• Will Deacon's avatar
    KVM: arm64: Allocate hyp vectors statically · b881cdce
    Will Deacon authored
    The EL2 vectors installed when a guest is running point at one of the
    following configurations for a given CPU:
    
      - Straight at __kvm_hyp_vector
      - A trampoline containing an SMC sequence to mitigate Spectre-v2 and
        then a direct branch to __kvm_hyp_vector
      - A dynamically-allocated trampoline which has an indirect branch to
        __kvm_hyp_vector
      - A dynamically-allocated trampoline containing an SMC sequence to
        mitigate Spectre-v2 and then an indirect branch to __kvm_hyp_vector
    
    The indirect branches mean that VA randomization at EL2 isn't trivially
    bypassable using Spectre-v3a (where the vector base is readable by the
    guest).
    
    Rather than populate these vectors dynamically, configure everything
    statically and use an enumerated type to identify the vector "slot"
    corresponding to one of the configurations above. This both simplifies
    the code, but also makes it much easier to implement at EL2 later on.
    Signed-off-by: default avatarWill Deacon <will@kernel.org>
    [maz: fixed double call to kvm_init_vector_slots() on nVHE]
    Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
    Cc: Marc Zyngier <maz@kernel.org>
    Cc: Quentin Perret <qperret@google.com>
    Link: https://lore.kernel.org/r/20201113113847.21619-8-will@kernel.org
    b881cdce
hyp-entry.S 5.47 KB