KVM: arm64: Maintain a copy of 'kvm_arm_vmid_bits' at EL2

Sharing 'kvm_arm_vmid_bits' between EL1 and EL2 allows the host to modify the variable arbitrarily, potentially leading to all sorts of shenanians as this is used to configure the VTTBR register for the guest stage-2. In preparation for unmapping host sections entirely from EL2, maintain a copy of 'kvm_arm_vmid_bits' in the pKVM hypervisor and initialise it from the host value while it is still trusted. Tested-by: Vincent Donnefort <vdonnefort@google.com> Signed-off-by: Will Deacon <will@kernel.org> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20221110190259.26861-23-will@kernel.org
author: Will Deacon <will@kernel.org> 2022-11-10 19:02:55 +0000
committer: Marc Zyngier <maz@kernel.org> 2022-11-11 17:19:35 +0000
commit: 73f38ef2ae531b180685173e0923225551434fcb (patch)
tree: c67b03ec07350daca0afc1f04806115d3f5da43f /arch/arm64/kvm/arm.c
parent: fe41a7f8c0ee3ee2f682f8c28c7e1c5ff2be8a79 (diff)
download: linux-73f38ef2ae531b180685173e0923225551434fcb.tar.bz2
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c
index 25467f24803d..1d4b8122d010 100644
--- a/arch/arm64/kvm/arm.c
+++ b/arch/arm64/kvm/arm.c
@@ -1893,6 +1893,7 @@ static void kvm_hyp_init_symbols(void)
 	kvm_nvhe_sym(id_aa64mmfr1_el1_sys_val) = read_sanitised_ftr_reg(SYS_ID_AA64MMFR1_EL1);
 	kvm_nvhe_sym(id_aa64mmfr2_el1_sys_val) = read_sanitised_ftr_reg(SYS_ID_AA64MMFR2_EL1);
 	kvm_nvhe_sym(__icache_flags) = __icache_flags;
+	kvm_nvhe_sym(kvm_arm_vmid_bits) = kvm_arm_vmid_bits;
 }
 
 static int kvm_hyp_init_protection(u32 hyp_va_bits)
author	Will Deacon <will@kernel.org>	2022-11-10 19:02:55 +0000
committer	Marc Zyngier <maz@kernel.org>	2022-11-11 17:19:35 +0000
commit	73f38ef2ae531b180685173e0923225551434fcb (patch)
tree	c67b03ec07350daca0afc1f04806115d3f5da43f /arch/arm64/kvm/arm.c
parent	fe41a7f8c0ee3ee2f682f8c28c7e1c5ff2be8a79 (diff)
download	linux-73f38ef2ae531b180685173e0923225551434fcb.tar.bz2