From patchwork Wed Oct 9 19:00:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marc Zyngier X-Patchwork-Id: 13829261 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1D83ACEE350 for ; Wed, 9 Oct 2024 21:16:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=V/ZGHw/7pu9oNW68PlKmOKj1ieN088OUloXheX0sqeE=; b=WSbSdlEOLHa70SPKtrhKk/7Xg7 9ERdOzUcMx6DO6hKBeTNr/4VVGAT43d7QTBt8Z9MqbptffLKZfFrCWCzXFPpvYtbCbbIHiAhiVAQe YPlWvGfh9fGMFhs01QhfRUCpydNJFegO5T8JraB7e1g5LVoJUjsAjYz2QRjswgwcz+J8qJWqtQgEm IOy2w7N8E11FUsVybDulkAenU9gPmBbJmlRTrUAvSWMDm4SNMij2lcgMtLPIb/L1Tp+vVbidvene5 gykde3LjVfxzbYw0O2jynXdEnANi4ctLXUfF4dHngbgrn4Ow3Ru7k5lPSMZ/z6g7SWScL732GFe1A B6Rzc08Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1sye2I-0000000AkJc-2ALF; Wed, 09 Oct 2024 21:15:58 +0000 Received: from desiato.infradead.org ([2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1sybvh-0000000ARSs-0D6q for linux-arm-kernel@bombadil.infradead.org; Wed, 09 Oct 2024 19:01:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=Content-Transfer-Encoding:MIME-Version :References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To: Content-Type:Content-ID:Content-Description; bh=V/ZGHw/7pu9oNW68PlKmOKj1ieN088OUloXheX0sqeE=; b=IBl9hT9lwCPdEzzdRt71cFXTTh MqyF02F+673jiMAHII/jYWFXsNa38tRKV+9Uworw9k234K1DYhZTIhQaln0ugS50EaX1kaHrsDsFG N3R8xW5Ntil2yGLi+BoEZ/6aTFoBSbymwIUcr89pOt5MMbzMKDWVsmdT1ZJEa+6YdKVPqKXpQPCZ1 n4Ioz0pwtwPOorcMXEEMxtzhSX+JW4cKYRlslY6BCaAZwhFgkYz8Q54mtIOTQ3WdesCKiD/Va/oc4 WbIC64YPKrBNcJMnEQOqtXivVXem1MCknJjwGQ0tpAYHt5TBI744c/AgIqyUxK6bUqEUd2oRzBYOE 2LwEiJjQ==; Received: from dfw.source.kernel.org ([139.178.84.217]) by desiato.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1sybvd-000000055oB-2NsG for linux-arm-kernel@lists.infradead.org; Wed, 09 Oct 2024 19:00:59 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 21B905C5CA8; Wed, 9 Oct 2024 19:00:46 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2CEE2C4CECE; Wed, 9 Oct 2024 19:00:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1728500450; bh=QpEhq3ybWToqA/q2mXhj4+m/zIZ+OWYJ/Jj2ev2ZLPo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=SF5dQxfz25WRyEC1QuEabOJJwS1YTwE9tFgMoFaNyDF38GQ01jjZIm5JP5xYOnmQH Jar6AGJM+tHfrBFwP1kRXuzPwnAlT2h35rN1CSi0CbHFG/dzSDcasskLLZmMrNZxna FIUfsP3RB7mG5PvEHumPfR0FETR+ydrRAosxY3cMm+p35Ewp6opXWA8J9QiR7rqy/r i7FmIGHybqFiBS+2+eJFw6aJw02XXcl6DLfDNHtwkJDOKZ+SzxydMZlNMCcEH8UQ1P 5a1oN6dkfS2lICMxaKdPtltjKqMnabWTtClsiHkndZJYpw4mK20s6Ow6M30y9Oo+I1 22KGLuRatkTOg== Received: from sofa.misterjones.org ([185.219.108.64] helo=valley-girl.lan) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1sybvU-001wcY-CA; Wed, 09 Oct 2024 20:00:48 +0100 From: Marc Zyngier To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org Cc: Joey Gouly , Suzuki K Poulose , Oliver Upton , Zenghui Yu , Alexandru Elisei , Mark Brown Subject: [PATCH v4 36/36] KVM: arm64: Handle WXN attribute Date: Wed, 9 Oct 2024 20:00:19 +0100 Message-Id: <20241009190019.3222687-37-maz@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20241009190019.3222687-1-maz@kernel.org> References: <20241009190019.3222687-1-maz@kernel.org> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, joey.gouly@arm.com, suzuki.poulose@arm.com, oliver.upton@linux.dev, yuzenghui@huawei.com, alexandru.elisei@arm.com, broonie@kernel.org X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241009_200058_119584_5014AC83 X-CRM114-Status: GOOD ( 14.65 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Until now, we didn't really care about WXN as it didn't have an effect on the R/W permissions (only the execution could be droppped), and therefore not of interest for AT. However, with S1POE, WXN can revoke the Write permission if an overlay is active and that execution is allowed. This *is* relevant to AT. Add full handling of WXN so that we correctly handle this case. Signed-off-by: Marc Zyngier --- arch/arm64/kvm/at.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/arch/arm64/kvm/at.c b/arch/arm64/kvm/at.c index 415f668ab2cd6..b8f3eb8d0956d 100644 --- a/arch/arm64/kvm/at.c +++ b/arch/arm64/kvm/at.c @@ -40,10 +40,12 @@ struct s1_walk_result { u8 APTable; bool UXNTable; bool PXNTable; + bool uwxn; bool uov; bool ur; bool uw; bool ux; + bool pwxn; bool pov; bool pr; bool pw; @@ -847,6 +849,8 @@ static void compute_s1_direct_permissions(struct kvm_vcpu *vcpu, struct s1_walk_info *wi, struct s1_walk_result *wr) { + bool wxn; + /* Non-hierarchical part of AArch64.S1DirectBasePermissions() */ if (wi->regime != TR_EL2) { switch (FIELD_GET(PTE_USER | PTE_RDONLY, wr->desc)) { @@ -884,6 +888,17 @@ static void compute_s1_direct_permissions(struct kvm_vcpu *vcpu, wr->px = !(wr->desc & PTE_UXN); } + switch (wi->regime) { + case TR_EL2: + case TR_EL20: + wxn = (vcpu_read_sys_reg(vcpu, SCTLR_EL2) & SCTLR_ELx_WXN); + break; + case TR_EL10: + wxn = (__vcpu_sys_reg(vcpu, SCTLR_EL1) & SCTLR_ELx_WXN); + break; + } + + wr->pwxn = wr->uwxn = wxn; wr->pov = wi->poe; wr->uov = wi->e0poe; } @@ -935,6 +950,16 @@ static void compute_s1_hierarchical_permissions(struct kvm_vcpu *vcpu, (wr)->ux = (x); \ } while (0) +#define set_priv_wxn(wr, v) \ + do { \ + (wr)->pwxn = (v); \ + } while (0) + +#define set_unpriv_wxn(wr, v) \ + do { \ + (wr)->uwxn = (v); \ + } while (0) + /* Similar to AArch64.S1IndirectBasePermissions(), without GCS */ #define set_perms(w, wr, ip) \ do { \ @@ -989,6 +1014,10 @@ static void compute_s1_hierarchical_permissions(struct kvm_vcpu *vcpu, set_ ## w ## _perms((wr), false, false, false); \ break; \ } \ + \ + /* R_HJYGR */ \ + set_ ## w ## _wxn((wr), ((ip) == 0b0110)); \ + \ } while (0) static void compute_s1_indirect_permissions(struct kvm_vcpu *vcpu, @@ -1090,6 +1119,22 @@ static void compute_s1_permissions(struct kvm_vcpu *vcpu, if (wi->poe || wi->e0poe) compute_s1_overlay_permissions(vcpu, wi, wr); + /* R_QXXPC */ + if (wr->pwxn) { + if (!wr->pov && wr->pw) + wr->px = false; + if (wr->pov && wr->px) + wr->pw = false; + } + + /* R_NPBXC */ + if (wr->uwxn) { + if (!wr->uov && wr->uw) + wr->ux = false; + if (wr->uov && wr->ux) + wr->uw = false; + } + pan = wi->pan && (wr->ur || wr->uw || (pan3_enabled(vcpu, wi->regime) && wr->ux)); wr->pw &= !pan;