linux/arch/arm64/kernel
Mark Rutland 384b40caa8 KVM: arm/arm64: Context-switch ptrauth registers
When pointer authentication is supported, a guest may wish to use it.
This patch adds the necessary KVM infrastructure for this to work, with
a semi-lazy context switch of the pointer auth state.

Pointer authentication feature is only enabled when VHE is built
in the kernel and present in the CPU implementation so only VHE code
paths are modified.

When we schedule a vcpu, we disable guest usage of pointer
authentication instructions and accesses to the keys. While these are
disabled, we avoid context-switching the keys. When we trap the guest
trying to use pointer authentication functionality, we change to eagerly
context-switching the keys, and enable the feature. The next time the
vcpu is scheduled out/in, we start again. However the host key save is
optimized and implemented inside ptrauth instruction/register access
trap.

Pointer authentication consists of address authentication and generic
authentication, and CPUs in a system might have varied support for
either. Where support for either feature is not uniform, it is hidden
from guests via ID register emulation, as a result of the cpufeature
framework in the host.

Unfortunately, address authentication and generic authentication cannot
be trapped separately, as the architecture provides a single EL2 trap
covering both. If we wish to expose one without the other, we cannot
prevent a (badly-written) guest from intermittently using a feature
which is not uniformly supported (when scheduled on a physical CPU which
supports the relevant feature). Hence, this patch expects both type of
authentication to be present in a cpu.

This switch of key is done from guest enter/exit assembly as preparation
for the upcoming in-kernel pointer authentication support. Hence, these
key switching routines are not implemented in C code as they may cause
pointer authentication key signing error in some situations.

Signed-off-by: Mark Rutland <mark.rutland@arm.com>
[Only VHE, key switch in full assembly, vcpu_has_ptrauth checks
, save host key in ptrauth exception trap]
Signed-off-by: Amit Daniel Kachhap <amit.kachhap@arm.com>
Reviewed-by: Julien Thierry <julien.thierry@arm.com>
Cc: Christoffer Dall <christoffer.dall@arm.com>
Cc: kvmarm@lists.cs.columbia.edu
[maz: various fixups]
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
2019-04-24 15:30:40 +01:00
..
probes arm64: kprobes: Use arch_populate_kprobe_blacklist() 2019-03-19 12:47:44 +00:00
vdso arm64: Add build salt to the vDSO 2018-07-18 01:18:05 +09:00
.gitignore
acpi_numa.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
acpi_parking_protocol.c arm64: fix endianness annotation in acpi_parking_protocol.c 2017-06-29 11:33:15 +01:00
acpi.c arm64: KVM/mm: Move SEA handling behind a single 'claim' interface 2019-02-07 23:10:45 +01:00
alternative.c arm64: alternative: Apply alternatives early in boot process 2019-02-06 10:05:20 +00:00
armv8_deprecated.c Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
asm-offsets.c KVM: arm/arm64: Context-switch ptrauth registers 2019-04-24 15:30:40 +01:00
cacheinfo.c arm64: Add support for ACPI based firmware tables 2018-05-17 17:28:09 +01:00
cpu_errata.c arm64: kpti: Avoid rewriting early page tables when KASLR is enabled 2019-01-10 17:49:35 +00:00
cpu_ops.c arm64: cpu_ops: Add missing 'const' qualifiers 2017-12-01 13:05:08 +00:00
cpu-reset.h arm64: kexec: always reset to EL2 if present 2018-07-04 18:34:24 +01:00
cpu-reset.S arm64: kexec_file: invoke the kernel without purgatory 2018-12-06 14:38:53 +00:00
cpufeature.c arm64/sve: Check SVE virtualisability 2019-03-29 14:41:52 +00:00
cpuidle.c ARM64 / cpuidle: Use new cpuidle macro for entering retention state 2018-01-02 13:50:34 +00:00
cpuinfo.c arm64: add basic pointer authentication support 2018-12-13 16:42:46 +00:00
crash_core.c arm64: kernel: arch_crash_save_vmcoreinfo() should depend on CONFIG_CRASH_CORE 2018-09-11 11:08:49 +01:00
crash_dump.c arm64: kdump: fix small typo 2018-11-02 17:24:17 +00:00
debug-monitors.c signal/arm64: Add and use arm64_force_sig_fault where appropriate 2018-09-27 21:54:43 +02:00
efi-entry.S arm64: Add software workaround for Falkor erratum 1041 2018-02-06 22:53:13 +00:00
efi-header.S arm64: efi: split Image code and data into separate PE/COFF sections 2017-04-04 17:50:59 +01:00
efi-rt-wrapper.S efi/arm64: Check whether x18 is preserved by runtime services calls 2018-03-09 08:58:22 +01:00
efi.c efi/arm64: Check whether x18 is preserved by runtime services calls 2018-03-09 08:58:22 +01:00
entry-fpsimd.S arm64/sve: Write ZCR_EL1 on context switch only if changed 2018-05-17 18:19:53 +01:00
entry-ftrace.S arm64: frace: use asm EXPORT_SYMBOL() 2018-12-10 11:50:12 +00:00
entry.S arm64: Rename get_thread_info() 2019-02-26 16:57:59 +00:00
fpsimd.c arm64/sve: Clarify vq map semantics 2019-04-18 17:14:01 +01:00
ftrace.c Tracing changes for v4.21: 2018-12-31 11:46:59 -08:00
head.S arm64: Relax GIC version check during early boot 2019-02-20 14:05:37 +00:00
hibernate-asm.S arm64: mm: Offset TTBR1 to allow 52-bit PTRS_PER_PGD 2018-12-10 18:42:17 +00:00
hibernate.c arm64: hibernate: Clean the __hyp_text to PoC after resume 2019-02-01 14:10:02 +00:00
hw_breakpoint.c perf/arch/arm64: Implement hw_breakpoint_arch_parse() 2018-06-26 09:07:56 +02:00
hyp-stub.S arm64: hyp-stub: Forbid kprobing of the hyp-stub 2019-02-01 14:10:01 +00:00
image.h Merge branch 'for-next/kexec' into aarch64/for-next/core 2018-12-10 18:57:17 +00:00
insn.c arm64/insn: add support for emitting ADR/ADRP instructions 2018-11-27 18:47:33 +00:00
io.c arm64: Avoid aligning normal memory pointers in __memcpy_{to,from}io 2017-10-24 16:23:07 +01:00
irq.c arm64: Fix HCR.TGE status for NMI contexts 2019-02-06 10:05:16 +00:00
jump_label.c jump_label: move 'asm goto' support test to Kconfig 2019-01-06 09:46:51 +09:00
kaslr.c arm64: kaslr: ensure randomized quantities are clean also when kaslr is off 2019-02-01 14:07:23 +00:00
kexec_image.c arm64: kexec_file: forbid kdump via kexec_file_load() 2018-12-07 15:28:21 +00:00
kgdb.c arm64: debug: Ensure debug handlers check triggering exception level 2019-03-01 16:23:38 +00:00
kuser32.S
machine_kexec_file.c arm64: kexec_file: handle empty command-line 2019-02-05 09:34:49 +00:00
machine_kexec.c arm64: kdump: no need to mark crashkernel pages manually PG_reserved 2019-03-05 21:07:19 -08:00
Makefile arm64: replace arm64-obj-* in Makefile with obj-* 2019-01-04 10:09:21 +00:00
module-plts.c arm64/module: switch to ADRP/ADD sequences for PLT entries 2018-11-27 19:00:45 +00:00
module.c arm64/module: switch to ADRP/ADD sequences for PLT entries 2018-11-27 19:00:45 +00:00
module.lds arm64: ftrace: emit ftrace-mod.o contents through code 2017-12-01 13:04:59 +00:00
paravirt.c x86/paravirt: Use a single ops structure 2018-09-03 16:50:35 +02:00
pci.c arm64: PCI: Remove node-local allocations when initialising host controller 2018-09-17 16:33:23 -05:00
perf_callchain.c Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
perf_event.c arm64: perf: remove misleading comment 2019-01-19 22:57:38 +00:00
perf_regs.c compat: Move compat_timespec/ timeval to compat_time.h 2018-04-19 13:29:54 +02:00
pointer_auth.c arm64: ptr auth: Move per-thread keys from thread_info to thread_struct 2018-12-13 16:42:47 +00:00
process.c arm64: Unmask PMR before going idle 2019-02-06 10:05:18 +00:00
psci.c arm64: remove unused asm/compiler.h header file 2018-10-01 11:57:04 +01:00
ptrace.c arm64 updates for 5.1: 2019-03-10 10:17:23 -07:00
reloc_test_core.c arm64: fix undefined reference to 'printk' 2018-03-19 18:14:25 +00:00
reloc_test_syms.S arm64: fix undefined reference to 'printk' 2018-03-19 18:14:25 +00:00
relocate_kernel.S arm64: kexec_file: invoke the kernel without purgatory 2018-12-06 14:38:53 +00:00
return_address.c arm64: Use ftrace_graph_get_ret_stack() instead of curr_ret_stack 2018-12-22 08:21:02 -05:00
sdei.c arm64: sdei: Mark sdei stack helper functions as static 2018-07-31 12:08:22 +01:00
setup.c treewide: add checks for the return value of memblock_alloc*() 2019-03-12 10:04:02 -07:00
signal32.c Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
signal.c arm64: fpsimd: Always set TIF_FOREIGN_FPSTATE on task state flush 2019-03-29 14:41:52 +00:00
sleep.S arm64/mm: Pass ttbr1 as a parameter to __enable_mmu() 2018-09-25 15:10:54 +01:00
smccc-call.S arm64: smccc: use asm EXPORT_SYMBOL() 2018-12-10 11:50:11 +00:00
smp_spin_table.c
smp.c arm64: Switch to PMR masking when starting CPUs 2019-02-06 10:05:20 +00:00
ssbd.c arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 2018-09-14 17:46:19 +01:00
stacktrace.c arm64/stacktrace: Export save_stack_trace_regs() 2019-03-19 14:55:10 +00:00
suspend.c arm64: mm: Support Common Not Private translations 2018-09-18 12:02:27 +01:00
sys32.c arm64: implement syscall wrappers 2018-07-12 14:49:48 +01:00
sys_compat.c arm64 fixes for -rc1 2019-01-05 11:28:39 -08:00
sys.c arm64: implement syscall wrappers 2018-07-12 14:49:48 +01:00
syscall.c arm64: compat: Don't pull syscall number from regs in arm_compat_syscall 2019-01-04 14:18:01 +00:00
time.c arm64: Use ftrace_graph_get_ret_stack() instead of curr_ret_stack 2018-12-22 08:21:02 -05:00
topology.c arm64: topology: re-introduce numa mask check for scheduler MC selection 2018-07-06 13:18:18 +01:00
trace-events-emulation.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
traps.c arm64: Handle serror in NMI context 2019-02-06 10:05:22 +00:00
vdso.c arm64/vdso: Support mremap() for vDSO 2017-08-09 12:16:28 +01:00
vmlinux.lds.S arm64: relocatable: fix inconsistencies in linker script and options 2018-12-04 12:48:25 +00:00