From: Nianyao Tang tangnianyao@huawei.com
mainline inclusion from mainline-v6.11-rc1 commit e8cde32f111f7f5681a7bad3ec747e9e697569a9 category: other bugzilla: https://gitee.com/openeuler/kernel/issues/IAS9Z8 CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/commit/?id=e...
-------------------------------------------------------------------------------
Enable ECBHB bits in ID_AA64MMFR1 register as per ARM DDI 0487K.a specification.
When guest OS read ID_AA64MMFR1_EL1, kvm emulate this reg using ftr_id_aa64mmfr1 and always return ID_AA64MMFR1_EL1.ECBHB=0 to guest. It results in guest syscall jump to tramp ventry, which is not needed in implementation with ID_AA64MMFR1_EL1.ECBHB=1. Let's make the guest syscall process the same as the host.
Signed-off-by: Nianyao Tang tangnianyao@huawei.com Link: https://lore.kernel.org/r/20240611122049.2758600-1-tangnianyao@huawei.com Signed-off-by: Catalin Marinas catalin.marinas@arm.com Signed-off-by: Jinqian Yang yangjinqian1@huawei.com Signed-off-by: Zhou Wang wangzhou1@hisilicon.com --- arch/arm64/kernel/cpufeature.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index f94bc6eb83e0..eb700e404aac 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -367,6 +367,7 @@ static const struct arm64_ftr_bits ftr_id_aa64mmfr0[] = { };
static const struct arm64_ftr_bits ftr_id_aa64mmfr1[] = { + ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64MMFR1_EL1_ECBHB_SHIFT, 4, 0), ARM64_FTR_BITS(FTR_HIDDEN, FTR_NONSTRICT, FTR_LOWER_SAFE, ID_AA64MMFR1_EL1_TIDCP1_SHIFT, 4, 0), ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64MMFR1_EL1_AFP_SHIFT, 4, 0), ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64MMFR1_EL1_HCX_SHIFT, 4, 0),