KVM: arm64: Wrap the host with a stage 2

When KVM runs in protected nVHE mode, make use of a stage 2 page-table to give the hypervisor some control over the host memory accesses. The host stage 2 is created lazily using large block mappings if possible, and will default to page mappings in absence of a better solution. >From this point on, memory accesses from the host to protected memory regions (e.g. not 'owned' by the host) are fatal and lead to hyp_panic(). Acked-by: Will Deacon <will@kernel.org> Signed-off-by: Quentin Perret <qperret@google.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20210319100146.1149909-36-qperret@google.com
author: Quentin Perret <qperret@google.com> 2021-03-19 13:01:43 +0300
committer: Marc Zyngier <maz@kernel.org> 2021-03-19 15:02:18 +0300
commit: 1025c8c0c6accfcbdc8f52ca1940160f65cd87d6 (patch)
tree: 847ceaf1da72de962a340ab78b963d8cb32e7eb0 /arch/arm64/include/asm/kvm_asm.h
parent: def1aaf9e0bc6987bb4b417aac37226e994a1a74 (diff)
download: linux-1025c8c0c6accfcbdc8f52ca1940160f65cd87d6.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
index 08f63c09cd11..4149283b4cd1 100644
--- a/arch/arm64/include/asm/kvm_asm.h
+++ b/arch/arm64/include/asm/kvm_asm.h
@@ -61,6 +61,7 @@
 #define __KVM_HOST_SMCCC_FUNC___pkvm_create_mappings		16
 #define __KVM_HOST_SMCCC_FUNC___pkvm_create_private_mapping	17
 #define __KVM_HOST_SMCCC_FUNC___pkvm_cpu_set_vector		18
+#define __KVM_HOST_SMCCC_FUNC___pkvm_prot_finalize		19
 
 #ifndef __ASSEMBLY__
author	Quentin Perret <qperret@google.com>	2021-03-19 13:01:43 +0300
committer	Marc Zyngier <maz@kernel.org>	2021-03-19 15:02:18 +0300
commit	1025c8c0c6accfcbdc8f52ca1940160f65cd87d6 (patch)
tree	847ceaf1da72de962a340ab78b963d8cb32e7eb0 /arch/arm64/include/asm/kvm_asm.h
parent	def1aaf9e0bc6987bb4b417aac37226e994a1a74 (diff)
download	linux-1025c8c0c6accfcbdc8f52ca1940160f65cd87d6.tar.xz