KVM: arm64: Eagerly restore host fpsimd/sve state in pKVM

When running in protected mode we don't want to leak protected guest state to the host, including whether a guest has used fpsimd/sve. Therefore, eagerly restore the host state on guest exit when running in protected mode, which happens only if the guest has used fpsimd/sve. Reviewed-by: Oliver Upton <oliver.upton@linux.dev> Signed-off-by: Fuad Tabba <tabba@google.com> Link: https://lore.kernel.org/r/20240603122852.3923848-7-tabba@google.com Signed-off-by: Marc Zyngier <maz@kernel.org>
author: Fuad Tabba <tabba@google.com> 2024-06-03 15:28:48 +0300
committer: Marc Zyngier <maz@kernel.org> 2024-06-04 17:06:33 +0300
commit: b5b9955617bc0b41546f2fa7c3dbcc048b43dc82 (patch)
tree: 034e4b9879c431dda19c38e0dad0e2e1443dabd5 /arch/arm64/kvm/hyp/nvhe/pkvm.c
parent: 66d5b53e20a6e00b7ce3b652a3e2db967f7b33d0 (diff)
download: linux-b5b9955617bc0b41546f2fa7c3dbcc048b43dc82.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/arch/arm64/kvm/hyp/nvhe/pkvm.c b/arch/arm64/kvm/hyp/nvhe/pkvm.c
index 25e9a94f6d76..feb27b4ce459 100644
--- a/arch/arm64/kvm/hyp/nvhe/pkvm.c
+++ b/arch/arm64/kvm/hyp/nvhe/pkvm.c
@@ -588,6 +588,8 @@ unlock:
 	if (ret)
 		unmap_donated_memory(hyp_vcpu, sizeof(*hyp_vcpu));
 
+	hyp_vcpu->vcpu.arch.cptr_el2 = kvm_get_reset_cptr_el2(&hyp_vcpu->vcpu);
+
 	return ret;
 }
author	Fuad Tabba <tabba@google.com>	2024-06-03 15:28:48 +0300
committer	Marc Zyngier <maz@kernel.org>	2024-06-04 17:06:33 +0300
commit	b5b9955617bc0b41546f2fa7c3dbcc048b43dc82 (patch)
tree	034e4b9879c431dda19c38e0dad0e2e1443dabd5 /arch/arm64/kvm/hyp/nvhe/pkvm.c
parent	66d5b53e20a6e00b7ce3b652a3e2db967f7b33d0 (diff)
download	linux-b5b9955617bc0b41546f2fa7c3dbcc048b43dc82.tar.xz