Balbir Singh <bsinghar...@gmail.com> writes: > ISA 3 defines new encoded access authority that allows instruction > access prevention in privileged mode and allows normal access > to problem state. This patch just enables IAMR (Instruction Authority > Mask Register), enabling AMR would require more work. >
Don't we need to do them in hypervisor mode. Ie, the hypervisor setup things such that guest privileged mode cannot execute guest userspace. > I've tested this with a buggy driver and a simple payload. The payload > is specific to the build I've tested. > > Signed-off-by: Balbir Singh <bsinghar...@gmail.com> > --- > arch/powerpc/mm/pgtable-radix.c | 22 ++++++++++++++++++++++ > 1 file changed, 22 insertions(+) > > diff --git a/arch/powerpc/mm/pgtable-radix.c b/arch/powerpc/mm/pgtable-radix.c > index af897d9..9e25663 100644 > --- a/arch/powerpc/mm/pgtable-radix.c > +++ b/arch/powerpc/mm/pgtable-radix.c > @@ -294,6 +294,27 @@ found: > return; > } > > +/* > + * For radix page tables we setup, the IAMR values as follows > + * IMAR = 0100...00 (key 0 is set to 1) > + * AMOR = 1100....00 (Mask for key 0 is 11) > + * AMR, UAMR, UAMOR are not affected > + */ > +static void __init radix_init_iamr(void) > +{ > + unsigned long iamr_mask = 0x4000000000000000; > + unsigned long iamr = mfspr(SPRN_IAMR); > + > + unsigned long amor_mask = 0xc000000000000000; > + unsigned long amor = mfspr(SPRN_AMOR); Isn't AMOR hypervisor privileged ?. > + > + iamr |= iamr_mask; > + amor |= amor_mask; > + > + mtspr(SPRN_AMOR, amor); > + mtspr(SPRN_IAMR, iamr); > +} > + > void __init radix__early_init_mmu(void) > { > unsigned long lpcr; > @@ -350,6 +371,7 @@ void __init radix__early_init_mmu(void) > radix_init_partition_table(); > } > > + radix_init_iamr(); > radix_init_pgtable(); > } > > -- > 2.5.5