KVM: arm64: Allow PtrAuth to be enabled from userspace on non-VHE systems (aff7cce0) · Commits · EulixOS / Software / Kernel

arch/arm64/kvm/reset.c

+10 −11

Original line number	Diff line number	Diff line
		@@ -42,6 +42,11 @@ static u32 kvm_ipa_limit;
		#define VCPU_RESET_PSTATE_SVC (PSR_AA32_MODE_SVC \| PSR_AA32_A_BIT \| \
		PSR_AA32_I_BIT \| PSR_AA32_F_BIT)

		static bool system_has_full_ptr_auth(void)
		{
		return system_supports_address_auth() && system_supports_generic_auth();
		}

		/**
		* kvm_arch_vm_ioctl_check_extension
		*
		@@ -80,8 +85,7 @@ int kvm_arch_vm_ioctl_check_extension(struct kvm *kvm, long ext)
		break;
		case KVM_CAP_ARM_PTRAUTH_ADDRESS:
		case KVM_CAP_ARM_PTRAUTH_GENERIC:
		r = has_vhe() && system_supports_address_auth() &&
		system_supports_generic_auth();
		r = system_has_full_ptr_auth();
		break;
		default:
		r = 0;
		@@ -205,19 +209,14 @@ static void kvm_vcpu_reset_sve(struct kvm_vcpu *vcpu)

		static int kvm_vcpu_enable_ptrauth(struct kvm_vcpu *vcpu)
		{
		/* Support ptrauth only if the system supports these capabilities. */
		if (!has_vhe())
		return -EINVAL;

		if (!system_supports_address_auth() \|\|
		!system_supports_generic_auth())
		return -EINVAL;
		/*
		* For now make sure that both address/generic pointer authentication
		* features are requested by the userspace together.
		* features are requested by the userspace together and the system
		* supports these capabilities.
		*/
		if (!test_bit(KVM_ARM_VCPU_PTRAUTH_ADDRESS, vcpu->arch.features) \|\|
		!test_bit(KVM_ARM_VCPU_PTRAUTH_GENERIC, vcpu->arch.features))
		!test_bit(KVM_ARM_VCPU_PTRAUTH_GENERIC, vcpu->arch.features) \|\|
		!system_has_full_ptr_auth())
		return -EINVAL;

		vcpu->arch.flags \|= KVM_ARM64_GUEST_HAS_PTRAUTH;