anierin/msm-5.15
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ANDROID: KVM: arm64: Issue CMOs when tearing down shadow pages

Browse Source 
On the guest teardown path, pKVM will zero the pages used to back the
guest shadow data structures before returning them to the host as they
may contain secrets (e.g. in the vCPU registers). However, the zeroing
is done using a cacheable alias, and CMOs are missing, hence giving the
host a potential opportunity to read the original content of the shadow
structs from memory.

Fix this by issuing CMOs after zeroing the pages.

Bug: 259551298
Change-Id: Id696d47d16e4c3fd870cb70b792eeb7f2282fc78
Signed-off-by: Quentin Perret <qperret@google.com>
This commit is contained in:
Quentin Perret
2022-11-17 17:22:34 +00:00
parent aec224bb9e
commit f0c53a5637
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
arch/arm64/kvm/hyp/nvhe/pkvm.c
View File

@@ -794,6 +794,7 @@ static void teardown_donated_memory(struct kvm_hyp_memcache *mc, void *addr,
void *start;
memset(addr, 0, size);
kvm_flush_dcache_to_poc(addr, size);
for (start = addr; start < addr + size; start += PAGE_SIZE)
push_hyp_memcache(mc, start, hyp_virt_to_phys);