[PATCH v6 00/26] KVM/arm64: Randomise EL2 mappings (variant 3a mitigation)
Marc Zyngier
marc.zyngier at arm.com
Fri Mar 16 11:05:59 PDT 2018
On 16/03/18 17:46, Catalin Marinas wrote:
> On Wed, Mar 14, 2018 at 04:50:23PM +0000, Marc Zyngier wrote:
>> Whilst KVM benefits from the kernel randomisation via KASLR, there is
>> no additional randomisation when the kernel is running at EL1, as we
>> directly use a fixed offset from the linear mapping. This is not
>> necessarily a problem, but we could do a bit better by independently
>> randomizing the HYP placement.
>
> For the rest of the patches in this series:
>
> Acked-by: Catalin Marinas <catalin.marinas at arm.com>
Thanks for that.
> Some points for a future series:
>
> - in bpi.S, drop the __smccc_workaround_1_hvc_start/end as HVC PSCI
> conduit for hyp doesn't make much sense (could pass NULL instead to
> __install_bp_hardening_cb())
>
> - maybe move bpi.S under arch/arm64/kvm/ if it doesn't cause other
> dependency issues in cpu_errata.c
Sure. I'll have a look at a bit of a post-paranoia cleanup next week.
Thanks,
M.
--
Jazz is not dead. It just smells funny...
More information about the linux-arm-kernel
mailing list