[PATCH v3 0/4] KVM: arm64: pKVM fixes

Fuad Tabba tabba at google.com
Tue Dec 16 02:43:49 PST 2025 

Hi Alexandru,

On Tue, 16 Dec 2025 at 10:31, Alexandru Elisei <alexandru.elisei at arm.com> wrote:
>
> v2 can be found at [1].
>
> Similar to [2], when trying to run an unprotected VM on FVP with S1PIE enabled
> and kvm-arm.mode=protected, writes to PIRE0_EL1 made by the guest in
> __cpu_setup() are trapped by KVM and the BUG_ON(!r->access) is hit. That's
> because HFGWTR_EL2.nPIRE0_EL1 is an inverse polarity trap and the FGT values for
> the unprotected pKVM VCPU weren't being propagated from kvm_arch_vcpu_load().
>
> Couldn't figure out how to run a protected pKVM VM, so that's untested.

Hopefully this will change soon [1]!

I applied this to the pKVM/Android stack, and tested it with protected
VMs as well as non-protected VMs.

For the series:
Tested-by: Fuad Tabba <tabba at google.com>
Reviewed-by: Fuad Tabba <tabba at google.com>

Cheers,
/fuad

[1] https://lore.kernel.org/all/aTMPn0dBbSVUwwJ1@willie-the-truck/


>
> Changelog v2->v3:
> * Gathered Reviewed-by tags, thanks!
> * In patch #2, KVM now calls bad_trap() instead of KVM_BUG(). Also changed patch
>   subject to match.
>
> [1] https://lore.kernel.org/kvmarm/20251215114409.212512-1-alexandru.elisei@arm.com/
> [2] https://lore.kernel.org/all/20251112102853.47759-1-alexandru.elisei@arm.com/
>
> Alexandru Elisei (4):
>   KVM: arm64: Copy FGT traps to unprotected pKVM VCPU on VCPU load
>   KVM: arm64: Inject UNDEF for a register trap without accessor
>   KVM: arm64: Remove extra argument for __pvkm_host_{share,unshare}_hyp()
>   KVM: arm64: Remove unused parameter in synchronize_vcpu_pstate()
>
>  arch/arm64/kvm/hyp/include/hyp/switch.h | 2 +-
>  arch/arm64/kvm/hyp/nvhe/hyp-main.c      | 3 +++
>  arch/arm64/kvm/hyp/nvhe/pkvm.c          | 1 -
>  arch/arm64/kvm/hyp/nvhe/switch.c        | 2 +-
>  arch/arm64/kvm/hyp/vhe/switch.c         | 2 +-
>  arch/arm64/kvm/mmu.c                    | 4 ++--
>  arch/arm64/kvm/sys_regs.c               | 5 ++++-
>  7 files changed, 12 insertions(+), 7 deletions(-)
>
>
> base-commit: 8f0b4cce4481fb22653697cced8d0d04027cb1e8
> --
> 2.52.0
>

More information about the linux-arm-kernel mailing list