From: Andre Przywara <andre.przywara@arm.com>
To: Marc Zyngier <marc.zyngier@arm.com>,
Christoffer Dall <christoffer.dall@arm.com>
Cc: Dave Martin <dave.martin@arm.com>,
Steven Price <steven.price@arm.com>,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org
Subject: [PATCH v4 2/2] KVM: doc: add API documentation on the KVM_REG_ARM_WORKAROUNDS register
Date: Thu, 28 Feb 2019 17:43:34 -0600 [thread overview]
Message-ID: <20190228234334.20456-3-andre.przywara@arm.com> (raw)
In-Reply-To: <20190228234334.20456-1-andre.przywara@arm.com>
Add documentation for the newly defined firmware registers to save and
restore any vulnerability migitation status.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
---
Documentation/virtual/kvm/arm/psci.txt | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/Documentation/virtual/kvm/arm/psci.txt b/Documentation/virtual/kvm/arm/psci.txt
index aafdab887b04..1ed0f0515cd8 100644
--- a/Documentation/virtual/kvm/arm/psci.txt
+++ b/Documentation/virtual/kvm/arm/psci.txt
@@ -28,3 +28,28 @@ The following register is defined:
- Allows any PSCI version implemented by KVM and compatible with
v0.2 to be set with SET_ONE_REG
- Affects the whole VM (even if the register view is per-vcpu)
+
+* KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1:
+ Holds the state of the firmware controlled workaround to mitigate
+ CVE-2017-5715, as described under SMCCC_ARCH_WORKAROUND_1 in [1].
+ Accepted values are:
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_NOT_AVAIL: Workaround not available.
+ The mitigation status for the guest is unknown.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_AVAIL: The workaround HVC call is
+ available to the guest and required for the mitigation.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_UNAFFECTED: The workaround HVC call
+ is available to the guest, but it is not needed on this VCPU.
+
+* KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2:
+ Holds the state of the firmware controlled workaround to mitigate
+ CVE-2018-3639, as described under SMCCC_ARCH_WORKAROUND_2 in [1].
+ Accepted values are:
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_AVAIL: Workaround not available.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_UNKNOWN: Workaround state unknown.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_AVAIL: Workaround available, and can
+ be disabled by a vCPU. If KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_ENABLED is
+ set, it is active for this vCPU.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_UNAFFECTED: Workaround always active
+ or not needed.
+
+[1] https://developer.arm.com/-/media/developer/pdf/ARM_DEN_0070A_Firmware_interfaces_for_mitigating_CVE-2017-5715.pdf
--
2.17.1
WARNING: multiple messages have this Message-ID (diff)
From: Andre Przywara <andre.przywara@arm.com>
To: Marc Zyngier <marc.zyngier@arm.com>,
Christoffer Dall <christoffer.dall@arm.com>
Cc: Dave Martin <dave.martin@arm.com>,
Steven Price <steven.price@arm.com>,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org
Subject: [PATCH v4 2/2] KVM: doc: add API documentation on the KVM_REG_ARM_WORKAROUNDS register
Date: Thu, 28 Feb 2019 17:43:34 -0600 [thread overview]
Message-ID: <20190228234334.20456-3-andre.przywara@arm.com> (raw)
In-Reply-To: <20190228234334.20456-1-andre.przywara@arm.com>
Add documentation for the newly defined firmware registers to save and
restore any vulnerability migitation status.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
---
Documentation/virtual/kvm/arm/psci.txt | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/Documentation/virtual/kvm/arm/psci.txt b/Documentation/virtual/kvm/arm/psci.txt
index aafdab887b04..1ed0f0515cd8 100644
--- a/Documentation/virtual/kvm/arm/psci.txt
+++ b/Documentation/virtual/kvm/arm/psci.txt
@@ -28,3 +28,28 @@ The following register is defined:
- Allows any PSCI version implemented by KVM and compatible with
v0.2 to be set with SET_ONE_REG
- Affects the whole VM (even if the register view is per-vcpu)
+
+* KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1:
+ Holds the state of the firmware controlled workaround to mitigate
+ CVE-2017-5715, as described under SMCCC_ARCH_WORKAROUND_1 in [1].
+ Accepted values are:
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_NOT_AVAIL: Workaround not available.
+ The mitigation status for the guest is unknown.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_AVAIL: The workaround HVC call is
+ available to the guest and required for the mitigation.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_1_UNAFFECTED: The workaround HVC call
+ is available to the guest, but it is not needed on this VCPU.
+
+* KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2:
+ Holds the state of the firmware controlled workaround to mitigate
+ CVE-2018-3639, as described under SMCCC_ARCH_WORKAROUND_2 in [1].
+ Accepted values are:
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_NOT_AVAIL: Workaround not available.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_UNKNOWN: Workaround state unknown.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_AVAIL: Workaround available, and can
+ be disabled by a vCPU. If KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_ENABLED is
+ set, it is active for this vCPU.
+ KVM_REG_ARM_SMCCC_ARCH_WORKAROUND_2_UNAFFECTED: Workaround always active
+ or not needed.
+
+[1] https://developer.arm.com/-/media/developer/pdf/ARM_DEN_0070A_Firmware_interfaces_for_mitigating_CVE-2017-5715.pdf
--
2.17.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-02-28 23:43 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-28 23:43 [PATCH v4 0/2] KVM: arm/arm64: Add VCPU workarounds firmware register Andre Przywara
2019-02-28 23:43 ` Andre Przywara
2019-02-28 23:43 ` [PATCH v4 1/2] KVM: arm/arm64: Add save/restore support for firmware workaround state Andre Przywara
2019-02-28 23:43 ` Andre Przywara
2019-03-01 14:57 ` Steven Price
2019-03-01 14:57 ` Steven Price
2019-03-21 12:54 ` Auger Eric
2019-03-21 12:54 ` Auger Eric
2019-03-21 17:35 ` Andre Przywara
2019-03-21 17:35 ` Andre Przywara
2019-03-21 18:03 ` Auger Eric
2019-03-21 18:03 ` Auger Eric
2019-04-26 15:07 ` Auger Eric
2019-04-26 15:07 ` Auger Eric
2019-04-26 15:07 ` Auger Eric
2019-04-26 15:07 ` Auger Eric
2019-04-15 12:33 ` Andre Przywara
2019-04-15 12:33 ` Andre Przywara
2019-04-15 12:33 ` Andre Przywara
2019-04-15 12:33 ` Andre Przywara
2019-02-28 23:43 ` Andre Przywara [this message]
2019-02-28 23:43 ` [PATCH v4 2/2] KVM: doc: add API documentation on the KVM_REG_ARM_WORKAROUNDS register Andre Przywara
2019-03-01 15:19 ` Steven Price
2019-03-01 15:19 ` Steven Price
2019-03-21 12:33 ` Auger Eric
2019-03-21 12:33 ` Auger Eric
2019-04-15 12:34 ` Andre Przywara
2019-04-15 12:34 ` Andre Przywara
2019-04-15 12:34 ` Andre Przywara
2019-04-15 12:34 ` Andre Przywara
2019-04-26 15:02 ` Auger Eric
2019-04-26 15:02 ` Auger Eric
2019-04-26 15:02 ` Auger Eric
2019-04-26 15:02 ` Auger Eric
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190228234334.20456-3-andre.przywara@arm.com \
--to=andre.przywara@arm.com \
--cc=christoffer.dall@arm.com \
--cc=dave.martin@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=marc.zyngier@arm.com \
--cc=steven.price@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.