From 3e404f3f9718431d72712c5d4ecbb92d4163a7fe Mon Sep 17 00:00:00 2001 From: Will Deacon Date: Thu, 11 May 2023 00:27:04 +0100 Subject: [PATCH] ANDROID: KVM: arm64: Always unmap protected regions from the host As part of the host deprivilege process, memory regions advertised in the "pkvm,protected-region" devicetree nodes are unmapped from the host stage-2 page-table and annotated specially so that the memory can be used exclusively by hypervisor modules. Since the state of this memory in the host stage-2 may not be in the "owned" state (for example, if it corresponds to a "no-map" region), remove the initial check of the page state and allow unmapping of any pages from the trusted host. Bug: 280380533 Cc: Quentin Perret Fixes: 417e986b5484 ("ANDROID: KVM: arm64: Move addr_is_allowed_memory() check into host callback") Signed-off-by: Will Deacon Change-Id: Ic28a2557d6d515b356645228fd41d3c921826489 --- arch/arm64/kvm/hyp/include/nvhe/mem_protect.h | 1 - arch/arm64/kvm/hyp/nvhe/mem_protect.c | 13 ------------- arch/arm64/kvm/hyp/nvhe/setup.c | 4 +++- 3 files changed, 3 insertions(+), 15 deletions(-) diff --git a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h index b4050138ada9..ab36d866c11b 100644 --- a/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h +++ b/arch/arm64/kvm/hyp/include/nvhe/mem_protect.h @@ -89,7 +89,6 @@ bool addr_is_memory(phys_addr_t phys); int host_stage2_idmap_locked(phys_addr_t addr, u64 size, enum kvm_pgtable_prot prot, bool update_iommu); int host_stage2_set_owner_locked(phys_addr_t addr, u64 size, enum pkvm_component_id owner_id); -int host_stage2_protect_pages_locked(phys_addr_t addr, u64 size); int host_stage2_unmap_reg_locked(phys_addr_t start, u64 size); int kvm_host_prepare_stage2(void *pgt_pool_base); int kvm_guest_prepare_stage2(struct pkvm_hyp_vm *vm, void *pgd); diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c index 5337bfaf8529..d2686855036c 100644 --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c @@ -2366,19 +2366,6 @@ bool __pkvm_check_ioguard_page(struct pkvm_hyp_vcpu *hyp_vcpu) return ret; } -int host_stage2_protect_pages_locked(phys_addr_t addr, u64 size) -{ - int ret; - - hyp_assert_lock_held(&host_mmu.lock); - - ret = __host_check_page_state_range(addr, size, PKVM_PAGE_OWNED); - if (!ret) - ret = host_stage2_set_owner_locked(addr, size, PKVM_ID_PROTECTED); - - return ret; -} - int host_stage2_get_leaf(phys_addr_t phys, kvm_pte_t *ptep, u32 *level) { int ret; diff --git a/arch/arm64/kvm/hyp/nvhe/setup.c b/arch/arm64/kvm/hyp/nvhe/setup.c index 4255846108e7..50d7c86037d9 100644 --- a/arch/arm64/kvm/hyp/nvhe/setup.c +++ b/arch/arm64/kvm/hyp/nvhe/setup.c @@ -318,7 +318,9 @@ static int unmap_protected_regions(void) reg = &pkvm_moveable_regs[i]; if (reg->type != PKVM_MREG_PROTECTED_RANGE) continue; - ret = host_stage2_protect_pages_locked(reg->start, reg->size); + + ret = host_stage2_set_owner_locked(reg->start, reg->size, + PKVM_ID_PROTECTED); if (ret) return ret; }