unaffected by these settings,
and it doesn't matter how we configure HCR_EL2.{API,APK}, so we don't
bother setting them.
This does not enable support for KVM guests, since KVM manages HCR_EL2
itself when running VMs.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: kvmarm@lists.cs.columbia.edu
Signed-off-by: Will Deacon <will.deacon@arm.com>
[kristina: backport to 4.4.y: adjust context]
Signed-off-by: Kristina Martsenko <kristina.martsenko@arm.com>
---
arch/arm64/include/asm/kvm_arm.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h
index 013b7de45ee7..d7e7cf56e8d6 100644
--- a/arch/arm64/include/asm/kvm_arm.h
+++ b/arch/arm64/include/asm/kvm_arm.h
@@ -23,6 +23,8 @@
#include <asm/types.h>
/* Hyp Configuration Register (HCR) bits */
+#define HCR_API (UL(1) << 41)
+#define HCR_APK (UL(1) << 40)
#define HCR_ID (UL(1) << 33)
#define HCR_CD (UL(1) << 32)
#define HCR_RW_SHIFT 31
@@ -81,7 +83,7 @@
HCR_AMO | HCR_SWIO | HCR_TIDCP | HCR_RW)
#define HCR_VIRT_EXCP_MASK (HCR_VA | HCR_VI | HCR_VF)
#define HCR_INT_OVERRIDE (HCR_FMO | HCR_IMO)
-#define HCR_HOST_NVHE_FLAGS (HCR_RW)
+#define HCR_HOST_NVHE_FLAGS (HCR_RW | HCR_API | HCR_APK)
/* Hyp System Control Register (SCTLR_EL2) bits */
--
2.11.0
next prev parent reply other threads:[~2019-01-18 17:56 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-18 17:53 Two arm64 patches for stable Kristina Martsenko
2019-01-18 17:55 ` [PATCH 4.4 1/2] arm64/kvm: consistently handle host HCR_EL2 flags Kristina Martsenko
2019-01-18 17:55 ` Kristina Martsenko [this message]
2019-01-18 17:56 ` [PATCH 4.9 " Kristina Martsenko
2019-01-18 17:56 ` [PATCH 4.9 2/2] arm64: Don't trap host pointer auth use to EL2 Kristina Martsenko
2019-01-18 17:56 ` [PATCH 4.14 1/2] arm64/kvm: consistently handle host HCR_EL2 flags Kristina Martsenko
2019-01-18 17:56 ` [PATCH 4.14 2/2] arm64: Don't trap host pointer auth use to EL2 Kristina Martsenko
2019-01-19 2:07 ` Two arm64 patches for stable Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190118175554.6359-2-kristina.martsenko@arm.com \
--to=kristina.martsenko@arm.com \
--cc=catalin.marinas@arm.com \
--cc=christoffer.dall@arm.com \
--cc=marc.zyngier@arm.com \
--cc=mark.rutland@arm.com \
--cc=stable@vger.kernel.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.