Re: [PATCH 5/5] arm/arm64: KVM: Make default HYP mappings non-excutable

Hi, Nit: typo in subject "excutable" is missing an 'e'. Mark. On Mon, Jun 13, 2016 at 03:00:49PM +0100, Marc Zyngier wrote: > Structures that can be generally written to don't have any requirement > to be executable (quite the opposite). This includes the kvm and vcpu > structures, as well as

Re: [PATCH 4/5] arm/arm64: KVM: Map the HYP text as read-only

On Mon, Jun 13, 2016 at 03:00:48PM +0100, Marc Zyngier wrote: > There should be no reason for mapping the HYP text read/write. > > As such, let's have a new set of flags (PAGE_HYP_EXEC) that allows > execution, but makes the page as read-only, and update the two call > sites that deal with

[PATCH] kvmtool/arm: Fix timer trigger

KVM exposes a level triggered timer to the guest, and yet kvmtool presents it as being edge-triggered in the DT. Let's fix it and match what the kernel exposes. Signed-off-by: Marc Zyngier --- arm/timer.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff

[PATCH 4/5] arm/arm64: KVM: Map the HYP text as read-only

There should be no reason for mapping the HYP text read/write. As such, let's have a new set of flags (PAGE_HYP_EXEC) that allows execution, but makes the page as read-only, and update the two call sites that deal with mapping code. Signed-off-by: Marc Zyngier ---

[PATCH 5/5] arm/arm64: KVM: Make default HYP mappings non-excutable

Structures that can be generally written to don't have any requirement to be executable (quite the opposite). This includes the kvm and vcpu structures, as well as the stacks. Let's change the default to incorporate the XN flag. Signed-off-by: Marc Zyngier ---

[PATCH 2/5] arm64: Add PTE_HYP_XN page table flag

EL2 page tables can be configured to deny code from being executed, which is done by setting bit 54 in the page descriptor. It is the same bit as PTE_UXN, but the "USER" reference felt odd in the hypervisor code. Signed-off-by: Marc Zyngier ---

[PATCH 3/5] arm/arm64: KVM: Enforce HYP read-only mapping of the kernel's rodata section

In order to be able to use C code in HYP, we're now mapping the kernel's rodata in HYP. It works absolutely fine, except that we're mapping it RWX, which is not what it should be. Add a new HYP_PAGE_RO protection, and pass it as the protection flags when mapping the rodata section.

[PATCH 0/5] arm/arm64: KVM: Tighten memory protection flags

So far, the HYP mappings have been fairly relaxed: everything is RWX. Oddly enough, not everybody is fond of this kind of permissions at the highest exception level. This small series tightens it a bit by making: - the text mapping read-only - the rodata mapping read-only + no-exec - everything

[PATCH 1/5] arm/arm64: KVM: Add a protection parameter to create_hyp_mappings

Currently, create_hyp_mappings applies a "one size fits all" page protection (PAGE_HYP). As we're heading towards separate protections for different sections, let's make this protection a parameter, and let the callers pass their prefered protection (PAGE_HYP for everyone for the time being).