From: Sasha Levin <sashal@kernel.org>
To: stable@vger.kernel.org
Cc: Joey Gouly <joey.gouly@arm.com>, Sasha Levin <sashal@kernel.org>
Subject: Re: [PATCH 6.6 v1] KVM: arm64: Disable MPAM visibility by default and ignore VMM writes
Date: Thu, 12 Dec 2024 12:57:28 -0500 [thread overview]
Message-ID: <20241212125342-c1db4ded4bf98912@stable.kernel.org> (raw)
In-Reply-To: <20241212151406.1436382-1-joey.gouly@arm.com>
[ Sasha's backport helper bot ]
Hi,
The upstream commit SHA1 provided is correct: 6685f5d572c22e1003e7c0d089afe1c64340ab1f
WARNING: Author mismatch between patch and upstream commit:
Backport author: Joey Gouly <joey.gouly@arm.com>
Commit author: James Morse <james.morse@arm.com>
Status in newer kernel trees:
6.12.y | Not found
6.6.y | Not found
Note: The patch differs from the upstream commit:
---
1: 6685f5d572c22 ! 1: d125d9a972e48 KVM: arm64: Disable MPAM visibility by default and ignore VMM writes
@@ Metadata
## Commit message ##
KVM: arm64: Disable MPAM visibility by default and ignore VMM writes
+ commit 6685f5d572c22e1003e7c0d089afe1c64340ab1f upstream.
+
commit 011e5f5bf529f ("arm64/cpufeature: Add remaining feature bits in
ID_AA64PFR0 register") exposed the MPAM field of AA64PFR0_EL1 to guests,
but didn't add trap handling. A previous patch supplied the missing trap
@@ Commit message
Reviewed-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20241030160317.2528209-7-joey.gouly@arm.com
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>
+ [ joey: fixed up merge conflict, no ID_FILTERED macro in 6.6 ]
+ Signed-off-by: Joey Gouly <joey.gouly@arm.com>
+ Cc: stable@vger.kernel.org # 6.6.x
+ Cc: Vitaly Chikunov <vt@altlinux.org>
+ Link: https://lore.kernel.org/linux-arm-kernel/20241202045830.e4yy3nkvxtzaybxk@altlinux.org/
## arch/arm64/kvm/sys_regs.c ##
@@ arch/arm64/kvm/sys_regs.c: static u64 __kvm_read_sanitised_id_reg(const struct kvm_vcpu *vcpu,
- val &= ~ARM64_FEATURE_MASK(ID_AA64PFR1_EL1_MTEX);
- val &= ~ARM64_FEATURE_MASK(ID_AA64PFR1_EL1_DF2);
- val &= ~ARM64_FEATURE_MASK(ID_AA64PFR1_EL1_PFAR);
+ val &= ~ARM64_FEATURE_MASK(ID_AA64PFR1_EL1_MTE);
+
+ val &= ~ARM64_FEATURE_MASK(ID_AA64PFR1_EL1_SME);
+ val &= ~ARM64_FEATURE_MASK(ID_AA64PFR1_EL1_MPAM_frac);
break;
- case SYS_ID_AA64PFR2_EL1:
- /* We only expose FPMR */
-@@ arch/arm64/kvm/sys_regs.c: static u64 sanitise_id_aa64pfr0_el1(const struct kvm_vcpu *vcpu, u64 val)
+ case SYS_ID_AA64ISAR1_EL1:
+ if (!vcpu_has_ptrauth(vcpu))
+@@ arch/arm64/kvm/sys_regs.c: static u64 read_sanitised_id_aa64pfr0_el1(struct kvm_vcpu *vcpu,
val &= ~ID_AA64PFR0_EL1_AMU_MASK;
@@ arch/arm64/kvm/sys_regs.c: static u64 sanitise_id_aa64pfr0_el1(const struct kvm_
}
@@ arch/arm64/kvm/sys_regs.c: static int set_id_dfr0_el1(struct kvm_vcpu *vcpu,
+ return set_id_reg(vcpu, rd, val);
}
- static int set_id_aa64pfr0_el1(struct kvm_vcpu *vcpu,
-- const struct sys_reg_desc *rd, u64 val)
++static int set_id_aa64pfr0_el1(struct kvm_vcpu *vcpu,
+ const struct sys_reg_desc *rd, u64 user_val)
- {
-- return set_id_reg(vcpu, rd, val);
++{
+ u64 hw_val = read_sanitised_ftr_reg(SYS_ID_AA64PFR0_EL1);
+ u64 mpam_mask = ID_AA64PFR0_EL1_MPAM_MASK;
+
@@ arch/arm64/kvm/sys_regs.c: static int set_id_dfr0_el1(struct kvm_vcpu *vcpu,
+ user_val &= ~ID_AA64PFR1_EL1_MPAM_frac_MASK;
+
+ return set_id_reg(vcpu, rd, user_val);
- }
-
++}
++
/*
+ * cpufeature ID register user accessors
+ *
@@ arch/arm64/kvm/sys_regs.c: static const struct sys_reg_desc sys_reg_descs[] = {
- ID_AA64PFR0_EL1_RAS |
- ID_AA64PFR0_EL1_AdvSIMD |
- ID_AA64PFR0_EL1_FP)),
-- ID_WRITABLE(ID_AA64PFR1_EL1, ~(ID_AA64PFR1_EL1_PFAR |
-+ ID_FILTERED(ID_AA64PFR1_EL1, id_aa64pfr1_el1,
-+ ~(ID_AA64PFR1_EL1_PFAR |
- ID_AA64PFR1_EL1_DF2 |
- ID_AA64PFR1_EL1_MTEX |
- ID_AA64PFR1_EL1_THE |
+ { SYS_DESC(SYS_ID_AA64PFR0_EL1),
+ .access = access_id_reg,
+ .get_user = get_id_reg,
+- .set_user = set_id_reg,
++ .set_user = set_id_aa64pfr0_el1,
+ .reset = read_sanitised_id_aa64pfr0_el1,
+ .val = ID_AA64PFR0_EL1_CSV2_MASK | ID_AA64PFR0_EL1_CSV3_MASK, },
+- ID_SANITISED(ID_AA64PFR1_EL1),
++ { SYS_DESC(SYS_ID_AA64PFR1_EL1),
++ .access = access_id_reg,
++ .get_user = get_id_reg,
++ .set_user = set_id_aa64pfr1_el1,
++ .reset = kvm_read_sanitised_id_reg, },
+ ID_UNALLOCATED(4,2),
+ ID_UNALLOCATED(4,3),
+ ID_SANITISED(ID_AA64ZFR0_EL1),
---
Results of testing on various branches:
| Branch | Patch Apply | Build Test |
|---------------------------|-------------|------------|
| stable/linux-6.6.y | Success | Success |
next prev parent reply other threads:[~2024-12-12 17:57 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-12 15:14 [PATCH 6.6 v1] KVM: arm64: Disable MPAM visibility by default and ignore VMM writes Joey Gouly
2024-12-12 17:57 ` Sasha Levin [this message]
2024-12-15 9:22 ` Greg KH
2024-12-16 8:51 ` Marc Zyngier
2024-12-17 10:40 ` Joey Gouly
2024-12-19 10:49 ` Vitaly Chikunov
2024-12-16 8:52 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241212125342-c1db4ded4bf98912@stable.kernel.org \
--to=sashal@kernel.org \
--cc=joey.gouly@arm.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.