From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=9x2F=LC=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-16.9 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,
	INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,
	URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CD1CBC47082
	for <linux-arm-kernel@archiver.kernel.org>; Tue,  8 Jun 2021 14:16:05 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 9BD4861078
	for <linux-arm-kernel@archiver.kernel.org>; Tue,  8 Jun 2021 14:16:05 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9BD4861078
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:References:
	Mime-Version:Message-Id:In-Reply-To:Date:Reply-To:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Owner;
	bh=MyEyG4qsJgB4Me24bxydJabDg64FANSPZEe7N+kjAno=; b=sO5u4s7Hse0rdNkQ/yaxHHOaCn
	BqMKSvEzuTJ00bUh+hnePYc7E6S2qMh8zQS16UNC9WR8dtKIe+YWHndHOyRCZTRo7rP4YwATAK/PO
	3RICL5h4YYyo91GUDIOnqAXd8SzXC4t7ahTwFgLhfPsf/YwfntBjqj6LBabQsJX/VlPnhR4ozxCvd
	0gKra55duWxgByMf6XNOfdcs+G+62lBVEmPGv0OvzdBWEtSdS2H5RN275XIUINivTDlNaIrD1TEAG
	UPaWwDsfPE4ep+fx37XLgPomDyjuDr5gGyFQ3XFhmFVwWC9lf+WHjPuT8obgF5h1bwkdpYR2bCKiS
	arvTmFPg==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux))
	id 1lqcUH-008ok2-Pu; Tue, 08 Jun 2021 14:13:50 +0000
Received: from mail-wr1-x44a.google.com ([2a00:1450:4864:20::44a])
 by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux))
 id 1lqcSh-008nVS-Qw
 for linux-arm-kernel@lists.infradead.org; Tue, 08 Jun 2021 14:12:13 +0000
Received: by mail-wr1-x44a.google.com with SMTP id
 h104-20020adf90710000b029010de8455a3aso9513648wrh.12
 for <linux-arm-kernel@lists.infradead.org>;
 Tue, 08 Jun 2021 07:12:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025;
 h=date:in-reply-to:message-id:mime-version:references:subject:from:to
 :cc; bh=jp6fv0GP5OZMvO++5rX+YJvw+QWeN06SDMdZ+IsoUG0=;
 b=OPGc9RaxdbE4jC3Nv//QuI2Jsufzx1NecG16pksOv0KGZFsu+jQWG8OJ+DQZ/2CDb7
 LFyBKgXQSD1jXRXJSE9x5NaKjdXiIm+GtBtKKFt25YFO9mA79s+SF4YpGXZt1H15X2bx
 2mFt2oQz5XWvE06MsNy05geVWsUOMK7e0gvwzyMUMRKcY1GxXVSD6ET7BGv21Oo48p9W
 0QAvnB+NR2k52p+qiGx5aDr2ji0pztzmJJSg2gFz9Pxhn4VuD9KJA1FYmyETBfmJXzGS
 5o7NPPmVj1Nr/w/77PeoiO4acbt0s0rishsN36LfTVHRZVejvma+yDt8LCXCv2Q7Its8
 oHwQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:in-reply-to:message-id:mime-version
 :references:subject:from:to:cc;
 bh=jp6fv0GP5OZMvO++5rX+YJvw+QWeN06SDMdZ+IsoUG0=;
 b=Zmm8kAk19mEOU542vu4AFq/UN7AcFIAqqpbhffRAozRcKnif2cGGIL+1KpwF0NagXW
 AXpEFKjXAJZIb8jBrTxbxMPLjee6TEkpsKF7kQKR8pwxpbktoYle6se8X2Dff8L1xWbP
 bwIlfNemh7pA2dYWMFlCuXBfBoE+S9NuBODDZ4my+2OwSaWyqFPXawi9gDx+7puEW66d
 hVl4LxadtDuJ2FUEcq4hqFEdBgK4X4QMFWrDSYNNboBnGbSY0TBjSmoqSxudB8OrTBMO
 nr+UzcfN6qiuUJ6MoiSEktOhgAH3U1pQE5zwGOFDdTRCKJ5FiGIwXiazCD2C/yyha3H/
 xFMg==
X-Gm-Message-State: AOAM531NCUkaVUsS6EeCw8UTwwsTjSJtC4HN+p8F4+UTivwQErr/3g3c
 4jQBLNXpUUrIR/o3+g/ztGrgnmmjIQ==
X-Google-Smtp-Source: ABdhPJyHhizcjmweSCmSoFGB2PMDem+2OK12rFn1TS9WE8cTt6h356mgLMjU2sM0rpQ3SM5oD2nnES3tfw==
X-Received: from tabba.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:482])
 (user=tabba job=sendgmr) by 2002:a7b:cc8f:: with SMTP id
 p15mr4535235wma.111.1623161528421; 
 Tue, 08 Jun 2021 07:12:08 -0700 (PDT)
Date: Tue,  8 Jun 2021 15:11:40 +0100
In-Reply-To: <20210608141141.997398-1-tabba@google.com>
Message-Id: <20210608141141.997398-13-tabba@google.com>
Mime-Version: 1.0
References: <20210608141141.997398-1-tabba@google.com>
X-Mailer: git-send-email 2.32.0.rc1.229.g3e70b5a671-goog
Subject: [PATCH v1 12/13] KVM: arm64: Handle protected guests at 32 bits
From: Fuad Tabba <tabba@google.com>
To: kvmarm@lists.cs.columbia.edu
Cc: maz@kernel.org, will@kernel.org, james.morse@arm.com, 
 alexandru.elisei@arm.com, suzuki.poulose@arm.com, mark.rutland@arm.com, 
 christoffer.dall@arm.com, pbonzini@redhat.com, qperret@google.com, 
 kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, 
 kernel-team@android.com, tabba@google.com
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20210608_071211_912609_7943A187 
X-CRM114-Status: GOOD (  16.53  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Protected KVM does not support protected AArch32 guests. However,
it is possible for the guest to force run AArch32, potentially
causing problems. Add an extra check so that if the hypervisor
catches the guest doing that, it can prevent the guest from
running again by resetting vcpu->arch.target and returning
ARM_EXCEPTION_IL.

Adapted from commit 22f553842b14 ("KVM: arm64: Handle Asymmetric
AArch32 systems")

Signed-off-by: Fuad Tabba <tabba@google.com>
---
 arch/arm64/kvm/hyp/include/hyp/switch.h | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/arch/arm64/kvm/hyp/include/hyp/switch.h b/arch/arm64/kvm/hyp/include/hyp/switch.h
index d9f087ed6e02..672801f79579 100644
--- a/arch/arm64/kvm/hyp/include/hyp/switch.h
+++ b/arch/arm64/kvm/hyp/include/hyp/switch.h
@@ -447,6 +447,26 @@ static inline bool fixup_guest_exit(struct kvm_vcpu *vcpu, u64 *exit_code)
 			write_sysreg_el2(read_sysreg_el2(SYS_ELR) - 4, SYS_ELR);
 	}
 
+	/*
+	 * Protected VMs are not allowed to run in AArch32. The check below is
+	 * based on the one in kvm_arch_vcpu_ioctl_run().
+	 * The ARMv8 architecture doesn't give the hypervisor a mechanism to
+	 * prevent a guest from dropping to AArch32 EL0 if implemented by the
+	 * CPU. If the hypervisor spots a guest in such a state ensure it is
+	 * handled, and don't trust the host to spot or fix it.
+	 */
+	if (unlikely(is_nvhe_hyp_code() &&
+		     kvm_vm_is_protected(kern_hyp_va(vcpu->kvm)) &&
+		     vcpu_mode_is_32bit(vcpu))) {
+		/*
+		 * As we have caught the guest red-handed, decide that it isn't
+		 * fit for purpose anymore by making the vcpu invalid.
+		 */
+		vcpu->arch.target = -1;
+		*exit_code = ARM_EXCEPTION_IL;
+		goto exit;
+	}
+
 	/*
 	 * We're using the raw exception code in order to only process
 	 * the trap if no SError is pending. We will come back to the
-- 
2.32.0.rc1.229.g3e70b5a671-goog


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel