Received: by 10.223.185.116 with SMTP id b49csp2206500wrg; Thu, 15 Feb 2018 08:06:08 -0800 (PST) X-Google-Smtp-Source: AH8x224vw7dih7dwzsfpYVAzDOQ/O37ZEEgRsfuI08qcAKtXBk+2SVwLbTa2Vxyz865uIkHT0tPG X-Received: by 2002:a17:902:1e5:: with SMTP id b92-v6mr2964572plb.383.1518710767925; Thu, 15 Feb 2018 08:06:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518710767; cv=none; d=google.com; s=arc-20160816; b=IX6mRcBcTjnANfCc13H2GzzuaWQFg4DICnzUANWwK9VbDgMlPIDC7FRlBxc9k4EptH FQtRWDyW2DaoMQ9CaFOTMBGpJnYxCX6Nquz7ymRjxrUQSNICn601jqDHOK3HV61L9KUn yS7RVcn9lZ6yeEnxD+70b10NZQpXCMIQb7KPRMnMwCb7mjhMSMXf2tbhlrT+QDlvf6gI UbnGchCqtnVskiGCZZFKX4xHGjcjt6XZi9YUqnkuPIPgYMTrYe8ljzyle94eqStA6vKF +eSdf76JdIji20Wlvd/ZBVLCMCYaRaTSieTuTj9PRF9OAxEoh0Q3SMb+fiqBeC4UcrIn O4fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=0NyFH+u1m4t8wx6pMc1ohy93uGS1W9Mert3HyZz9cIw=; b=rYM8R5nKin6AREwb83xnn1nv9P+fnb++DMTcvQNzCFtPukQSXwXGTq//jAcNmXBK7J VEYw41yPZZ080glrQXP6J5nTSUbJNvIllX2ffrt4WVFoUqQ1XFAsJqEDnaKVUQXj0Xfc JbKnsIVt2lcgwQBVWhUbia5rZShE3yfi6Lzs3L5LgN6bwMKTPyOONVR/rsq7PocIisPa oJVz7+kAWfSY/w0nGfrSuNZEybc395I9rTpIrDglyYfb/JSUgXmu7ir5bWvpAAfaVpX5 OIYUKYbFPybKHZ9heofQpOakP7ptcYBZlFxA8otqgQaw/surrrPox1FGoSMbLC+kj2E+ qATA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t22si2901988pfl.51.2018.02.15.08.05.53; Thu, 15 Feb 2018 08:06:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1424649AbeBOPqS (ORCPT + 99 others); Thu, 15 Feb 2018 10:46:18 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:35304 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1424599AbeBOPqP (ORCPT ); Thu, 15 Feb 2018 10:46:15 -0500 Received: from localhost (LFbn-1-12258-90.w90-92.abo.wanadoo.fr [90.92.71.90]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id CAC9A11CE; Thu, 15 Feb 2018 15:46:14 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Ard Biesheuvel , Marc Zyngier , Catalin Marinas Subject: [PATCH 4.15 130/202] arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls Date: Thu, 15 Feb 2018 16:17:10 +0100 Message-Id: <20180215151719.989477591@linuxfoundation.org> X-Mailer: git-send-email 2.16.1 In-Reply-To: <20180215151712.768794354@linuxfoundation.org> References: <20180215151712.768794354@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: Marc Zyngier commit 20e8175d246e9f9deb377f2784b3e7dfb2ad3e86 upstream. KVM doesn't follow the SMCCC when it comes to unimplemented calls, and inject an UNDEF instead of returning an error. Since firmware calls are now used for security mitigation, they are becoming more common, and the undef is counter productive. Instead, let's follow the SMCCC which states that -1 must be returned to the caller when getting an unknown function number. Tested-by: Ard Biesheuvel Signed-off-by: Marc Zyngier Signed-off-by: Catalin Marinas Signed-off-by: Greg Kroah-Hartman --- arch/arm/kvm/handle_exit.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) --- a/arch/arm/kvm/handle_exit.c +++ b/arch/arm/kvm/handle_exit.c @@ -38,7 +38,7 @@ static int handle_hvc(struct kvm_vcpu *v ret = kvm_hvc_call_handler(vcpu); if (ret < 0) { - kvm_inject_undefined(vcpu); + vcpu_set_reg(vcpu, 0, ~0UL); return 1; } @@ -47,7 +47,16 @@ static int handle_hvc(struct kvm_vcpu *v static int handle_smc(struct kvm_vcpu *vcpu, struct kvm_run *run) { - kvm_inject_undefined(vcpu); + /* + * "If an SMC instruction executed at Non-secure EL1 is + * trapped to EL2 because HCR_EL2.TSC is 1, the exception is a + * Trap exception, not a Secure Monitor Call exception [...]" + * + * We need to advance the PC after the trap, as it would + * otherwise return to the same address... + */ + vcpu_set_reg(vcpu, 0, ~0UL); + kvm_skip_instr(vcpu, kvm_vcpu_trap_il_is32bit(vcpu)); return 1; }