On Fri, Nov 13, 2020 at 12:02:10PM +0000, Marc Zyngier wrote: > On 2020-11-13 11:38, Will Deacon wrote: > > The EL2 vectors installed when a guest is running point at one of the > > following configurations for a given CPU: > > > > - Straight at __kvm_hyp_vector > > - A trampoline containing an SMC sequence to mitigate Spectre-v2 and > > then a direct branch to __kvm_hyp_vector > > - A dynamically-allocated trampoline which has an indirect branch to > > __kvm_hyp_vector > > - A dynamically-allocated trampoline containing an SMC sequence to > > mitigate Spectre-v2 and then an indirect branch to __kvm_hyp_vector > > > > The indirect branches mean that VA randomization at EL2 isn't trivially > > bypassable using Spectre-v3a (where the vector base is readable by the > > guest). > > > > Rather than populate these vectors dynamically, configure everything > > statically and use an enumerated type to identify the vector "slot" > > corresponding to one of the configurations above. This both simplifies > > the code, but also makes it much easier to implement at EL2 later on. > > > > Cc: Marc Zyngier <maz@xxxxxxxxxx> > > Cc: Quentin Perret <qperret@xxxxxxxxxx> > > Signed-off-by: Will Deacon <will@xxxxxxxxxx> > > --- > > arch/arm64/include/asm/kvm_asm.h | 5 -- > > arch/arm64/include/asm/spectre.h | 36 +++++++++++++- > > arch/arm64/kernel/cpu_errata.c | 2 + > > arch/arm64/kernel/proton-pack.c | 63 +++++------------------- > > arch/arm64/kvm/arm.c | 82 +++++++++++++------------------- > > arch/arm64/kvm/hyp/Makefile | 2 +- > > arch/arm64/kvm/hyp/hyp-entry.S | 72 ++++++++++++++++------------ > > arch/arm64/kvm/hyp/smccc_wa.S | 32 ------------- > > arch/arm64/kvm/va_layout.c | 11 +---- > > 9 files changed, 126 insertions(+), 179 deletions(-) > > delete mode 100644 arch/arm64/kvm/hyp/smccc_wa.S > > I haven't had a chance to test this series yet, but I may have spotted > another small nit, see below: > > > @@ -1810,6 +1792,10 @@ int kvm_arch_init(void *opaque) > > goto out_err; > > } > > > > + err = kvm_init_vector_slots(); > > + if (err) > > + goto out_err; > > Don't you end-up calling kvm_init_vector_slots() twice on nVHE? > It's probably harmless, but I think we can have a single call here, > and drop the call from init_hyp_mode(). > > What do you think? If you agree, I can perform the change when queuing > the series. Yes, I meant to remove the old call but evidently forgot to do that when I rebased. Well spotted! Will _______________________________________________ kvmarm mailing list kvmarm@xxxxxxxxxxxxxxxxxxxxx https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
