Set the HCR_API and HCR_APK bits in the HCR_EL2 when CPUs boot in EL2.

Otherwise using PAC instructions in EL1 will trigger a trap into EL2
that we don't handle.

ok jsg@, deraadt@

diff --git a/sys/arch/arm64/arm64/locore.S b/sys/arch/arm64/arm64/locore.S
index 771e7ef..4781cdb 100644 (file)
--- a/sys/arch/arm64/arm64/locore.S
+++ b/sys/arch/arm64/arm64/locore.S
@@ -1,4 +1,4 @@
-/* $OpenBSD: locore.S,v 1.45 2023/12/12 07:37:20 deraadt Exp $ */
+/* $OpenBSD: locore.S,v 1.46 2024/03/16 20:46:28 kettenis Exp $ */
 /*-
  * Copyright (c) 2012-2014 Andrew Turner
  * All rights reserved.
@@ -57,6 +57,7 @@ drop_to_el1:
 
        /* Configure the Hypervisor */
        mov     x2, #(HCR_RW)
+       orr     x2, x2, #(HCR_API | HCR_APK)
        msr     hcr_el2, x2
 
        /* Load the Virtualization Process ID Register */

diff --git a/sys/arch/arm64/include/hypervisor.h b/sys/arch/arm64/include/hypervisor.h
index 0b91a2a..a3b8bb0 100644 (file)
--- a/sys/arch/arm64/include/hypervisor.h
+++ b/sys/arch/arm64/include/hypervisor.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: hypervisor.h,v 1.3 2021/02/21 13:14:47 kettenis Exp $ */
+/* $OpenBSD: hypervisor.h,v 1.4 2024/03/16 20:46:28 kettenis Exp $ */
 /*-
  * Copyright (c) 2013, 2014 Andrew Turner
  * All rights reserved.
@@ -82,6 +82,8 @@
 #define        HCR_CD          0x0000000100000000
 #define        HCR_ID          0x0000000200000000
 #define        HCR_E2H         0x0000000400000000
+#define        HCR_APK         0x0000010000000000
+#define        HCR_API         0x0000020000000000
 
 #endif