lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 8 Dec 2021 17:44:34 +0000
From:   Will Deacon <will@...nel.org>
To:     Quentin Perret <qperret@...gle.com>
Cc:     Marc Zyngier <maz@...nel.org>, James Morse <james.morse@....com>,
        Alexandru Elisei <alexandru.elisei@....com>,
        Suzuki K Poulose <suzuki.poulose@....com>,
        Catalin Marinas <catalin.marinas@....com>,
        linux-arm-kernel@...ts.infradead.org, kvmarm@...ts.cs.columbia.edu,
        linux-kernel@...r.kernel.org, kernel-team@...roid.com
Subject: Re: [PATCH 2/6] KVM: arm64: pkvm: Disable GICv2 support

On Wed, Dec 08, 2021 at 03:22:55PM +0000, Quentin Perret wrote:
> GICv2 requires having device mappings in guests and the hypervisor,
> which is incompatible with the current pKVM EL2 page ownership model
> which only covers memory. While it would be desirable to support pKVM
> with GICv2, this will require a lot more work, so let's make the
> current assumption clear until then.
> 
> Co-developed-by: Marc Zyngier <maz@...nel.org>
> Signed-off-by: Marc Zyngier <maz@...nel.org>
> Signed-off-by: Quentin Perret <qperret@...gle.com>
> ---
>  arch/arm64/kvm/vgic/vgic-v2.c | 5 +++++
>  arch/arm64/kvm/vgic/vgic-v3.c | 2 +-
>  2 files changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/kvm/vgic/vgic-v2.c b/arch/arm64/kvm/vgic/vgic-v2.c
> index 95a18cec14a3..8e337a0d7817 100644
> --- a/arch/arm64/kvm/vgic/vgic-v2.c
> +++ b/arch/arm64/kvm/vgic/vgic-v2.c
> @@ -345,6 +345,11 @@ int vgic_v2_probe(const struct gic_kvm_info *info)
>  	int ret;
>  	u32 vtr;
>  
> +	if (is_protected_kvm_enabled()) {
> +		kvm_err("GICv2 not supported in protected mode\n");
> +		return -ENXIO;
> +	}
> +
>  	if (!info->vctrl.start) {
>  		kvm_err("GICH not present in the firmware table\n");
>  		return -ENXIO;
> diff --git a/arch/arm64/kvm/vgic/vgic-v3.c b/arch/arm64/kvm/vgic/vgic-v3.c
> index 04f62c4b07fb..debad4e6e6c9 100644
> --- a/arch/arm64/kvm/vgic/vgic-v3.c
> +++ b/arch/arm64/kvm/vgic/vgic-v3.c
> @@ -651,7 +651,7 @@ int vgic_v3_probe(const struct gic_kvm_info *info)
>  	} else if (!PAGE_ALIGNED(info->vcpu.start)) {
>  		pr_warn("GICV physical address 0x%llx not page aligned\n",
>  			(unsigned long long)info->vcpu.start);
> -	} else {
> +	} else if (kvm_get_mode() != KVM_MODE_PROTECTED) {
>  		kvm_vgic_global_state.vcpu_base = info->vcpu.start;
>  		kvm_vgic_global_state.can_emulate_gicv2 = true;
>  		ret = kvm_register_vgic_device(KVM_DEV_TYPE_ARM_VGIC_V2);

Acked-by: Will Deacon <will@...nel.org>

Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ