Received: by 2002:ab2:784b:0:b0:1fd:adc2:8405 with SMTP id m11csp374826lqp;
        Mon, 10 Jun 2024 06:54:26 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCUILqUhBlFa3Qrl8HzZiphfezXOaCdXiZYJOpK1PubVwa764OVjtDYtdwAcX4AoUVHfUczpEo9RgaoDzP7zJEJiRJ51j/JgP/2WKQtxxg==
X-Google-Smtp-Source: AGHT+IHA8MniqzIVqjyKJbWHIBN+/e2SSBPISoZ52dzfSu7KIusiEiOTehkylHDyjCJELrcnaeDe
X-Received: by 2002:a05:6a20:7290:b0:1b5:d00e:98d7 with SMTP id adf61e73a8af0-1b5d00e9b32mr5473242637.24.1718027666428;
        Mon, 10 Jun 2024 06:54:26 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1718027666; cv=pass;
        d=google.com; s=arc-20160816;
        b=tZJagfTcUblk7AP0B24yWvMqbuKGF6f/g1eMNt1jjVSYcYlqw4uKXS/Ua353YssWDe
         N6Mu9D4FTDax21NQj9VH0BVOdfGmebJ9Y0zkhk4axiiC2Wvzy5zWH5oWsFZwflOx62c4
         AQOrR1K6rTNl14StcaxCCdb+TJkVztPlfTUUjbZ8MAnINSAXQr0fl2jbDH8Oql2kg15e
         KKaezSsqpYsNPEEVqzTJ/NsS8y4bUf3RGiEDt2rzukGGx2xOjTKHA10d86cD//biYUs/
         ZmoZxF2gXTyYRk1+gCNlE6EVMYawAcPLKC+CMQmbmltivw/4OQ+doaA8gGXqWIUbWkqv
         hgqw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:message-id
         :date:subject:cc:to:from;
        bh=PcSg5LtkPegGxXBAWDxTx8zoDJRvZtG8Vje28XRh07w=;
        fh=NDCPdPn2hiqHaiIRDYQAzsW9PK20CTia4nECGof6enU=;
        b=X6BE/MCbQ9D14okE+Rmo6R6UYpZXdu3m2NvHpPAoNowm1UDnzsB7+56JLV0+YhNT2q
         gViYLKEN2emLJnXAqS8WaPmdsKLYy2RVMzqBDZ4/+ZVgK08ydAtMb30m0T0jsNVaZoAq
         aU8K5H4KSA/IcmQW0QwoSP2CBi5ovUR5YvApCy7vX/xE9deEI5JDzHsrAa3iaX48M0KX
         V3giBW9Kt5C7ywP4eRdcB9+Ay4aTCldTCY2Qm5vi61g8MVWyKgCJYp4DFOQmPJNyIILJ
         XD+dmSgRfCsAtAmaCC3o4WV7Zfia6BWt21u1avRmgvhvWigifbX2Eua4vPOMbWf/SEtJ
         cMjg==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com);
       spf=pass (google.com: domain of linux-kernel+bounces-208273-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-208273-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Return-Path: <linux-kernel+bounces-208273-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id d2e1a72fcca58-7059fceafcbsi895289b3a.67.2024.06.10.06.54.26
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 10 Jun 2024 06:54:26 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-208273-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com);
       spf=pass (google.com: domain of linux-kernel+bounces-208273-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-208273-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id C2F952886BF
	for <linux.lists.archive@gmail.com>; Mon, 10 Jun 2024 13:50:38 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id CFBD31553A2;
	Mon, 10 Jun 2024 13:43:46 +0000 (UTC)
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 2115913D278;
	Mon, 10 Jun 2024 13:43:45 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=217.140.110.172
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1718027026; cv=none; b=hQasuSfRQMQz3WO72RcEPofptYSO1u4YJ7piRZCW3PxemtN+zkHFMUsx3e7WsT3KvTcqe1fxqaaTHe4NILrE0857PmaoAqBmstuhHlXG95eNnZ2TJkZHRG8w0m4aLy7cMmulBXYx3BLf6qLXGaLOm2P0BhCKk7beullWUWZQ/Tk=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1718027026; c=relaxed/simple;
	bh=2iu8E7+wuj6oKBgbTmuHms6htCryC5gxsoYCxceLMoo=;
	h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:
	 MIME-Version; b=d7Ef3o6b9zBH/6MuQZrhOPnLbfD7dXYGRIa44CKGdyUWCcKdKEa94JoBmWZoRF2X3+okiYgLm2cOYt9pY2CNFCTcOVJ1ZoQItFGG20zFegZMtsD48MmsU4G30o+qCSMytVS9mJz4EizuSBRB7ZKsIrINmm8TIydPlK0iZ9bqsf0=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com; spf=pass smtp.mailfrom=arm.com; arc=none smtp.client-ip=217.140.110.172
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=arm.com
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5185B12FC;
	Mon, 10 Jun 2024 06:44:09 -0700 (PDT)
Received: from e122027.cambridge.arm.com (e122027.cambridge.arm.com [10.1.35.41])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 0A5FE3F58B;
	Mon, 10 Jun 2024 06:43:40 -0700 (PDT)
From: Steven Price <steven.price@arm.com>
To: kvm@vger.kernel.org,
	kvmarm@lists.linux.dev
Cc: Steven Price <steven.price@arm.com>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Marc Zyngier <maz@kernel.org>,
	Will Deacon <will@kernel.org>,
	James Morse <james.morse@arm.com>,
	Oliver Upton <oliver.upton@linux.dev>,
	Suzuki K Poulose <suzuki.poulose@arm.com>,
	Zenghui Yu <yuzenghui@huawei.com>,
	linux-arm-kernel@lists.infradead.org,
	linux-kernel@vger.kernel.org,
	Joey Gouly <joey.gouly@arm.com>,
	Alexandru Elisei <alexandru.elisei@arm.com>,
	Christoffer Dall <christoffer.dall@arm.com>,
	Fuad Tabba <tabba@google.com>,
	linux-coco@lists.linux.dev,
	Ganapatrao Kulkarni <gankulkarni@os.amperecomputing.com>
Subject: [PATCH v3 26/43] arm64: Don't expose stolen time for realm guests
Date: Mon, 10 Jun 2024 14:41:45 +0100
Message-Id: <20240610134202.54893-27-steven.price@arm.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240610134202.54893-1-steven.price@arm.com>
References: <20240610134202.54893-1-steven.price@arm.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

It doesn't make much sense and with the ABI as it is it's a footgun for
the VMM which makes fatal granule protection faults easy to trigger.

Signed-off-by: Steven Price <steven.price@arm.com>
---
 arch/arm64/kvm/arm.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c
index 77ea231cfb04..f78e92dfaa72 100644
--- a/arch/arm64/kvm/arm.c
+++ b/arch/arm64/kvm/arm.c
@@ -418,7 +418,10 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
 		r = system_supports_mte();
 		break;
 	case KVM_CAP_STEAL_TIME:
-		r = kvm_arm_pvtime_supported();
+		if (kvm && kvm_is_realm(kvm))
+			r = 0;
+		else
+			r = kvm_arm_pvtime_supported();
 		break;
 	case KVM_CAP_ARM_EL1_32BIT:
 		r = cpus_have_final_cap(ARM64_HAS_32BIT_EL1);
-- 
2.34.1