Re: [PATCH v2 5/6] KVM: arm64: Handle out-of-bound write to HDCR_EL2.HPMN

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Oliver Upton <oliver.upton@linux.dev>
To: Marc Zyngier <maz@kernel.org>
Cc: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	Joey Gouly <joey.gouly@arm.com>,
	Suzuki K Poulose <suzuki.poulose@arm.com>,
	Zenghui Yu <yuzenghui@huawei.com>
Subject: Re: [PATCH v2 5/6] KVM: arm64: Handle out-of-bound write to HDCR_EL2.HPMN
Date: Wed, 9 Apr 2025 13:29:27 -0700	[thread overview]
Message-ID: <Z_bYp_ow7hGKCZjx@linux.dev> (raw)
In-Reply-To: <20250409160106.6445-6-maz@kernel.org>

HDCR? I thought you gave up on 32-bit a loooong time ago ;-)

On Wed, Apr 09, 2025 at 05:01:05PM +0100, Marc Zyngier wrote:
> We don't really pay attention to what gets written to MDCR_EL2.HPMN,
> and funky guests could play ugly games on us.
> 
> Restrict what gets written there, and limit the number of counters
> to what the PMU is allowed to have.
> 
> Signed-off-by: Marc Zyngier <maz@kernel.org>
> ---
>  arch/arm64/kvm/sys_regs.c | 34 +++++++++++++++++++++++++---------
>  1 file changed, 25 insertions(+), 9 deletions(-)
> 
> diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
> index 00b5396492d51..e53b8f82ca7f8 100644
> --- a/arch/arm64/kvm/sys_regs.c
> +++ b/arch/arm64/kvm/sys_regs.c
> @@ -2571,17 +2571,33 @@ static bool access_mdcr(struct kvm_vcpu *vcpu,
>  			struct sys_reg_params *p,
>  			const struct sys_reg_desc *r)
>  {
> -	u64 old = __vcpu_sys_reg(vcpu, MDCR_EL2);
> +	if (!p->is_write) {
> +		p->regval = __vcpu_sys_reg(vcpu, MDCR_EL2);
> +	} else {

nit: you can do an early return for an emulated read and get rid of a
level of indentation for the write case.

> +		u64 hpmn = FIELD_GET(MDCR_EL2_HPMN, p->regval);
> +		u64 old = __vcpu_sys_reg(vcpu, MDCR_EL2);
> +		u64 val = p->regval;
>  
> -	if (!access_rw(vcpu, p, r))
> -		return false;
> +		/*
> +		 * If HPMN is out of bounds, limit it to what we actually
> +		 * support. This matches the UNKNOWN definition of the field
> +		 * in that case, and keeps the emulation simple. Sort of.
> +		 */
> +		if (hpmn > vcpu->kvm->arch.pmcr_n) {
> +			hpmn = vcpu->kvm->arch.pmcr_n;
> +			u64_replace_bits(val, hpmn, MDCR_EL2_HPMN);
> +		}
>  
> -	/*
> -	 * Request a reload of the PMU to enable/disable the counters affected
> -	 * by HPME.
> -	 */
> -	if ((old ^ __vcpu_sys_reg(vcpu, MDCR_EL2)) & MDCR_EL2_HPME)
> -		kvm_make_request(KVM_REQ_RELOAD_PMU, vcpu);
> +		vcpu_write_sys_reg(vcpu, val, r->reg);
> +
> +		/*
> +		 * Request a reload of the PMU to enable/disable the
> +		 * counters affected by HPME.
> +		 */
> +
> +		if ((old ^ __vcpu_sys_reg(vcpu, MDCR_EL2)) & MDCR_EL2_HPME)
> +			kvm_make_request(KVM_REQ_RELOAD_PMU, vcpu);
> +	}
>  
>  	return true;
>  }
> -- 
> 2.39.2
> 

Thanks,
Oliver

next prev parent reply	other threads:[~2025-04-09 20:29 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-04-09 16:01 [PATCH v2 0/6] KVM: arm64: EL2 PMU handling fixes Marc Zyngier
2025-04-09 16:01 ` [PATCH v2 1/6] KVM: arm64: Fix MDCR_EL2.HPMN reset value Marc Zyngier
2025-04-09 20:21   ` Oliver Upton
2025-04-10 10:54     ` Marc Zyngier
2025-04-10 17:38       ` Oliver Upton
2025-04-09 16:01 ` [PATCH v2 2/6] KVM: arm64: Contextualise the handling of PMCR_EL0.P writes Marc Zyngier
2025-04-09 16:01 ` [PATCH v2 3/6] KVM: arm64: Allow userspace to limit the number of PMU counters for EL2 VMs Marc Zyngier
2025-04-09 20:25   ` Oliver Upton
2025-04-09 16:01 ` [PATCH v2 4/6] KVM: arm64: Don't let userspace write to PMCR_EL0.N when the vcpu has EL2 Marc Zyngier
2025-04-09 16:01 ` [PATCH v2 5/6] KVM: arm64: Handle out-of-bound write to HDCR_EL2.HPMN Marc Zyngier
2025-04-09 20:29   ` Oliver Upton [this message]
2025-04-09 16:01 ` [PATCH v2 6/6] KVM: arm64: Let kvm_vcpu_read_pmcr() return an EL-dependent value for PMCR_EL0.N Marc Zyngier
2025-04-09 20:31 ` [PATCH v2 0/6] KVM: arm64: EL2 PMU handling fixes Oliver Upton
2025-04-11 12:00   ` Marc Zyngier

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Z_bYp_ow7hGKCZjx@linux.dev \
    --to=oliver.upton@linux.dev \
    --cc=joey.gouly@arm.com \
    --cc=kvmarm@lists.linux.dev \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=maz@kernel.org \
    --cc=suzuki.poulose@arm.com \
    --cc=yuzenghui@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.