From d91b101da1075f57dda0f30f6802129328716da1 Mon Sep 17 00:00:00 2001 From: Nicholas Piggin Date: Thu, 19 Dec 2024 13:40:33 +1000 Subject: [PATCH] spapr: Generate random HASHPKEYR for spapr machines MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The hypervisor is expected to create a value for the HASHPKEY SPR for each partition. Currently it uses zero for all partitions, use a random number instead, which in theory might make kernel ROP protection more secure. Signed-of-by: Nicholas Piggin Reviewed-by: Harsh Prateek Bora Reviewed-by: Philippe Mathieu-Daudé Message-ID: <20241219034035.1826173-4-npiggin@gmail.com> Signed-off-by: Nicholas Piggin --- hw/ppc/spapr.c | 3 +++ hw/ppc/spapr_cpu_core.c | 2 ++ include/hw/ppc/spapr.h | 1 + 3 files changed, 6 insertions(+) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index fcd2ca515c..a415e51d07 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -2917,6 +2917,9 @@ static void spapr_machine_init(MachineState *machine) spapr_ovec_set(spapr->ov5, OV5_XIVE_EXPLOIT); } + qemu_guest_getrandom_nofail(&spapr->hashpkey_val, + sizeof(spapr->hashpkey_val)); + /* init CPUs */ spapr_init_cpus(spapr); diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c index 9e0e0648a7..0671d9e44b 100644 --- a/hw/ppc/spapr_cpu_core.c +++ b/hw/ppc/spapr_cpu_core.c @@ -273,6 +273,8 @@ static bool spapr_realize_vcpu(PowerPCCPU *cpu, SpaprMachineState *spapr, env->spr_cb[SPR_PIR].default_value = cs->cpu_index; env->spr_cb[SPR_TIR].default_value = thread_index; + env->spr_cb[SPR_HASHPKEYR].default_value = spapr->hashpkey_val; + cpu_ppc_set_1lpar(cpu); /* Set time-base frequency to 512 MHz. vhyp must be set first. */ diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index d227f0b94b..39bd5bd5ed 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -203,6 +203,7 @@ struct SpaprMachineState { uint32_t fdt_initial_size; void *fdt_blob; uint8_t fdt_rng_seed[32]; + uint64_t hashpkey_val; long kernel_size; bool kernel_le; uint64_t kernel_addr; -- 2.39.5