[PATCH v12 07/11] KVM: arm64: Use arm64_ftr_bits to sanitise ID register writes
Oliver Upton
oliver.upton at linux.dev
Thu Jun 15 05:45:34 PDT 2023
Hey Marc,
On Thu, Jun 15, 2023 at 01:38:34PM +0100, Marc Zyngier wrote:
> > @@ -1528,11 +1613,31 @@ static int get_id_reg(struct kvm_vcpu *vcpu, const struct sys_reg_desc *rd,
> > static int set_id_reg(struct kvm_vcpu *vcpu, const struct sys_reg_desc *rd,
> > u64 val)
> > {
> > - /* This is what we mean by invariant: you can't change it. */
> > - if (val != read_id_reg(vcpu, rd))
> > - return -EINVAL;
> > + u32 id = reg_to_encoding(rd);
> > + int ret;
> >
> > - return 0;
> > + mutex_lock(&vcpu->kvm->arch.config_lock);
> > +
> > + /*
> > + * Once the VM has started the ID registers are immutable. Reject any
> > + * write that does not match the final register value.
> > + */
> > + if (kvm_vm_has_ran_once(vcpu->kvm)) {
> > + if (val != read_id_reg(vcpu, rd))
> > + ret = -EBUSY;
> > + else
> > + ret = 0;
> > +
> > + mutex_unlock(&vcpu->kvm->arch.config_lock);
> > + return ret;
> > + }
> > +
> > + ret = arm64_check_features(vcpu, rd, val);
> > + if (!ret)
> > + IDREG(vcpu->kvm, id) = val;
> > +
> > + mutex_unlock(&vcpu->kvm->arch.config_lock);
> > + return ret;
>
> ... we now end-up with a *new* error code that userspace was never
> able to see so far.
>
> This may not be a big deal, but I'd rather err on the side of caution
> by keeping the current, slightly less precise error code.
I completely agree, thanks for catching this. There's already enough
deliberate (theorectical) breakage brought about by this series, want to
avoid any unintended fallout :)
I plan on taking this, and I'll apply a fix on top to dumb down the
return.
--
Thanks,
Oliver
More information about the linux-arm-kernel
mailing list