From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ian Campbell <ian.campbell@citrix.com>
Subject: Re: [PATCH 08/19] xen: arm: implement handling of
	ACTLR_EL1 trap
Date: Thu, 16 Apr 2015 17:40:14 +0100
Message-ID: <1429202414.25195.187.camel@citrix.com>
References: <1427796446.2115.34.camel@citrix.com>
	<1427796462-24376-8-git-send-email-ian.campbell@citrix.com>
	<551E98A8.2070803@citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <551E98A8.2070803@citrix.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Julien Grall <julien.grall@citrix.com>
Cc: stefano.stabellini@eu.citrix.com, tim@xen.org, julien.grall@linaro.org, xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

On Fri, 2015-04-03 at 15:42 +0200, Julien Grall wrote:
> Hi Ian,
> 
> On 31/03/2015 12:07, Ian Campbell wrote:
> > While annotating ACTLR I noticed that we don't appear to handle the
> > 64-bit version of this trap. Do so and annotate everything.
> 
> While Linux doesn't use ACTLR_EL1 on aarch64, another OS may use it.
> 
> I'm not sure if we should consider it as a possible security issue as at 
> least the Cortex A53 implements the register RES0.

Without this patch we would end up logging a debug message and injecting
undef into the guest. Since this is an EL1 register all a malicious
guest can do is send itself exceptions.

> 
> > Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
> > ---
> >   xen/arch/arm/traps.c          |   20 ++++++++++++++++++++
> >   xen/include/asm-arm/sysregs.h |    1 +
> >   2 files changed, 21 insertions(+)
> >
> > diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
> > index 70e1b4d..ca43f79 100644
> > --- a/xen/arch/arm/traps.c
> > +++ b/xen/arch/arm/traps.c
> > @@ -1647,6 +1647,13 @@ static void do_cp15_32(struct cpu_user_regs *regs,
> >           if ( !vtimer_emulate(regs, hsr) )
> >               return inject_undef_exception(regs, hsr);
> >           break;
> > +
> > +    /*
> > +     * HSR_EL2.TASC / HSR.TAC
> 
> I don't find any TASC in the ARMv8 doc. Did you intend to say TACR?

Indeed, I did.

> Also it's not HSR but HCR.

Yes, sigh :-(

Ian.