[PATCH v2 1/6] KVM: arm64: Fix EL2 S1 XN handling for hVHE setups

Marc Zyngier maz at kernel.org
Thu Dec 11 06:30:53 PST 2025 

On Thu, 11 Dec 2025 13:37:50 +0000,
Fuad Tabba <tabba at google.com> wrote:
> 
> Hi Marc,
> 
> 
> On Wed, 10 Dec 2025 at 17:30, Marc Zyngier <maz at kernel.org> wrote:
> >
> > The current XN implementation is tied to the EL2 translation regime,
> > and fall flat on its face with the EL2&0 one that is used for hVHE,
> > as the permission bit for privileged execution is a different one.
> >
> > Fixes: 6537565fd9b7f ("KVM: arm64: Adjust EL2 stage-1 leaf AP bits when ARM64_KVM_HVHE is set")
> > Signed-off-by: Marc Zyngier <maz at kernel.org>
> > ---
> >  arch/arm64/include/asm/kvm_pgtable.h | 10 +++++++++-
> >  1 file changed, 9 insertions(+), 1 deletion(-)
> >
> > diff --git a/arch/arm64/include/asm/kvm_pgtable.h b/arch/arm64/include/asm/kvm_pgtable.h
> > index fc02de43c68dd..be68b89692065 100644
> > --- a/arch/arm64/include/asm/kvm_pgtable.h
> > +++ b/arch/arm64/include/asm/kvm_pgtable.h
> > @@ -87,7 +87,15 @@ typedef u64 kvm_pte_t;
> >
> >  #define KVM_PTE_LEAF_ATTR_HI_SW                GENMASK(58, 55)
> >
> > -#define KVM_PTE_LEAF_ATTR_HI_S1_XN     BIT(54)
> > +#define __KVM_PTE_LEAF_ATTR_HI_S1_XN   BIT(54)
> > +#define __KVM_PTE_LEAF_ATTR_HI_S1_UXN  BIT(54)
> > +#define __KVM_PTE_LEAF_ATTR_HI_S1_PXN  BIT(53)
> > +
> > +#define KVM_PTE_LEAF_ATTR_HI_S1_XN                                     \
> > +       ({ cpus_have_final_cap(ARM64_KVM_HVHE) ?                        \
> > +                       (__KVM_PTE_LEAF_ATTR_HI_S1_UXN |                \
> > +                        __KVM_PTE_LEAF_ATTR_HI_S1_PXN) :               \
> > +                       __KVM_PTE_LEAF_ATTR_HI_S1_XN; })
> >
> >  #define KVM_PTE_LEAF_ATTR_HI_S2_XN     GENMASK(54, 53)
> 
> I was just wondering, is this patch really necessary, considering
> patch 6/6 redos the whole thing and fixes the bug?

I want this one to be in a state where it can be backported, without
having to deal with the NV-induced FEAT_XNX support. This is why it is
a standalone patch.

> That said:
> Reviewed-by: Fuad Tabba <tabba at google.com>

Thanks!

	M.

-- 
Without deviation from the norm, progress is not possible.

More information about the linux-arm-kernel mailing list