KVM: arm64: Sanitise ID_AA64MMFR3_EL1

Add the missing sanitisation of ID_AA64MMFR3_EL1, making sure we
solely expose S1POE and TCRX (we currently don't support anything
else).

[joey: Took Marc's patch for S1PIE, and changed it for S1POE]

Signed-off-by: Marc Zyngier <[email protected]>
Signed-off-by: Joey Gouly <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Will Deacon <[email protected]>

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index e7208b59ea12f929e6d43e02389fad2d30f4c1cf..0f13378e761c8fc8088f7e8a4ff93d3a84f448d1 100644 (file)
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -1556,6 +1556,9 @@ static u64 __kvm_read_sanitised_id_reg(const struct kvm_vcpu *vcpu,
        case SYS_ID_AA64MMFR2_EL1:
                val &= ~ID_AA64MMFR2_EL1_CCIDX_MASK;
                break;
+       case SYS_ID_AA64MMFR3_EL1:
+               val &= ID_AA64MMFR3_EL1_TCRX | ID_AA64MMFR3_EL1_S1POE;
+               break;
        case SYS_ID_MMFR4_EL1:
                val &= ~ARM64_FEATURE_MASK(ID_MMFR4_EL1_CCIDX);
                break;
@@ -2427,7 +2430,8 @@ static const struct sys_reg_desc sys_reg_descs[] = {
                                        ID_AA64MMFR2_EL1_IDS |
                                        ID_AA64MMFR2_EL1_NV |
                                        ID_AA64MMFR2_EL1_CCIDX)),
-       ID_SANITISED(ID_AA64MMFR3_EL1),
+       ID_WRITABLE(ID_AA64MMFR3_EL1, (ID_AA64MMFR3_EL1_TCRX    |
+                                      ID_AA64MMFR3_EL1_S1POE)),
        ID_SANITISED(ID_AA64MMFR4_EL1),
        ID_UNALLOCATED(7,5),
        ID_UNALLOCATED(7,6),