diff options
| author | Oliver Upton <oliver.upton@linux.dev> | 2025-09-12 14:22:52 -0700 |
|---|---|---|
| committer | Marc Zyngier <maz@kernel.org> | 2025-09-19 14:01:35 +0100 |
| commit | 7cbdb25bed4046dacf139cce25fad9ef39a04a5f (patch) | |
| tree | a10ebebdf279a0e360bb6e97e80a0c0815b5ee82 | |
| parent | 26785cf28bb10bc94b2a52820c8ba1b3cfc534e5 (diff) | |
KVM: arm64: nv: Expose FEAT_ECBHB to NV-enabled VMs
The exact wording of the restrictions on branch prediction due to
FEAT_ECBHB in DDI0487L.b is as follows:
When FEAT_ECBHB is implemented, the branch history information created
in a context before an exception to a higher Exception level using
AArch64 cannot be used by code before that exception to exploitatively
control the execution of any indirect branches in code in a different
context after the exception.
While vEL2 and EL1 are multiplexed at EL1, they exist in different
hardware-described contexts as KVM uses different stage-2 MMUs to
represent the corresponding translation regimes. Additionally, exception
entries into vEL2 always imply a hardware exception entry into literal EL2
for the emulated regime change.
Given all of this, and the fact that FEAT_ECBHB places no limitation on
the EL of the protected context after the exception, we can claim
FEAT_ECBHB on supporting hardware.
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>
Signed-off-by: Marc Zyngier <maz@kernel.org>
| -rw-r--r-- | arch/arm64/kvm/nested.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/arch/arm64/kvm/nested.c b/arch/arm64/kvm/nested.c index 35fa6e00c9be..20e7b11d5d67 100644 --- a/arch/arm64/kvm/nested.c +++ b/arch/arm64/kvm/nested.c @@ -1524,8 +1524,7 @@ u64 limit_nv_id_reg(struct kvm *kvm, u32 reg, u64 val) break; case SYS_ID_AA64MMFR1_EL1: - val &= ~(ID_AA64MMFR1_EL1_ECBHB | - ID_AA64MMFR1_EL1_CMOW | + val &= ~(ID_AA64MMFR1_EL1_CMOW | ID_AA64MMFR1_EL1_TIDCP1 | ID_AA64MMFR1_EL1_nTLBPA | ID_AA64MMFR1_EL1_AFP | |