From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E72E6C0219B for ; Tue, 11 Feb 2025 13:43:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type:MIME-Version: References:In-Reply-To:Subject:Cc:To:From:Message-ID:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=JuP9fP2XRb1+24yn1EHAvc/TxpCcCG+SZZn6hhkVLEg=; b=u4JmbsIqxskwL965miplj0dTZz jfQqZozDFxD9k1Lo/dFoV72lb09evXU3CQdlGUqnkwlYztr0gYyr6dlJyhxqvmtD2IH/M2RiEOxiK 9ICM/BU/75GKxsjc/m2M9WZNHAEc4WD1RlA41ZDQzgnRe+slRKIuEtnFmYcYVs0Wxv1mEtYk8mMY6 w8OPpnDw4dDESvF73Cj5p25gX2/13WU1h1tUy67UIvh1nnwyW7OGMnz5K3e04FVB8AFMmOATDkDQf DZiAtnfCwr+1IAf85Tm+soVEvk3PP+j3BzDN8o5shVSSD2AqhRN//Iw1QJtqDTl3yqnxU7bDpcNvx 3NUY8NLg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1thqXK-00000003zhN-3K94; Tue, 11 Feb 2025 13:42:50 +0000 Received: from dfw.source.kernel.org ([2604:1380:4641:c500::1]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1thqQg-00000003ycO-2NZ7 for linux-arm-kernel@lists.infradead.org; Tue, 11 Feb 2025 13:35:59 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 7CCEB5C196E; Tue, 11 Feb 2025 13:35:18 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C345BC4CEDD; Tue, 11 Feb 2025 13:35:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1739280957; bh=SOkeI7e4t7VteXwUDNB3ih1umv3f81KKWpOhokFRJ4o=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=UFGXf+UU8Go34ieuiGYzF9Ku/oztMGyBSVkItjb/LtuyTozGAxUocGlhexvkZyqjS dwu6XgWWVpvAZ7QXbqSUwClg6RSg6jX86OQG8+VbcRYAodA5aZDvXcvxjRP5nVSZyD C1jPs/96kOQGDdDCYnJ0pB86m9yE6jR9jR9CkFWh0ULdQ4JnCuj/zlSOK/hYGHl5yw Mj+SgseSvMRxOcCnjzYUxMv9RSLxl9TUzztA/b/0a4tjsT9o1bWy+C8Xtdy2wdFSr3 lD7867EcBXHbXuh76BcUVH9dFB+n9WfeiFDk1WBmcn1bcB9NitUQ2qnX6MSzptcZvC nR3GT/USbVgIA== Received: from sofa.misterjones.org ([185.219.108.64] helo=goblin-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1thqQd-002zeP-9F; Tue, 11 Feb 2025 13:35:55 +0000 Date: Tue, 11 Feb 2025 13:35:54 +0000 Message-ID: <861pw4txhh.wl-maz@kernel.org> From: Marc Zyngier To: Mark Rutland Cc: kvmarm@lists.linux.dev, kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, Joey Gouly , Suzuki K Poulose , Oliver Upton , Zenghui Yu , Fuad Tabba Subject: Re: [PATCH 06/18] KVM: arm64: Plug FEAT_GCS handling In-Reply-To: References: <20250210184150.2145093-1-maz@kernel.org> <20250210184150.2145093-7-maz@kernel.org> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/29.4 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: mark.rutland@arm.com, kvmarm@lists.linux.dev, kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, joey.gouly@arm.com, suzuki.poulose@arm.com, oliver.upton@linux.dev, yuzenghui@huawei.com, tabba@google.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250211_053558_693602_04B021A6 X-CRM114-Status: GOOD ( 24.23 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Tue, 11 Feb 2025 12:36:35 +0000, Mark Rutland wrote: > > On Mon, Feb 10, 2025 at 06:41:37PM +0000, Marc Zyngier wrote: > > We don't seem to be handling the GCS-specific exception class. > > Handle it by delivering an UNDEF to the guest, and populate the > > relevant trap bits. > > > > Signed-off-by: Marc Zyngier > > --- > > arch/arm64/kvm/handle_exit.c | 11 +++++++++++ > > arch/arm64/kvm/sys_regs.c | 8 ++++++++ > > 2 files changed, 19 insertions(+) > > > > diff --git a/arch/arm64/kvm/handle_exit.c b/arch/arm64/kvm/handle_exit.c > > index 4f8354bf7dc5f..624a78a99e38a 100644 > > --- a/arch/arm64/kvm/handle_exit.c > > +++ b/arch/arm64/kvm/handle_exit.c > > @@ -294,6 +294,16 @@ static int handle_svc(struct kvm_vcpu *vcpu) > > return 1; > > } > > > > +static int kvm_handle_gcs(struct kvm_vcpu *vcpu) > > +{ > > + /* We don't expect GCS, so treat it with contempt */ > > + if (kvm_has_feat(vcpu->kvm, ID_AA64PFR1_EL1, GCS, IMP)) > > + WARN_ON_ONCE(1); > > Just to check / better my understanging, do we enforce that this can't > be exposed to the guest somewhere? > > I see __kvm_read_sanitised_id_reg() masks it out, and the sys_reg_descs > table has it filtered, but I'm not immediately sure whether that > prevents host userspace maliciously setting this? On writing to the idreg, you end-up in set_id_aa64pfr1_el1(), which calls into set_id_reg(). There, arm64_check_features() compares each and every feature in that register with the mask and limits that have been established. Since GCS is not part of the writable mask, and that it has been disabled, the only valid value for ID_AA64PFR1_EL1.GCS is 0. A non-zero value provided by userspace will be caught by the last check in arm64_check_features(), and an error be returned. HTH, M. -- Without deviation from the norm, progress is not possible.