On Mon, Aug 22, 2016 at 11:32:44AM +0530, Aneesh Kumar K.V wrote: > Balbir Singh <bsinghar...@gmail.com> writes: > > > ISA 3 defines new encoded access authority that allows instruction > > access prevention in privileged mode and allows normal access > > to problem state. This patch just enables IAMR (Instruction Authority > > Mask Register), enabling AMR would require more work. > > > > Don't we need to do them in hypervisor mode. Ie, the hypervisor setup > things such that guest privileged mode cannot execute guest userspace.
Yes, true! > > > I've tested this with a buggy driver and a simple payload. The payload > > is specific to the build I've tested. > > > > Signed-off-by: Balbir Singh <bsinghar...@gmail.com> > > --- > > arch/powerpc/mm/pgtable-radix.c | 22 ++++++++++++++++++++++ > > 1 file changed, 22 insertions(+) > > > > diff --git a/arch/powerpc/mm/pgtable-radix.c > > b/arch/powerpc/mm/pgtable-radix.c > > index af897d9..9e25663 100644 > > --- a/arch/powerpc/mm/pgtable-radix.c > > +++ b/arch/powerpc/mm/pgtable-radix.c > > @@ -294,6 +294,27 @@ found: > > return; > > } > > > > +/* > > + * For radix page tables we setup, the IAMR values as follows > > + * IMAR = 0100...00 (key 0 is set to 1) > > + * AMOR = 1100....00 (Mask for key 0 is 11) > > + * AMR, UAMR, UAMOR are not affected > > + */ > > +static void __init radix_init_iamr(void) > > +{ > > + unsigned long iamr_mask = 0x4000000000000000; > > + unsigned long iamr = mfspr(SPRN_IAMR); > > + > > + unsigned long amor_mask = 0xc000000000000000; > > + unsigned long amor = mfspr(SPRN_AMOR); > > Isn't AMOR hypervisor privileged ?. > You are right, I should split the AMOR initialization to be HV only. IAMR is saved/restored during guest exit/entry. So, the AMOR initialization needs to move. I'll post a v2 Balbir Singh.