[PATCH v2 1/6] KVM: arm64: Fix EL2 S1 XN handling for hVHE setups

Fri Dec 19 05:38:50 PST 2025

On Wed, Dec 10, 2025 at 05:30:19PM +0000, Marc Zyngier wrote:
> The current XN implementation is tied to the EL2 translation regime,
> and fall flat on its face with the EL2&0 one that is used for hVHE,
> as the permission bit for privileged execution is a different one.
> 
> Fixes: 6537565fd9b7f ("KVM: arm64: Adjust EL2 stage-1 leaf AP bits when ARM64_KVM_HVHE is set")
> Signed-off-by: Marc Zyngier <maz at kernel.org>
> ---
>  arch/arm64/include/asm/kvm_pgtable.h | 10 +++++++++-
>  1 file changed, 9 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/include/asm/kvm_pgtable.h b/arch/arm64/include/asm/kvm_pgtable.h
> index fc02de43c68dd..be68b89692065 100644
> --- a/arch/arm64/include/asm/kvm_pgtable.h
> +++ b/arch/arm64/include/asm/kvm_pgtable.h
> @@ -87,7 +87,15 @@ typedef u64 kvm_pte_t;
>  
>  #define KVM_PTE_LEAF_ATTR_HI_SW		GENMASK(58, 55)
>  
> -#define KVM_PTE_LEAF_ATTR_HI_S1_XN	BIT(54)
> +#define __KVM_PTE_LEAF_ATTR_HI_S1_XN	BIT(54)
> +#define __KVM_PTE_LEAF_ATTR_HI_S1_UXN	BIT(54)
> +#define __KVM_PTE_LEAF_ATTR_HI_S1_PXN	BIT(53)
> +
> +#define KVM_PTE_LEAF_ATTR_HI_S1_XN					\
> +	({ cpus_have_final_cap(ARM64_KVM_HVHE) ?			\
> +			(__KVM_PTE_LEAF_ATTR_HI_S1_UXN |		\
> +			 __KVM_PTE_LEAF_ATTR_HI_S1_PXN) :		\
> +			__KVM_PTE_LEAF_ATTR_HI_S1_XN; })
>  
>  #define KVM_PTE_LEAF_ATTR_HI_S2_XN	GENMASK(54, 53)
>  
> -- 
> 2.47.3
> 

Cool,
Is this according to the following in Arm ARM?

Figure D8-16
Stage 1 attribute fields in VMSAv8-64 Block and Page descriptors

Thanks!
Leo