[PATCH v5 4/7] KVM: arm64: Fix missing traps of guest accesses to the MPAM registers
Oliver Upton
oliver.upton at linux.dev
Wed Oct 16 17:10:17 PDT 2024
Hi Joey,
On Tue, Oct 15, 2024 at 02:39:20PM +0100, Joey Gouly wrote:
> +static inline void __activate_traps_mpam(struct kvm_vcpu *vcpu)
> +{
> + u64 r = MPAM2_EL2_TRAPMPAM0EL1 | MPAM2_EL2_TRAPMPAM1EL1;
> +
> + if (!cpus_support_mpam())
> + return;
> +
> + /* trap guest access to MPAMIDR_EL1 */
> + if (mpam_cpus_have_mpam_hcr()) {
> + write_sysreg_s(MPAMHCR_EL2_TRAP_MPAMIDR_EL1, SYS_MPAMHCR_EL2);
> + } else {
> + /* From v1.1 TIDR can trap MPAMIDR, set it unconditionally */
> + r |= MPAM2_EL2_TIDR;
> + }
> +
> + write_sysreg_s(r, SYS_MPAM2_EL2);
> +}
> +
> +static inline void __deactivate_traps_mpam(void)
> +{
> + if (!cpus_support_mpam())
> + return;
> +
> + write_sysreg_s(0, SYS_MPAM2_EL2);
> +
> + if (mpam_cpus_have_mpam_hcr())
> + write_sysreg_s(MPAMHCR_HOST_FLAGS, SYS_MPAMHCR_EL2);
> +}
TBH, I think our trap configuration should *not* be conditioned on
CONFIG_ARM64_MPAM. Otherwise we're silently allowing the guest to change
things under the nose of KVM/host kernel, assuming an unkind firmware
that left the EL2 trap configuration in a permissive state.
WDYT about detecting the feature && enforcing traps regardless of the Kconfig?
--
Thanks,
Oliver
More information about the linux-arm-kernel
mailing list