KVM: arm64: Make nVHE ASLR conditional on RANDOMIZE_BASE

If there are spare bits in non-VHE hyp VA, KVM unconditionally replaces them
with a random tag chosen at init. Disable this if the kernel is built without
RANDOMIZE_BASE to align with kernel behavior.

Signed-off-by: David Brazdil <dbrazdil@google.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20200721094445.82184-2-dbrazdil@google.com

diff --git a/arch/arm64/kvm/va_layout.c b/arch/arm64/kvm/va_layout.c
index a4f48c1..e0404bc 100644 (file)
--- a/arch/arm64/kvm/va_layout.c
+++ b/arch/arm64/kvm/va_layout.c
@@ -48,7 +48,7 @@ __init void kvm_compute_layout(void)
        va_mask = GENMASK_ULL(tag_lsb - 1, 0);
        tag_val = hyp_va_msb;
 
-       if (tag_lsb != (vabits_actual - 1)) {
+       if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && tag_lsb != (vabits_actual - 1)) {
                /* We have some free bits to insert a random tag. */
                tag_val |= get_random_long() & GENMASK_ULL(vabits_actual - 2, tag_lsb);
        }