KVM: arm64: Substitute RANDOMIZE_BASE for HARDEN_EL2_VECTORS

The HARDEN_EL2_VECTORS config maps vectors at a fixed location on cores which
are susceptible to Spector variant 3a (A57, A72) to prevent defeating hyp
layout randomization by leaking the value of VBAR_EL2.

Since this feature is only applicable when EL2 layout randomization is enabled,
unify both behind the same RANDOMIZE_BASE Kconfig. Majority of code remains
conditional on a capability selected for the affected cores.

Signed-off-by: David Brazdil <dbrazdil@google.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20200721094445.82184-3-dbrazdil@google.com

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 31380da536894a2287cef1c77f72b1a28ce1910a..152deef3277e62ca470f36688470cbcb0499529d 100644 (file)
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -1182,22 +1182,6 @@ config HARDEN_BRANCH_PREDICTOR
 
          If unsure, say Y.
 
-config HARDEN_EL2_VECTORS
-       bool "Harden EL2 vector mapping against system register leak" if EXPERT
-       default y
-       help
-         Speculation attacks against some high-performance processors can
-         be used to leak privileged information such as the vector base
-         register, resulting in a potential defeat of the EL2 layout
-         randomization.
-
-         This config option will map the vectors to a fixed location,
-         independent of the EL2 code mapping, so that revealing VBAR_EL2
-         to an attacker does not give away any extra information. This
-         only gets enabled on affected CPUs.
-
-         If unsure, say Y.
-
 config ARM64_SSBD
        bool "Speculative Store Bypass Disable" if EXPERT
        default y

diff --git a/arch/arm64/include/asm/mmu.h b/arch/arm64/include/asm/mmu.h
index 68140fdd89d6b9387c05e6d5548746670bce0c4b..bd12011eb5601c240bad1f46e1b2ed0a9419d3b8 100644 (file)
--- a/arch/arm64/include/asm/mmu.h
+++ b/arch/arm64/include/asm/mmu.h
@@ -42,12 +42,10 @@ struct bp_hardening_data {
        bp_hardening_cb_t       fn;
 };
 
-#if (defined(CONFIG_HARDEN_BRANCH_PREDICTOR) ||        \
-     defined(CONFIG_HARDEN_EL2_VECTORS))
-
+#ifdef CONFIG_KVM_INDIRECT_VECTORS
 extern char __bp_harden_hyp_vecs[];
 extern atomic_t arm64_el2_vector_last_slot;
-#endif  /* CONFIG_HARDEN_BRANCH_PREDICTOR || CONFIG_HARDEN_EL2_VECTORS */
+#endif
 
 #ifdef CONFIG_HARDEN_BRANCH_PREDICTOR
 DECLARE_PER_CPU_READ_MOSTLY(struct bp_hardening_data, bp_hardening_data);

diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
index ad06d6802d2eecf82bb0e646c622a09c5e07ec43..a524142e55d0fea98120294bfa4c25f484f5bcd4 100644 (file)
--- a/arch/arm64/kernel/cpu_errata.c
+++ b/arch/arm64/kernel/cpu_errata.c
@@ -635,7 +635,7 @@ has_neoverse_n1_erratum_1542419(const struct arm64_cpu_capabilities *entry,
        return is_midr_in_range(midr, &range) && has_dic;
 }
 
-#if defined(CONFIG_HARDEN_EL2_VECTORS)
+#ifdef CONFIG_RANDOMIZE_BASE
 
 static const struct midr_range ca57_a72[] = {
        MIDR_ALL_VERSIONS(MIDR_CORTEX_A57),
@@ -880,7 +880,7 @@ const struct arm64_cpu_capabilities arm64_errata[] = {
                .type = ARM64_CPUCAP_LOCAL_CPU_ERRATUM,
                .matches = check_branch_predictor,
        },
-#ifdef CONFIG_HARDEN_EL2_VECTORS
+#ifdef CONFIG_RANDOMIZE_BASE
        {
                .desc = "EL2 vector hardening",
                .capability = ARM64_HARDEN_EL2_VECTORS,

diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig
index 13489aff44405961a48e762063a11e0ed95748ba..318c8f2df2452ef03b8bcf84f34b10172d6bb0ac 100644 (file)
--- a/arch/arm64/kvm/Kconfig
+++ b/arch/arm64/kvm/Kconfig
@@ -58,7 +58,7 @@ config KVM_ARM_PMU
          virtual machines.
 
 config KVM_INDIRECT_VECTORS
-       def_bool HARDEN_BRANCH_PREDICTOR || HARDEN_EL2_VECTORS
+       def_bool HARDEN_BRANCH_PREDICTOR || RANDOMIZE_BASE
 
 endif # KVM