From patchwork Fri Mar 18 19:38:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver Upton X-Patchwork-Id: 12785855 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 413F3C433F5 for ; Fri, 18 Mar 2022 19:40:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:References: Mime-Version:Message-Id:In-Reply-To:Date:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=+1jTSS+VU71ggxM5mJ/4MTs50SC7NXnijtn58Me77XI=; b=Db1T/h7twkHtN5BnkVeHyu1cq3 s/6DAhSnaVRN5mME/ECMHnLd3seeHVsWsFRvj9ddfkKcYPOPKuaEPZPiNHAoF0V7e7jJBJ1Ct+Ydl Nwd+DdgUtHsCTT6R6cnrTV7jSRqY3BGo2AAoX43swn7pul6SxcGXDXHmoRyqpxv3qe/G4vjDZjQg0 GSnHJWi+jegZZ0sUx774+elNFuDTXVRWy8f/+gyDuxsKUXlDsrN+XeK55SevUJOnYb2askvwilJl0 00Gw2T5KSXgaEE8Y0Q6R9oYTu8Bfx2tAMgCUWqtrP55Y0bLjayID1tMKnk1QZnzElGicD/AYG03oZ qWejLa0w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nVIRX-002h7x-QI; Fri, 18 Mar 2022 19:39:23 +0000 Received: from mail-yw1-x114a.google.com ([2607:f8b0:4864:20::114a]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nVIRA-002gyH-O4 for linux-arm-kernel@lists.infradead.org; Fri, 18 Mar 2022 19:39:02 +0000 Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-2e5e2dbff22so17284617b3.14 for ; Fri, 18 Mar 2022 12:38:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=A4+XIKos4PkA5PUWtKvp/crs3G2yPwben9yuSUF/Cok=; b=Mxysyu0JPDKhG4fvfBOTuNoi0uy6GPJJRW8Q1jj5BTfHEtrEGp07D5HRNAgDbyExup p3vBZlU07UyIadl0jVDljrOrR6HlGjiE+3NRxbRnRxx58H5vDI0Pf3SXshcd7gsJF/gZ X6SvI37MLemSbp7nqqXGjYR0iQASqxwCAbPULBQ8FDusHE6jmzRYWnQzqnAuEuAJRcUf 9x0bzsdsJns3wBTBKWIKdmXMXgQsoF+iH3xW1UK55spGKFK650l01ZdMNaiN6sDUW2UC Ix+IRacvv6UmIgLLpZw4YGuzsstDVHeLuGqMVaHZc0lbP0aOhF82/tb9aoIA2z3b2Fef 9MTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=A4+XIKos4PkA5PUWtKvp/crs3G2yPwben9yuSUF/Cok=; b=gq3wIRYQQF0YDq9mJ/7F6WU9fyFVXImPTg2n+9mq8cp3W7qaOm3F8zP9iCR7EAW4B2 qsb1xM2gEY7dn8y0g0TmQokCyYgDhP1UrQ7y7HKmeotGhnwqpam6/DzZEFq3EUklCK0L 93YqAMnDAjTNB2pPVNXcXPxQBTmnhJnNLhnzZXyojYbsiD1BXVIc2UMknlFdZPr4H9jT U+RSJbJHgJkzQO27EL8g9SKJIOrxGFWLReSDwN1+LXIQw9knvhSTyFMcCs+Qyh7KleJv pwjiAIMz5dtSuGQXw7TMZ7J55MCNI6+kN9Dw4GbeU8CzVHtkJbScxyjyJksAWD45avTH LP2A== X-Gm-Message-State: AOAM5327NZklMmlWr3/VAKaqpeL92Y3fuF1Qr5n3rF8xv+kDMtN6cZkL 7pSJqFmm9YNAabgMeHQ+7RyfEmdqqTg= X-Google-Smtp-Source: ABdhPJztfEv9sfkm6TJFpaI48HRSsOUCD3lKH1sR2VDcArNkH6v02JyB7zu2cpTG/sDFd+RCzo3Se6/3MzE= X-Received: from oupton.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:404]) (user=oupton job=sendgmr) by 2002:a25:7310:0:b0:633:b888:5639 with SMTP id o16-20020a257310000000b00633b8885639mr5504409ybc.351.1647632331235; Fri, 18 Mar 2022 12:38:51 -0700 (PDT) Date: Fri, 18 Mar 2022 19:38:30 +0000 In-Reply-To: <20220318193831.482349-1-oupton@google.com> Message-Id: <20220318193831.482349-2-oupton@google.com> Mime-Version: 1.0 References: <20220318193831.482349-1-oupton@google.com> X-Mailer: git-send-email 2.35.1.894.gb6a874cedc-goog Subject: [PATCH 1/2] KVM: arm64: Generally disallow SMC64 for AArch32 guests From: Oliver Upton To: kvmarm@lists.cs.columbia.edu Cc: kvm@vger.kernel.org, Marc Zyngier , James Morse , Alexandru Elisei , Suzuki K Poulose , linux-arm-kernel@lists.infradead.org, Peter Shier , Ricardo Koller , Reiji Watanabe , Paolo Bonzini , Will Deacon , Oliver Upton , Andrew Jones X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220318_123900_793051_D51B0E58 X-CRM114-Status: GOOD ( 11.45 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org The only valid calling SMC calling convention from an AArch32 state is SMC32. Disallow any PSCI function that sets the SMC64 function ID bit when called from AArch32 rather than comparing against known SMC64 PSCI functions. Note that without this change KVM advertises the SMC64 flavor of SYSTEM_RESET2 to AArch32 guests. Fixes: d43583b890e7 ("KVM: arm64: Expose PSCI SYSTEM_RESET2 call to the guest") Cc: Will Deacon Reviewed-by: Reiji Watanabe Reviewed-by: Andrew Jones Signed-off-by: Oliver Upton --- arch/arm64/kvm/psci.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/arch/arm64/kvm/psci.c b/arch/arm64/kvm/psci.c index a433c3eac9b7..cd3ee947485f 100644 --- a/arch/arm64/kvm/psci.c +++ b/arch/arm64/kvm/psci.c @@ -216,15 +216,11 @@ static void kvm_psci_narrow_to_32bit(struct kvm_vcpu *vcpu) static unsigned long kvm_psci_check_allowed_function(struct kvm_vcpu *vcpu, u32 fn) { - switch(fn) { - case PSCI_0_2_FN64_CPU_SUSPEND: - case PSCI_0_2_FN64_CPU_ON: - case PSCI_0_2_FN64_AFFINITY_INFO: - /* Disallow these functions for 32bit guests */ - if (vcpu_mode_is_32bit(vcpu)) - return PSCI_RET_NOT_SUPPORTED; - break; - } + /* + * Prevent 32 bit guests from calling 64 bit PSCI functions. + */ + if ((fn & PSCI_0_2_64BIT) && vcpu_mode_is_32bit(vcpu)) + return PSCI_RET_NOT_SUPPORTED; return 0; } From patchwork Fri Mar 18 19:38:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver Upton X-Patchwork-Id: 12785854 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 50C4FC433EF for ; Fri, 18 Mar 2022 19:40:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:References: Mime-Version:Message-Id:In-Reply-To:Date:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=oC8ugDEI+OUVl79z0ZYjGGeWpXJyS9x9yaTiu5kEVWk=; b=x8/PMwnWLJDoq0ECa2nJaczwL4 mSpZ2z/ObnGGs03aLln4XdpTkj4JmQ0y8cAUspgkrqKGBZqqAyy8sEpG++M4JYKqBM7FEUTgQbsL0 gOGZn4bm0WgzB/LgSCCZTn4ovD7+q8h8/Fy31OWmqV+x4rypJ51mnKNeOYtJwDcYvHJienb2S8WCN Lsk4VeVsM/oXOEd3rPwlVxQ2ojBP/oRIVdlpbMmIQbWpCQh/20xsfjSj/+Lf7Mg3gT003UhMPgtqr PGUGHi1eV0we4tQgnnvrIfxeP5Di6rJVGPHPMezz+cuG3/j4mQni+eGr3sQyQwLodDNRHMNuoB9yv WsFP8shg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nVIRN-002h4u-16; Fri, 18 Mar 2022 19:39:13 +0000 Received: from mail-io1-xd4a.google.com ([2607:f8b0:4864:20::d4a]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nVIRA-002gyI-AR for linux-arm-kernel@lists.infradead.org; Fri, 18 Mar 2022 19:39:01 +0000 Received: by mail-io1-xd4a.google.com with SMTP id g16-20020a05660226d000b00638d8e1828bso5679026ioo.13 for ; Fri, 18 Mar 2022 12:38:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=wuK4ueNqZP0GzZsEOqe508HJuzt+R9wh2IWRVsBTI30=; b=DX/hQhQIL3T3in9mXK43MOUUG88eK+JlLFCWRmC0FpLYM4vyGZCwfBMTRtYjlueoDI cCntMu+NW9lzYQeW6XlbliSnyHGflRbaI44DbHPEKkHgRduAcBd9eaqAZA7S5/vBBusF UUzoE/U+TtgoeRR7xGpRiuKpA+Ggx1ybZWjgBcpsLUHkXNfBKg04wA5ho5dCPF+g/zj6 04DCrGzhgUTStF/M0Zkx9/UzD6t70s33hNUXCT6V8au2ICW7TPX4vcQ9p5vluvLLgbXA KHSK/BfpfyQFOYHVdpXVDR/IoWYwnAhaBsuYeFGY+XVCOzdOenH2mSnWeNwg0VYZf8la yYxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=wuK4ueNqZP0GzZsEOqe508HJuzt+R9wh2IWRVsBTI30=; b=u2SvtKOwxmfgjE041ycwXRHoBgmX/cPBXQwhKEy67lpWiLhcqZ0EnU9y/OoNOwTQ3m UmKWA0WTsXRx85FiwDg7LBff2lzNhU5p6tlKTNVryVnhEJB97G7UtS7CktBu1rTUJVt6 R3g3kdGdV1jS4TX+jwHH+zM7piyALX3JvgmZx+oXUhpvtjW9Qm+EBYECRxVrcp0WOlhW RF6/mxmB6OZr1df7JYAc8FmhImmbHez5bFr93ELzrgQRkt+9LJffLWWMMNC81dWIKUWd styC0ozRaPziY5WZxyzh6H6xjVDdKcbEouays3nxLI8gNN1vB98gQqgV0YD4i6gTXTnd N0Tw== X-Gm-Message-State: AOAM533cs04cnwHdecXNBpK6ZzkK1piCUj+hV3Zigkf8wqB+wtezymaM m+SQy0MvDhfsFDQuZ3PENj3LrGlhsLo= X-Google-Smtp-Source: ABdhPJz9kr+l6ckzIE00y1HiGRsJeWLm1xQMEM8JkI13iYPFP4zi1a2CA2eGif9AMiNeTCZHstmnwiHQldE= X-Received: from oupton.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:404]) (user=oupton job=sendgmr) by 2002:a92:7106:0:b0:2c6:3167:ce83 with SMTP id m6-20020a927106000000b002c63167ce83mr5228453ilc.138.1647632332153; Fri, 18 Mar 2022 12:38:52 -0700 (PDT) Date: Fri, 18 Mar 2022 19:38:31 +0000 In-Reply-To: <20220318193831.482349-1-oupton@google.com> Message-Id: <20220318193831.482349-3-oupton@google.com> Mime-Version: 1.0 References: <20220318193831.482349-1-oupton@google.com> X-Mailer: git-send-email 2.35.1.894.gb6a874cedc-goog Subject: [PATCH 2/2] KVM: arm64: Actually prevent SMC64 SYSTEM_RESET2 from AArch32 From: Oliver Upton To: kvmarm@lists.cs.columbia.edu Cc: kvm@vger.kernel.org, Marc Zyngier , James Morse , Alexandru Elisei , Suzuki K Poulose , linux-arm-kernel@lists.infradead.org, Peter Shier , Ricardo Koller , Reiji Watanabe , Paolo Bonzini , Will Deacon , Oliver Upton X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220318_123900_385109_EA142C4A X-CRM114-Status: GOOD ( 11.70 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org The SMCCC does not allow the SMC64 calling convention to be used from AArch32. While KVM checks to see if the calling convention is allowed in PSCI_1_0_FN_PSCI_FEATURES, it does not actually prevent calls to unadvertised PSCI v1.0+ functions. Check to see if the requested function is allowed from the guest's execution state. Deny the call if it is not. Fixes: d43583b890e7 ("KVM: arm64: Expose PSCI SYSTEM_RESET2 call to the guest") Cc: Will Deacon Signed-off-by: Oliver Upton Reviewed-by: Reiji Watanabe --- arch/arm64/kvm/psci.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/arm64/kvm/psci.c b/arch/arm64/kvm/psci.c index cd3ee947485f..0d771468b708 100644 --- a/arch/arm64/kvm/psci.c +++ b/arch/arm64/kvm/psci.c @@ -318,6 +318,10 @@ static int kvm_psci_1_x_call(struct kvm_vcpu *vcpu, u32 minor) if (minor > 1) return -EINVAL; + val = kvm_psci_check_allowed_function(vcpu, psci_fn); + if (val) + goto out; + switch(psci_fn) { case PSCI_0_2_FN_PSCI_VERSION: val = minor == 0 ? KVM_ARM_PSCI_1_0 : KVM_ARM_PSCI_1_1; @@ -378,6 +382,7 @@ static int kvm_psci_1_x_call(struct kvm_vcpu *vcpu, u32 minor) return kvm_psci_0_2_call(vcpu); } +out: smccc_set_retval(vcpu, val, 0, 0, 0); return ret; }