Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
xen.26345
xsa351-3.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xsa351-3.patch of Package xen.26345
From: Julien Grall <jgrall@amazon.com> Subject: xen/arm: Always trap AMU system registers The Activity Monitors Unit (AMU) has been introduced by ARMv8.4. It is considered to be unsafe to be expose to guests as they might expose information about code executed by other guests or the host. Arm provided a way to trap all the AMU system registers by setting CPTR_EL2.TAM to 1. Unfortunately, on older revision of the specification, the bit 30 (now CPTR_EL1.TAM) was RES0. Because of that, Xen is setting it to 0 and therefore the system registers would be exposed to the guest when it is run on processors with AMU. As the bit is mark as UNKNOWN at boot in Armv8.4, the only safe solution for us is to always set CPTR_EL1.TAM to 1. Guest trying to access the AMU system registers will now receive an undefined instruction. Unfortunately, this means that even well-behaved guest may fail to boot because we don't sanitize the ID registers. This is a known issues with other Armv8.0+ features (e.g. SVE, Pointer Auth). This will taken care separately. This is part of XSA-351 (or XSA-93 re-born). Signed-off-by: Julien Grall <jgrall@amazon.com> Reviewed-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com> --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -182,7 +182,8 @@ void init_traps(void) * On ARM64 the TCPx bits which we set here (0..9,12,13) are all * RES1, i.e. they would trap whether we did this write or not. */ - WRITE_SYSREG((HCPTR_CP_MASK & ~(HCPTR_CP(10) | HCPTR_CP(11))) | HCPTR_TTA, + WRITE_SYSREG((HCPTR_CP_MASK & ~(HCPTR_CP(10) | HCPTR_CP(11))) | + HCPTR_TTA | HCPTR_TAM, CPTR_EL2); /* Setup hypervisor traps */ --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -291,6 +291,7 @@ #define VTCR_RES1 (_AC(1,UL)<<31) /* HCPTR Hyp. Coprocessor Trap Register */ +#define HCPTR_TAM ((_AC(1,U)<<30)) #define HCPTR_TTA ((_AC(1,U)<<20)) /* Trap trace registers */ #define HCPTR_CP(x) ((_AC(1,U)<<(x))) /* Trap Coprocessor x */ #define HCPTR_CP_MASK ((_AC(1,U)<<14)-1)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor