| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Sep 2017 16:12:10 +0800
From: gengdongjiu <gengdongjiu@...wei.com>
To: James Morse <james.morse@....com>
CC: <christoffer.dall@...aro.org>, <marc.zyngier@....com>,
<rkrcmar@...hat.com>, <linux@...linux.org.uk>,
<catalin.marinas@....com>, <will.deacon@....com>,
<lenb@...nel.org>, <robert.moore@...el.com>, <lv.zheng@...el.com>,
<mark.rutland@....com>, <xiexiuqi@...wei.com>,
<cov@...eaurora.org>, <david.daney@...ium.com>,
<suzuki.poulose@....com>, <stefan@...lo-penguin.com>,
<Dave.Martin@....com>, <kristina.martsenko@....com>,
<wangkefeng.wang@...wei.com>, <tbaicar@...eaurora.org>,
<ard.biesheuvel@...aro.org>, <mingo@...nel.org>, <bp@...e.de>,
<shiju.jose@...wei.com>, <zjzhang@...eaurora.org>,
<linux-arm-kernel@...ts.infradead.org>,
<kvmarm@...ts.cs.columbia.edu>, <kvm@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <linux-acpi@...r.kernel.org>,
<devel@...ica.org>, <mst@...hat.com>, <john.garry@...wei.com>,
<jonathan.cameron@...wei.com>,
<shameerali.kolothum.thodi@...wei.com>, <huangdaode@...ilicon.com>,
<wangzhou1@...ilicon.com>, <huangshaoyu@...wei.com>,
<wuquanming@...wei.com>, <linuxarm@...wei.com>,
<zhengqiang10@...wei.com>
Subject: Re: [PATCH v6 5/7] arm64: kvm: route synchronous external abort
exceptions to el2
On 2017/9/8 0:31, James Morse wrote:
> Hi Dongjiu Geng,
>
> On 28/08/17 11:38, Dongjiu Geng wrote:
>> ARMv8.2 adds a new bit HCR_EL2.TEA which controls to
>> route synchronous external aborts to EL2, and adds a
>> trap control bit HCR_EL2.TERR which controls to
>> trap all Non-secure EL1&0 error record accesses to EL2.
>>
>> This patch enables the two bits for the guest OS.
>> when an synchronous abort is generated in the guest OS,
>
>> it will trap to EL3 firmware, EL3 firmware will check the
>> HCR_EL2.TEA value to decide to jump to hypervisor or host
>> OS.
>
> (This is what you are using this for, the patch has nothing to do with EL3.)
No, EL3 will check the HCR_EL2.TEA to decide to jump to hypervisor or host kernel.
>
>
>> Enabling HCR_EL2.TERR makes error record access
>> from guest trap to EL2.
>
>
> KVM already handles external aborts from lower exception levels, no more work
> needs doing for TEA.
when SCR_EL3.EA is set, TEA will not workable, El3 only check its value to decide to hypervisor or EL1 host kernel.
>
> What happens when a guest access the RAS-Error-Record registers?
it will trap to EL2 kvm
>
> Before we can set HCR_EL2.TERR I think we need to add some minimal emulation for
> the registers it traps. Most of them should be RAZ/WI, so it should be
> straightforward. (I think KVMs default is to emulate an undef for unknown traps).
if KVM default handling is to emulate an undef for unknown traps, how about we use its default way? because no one access
the ERR RAS register in the guest .
>
> Eventually we will want to back this with a page of memory that lets
> Qemu/kvmtool configure what the guest can see. (i.e. the emulated machine's
> errors for kernel-first handling.)
I think emulate it to an undef for unknown traps can be enough, no one access the ERR register in the guest.
>
>
> Thanks,
>
> James
>
> .
>
Powered by blists - more mailing lists