git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Marc Zyngier <marc.zyngier@arm.com>
	Fri, 20 Jul 2018 09:52:57 +0000 (10:52 +0100)
committer	Kleber Sacilotto de Souza <kleber.souza@canonical.com>
	Wed, 5 Sep 2018 12:53:30 +0000 (14:53 +0200)
commit	c7588eb454b2a9158b1212da41c48a20d4741b33
tree	997b2cab1fcca377e422db14115785579c4ac677	tree
parent	b746aad041f35b5e84c7c48aa7f2f4e3b84e64bd	commit \| diff

KVM: arm/arm64: Do not use kern_hyp_va() with kvm_vgic_global_state

BugLink: https://bugs.launchpad.net/bugs/1787993
CVE-2018-3639 (arm64)

Commit 44a497abd621a71c645f06d3d545ae2f46448830 upstream.

kvm_vgic_global_state is part of the read-only section, and is
usually accessed using a PC-relative address generation (adrp + add).

It is thus useless to use kern_hyp_va() on it, and actively problematic
if kern_hyp_va() becomes non-idempotent. On the other hand, there is
no way that the compiler is going to guarantee that such access is
always PC relative.

So let's bite the bullet and provide our own accessor.

Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: James Morse <james.morse@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit dca7815605aff032d0b7f9c4f1d98af0e529cdee
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git /
linux-4.14.y)
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

arch/arm/include/asm/kvm_mmu.h		diff \| blob \| blame \| history
arch/arm64/include/asm/kvm_mmu.h		diff \| blob \| blame \| history
virt/kvm/arm/hyp/vgic-v2-sr.c		diff \| blob \| blame \| history