diff options
| author | Marc Zyngier <maz@kernel.org> | 2025-04-22 13:26:12 +0100 | 
|---|---|---|
| committer | Marc Zyngier <maz@kernel.org> | 2025-05-14 10:43:50 +0100 | 
| commit | 3e4d597220587593dba505f5a7e932309155c54d (patch) | |
| tree | c0028df5588f2f86e3605bedf7e55c9dae5d016e /lib/memory-notifier-error-inject.c | |
| parent | ed648ab8043aab3135490d6c01f1c889c4bac62c (diff) | |
KVM: arm64: Don't feed uninitialised data to HCR_EL2
When the guest executes an AT S1E{0,1} from EL2, and that its
HCR_EL2.{E2H,TGE}=={1,1}, then this is a pure S1 translation
that doesn't involve a guest-supplied S2, and the full S1
context is already in place. This allows us to take a shortcut
and avoid save/restoring a bunch of registers.
However, we set HCR_EL2 to a value suitable for the use of AT
in guest context. And we do so by using the value that we saved.
Or not. In the case described above, we restore whatever junk
was on the stack, and carry on with it until the next entry.
Needless to say, this is completely broken.
But this also triggers the realisation that saving HCR_EL2 is
a bit pointless. We are always in host context at the point where
reach this code, and what we program to enter the guest is a known
value (vcpu->arch.hcr_el2).
Drop the pointless save/restore, and wrap the AT operations with
writes that switch between guest and host values for HCR_EL2.
Reported-by: D Scott Phillips <scott@os.amperecomputing.com>
Link: https://lore.kernel.org/r/20250422122612.2675672-4-maz@kernel.org
Signed-off-by: Marc Zyngier <maz@kernel.org>
Diffstat (limited to 'lib/memory-notifier-error-inject.c')
0 files changed, 0 insertions, 0 deletions
