tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

KVM: arm64: Hide CNTHV_*_EL2 from userspace for nVHE guests

Although we correctly UNDEF any CNTHV_*_EL2 access from the guest
when E2H==0, we still expose these registers to userspace, which
is a bad idea.

Drop the ad-hoc UNDEF injection and switch to a .visibility()
callback which will also hide the register from userspace.

Fixes: 0e45981028550 ("KVM: arm64: timer: Don't adjust the EL2 virtual timer offset")
Signed-off-by: Marc Zyngier <maz@kernel.org>

Marc Zyngier 4cab5c85 164ecbf7

+13 -13
+13 -13
arch/arm64/kvm/sys_regs.c
··· 1594 1594 return true; 1595 1595 } 1596 1596 1597 - static bool access_hv_timer(struct kvm_vcpu *vcpu, 1598 - struct sys_reg_params *p, 1599 - const struct sys_reg_desc *r) 1600 - { 1601 - if (!vcpu_el2_e2h_is_set(vcpu)) 1602 - return undef_access(vcpu, p, r); 1603 - 1604 - return access_arch_timer(vcpu, p, r); 1605 - } 1606 - 1607 1597 static s64 kvm_arm64_ftr_safe_value(u32 id, const struct arm64_ftr_bits *ftrp, 1608 1598 s64 new, s64 cur) 1609 1599 { ··· 2821 2831 return __el2_visibility(vcpu, rd, s1pie_visibility); 2822 2832 } 2823 2833 2834 + static unsigned int cnthv_visibility(const struct kvm_vcpu *vcpu, 2835 + const struct sys_reg_desc *rd) 2836 + { 2837 + if (vcpu_has_nv(vcpu) && 2838 + !vcpu_has_feature(vcpu, KVM_ARM_VCPU_HAS_EL2_E2H0)) 2839 + return 0; 2840 + 2841 + return REG_HIDDEN; 2842 + } 2843 + 2824 2844 static bool access_mdcr(struct kvm_vcpu *vcpu, 2825 2845 struct sys_reg_params *p, 2826 2846 const struct sys_reg_desc *r) ··· 3691 3691 EL2_REG(CNTHP_CTL_EL2, access_arch_timer, reset_val, 0), 3692 3692 EL2_REG(CNTHP_CVAL_EL2, access_arch_timer, reset_val, 0), 3693 3693 3694 - { SYS_DESC(SYS_CNTHV_TVAL_EL2), access_hv_timer }, 3695 - EL2_REG(CNTHV_CTL_EL2, access_hv_timer, reset_val, 0), 3696 - EL2_REG(CNTHV_CVAL_EL2, access_hv_timer, reset_val, 0), 3694 + { SYS_DESC(SYS_CNTHV_TVAL_EL2), access_arch_timer, .visibility = cnthv_visibility }, 3695 + EL2_REG_FILTERED(CNTHV_CTL_EL2, access_arch_timer, reset_val, 0, cnthv_visibility), 3696 + EL2_REG_FILTERED(CNTHV_CVAL_EL2, access_arch_timer, reset_val, 0, cnthv_visibility), 3697 3697 3698 3698 { SYS_DESC(SYS_CNTKCTL_EL12), access_cntkctl_el12 }, 3699 3699