[PATCH 6.6 v1] KVM: arm64: Disable MPAM visibility by default and ignore VMM writes
Marc Zyngier
maz at kernel.org
Mon Dec 16 00:52:04 PST 2024
On Thu, 12 Dec 2024 15:14:06 +0000,
Joey Gouly <joey.gouly at arm.com> wrote:
>
> From: James Morse <james.morse at arm.com>
>
> commit 6685f5d572c22e1003e7c0d089afe1c64340ab1f upstream.
>
> commit 011e5f5bf529f ("arm64/cpufeature: Add remaining feature bits in
> ID_AA64PFR0 register") exposed the MPAM field of AA64PFR0_EL1 to guests,
> but didn't add trap handling. A previous patch supplied the missing trap
> handling.
>
> Existing VMs that have the MPAM field of ID_AA64PFR0_EL1 set need to
> be migratable, but there is little point enabling the MPAM CPU
> interface on new VMs until there is something a guest can do with it.
>
> Clear the MPAM field from the guest's ID_AA64PFR0_EL1 and on hardware
> that supports MPAM, politely ignore the VMMs attempts to set this bit.
>
> Guests exposed to this bug have the sanitised value of the MPAM field,
> so only the correct value needs to be ignored. This means the field
> can continue to be used to block migration to incompatible hardware
> (between MPAM=1 and MPAM=5), and the VMM can't rely on the field
> being ignored.
>
> Signed-off-by: James Morse <james.morse at arm.com>
> Co-developed-by: Joey Gouly <joey.gouly at arm.com>
> Signed-off-by: Joey Gouly <joey.gouly at arm.com>
> Reviewed-by: Gavin Shan <gshan at redhat.com>
> Tested-by: Shameer Kolothum <shameerali.kolothum.thodi at huawei.com>
> Reviewed-by: Marc Zyngier <maz at kernel.org>
> Link: https://lore.kernel.org/r/20241030160317.2528209-7-joey.gouly@arm.com
> Signed-off-by: Oliver Upton <oliver.upton at linux.dev>
> [ joey: fixed up merge conflict, no ID_FILTERED macro in 6.6 ]
> Signed-off-by: Joey Gouly <joey.gouly at arm.com>
> Cc: stable at vger.kernel.org # 6.6.x
> Cc: Vitaly Chikunov <vt at altlinux.org>
> Link: https://lore.kernel.org/linux-arm-kernel/20241202045830.e4yy3nkvxtzaybxk@altlinux.org/
Acked-by: Marc Zyngier <maz at kernel.org>
M.
--
Without deviation from the norm, progress is not possible.
More information about the linux-arm-kernel
mailing list