review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Mostafa Saleh <smostafa@google.com>
	Tue, 30 May 2023 15:08:45 +0000 (15:08 +0000)
committer	Oliver Upton <oliver.upton@linux.dev>
	Tue, 30 May 2023 16:24:28 +0000 (16:24 +0000)
commit	b53d4a27234955810362f91be679afc12e4c3237
tree	365013ce118a7106f8de59b3de13b99fb86810b8	tree \| snapshot
parent	c876c3f182a5cc16711962efdd9bf56b9fb84317	commit \| diff

KVM: arm64: Use BTI for nvhe

CONFIG_ARM64_BTI_KERNEL compiles the kernel to support ARMv8.5-BTI.
However, the nvhe code doesn't make use of it as it doesn't map any
pages with Guarded Page(GP) bit.

kvm pgtable code is modified to map executable pages with GP bit
if BTI is enabled for the kernel.

At hyp init, SCTLR_EL2.BT is set to 1 to match EL1 configuration
(SCTLR_EL1.BT1) set in bti_enable().

One difference between kernel and nvhe code, is that the kernel maps
.text with GP while nvhe maps all the executable pages, this makes
nvhe code need to deal with special initialization code coming from
other executable sections (.idmap.text).
For this we need to add bti instruction at the beginning of
__kvm_handle_stub_hvc as it can be called by __host_hvc through
branch instruction(br) and unlike SYM_FUNC_START, SYM_CODE_START
doesn’t add bti instruction at the beginning, and it can’t be modified
to add it as it is used with vector tables.
Another solution which is more intrusive is to convert
__kvm_handle_stub_hvc to a function and inject “bti jc” instead of
“bti c” in SYM_FUNC_START

Signed-off-by: Mostafa Saleh <smostafa@google.com>
Link: https://lore.kernel.org/r/20230530150845.2856828-1-smostafa@google.com
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>

arch/arm64/include/asm/sysreg.h		diff \| blob \| history
arch/arm64/kvm/hyp/nvhe/hyp-init.S		diff \| blob \| history
arch/arm64/kvm/hyp/pgtable.c		diff \| blob \| history