ANDROID: KVM: arm64: Unmap S2MPU MMIO regions in MPT

Host stage-2 is used for bookkeeping of ownership of physical pages, but only for memory and not MMIO. Page tables covering device memory are created on demand. That is in contrast to the S2MPU MPTs, which are never discarded and cover the entire physical address space. The S2MPU MPT should therefore unmap MMIO regions which the host should not have access to. Currently those are only the S2MPU MMIO registers themselves. Test: builds, boots Bug: 190463801 Signed-off-by: David Brazdil <dbrazdil@google.com> Change-Id: I85af31d5337459c4877eb90b1c5a2d94f94ab890
2026-06-06 10:58:48 +09:00 · 2021-10-13 16:17:09 +01:00
parent fa6ad0bcb8
commit b03ce007f9
1 changed files with 6 additions and 0 deletions
--- a/arch/arm64/kvm/hyp/nvhe/iommu/s2mpu.c
+++ b/arch/arm64/kvm/hyp/nvhe/iommu/s2mpu.c
@@ -14,6 +14,7 @@
 #include <linux/arm-smccc.h>

 #include <nvhe/memory.h>
+#include <nvhe/mem_protect.h>
 #include <nvhe/mm.h>
 #include <nvhe/spinlock.h>
 #include <nvhe/trap_handler.h>
@@ -359,6 +360,11 @@ static int s2mpu_init(void)
 	 */
 	for_each_powered_s2mpu(dev)
 		initialize_with_mpt(dev, &kvm_hyp_host_mpt);
+
+	/* Prevent DMA to the S2MPU MMIO regions. */
+	for_each_s2mpu(dev)
+		s2mpu_host_stage2_set_owner(dev->pa, S2MPU_MMIO_SIZE, pkvm_hyp_id);
+
 	return 0;
 }