[PATCH] KVM: arm64: Don't hypercall before EL2 init
Quentin Perret
qperret at google.com
Mon May 16 03:41:58 PDT 2022
On Sunday 15 May 2022 at 12:10:20 (+0100), Marc Zyngier wrote:
> Can we simplify the condition? ARM64_SPECTRE_V3A is only set when
> !VHE, and we already bail in kvm_patch_vector_branch() if we see
> VHE+V3A, because the combination makes no sense at all. I think this
> can be rewritten as:
>
> if (kvm_system_needs_idmapped_vectors() &&
> !is_protected_lvm_enabled())
>
> Thoughts?
Yup I think this works as both CPUs that are vulnerable to V3A aren't
VHE-capable. But if we ever get a VHE-capable CPU that's vulnerable I
think the next call to create_hyp_exec_mappings() will BUG(). Perhaps
the alternative would be to have has_spectre_v3a() say no in VHE to be
on the safe side? That is, prevent the cap from being set to begin with.
Cheers,
Quentin
More information about the linux-arm-kernel
mailing list