KVM: arm64: Protect the .hyp sections from the host

When KVM runs in nVHE protected mode, use the host stage 2 to unmap the hypervisor sections by marking them as owned by the hypervisor itself. The long-term goal is to ensure the EL2 code can remain robust regardless of the host's state, so this starts by making sure the host cannot e.g. write to the .hyp sections directly. Acked-by: Will Deacon <will@kernel.org> Signed-off-by: Quentin Perret <qperret@google.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20210319100146.1149909-39-qperret@google.com
author: Quentin Perret <qperret@google.com> 2021-03-19 10:01:46 +0000
committer: Marc Zyngier <maz@kernel.org> 2021-03-19 12:02:19 +0000
commit: 90134ac9cabb69972d0a509bf08e108a73442184 (patch)
tree: 77d5e0f6a188232498265cc24eeea935c6442de2 /arch/arm64/kvm/hyp/include/nvhe
parent: 9589a38cdfeba0889590e6ef4627b439034d456c (diff)
download: linux-90134ac9cabb69972d0a509bf08e108a73442184.tar.bz2
1 files changed, 2 insertions, 0 deletions
diff --git a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
index d293cb328cc4..42d81ec739fa 100644
--- a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
+++ b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h
@@ -21,6 +21,8 @@ struct host_kvm {
 extern struct host_kvm host_kvm;
 
 int __pkvm_prot_finalize(void);
+int __pkvm_mark_hyp(phys_addr_t start, phys_addr_t end);
+
 int kvm_host_prepare_stage2(void *mem_pgt_pool, void *dev_pgt_pool);
 void handle_host_mem_abort(struct kvm_cpu_context *host_ctxt);
author	Quentin Perret <qperret@google.com>	2021-03-19 10:01:46 +0000
committer	Marc Zyngier <maz@kernel.org>	2021-03-19 12:02:19 +0000
commit	90134ac9cabb69972d0a509bf08e108a73442184 (patch)
tree	77d5e0f6a188232498265cc24eeea935c6442de2 /arch/arm64/kvm/hyp/include/nvhe
parent	9589a38cdfeba0889590e6ef4627b439034d456c (diff)
download	linux-90134ac9cabb69972d0a509bf08e108a73442184.tar.bz2