Commit 747cfbf1 authored by Paolo Bonzini's avatar Paolo Bonzini
Browse files

Merge tag 'kvmarm-fixes-6.11-1' of... 

Merge tag 'kvmarm-fixes-6.11-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD

KVM/arm64 fixes for 6.11, round #1

 - Use kvfree() for the kvmalloc'd nested MMUs array

 - Set of fixes to address warnings in W=1 builds

 - Make KVM depend on assembler support for ARMv8.4

 - Fix for vgic-debug interface for VMs without LPIs

 - Actually check ID_AA64MMFR3_EL1.S1PIE in get-reg-list selftest

 - Minor code / comment cleanups for configuring PAuth traps

 - Take kvm->arch.config_lock to prevent destruction / initialization
   race for a vCPU's CPUIF which may lead to a UAF
parents 92b6c2f0 9eb18136

Documentation/virt/kvm/api.rst

+1 −1
Original line number Diff line number Diff line
@@ -2592,7 +2592,7 @@ Specifically: 
  0x6030 0000 0010 004a SPSR_ABT    64  spsr[KVM_SPSR_ABT]

  0x6030 0000 0010 004c SPSR_UND    64  spsr[KVM_SPSR_UND]

  0x6030 0000 0010 004e SPSR_IRQ    64  spsr[KVM_SPSR_IRQ]

  0x6060 0000 0010 0050 SPSR_FIQ    64  spsr[KVM_SPSR_FIQ]

  0x6030 0000 0010 0050 SPSR_FIQ    64  spsr[KVM_SPSR_FIQ]

  0x6040 0000 0010 0054 V0         128  fp_regs.vregs[0]    [1]_

  0x6040 0000 0010 0058 V1         128  fp_regs.vregs[1]    [1]_

  ...

arch/arm64/kvm/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -19,6 +19,7 @@ if VIRTUALIZATION 


menuconfig KVM

	bool "Kernel-based Virtual Machine (KVM) support"

	depends on AS_HAS_ARMV8_4

	select KVM_COMMON

	select KVM_GENERIC_HARDWARE_ENABLING

	select KVM_GENERIC_MMU_NOTIFIER

arch/arm64/kvm/Makefile

+3 −0
Original line number Diff line number Diff line
@@ -10,6 +10,9 @@ include $(srctree)/virt/kvm/Makefile.kvm 
obj-$(CONFIG_KVM) += kvm.o

obj-$(CONFIG_KVM) += hyp/



CFLAGS_sys_regs.o += -Wno-override-init

CFLAGS_handle_exit.o += -Wno-override-init



kvm-y += arm.o mmu.o mmio.o psci.o hypercalls.o pvtime.o \

	 inject_fault.o va_layout.o handle_exit.o \

	 guest.o debug.o reset.o sys_regs.o stacktrace.o \

arch/arm64/kvm/arm.c

+5 −10
Original line number Diff line number Diff line
@@ -164,6 +164,7 @@ static int kvm_arm_default_max_vcpus(void) 
/**

 * kvm_arch_init_vm - initializes a VM data structure

 * @kvm:	pointer to the KVM struct

 * @type:	kvm device type

 */

int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)

{
@@ -521,10 +522,10 @@ void kvm_arch_vcpu_unblocking(struct kvm_vcpu *vcpu) 


static void vcpu_set_pauth_traps(struct kvm_vcpu *vcpu)

{

	if (vcpu_has_ptrauth(vcpu)) {

	if (vcpu_has_ptrauth(vcpu) && !is_protected_kvm_enabled()) {

		/*

		 * Either we're running running an L2 guest, and the API/APK

		 * bits come from L1's HCR_EL2, or API/APK are both set.

		 * Either we're running an L2 guest, and the API/APK bits come

		 * from L1's HCR_EL2, or API/APK are both set.

		 */

		if (unlikely(vcpu_has_nv(vcpu) && !is_hyp_ctxt(vcpu))) {

			u64 val;
@@ -541,16 +542,10 @@ static void vcpu_set_pauth_traps(struct kvm_vcpu *vcpu) 
		 * Save the host keys if there is any chance for the guest

		 * to use pauth, as the entry code will reload the guest

		 * keys in that case.

		 * Protected mode is the exception to that rule, as the

		 * entry into the EL2 code eagerly switch back and forth

		 * between host and hyp keys (and kvm_hyp_ctxt is out of

		 * reach anyway).

		 */

		if (is_protected_kvm_enabled())

			return;



		if (vcpu->arch.hcr_el2 & (HCR_API | HCR_APK)) {

			struct kvm_cpu_context *ctxt;



			ctxt = this_cpu_ptr_hyp_sym(kvm_hyp_ctxt);

			ptrauth_save_keys(ctxt);

		}

arch/arm64/kvm/hyp/include/hyp/switch.h

+0 −1
Original line number Diff line number Diff line
@@ -27,7 +27,6 @@ 
#include <asm/kvm_hyp.h>

#include <asm/kvm_mmu.h>

#include <asm/kvm_nested.h>

#include <asm/kvm_ptrauth.h>

#include <asm/fpsimd.h>

#include <asm/debug-monitors.h>

#include <asm/processor.h>