[PATCH v7 05/38] KVM: arm64: Prohibit modifying values of ID regs for 32bit EL1 guests

[Reiji Watanabe]

Prohibit userspace from modifying values of ID registers.
(Don't support configurable ID registers for 32bit EL1 guests)

NOTE: The following patches will enable trapping disabled features
only based on values of AArch64 ID registers for the guest expecting
userspace to make AArch32 ID registers consistent with the AArch64
ones (Otherwise, it will be a userspace bug).  Supporting 32bit EL1
guests will require that KVM will not enable trapping based on values
of AArch64 ID registers (and should enable trapping based on the
AArch32 ID registers when possible).

Signed-off-by: Reiji Watanabe <reijiw at google.com>
---
 arch/arm64/kvm/sys_regs.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index b19e14a1206a..bc06570523f4 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -1537,6 +1537,10 @@ static int __set_id_reg(struct kvm_vcpu *vcpu,
 	if (raz)
 		return -EINVAL;
 
+	/* Don't allow to modify the register's value for the 32bit EL1 guest */
+	if (test_bit(KVM_ARCH_FLAG_EL1_32BIT, &vcpu->kvm->arch.flags))
+		return -EPERM;
+
 	/*
 	 * Don't allow to modify the register's value if the register doesn't
 	 * have the id_reg_desc.
-- 
2.36.0.rc0.470.gd361397f0d-goog