Received: by 10.223.185.116 with SMTP id b49csp2641599wrg; Thu, 15 Feb 2018 15:13:21 -0800 (PST) X-Google-Smtp-Source: AH8x226MnOjcXnZqJr6Gcv1xAdNtw5yD/a6Ft3EA0KdVQb4MJFObVncQE1svM6uvDh6gauOrtHDe X-Received: by 10.101.96.142 with SMTP id t14mr3446626pgu.58.1518736401365; Thu, 15 Feb 2018 15:13:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518736401; cv=none; d=google.com; s=arc-20160816; b=hv+Yqi0RPLrtl7OTzIpTnE1ZjnwxltzdAWzrh9it+EXXGcTKhHyetAmg5UzjVuLGCp inbsa8wJ1v67bKxuq4OAYdWfx7gyzWAorAbwJcCHghQXZ3+GUBYVf44IFiMNW8F5iEUz f0kidMtPjzeuD4KUn8Ukg3iMvLFZRHkTCYyiaMtr7+xDb1hhE8lWx1lW+DdmCHKKuAXI 81zN42uFUuIYR+UukfhDqmZr32Ya5aFVRj95D4DBW7bGvAO3nb5XWjbhbmy+pgqMoEUW xQOJ20JHtXd1ad7O79cq9qGuUcz9vcuEVE4lHyoemFqwoiPZguXrEbe/++k76B3SzBqN 5yhg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=FKXSJvDgKWVYWZIyD+ULJP65wrLZSRJMC2DYORRldNg=; b=dddaQUKOY6sBid9a0AkPpwoE3JZbCcu1FWi/xunYabFmhGjPeMWV0l91VyyTTjiwfI l7+0xJ03lfmx2i1iXdXBnOyh4x8uJXEK45vy5thsU/ccz/s2NBkJzWP5wF7b12NYzgtb 0YKbLqVJtTB8K8gkLFdCutj33BhGdWSYQVcDRpDeU5MPAcQ3ECeL+RP+/d7eVn8ZGFXM y/l/mNNf/VbubtV+Ig060qdHBegjXGUJJ72eD2Zh6srnp7SwPjnnCpjEs0c5Fe7JzFns UHAki0I4i7XjsY4KEAuRXzUtVynIfdSGi+q7cFMeXO1N+3ur3BlWrZxPxpkid7sQmSpY yyaA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m13si5684767pfh.118.2018.02.15.15.13.03; Thu, 15 Feb 2018 15:13:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1422754AbeBOPfo (ORCPT + 99 others); Thu, 15 Feb 2018 10:35:44 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:57514 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1422724AbeBOPfm (ORCPT ); Thu, 15 Feb 2018 10:35:42 -0500 Received: from localhost (LFbn-1-12258-90.w90-92.abo.wanadoo.fr [90.92.71.90]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 43E93114E; Thu, 15 Feb 2018 15:35:41 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Ard Biesheuvel , Marc Zyngier , Catalin Marinas Subject: [PATCH 4.14 136/195] arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls Date: Thu, 15 Feb 2018 16:17:07 +0100 Message-Id: <20180215151712.591016767@linuxfoundation.org> X-Mailer: git-send-email 2.16.1 In-Reply-To: <20180215151705.738773577@linuxfoundation.org> References: <20180215151705.738773577@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: Marc Zyngier commit 20e8175d246e9f9deb377f2784b3e7dfb2ad3e86 upstream. KVM doesn't follow the SMCCC when it comes to unimplemented calls, and inject an UNDEF instead of returning an error. Since firmware calls are now used for security mitigation, they are becoming more common, and the undef is counter productive. Instead, let's follow the SMCCC which states that -1 must be returned to the caller when getting an unknown function number. Tested-by: Ard Biesheuvel Signed-off-by: Marc Zyngier Signed-off-by: Catalin Marinas Signed-off-by: Greg Kroah-Hartman --- arch/arm/kvm/handle_exit.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) --- a/arch/arm/kvm/handle_exit.c +++ b/arch/arm/kvm/handle_exit.c @@ -38,7 +38,7 @@ static int handle_hvc(struct kvm_vcpu *v ret = kvm_hvc_call_handler(vcpu); if (ret < 0) { - kvm_inject_undefined(vcpu); + vcpu_set_reg(vcpu, 0, ~0UL); return 1; } @@ -47,7 +47,16 @@ static int handle_hvc(struct kvm_vcpu *v static int handle_smc(struct kvm_vcpu *vcpu, struct kvm_run *run) { - kvm_inject_undefined(vcpu); + /* + * "If an SMC instruction executed at Non-secure EL1 is + * trapped to EL2 because HCR_EL2.TSC is 1, the exception is a + * Trap exception, not a Secure Monitor Call exception [...]" + * + * We need to advance the PC after the trap, as it would + * otherwise return to the same address... + */ + vcpu_set_reg(vcpu, 0, ~0UL); + kvm_skip_instr(vcpu, kvm_vcpu_trap_il_is32bit(vcpu)); return 1; }