From patchwork Thu Feb 19 10:54:45 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ard Biesheuvel <ard.biesheuvel@linaro.org>
X-Patchwork-Id: 44808
Return-Path: <patchwork-forward+bncBDYNJBOFRECBBF4DS6TQKGQE65JIRSY@linaro.org>
X-Original-To: linaro@patches.linaro.org
Delivered-To: linaro@patches.linaro.org
Received: from mail-we0-f200.google.com (mail-we0-f200.google.com
 [74.125.82.200])
 by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 120BF21553
 for <linaro@patches.linaro.org>; Thu, 19 Feb 2015 10:57:28 +0000 (UTC)
Received: by wesk11 with SMTP id k11sf4520635wes.3
 for <linaro@patches.linaro.org>; Thu, 19 Feb 2015 02:57:27 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:delivered-to:from:to:subject:date:message-id
 :in-reply-to:references:cc:precedence:list-id:list-unsubscribe
 :list-archive:list-post:list-help:list-subscribe:mime-version
 :content-type:content-transfer-encoding:sender:errors-to
 :x-original-sender:x-original-authentication-results:mailing-list;
 bh=jsXZdvbKo/WQnrU5NLXfkHBcojHJn1utVVTFslP5OUo=;
 b=fHA99zM7wz+nrPBK9cnxXIXP2Bz/LuaGR07pnpvrqzQoepUQZ8iS1fHh+Ee/d9/SCf
 aImi0oQMk9NpVib4x84Sd0RkmBbA3r6jBLFdEecmPBzPOo9MqE4SIjktxu2Ssp9iNeFT
 xoDguSpc+aSv1sr7mERNHTPJOmcj1wt+Kknyq5kfYZGmzjSbLDHDrobUNNu5CwGGzUJa
 0LkItoi4yaAvdXvHv/TBu19S18/pSjzYKsoEpAiAuLYl5Y0kmZ2g0oKkKVAuXsiJ2G42
 bGgc39NG3fMSsmhXhWDoZraOGAydEidfgFX72mx1yher4ReXPz8cUCmSgtCO5yvXN29Y
 1u3Q==
X-Gm-Message-State: ALoCoQkkGFHLEgYA8XE/Z2rSIfQmLkG9mxjb2ZE26aevsyXbIAkOunpO1tbd3Q6bTUumLF0IOyQT
X-Received: by 10.180.8.67 with SMTP id p3mr935651wia.7.1424343447364;
 Thu, 19 Feb 2015 02:57:27 -0800 (PST)
X-BeenThere: patchwork-forward@linaro.org
Received: by 10.152.37.227 with SMTP id b3ls120278lak.58.gmail; Thu, 19 Feb
 2015 02:57:27 -0800 (PST)
X-Received: by 10.112.110.231 with SMTP id id7mr1496022lbb.28.1424343447176; 
 Thu, 19 Feb 2015 02:57:27 -0800 (PST)
Received: from mail-la0-f44.google.com (mail-la0-f44.google.com.
 [209.85.215.44])
 by mx.google.com with ESMTPS id p1si499292lal.91.2015.02.19.02.57.27
 for <patchwork-forward@linaro.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Thu, 19 Feb 2015 02:57:27 -0800 (PST)
Received-SPF: pass (google.com: domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 209.85.215.44 as permitted sender) client-ip=209.85.215.44; 
Received: by labgq15 with SMTP id gq15so6864851lab.6
 for <patchwork-forward@linaro.org>;
 Thu, 19 Feb 2015 02:57:27 -0800 (PST)
X-Received: by 10.112.135.196 with SMTP id pu4mr3313543lbb.41.1424343447083; 
 Thu, 19 Feb 2015 02:57:27 -0800 (PST)
X-Forwarded-To: patchwork-forward@linaro.org
X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org
Delivered-To: patch@linaro.org
Received: by 10.112.35.133 with SMTP id h5csp412610lbj;
 Thu, 19 Feb 2015 02:57:26 -0800 (PST)
X-Received: by 10.70.47.70 with SMTP id b6mr6594279pdn.136.1424343445358;
 Thu, 19 Feb 2015 02:57:25 -0800 (PST)
Received: from bombadil.infradead.org (bombadil.infradead.org.
 [2001:1868:205::9]) by mx.google.com with ESMTPS id
 lc15si23486524pab.102.2015.02.19.02.57.24 for <patch@linaro.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Thu, 19 Feb 2015 02:57:25 -0800 (PST)
Received-SPF: none (google.com:
 linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org
 does not designate permitted sender hosts)
 client-ip=2001:1868:205::9; 
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
 by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux))
 id 1YOOm0-0006ow-5E; Thu, 19 Feb 2015 10:56:00 +0000
Received: from mail-wi0-f182.google.com ([209.85.212.182])
 by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat
 Linux)) id 1YOOlU-0006WH-EI for linux-arm-kernel@lists.infradead.org;
 Thu, 19 Feb 2015 10:55:29 +0000
Received: by mail-wi0-f182.google.com with SMTP id l15so8227672wiw.3
 for <linux-arm-kernel@lists.infradead.org>;
 Thu, 19 Feb 2015 02:55:06 -0800 (PST)
X-Received: by 10.194.122.233 with SMTP id lv9mr7499619wjb.95.1424343306243; 
 Thu, 19 Feb 2015 02:55:06 -0800 (PST)
Received: from ards-macbook-pro.local (237.102.108.93.rev.vodafone.pt.
 [93.108.102.237]) by mx.google.com with ESMTPSA id
 a1sm29642361wiy.10.2015.02.19.02.55.03
 (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Thu, 19 Feb 2015 02:55:05 -0800 (PST)
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: lersek@redhat.com, christoffer.dall@linaro.org, marc.zyngier@arm.com,
 linux-arm-kernel@lists.infradead.org, peter.maydell@linaro.org
Subject: [RFC/RFT PATCH 2/3] arm64: KVM: mangle MAIR register to prevent
 uncached guest mappings
Date: Thu, 19 Feb 2015 10:54:45 +0000
Message-Id: <1424343286-6792-3-git-send-email-ard.biesheuvel@linaro.org>
X-Mailer: git-send-email 1.8.3.2
In-Reply-To: <1424343286-6792-1-git-send-email-ard.biesheuvel@linaro.org>
References: <1424343286-6792-1-git-send-email-ard.biesheuvel@linaro.org>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3
X-CRM114-CacheID: sfid-20150219_025528_681307_135558E2
X-CRM114-Status: GOOD (  13.25  )
X-Spam-Score: -0.7 (/)
X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary:
 Content analysis details:   (-0.7 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
 low trust [209.85.212.182 listed in list.dnswl.org]
 -0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [209.85.212.182 listed in wl.mailspike.net]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
Cc: pbonzini@redhat.com, Ard Biesheuvel <ard.biesheuvel@linaro.org>,
 kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org, agraf@suse.de
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: <patchwork-forward.linaro.org>
List-Unsubscribe: <mailto:googlegroups-manage+836684582541+unsubscribe@googlegroups.com>, 
 <http://groups.google.com/a/linaro.org/group/patchwork-forward/subscribe>
List-Archive: <http://groups.google.com/a/linaro.org/group/patchwork-forward/>
List-Post: <http://groups.google.com/a/linaro.org/group/patchwork-forward/post>, 
 <mailto:patchwork-forward@linaro.org>
List-Help: <http://support.google.com/a/linaro.org/bin/topic.py?topic=25838>, 
 <mailto:patchwork-forward+help@linaro.org>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
MIME-Version: 1.0
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org
X-Removed-Original-Auth: Dkim didn't pass.
X-Original-Sender: ard.biesheuvel@linaro.org
X-Original-Authentication-Results: mx.google.com; spf=pass (google.com:
 domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 209.85.215.44 as permitted sender)
 smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org
Mailing-list: list patchwork-forward@linaro.org;
 contact patchwork-forward+owners@linaro.org
X-Google-Group-Id: 836684582541

Mangle the memory attribute register values at each write to MAIR_EL1
so that regions that the guest intends to map as device or uncached are
in fact mapped as cached instead. This avoids incoherency issues when
the guest bypassed the caches to access memory that the host has mapped
as cached.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 arch/arm64/kvm/sys_regs.c | 35 ++++++++++++++++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index 1e170eab6603..bde2b49a7cd8 100644
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -110,6 +110,39 @@ static bool access_vm_reg(struct kvm_vcpu *vcpu,
 	return true;
 }
 
+static bool access_mair(struct kvm_vcpu *vcpu,
+			const struct sys_reg_params *p,
+			const struct sys_reg_desc *r)
+{
+	unsigned long val, mask;
+
+	BUG_ON(!p->is_write);
+
+	val = *vcpu_reg(vcpu, p->Rt);
+
+	if (!p->is_aarch32) {
+		/*
+		 * Mangle val so that all device and uncached attributes are
+		 * replaced with cached attributes.
+		 * For each attribute, check whether any of bit 7, bit 5 or bit
+		 * 4 are set. If not, it is a device or outer non-cacheable
+		 * mapping and we override it with inner, outer write-through,
+		 * read+write-allocate (0xbb).
+		 * TODO: handle outer cacheable inner non-cacheable
+		 */
+		mask = ~(val >> 7 | val >> 5 | val >> 4) & 0x0101010101010101UL;
+		val = (val & ~(mask * 0xff)) | (mask * 0xbb);
+
+		vcpu_sys_reg(vcpu, r->reg) = val;
+	} else {
+		if (!p->is_32bit)
+			vcpu_cp15_64_high(vcpu, r->reg) = val >> 32;
+		vcpu_cp15_64_low(vcpu, r->reg) = val & 0xffffffffUL;
+	}
+
+	return true;
+}
+
 static bool trap_raz_wi(struct kvm_vcpu *vcpu,
 			const struct sys_reg_params *p,
 			const struct sys_reg_desc *r)
@@ -371,7 +404,7 @@ static const struct sys_reg_desc sys_reg_descs[] = {
 
 	/* MAIR_EL1 */
 	{ Op0(0b11), Op1(0b000), CRn(0b1010), CRm(0b0010), Op2(0b000),
-	  access_vm_reg, reset_unknown, MAIR_EL1 },
+	  access_mair, reset_unknown, MAIR_EL1 },
 	/* AMAIR_EL1 */
 	{ Op0(0b11), Op1(0b000), CRn(0b1010), CRm(0b0011), Op2(0b000),
 	  access_handled_at_el2, reset_amair_el1, AMAIR_EL1 },