From: Nicholas Piggin <npiggin@gmail.com>
To: qemu-devel@nongnu.org
Cc: "Nicholas Piggin" <npiggin@gmail.com>,
qemu-ppc@nongnu.org, "Harsh Prateek Bora" <harshpb@linux.ibm.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>
Subject: [PULL 66/72] spapr: Generate random HASHPKEYR for spapr machines
Date: Tue, 11 Mar 2025 22:58:00 +1000 [thread overview]
Message-ID: <20250311125815.903177-67-npiggin@gmail.com> (raw)
In-Reply-To: <20250311125815.903177-1-npiggin@gmail.com>
The hypervisor is expected to create a value for the HASHPKEY SPR for
each partition. Currently it uses zero for all partitions, use a
random number instead, which in theory might make kernel ROP protection
more secure.
Signed-of-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241219034035.1826173-4-npiggin@gmail.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
hw/ppc/spapr.c | 3 +++
hw/ppc/spapr_cpu_core.c | 2 ++
include/hw/ppc/spapr.h | 1 +
3 files changed, 6 insertions(+)
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index fcd2ca515c..a415e51d07 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -2917,6 +2917,9 @@ static void spapr_machine_init(MachineState *machine)
spapr_ovec_set(spapr->ov5, OV5_XIVE_EXPLOIT);
}
+ qemu_guest_getrandom_nofail(&spapr->hashpkey_val,
+ sizeof(spapr->hashpkey_val));
+
/* init CPUs */
spapr_init_cpus(spapr);
diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c
index 9e0e0648a7..0671d9e44b 100644
--- a/hw/ppc/spapr_cpu_core.c
+++ b/hw/ppc/spapr_cpu_core.c
@@ -273,6 +273,8 @@ static bool spapr_realize_vcpu(PowerPCCPU *cpu, SpaprMachineState *spapr,
env->spr_cb[SPR_PIR].default_value = cs->cpu_index;
env->spr_cb[SPR_TIR].default_value = thread_index;
+ env->spr_cb[SPR_HASHPKEYR].default_value = spapr->hashpkey_val;
+
cpu_ppc_set_1lpar(cpu);
/* Set time-base frequency to 512 MHz. vhyp must be set first. */
diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h
index d227f0b94b..39bd5bd5ed 100644
--- a/include/hw/ppc/spapr.h
+++ b/include/hw/ppc/spapr.h
@@ -203,6 +203,7 @@ struct SpaprMachineState {
uint32_t fdt_initial_size;
void *fdt_blob;
uint8_t fdt_rng_seed[32];
+ uint64_t hashpkey_val;
long kernel_size;
bool kernel_le;
uint64_t kernel_addr;
--
2.47.1
next prev parent reply other threads:[~2025-03-11 13:15 UTC|newest]
Thread overview: 83+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-11 12:56 [PULL 00/72] ppc-for-10.0-1 queue Nicholas Piggin
2025-03-11 12:56 ` [PULL 01/72] ppc/ppc405: Remove tests Nicholas Piggin
2025-03-11 12:56 ` [PULL 02/72] ppc/ppc405: Remove boards Nicholas Piggin
2025-03-11 12:56 ` [PULL 03/72] hw/ppc: Deprecate 405 CPUs Nicholas Piggin
2025-03-11 12:56 ` [PULL 04/72] ppc/pnv: Update skiboot to 7.1-106 Nicholas Piggin
2025-03-11 12:56 ` [PULL 05/72] pseries: Update SLOF firmware image Nicholas Piggin
2025-03-11 12:57 ` [PULL 06/72] ppc/pnv/phb4: Add pervasive chiplet support to PHB4/5 Nicholas Piggin
2025-03-11 12:57 ` [PULL 07/72] ppc/pnv/homer: Fix OCC registers Nicholas Piggin
2025-03-11 12:57 ` [PULL 08/72] ppc/pnv/homer: Make dummy reads return 0 Nicholas Piggin
2025-03-11 12:57 ` [PULL 09/72] ppc/pnv/occ: Fix common area sensor offsets Nicholas Piggin
2025-03-13 7:57 ` Michael Tokarev
2025-03-11 12:57 ` [PULL 10/72] ppc/pnv/homer: class-based base and size Nicholas Piggin
2025-03-11 12:57 ` [PULL 11/72] ppc/pnv/occ: Better document OCCMISC bits Nicholas Piggin
2025-03-11 12:57 ` [PULL 12/72] ppc/pnv: Make HOMER memory a RAM region Nicholas Piggin
2025-03-11 12:57 ` [PULL 13/72] ppc/pnv/occ: Update pstate frequency tables Nicholas Piggin
2025-03-11 12:57 ` [PULL 14/72] ppc/pnv/occ: Add POWER10 OCC-OPAL data format Nicholas Piggin
2025-03-11 12:57 ` [PULL 15/72] ppc/pnv/occ: Implement a basic dynamic OCC model Nicholas Piggin
2025-03-11 12:57 ` [PULL 16/72] target/ppc: Add Power9/10 power management SPRs Nicholas Piggin
2025-03-11 12:57 ` [PULL 17/72] ppc/pnv: Support LPC host controller irqs other than serirqs Nicholas Piggin
2025-03-11 12:57 ` [PULL 18/72] ppc/pnv: raise no-response errors if an LPC transaction fails Nicholas Piggin
2025-03-11 12:57 ` [PULL 19/72] ppc/pnv: Implement LPC FW address space IDSEL Nicholas Piggin
2025-03-11 12:57 ` [PULL 20/72] ppc/pnv: Move PNOR to offset 0 in the ISA FW space Nicholas Piggin
2025-03-11 12:57 ` [PULL 21/72] ppc/pnv: Add a PNOR address and size sanity checks Nicholas Piggin
2025-03-11 12:57 ` [PULL 22/72] ppc/pnv: Add a default formatted PNOR image Nicholas Piggin
2025-03-11 12:57 ` [PULL 23/72] ppc/xive2: Update NVP save/restore for group attributes Nicholas Piggin
2025-03-11 12:57 ` [PULL 24/72] ppc/xive: Rename ipb_to_pipr() to xive_ipb_to_pipr() Nicholas Piggin
2025-03-11 12:57 ` [PULL 25/72] ppc/xive2: Add grouping level to notification Nicholas Piggin
2025-03-11 12:57 ` [PULL 26/72] ppc/xive2: Support group-matching when looking for target Nicholas Piggin
2025-03-11 12:57 ` [PULL 27/72] ppc/xive2: Add undelivered group interrupt to backlog Nicholas Piggin
2025-03-11 12:57 ` [PULL 28/72] ppc/xive2: Process group backlog when pushing an OS context Nicholas Piggin
2025-03-11 12:57 ` [PULL 29/72] ppc/xive2: Process group backlog when updating the CPPR Nicholas Piggin
2025-03-11 12:57 ` [PULL 30/72] qtest/xive: Add group-interrupt test Nicholas Piggin
2025-03-11 12:57 ` [PULL 31/72] ppc/xive2: Add support for MMIO operations on the NVPG/NVC BAR Nicholas Piggin
2025-03-11 12:57 ` [PULL 32/72] ppc/xive2: Support crowd-matching when looking for target Nicholas Piggin
2025-03-11 12:57 ` [PULL 33/72] pnv/xive2: Rename nvp_ to nvx_ if they can refer to NVP or NVGC Nicholas Piggin
2025-03-11 12:57 ` [PULL 34/72] ppc/xive2: Check crowd backlog when scanning group backlog Nicholas Piggin
2025-03-11 12:57 ` [PULL 35/72] qtest/xive: Change printf to g_test_message Nicholas Piggin
2025-03-11 12:57 ` [PULL 36/72] qtest/xive: Add test of pool interrupts Nicholas Piggin
2025-03-11 12:57 ` [PULL 37/72] hw/ssi/pnv_spi: Replace PnvXferBuffer with Fifo8 structure Nicholas Piggin
2025-03-11 12:57 ` [PULL 38/72] hw/ssi/pnv_spi: Use local var seq_index instead of get_seq_index() Nicholas Piggin
2025-03-11 12:57 ` [PULL 39/72] hw/ssi/pnv_spi: Make bus names distinct for each controllers of a socket Nicholas Piggin
2025-03-11 12:57 ` [PULL 40/72] hw/ssi/pnv_spi: Put a limit to RDR match failures Nicholas Piggin
2025-03-11 12:57 ` [PULL 41/72] hw/ppc/spapr: Restrict CONFER hypercall to TCG Nicholas Piggin
2025-03-11 12:57 ` [PULL 42/72] ppc/pnv: Add new PowerPC Special Purpose Registers (RWMR) Nicholas Piggin
2025-03-11 12:57 ` [PULL 43/72] target/ppc: Make ppc_ldl_code() declaration public Nicholas Piggin
2025-03-11 12:57 ` [PULL 44/72] target/ppc: Move TCG specific exception handlers to tcg-excp_helper.c Nicholas Piggin
2025-03-11 12:57 ` [PULL 45/72] target/ppc: Move ppc_ldl_code() " Nicholas Piggin
2025-03-11 12:57 ` [PULL 46/72] target/ppc: Ensure powerpc_mcheck_checkstop() is only called under TCG Nicholas Piggin
2025-03-11 12:57 ` [PULL 47/72] target/ppc: Restrict powerpc_checkstop() to TCG Nicholas Piggin
2025-03-11 12:57 ` [PULL 48/72] target/ppc: Remove raise_exception_ra() Nicholas Piggin
2025-03-11 12:57 ` [PULL 49/72] target/ppc: Restrict exception helpers to TCG Nicholas Piggin
2025-03-11 12:57 ` [PULL 50/72] target/ppc: Restrict various common " Nicholas Piggin
2025-03-11 12:57 ` [PULL 51/72] target/ppc: Fix style in excp_helper.c Nicholas Piggin
2025-03-11 12:57 ` [PULL 52/72] target/ppc: Make powerpc_excp() prototype public Nicholas Piggin
2025-03-11 12:57 ` [PULL 53/72] target/ppc: Restrict ATTN / SCV / PMINSN helpers to TCG Nicholas Piggin
2025-03-11 12:57 ` [PULL 54/72] hw/ppc/spapr: Convert HPTE() macro as hpte_get_ptr() method Nicholas Piggin
2025-03-11 12:57 ` [PULL 55/72] hw/ppc/spapr: Convert HPTE_VALID() macro as hpte_is_valid() method Nicholas Piggin
2025-03-11 12:57 ` [PULL 56/72] hw/ppc/spapr: Convert HPTE_DIRTY() macro as hpte_is_dirty() method Nicholas Piggin
2025-03-11 12:57 ` [PULL 57/72] hw/ppc/spapr: Convert CLEAN_HPTE() macro as hpte_set_clean() method Nicholas Piggin
2025-03-11 12:57 ` [PULL 58/72] hw/ppc/spapr: Convert DIRTY_HPTE() macro as hpte_set_dirty() method Nicholas Piggin
2025-03-11 12:57 ` [PULL 59/72] hw/ppc/epapr: Do not swap ePAPR magic value Nicholas Piggin
2025-03-11 12:57 ` [PULL 60/72] ppc: Enable 2nd DAWR support on Power10 PowerNV machine Nicholas Piggin
2025-03-11 12:57 ` [PULL 61/72] ppc: spapr: Enable 2nd DAWR on Power10 pSeries machine Nicholas Piggin
2025-03-11 12:57 ` [PULL 62/72] spapr: nested: Add support for reporting Hostwide state counter Nicholas Piggin
2025-03-11 12:57 ` [PULL 63/72] target/ppc: fix timebase register reset state Nicholas Piggin
2025-03-11 12:57 ` [PULL 64/72] target/ppc: Wire up BookE ATB registers for e500 family Nicholas Piggin
2025-03-11 12:57 ` [PULL 65/72] target/ppc: Avoid warning message for zero process table entries Nicholas Piggin
2025-03-11 12:58 ` Nicholas Piggin [this message]
2025-03-11 12:58 ` [PULL 67/72] ppc/amigaone: Simplify replacement dummy_fw Nicholas Piggin
2025-03-11 12:58 ` [PULL 68/72] ppc/amigaone: Implement NVRAM emulation Nicholas Piggin
2025-03-11 12:58 ` [PULL 69/72] ppc/amigaone: Add default environment Nicholas Piggin
2025-03-11 12:58 ` [PULL 70/72] ppc/amigaone: Add kernel and initrd support Nicholas Piggin
2025-06-16 10:07 ` Philippe Mathieu-Daudé
2025-06-16 10:38 ` BALATON Zoltan
2025-03-11 12:58 ` [PULL 71/72] ppc/amigaone: Add #defines for memory map constants Nicholas Piggin
2025-03-11 12:58 ` [PULL 72/72] docs/system/ppc/amigang.rst: Update for NVRAM emulation Nicholas Piggin
2025-03-13 2:34 ` [PULL 00/72] ppc-for-10.0-1 queue Stefan Hajnoczi
2025-03-13 6:13 ` Thomas Huth
2025-03-13 10:49 ` Philippe Mathieu-Daudé
2025-03-14 2:34 ` Nicholas Piggin
2025-03-14 6:19 ` Thomas Huth
2025-03-14 2:41 ` Nicholas Piggin
2025-03-13 7:05 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250311125815.903177-67-npiggin@gmail.com \
--to=npiggin@gmail.com \
--cc=harshpb@linux.ibm.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).