From: Marc Zyngier <maz@kernel.org>
To: kvm@vger.kernel.org, kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org
Cc: James Morse <james.morse@arm.com>,
Julien Thierry <julien.thierry.kdev@gmail.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Will Deacon <will@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
kernel-team@android.com
Subject: [PATCH 0/3] kvm: arm64: Pointer Authentication handling fixes
Date: Thu, 4 Jun 2020 14:33:51 +0100 [thread overview]
Message-ID: <20200604133354.1279412-1-maz@kernel.org> (raw)
I recently discovered that the Pointer Authentication (PtrAuth)
handling code in KVM is busted, and has been for a while. The main
issue is that the we save the host's keys from a preemptible
context. Things will go wrong at some point.
In order to address this, the first patch move the saving of the
host's keys to vcpu_load(). It is done eagerly, which is a bore, but
is at least safe. This is definitely stable material.
The following two patches are adding an optimisation and a fix for a
corner case: we handle key saving and HCR massaging as a fixup, much
like the FPSIMD code. This subsequently allows us to deal with the
ugly case of a guest enabling PtrAuth despite it not being advertised,
resulting in PAC instructions UNDEF'ing while they should be NOPs.
This has been very lightly tested on a model.
Marc Zyngier (3):
KVM: arm64: Save the host's PtrAuth keys in non-preemptible context
KVM: arm64: Handle PtrAuth traps early
KVM: arm64: Enforce PtrAuth being disabled if not advertized
arch/arm64/include/asm/kvm_emulate.h | 6 ---
arch/arm64/kvm/arm.c | 3 +-
arch/arm64/kvm/handle_exit.c | 38 ---------------
arch/arm64/kvm/hyp/switch.c | 73 ++++++++++++++++++++++++++++
arch/arm64/kvm/sys_regs.c | 13 ++---
5 files changed, 80 insertions(+), 53 deletions(-)
--
2.26.2
next reply other threads:[~2020-06-04 13:34 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-04 13:33 Marc Zyngier [this message]
2020-06-04 13:33 ` [PATCH 1/3] KVM: arm64: Save the host's PtrAuth keys in non-preemptible context Marc Zyngier
2020-06-04 15:04 ` Mark Rutland
2020-06-04 13:33 ` [PATCH 2/3] KVM: arm64: Handle PtrAuth traps early Marc Zyngier
2020-06-04 15:23 ` Mark Rutland
2020-06-04 13:33 ` [PATCH 3/3] KVM: arm64: Enforce PtrAuth being disabled if not advertized Marc Zyngier
2020-06-04 15:39 ` Mark Rutland
2020-06-09 7:38 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200604133354.1279412-1-maz@kernel.org \
--to=maz@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=julien.thierry.kdev@gmail.com \
--cc=kernel-team@android.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox