diff options
| author | Quentin Perret <qperret@google.com> | 2021-03-19 11:01:43 +0100 |
|---|---|---|
| committer | Marc Zyngier <maz@kernel.org> | 2021-03-19 13:02:18 +0100 |
| commit | 1025c8c0c6accfcbdc8f52ca1940160f65cd87d6 (patch) | |
| tree | 847ceaf1da72de962a340ab78b963d8cb32e7eb0 /arch/arm64/kernel/image-vars.h | |
| parent | KVM: arm64: Provide sanitized mmfr* registers at EL2 (diff) | |
| download | linux-1025c8c0c6accfcbdc8f52ca1940160f65cd87d6.tar.xz linux-1025c8c0c6accfcbdc8f52ca1940160f65cd87d6.zip | |
KVM: arm64: Wrap the host with a stage 2
When KVM runs in protected nVHE mode, make use of a stage 2 page-table
to give the hypervisor some control over the host memory accesses. The
host stage 2 is created lazily using large block mappings if possible,
and will default to page mappings in absence of a better solution.
>From this point on, memory accesses from the host to protected memory
regions (e.g. not 'owned' by the host) are fatal and lead to hyp_panic().
Acked-by: Will Deacon <will@kernel.org>
Signed-off-by: Quentin Perret <qperret@google.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20210319100146.1149909-36-qperret@google.com
Diffstat (limited to 'arch/arm64/kernel/image-vars.h')
| -rw-r--r-- | arch/arm64/kernel/image-vars.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/arch/arm64/kernel/image-vars.h b/arch/arm64/kernel/image-vars.h index 940c378fa837..d5dc2b792651 100644 --- a/arch/arm64/kernel/image-vars.h +++ b/arch/arm64/kernel/image-vars.h @@ -131,6 +131,9 @@ KVM_NVHE_ALIAS(__hyp_bss_end); KVM_NVHE_ALIAS(__hyp_rodata_start); KVM_NVHE_ALIAS(__hyp_rodata_end); +/* pKVM static key */ +KVM_NVHE_ALIAS(kvm_protected_mode_initialized); + #endif /* CONFIG_KVM */ #endif /* __ARM64_KERNEL_IMAGE_VARS_H */ |