[PATCH v2 09/14] KVM: arm64: Hide FEAT_NMI from guests
Marc Zyngier
maz at kernel.org
Mon Dec 5 10:06:24 PST 2022
On Sat, 12 Nov 2022 15:17:03 +0000,
Mark Brown <broonie at kernel.org> wrote:
>
> FEAT_NMI is not yet useful to guests pending implementation of vGIC
> support. Mask out the feature from the ID register and prevent guests
> creating state in ALLINT.ALLINT by activating the trap on write provided
> in HCRX_EL2.TALLINT when they are running. There is no trap available
> for reads from ALLINT.
>
> We do not need to check for FEAT_HCRX since it is mandatory since v8.7
> and FEAT_NMI is a v8.8 feature.
And yet you check for it in hyp-stub.S after having checked for
FEAT_NMI. What gives?
>
> Signed-off-by: Mark Brown <broonie at kernel.org>
> ---
> arch/arm64/kvm/hyp/include/hyp/switch.h | 6 ++++++
> arch/arm64/kvm/sys_regs.c | 1 +
> 2 files changed, 7 insertions(+)
>
> diff --git a/arch/arm64/kvm/hyp/include/hyp/switch.h b/arch/arm64/kvm/hyp/include/hyp/switch.h
> index 6cbbb6c02f66..89e78c4e5cce 100644
> --- a/arch/arm64/kvm/hyp/include/hyp/switch.h
> +++ b/arch/arm64/kvm/hyp/include/hyp/switch.h
> @@ -85,6 +85,9 @@ static inline void __activate_traps_common(struct kvm_vcpu *vcpu)
> write_sysreg(ARMV8_PMU_USERENR_MASK, pmuserenr_el0);
> }
>
> + if (cpus_have_final_cap(ARM64_HAS_NMI))
> + sysreg_clear_set_s(SYS_HCRX_EL2, 0, HCRX_EL2_TALLINT);
> +
Crucially, this is missing a handler for the trap, resulting in a
large splat once a guest accesses ALLINT.
M.
--
Without deviation from the norm, progress is not possible.
More information about the linux-arm-kernel
mailing list