lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20230127113932.166089-23-suzuki.poulose@arm.com>
Date:   Fri, 27 Jan 2023 11:39:23 +0000
From:   Suzuki K Poulose <suzuki.poulose@....com>
To:     kvm@...r.kernel.org, kvmarm@...ts.linux.dev
Cc:     suzuki.poulose@....com,
        Alexandru Elisei <alexandru.elisei@....com>,
        Andrew Jones <andrew.jones@...ux.dev>,
        Christoffer Dall <christoffer.dall@....com>,
        Fuad Tabba <tabba@...gle.com>,
        Jean-Philippe Brucker <jean-philippe@...aro.org>,
        Joey Gouly <Joey.Gouly@....com>, Marc Zyngier <maz@...nel.org>,
        Mark Rutland <mark.rutland@....com>,
        Oliver Upton <oliver.upton@...ux.dev>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Quentin Perret <qperret@...gle.com>,
        Steven Price <steven.price@....com>,
        Thomas Huth <thuth@...hat.com>, Will Deacon <will@...nel.org>,
        Zenghui Yu <yuzenghui@...wei.com>, linux-coco@...ts.linux.dev,
        kvmarm@...ts.cs.columbia.edu, linux-arm-kernel@...ts.infradead.org,
        linux-kernel@...r.kernel.org
Subject: [RFC kvmtool 22/31] arm64: Activate realm before the first VCPU is run

From: Alexandru Elisei <alexandru.elisei@....com>

Before KVM can run a VCPU belong to a realm, the realm be activated.
Activating a realm prevents the adding of new object and seals the
cryptographic measurement of that realm. The VCPU state is part of the
measurement, which means that realm activation must be performed after
all VCPUs have been reset.

Current RMM implementation can only create RECs in the order of their
MPIDRs. VCPUs get assigned MPIDRs by KVM based on their VCPU id. Reset the
VCPUs in the order they were created from the main thread instead of doing
it from their own thread, which doesn't guarantee any ordering.

Signed-off-by: Alexandru Elisei <alexandru.elisei@....com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@....com>
---
 arm/aarch64/kvm-cpu.c             |  4 ++++
 arm/aarch64/realm.c               | 35 +++++++++++++++++++++++++++++++
 arm/include/arm-common/kvm-arch.h |  1 +
 3 files changed, 40 insertions(+)

diff --git a/arm/aarch64/kvm-cpu.c b/arm/aarch64/kvm-cpu.c
index 24e570c4..32fa7609 100644
--- a/arm/aarch64/kvm-cpu.c
+++ b/arm/aarch64/kvm-cpu.c
@@ -187,6 +187,10 @@ void kvm_cpu__reset_vcpu(struct kvm_cpu *vcpu)
 	cpu_set_t *affinity;
 	int ret;
 
+	/* VCPU reset is done before activating the realm. */
+	if (kvm->arch.realm_is_active)
+		return;
+
 	affinity = kvm->arch.vcpu_affinity_cpuset;
 	if (affinity) {
 		ret = sched_setaffinity(0, sizeof(cpu_set_t), affinity);
diff --git a/arm/aarch64/realm.c b/arm/aarch64/realm.c
index eddccece..808d39c5 100644
--- a/arm/aarch64/realm.c
+++ b/arm/aarch64/realm.c
@@ -1,4 +1,5 @@
 #include "kvm/kvm.h"
+#include "kvm/kvm-cpu.h"
 
 #include <linux/byteorder.h>
 #include <asm/image.h>
@@ -192,3 +193,37 @@ void kvm_arm_realm_populate_dtb(struct kvm *kvm)
 	if (end > start)
 		realm_populate(kvm, start, end - start);
 }
+
+static void kvm_arm_realm_activate_realm(struct kvm *kvm)
+{
+	struct kvm_enable_cap activate_realm = {
+		.cap = KVM_CAP_ARM_RME,
+		.args[0] = KVM_CAP_ARM_RME_ACTIVATE_REALM,
+	};
+
+	if (ioctl(kvm->vm_fd, KVM_ENABLE_CAP, &activate_realm) < 0)
+		die_perror("KVM_CAP_ARM_RME(KVM_CAP_ARM_RME_ACTIVATE_REALM)");
+
+	kvm->arch.realm_is_active = true;
+}
+
+static int kvm_arm_realm_finalize(struct kvm *kvm)
+{
+	int i;
+
+	if (!kvm->cfg.arch.is_realm)
+		return 0;
+
+	/*
+	 * VCPU reset must happen before the realm is activated, because their
+	 * state is part of the cryptographic measurement for the realm.
+	 */
+	for (i = 0; i < kvm->nrcpus; i++)
+		kvm_cpu__reset_vcpu(kvm->cpus[i]);
+
+	/* Activate and seal the measurement for the realm. */
+	kvm_arm_realm_activate_realm(kvm);
+
+	return 0;
+}
+last_init(kvm_arm_realm_finalize)
diff --git a/arm/include/arm-common/kvm-arch.h b/arm/include/arm-common/kvm-arch.h
index b5a4b851..6d48e13c 100644
--- a/arm/include/arm-common/kvm-arch.h
+++ b/arm/include/arm-common/kvm-arch.h
@@ -116,6 +116,7 @@ struct kvm_arch {
 	cpu_set_t *vcpu_affinity_cpuset;
 	u64	measurement_algo;
 	u64	sve_vq;
+	bool	realm_is_active;
 };
 
 #endif /* ARM_COMMON__KVM_ARCH_H */
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ