On Mon, Sep 27, 2021 at 01:49:10PM +0100, Alexandru Elisei wrote:
> If read_id_reg() is called for an ID register which is Read-As-Zero
> (RAZ), it initializes the return value to zero, then goes through a list
> of registers which require special handling.
>
> By not returning as soon as it tests if the register is RAZ, it creates
> the opportunity for bugs, if a patch changes a register to RAZ (like has
> happened with PMSWINC_EL0 in commit 11663111cd49), but doesn't remove the
> special handling from read_id_reg(); or if a register is RAZ in certain
> situations, and readable in others.
>
> Return early as to make it impossible for a RAZ register to be anything
> other than zero.
>
> Signed-off-by: Alexandru Elisei <alexandru.elisei@xxxxxxx>
> ---
> arch/arm64/kvm/sys_regs.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
> index 1d46e185f31e..4adda8bf3168 100644
> --- a/arch/arm64/kvm/sys_regs.c
> +++ b/arch/arm64/kvm/sys_regs.c
> @@ -1064,7 +1064,12 @@ static u64 read_id_reg(const struct kvm_vcpu *vcpu,
> struct sys_reg_desc const *r, bool raz)
> {
> u32 id = reg_to_encoding(r);
> - u64 val = raz ? 0 : read_sanitised_ftr_reg(id);
> + u64 val;
> +
> + if (raz)
> + return 0;
> +
> + val = read_sanitised_ftr_reg(id);
>
> switch (id) {
> case SYS_ID_AA64PFR0_EL1:
> --
> 2.33.0
>
> _______________________________________________
> kvmarm mailing list
> kvmarm@xxxxxxxxxxxxxxxxxxxxx
> https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
>
Reviewed-by: Andrew Jones <drjones@xxxxxxxxxx>
_______________________________________________
kvmarm mailing list
kvmarm@xxxxxxxxxxxxxxxxxxxxx
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
