[PATCH v2 00/36] KVM: arm64: Introduce vGIC-v5 with PPI support
Sascha Bischoff
Sascha.Bischoff at arm.com
Fri Dec 19 07:52:35 PST 2025
This is the second version of the patch series to add the virtual
GICv5 [1] device (vgic_v5). Only PPIs are supported by this initial
series, and the vgic_v5 implementation is restricted to the CPU
interface, only. Further patch series are to follow in due course, and
will add support for SPIs, LPIs, the GICv5 IRS, and the GICv5 ITS.
The first version of this series can be found at [2].
The noteworthy changes since V1 of this series are:
1. Added detection of implemented PPIs on a GICv5 host at boot time.
2. Added masking for PPIs that are presented to guests. Only PPIs with
owners and the SW_PPI (if present) are exposed.
3. Added trapping and masking for all guest writes to the writable
ICC_PPI_x_EL1 registers. The writes are masked with the subset of
PPIs exposed to the guest. This ensures that the guest cannot
discover PPIs that are not intentionally exposed to it.
4. Added an new UAPI to allow userspace to query which PPIs can be
driven via KVM_IRQ_LINE. For the time being, only the SW_ PPI is
exposed for guest control.
5. Interrupt type checks are now re-worked to be more readable and
scalable. Thanks, Marc.
I have addressed some, but alas not all (see below), review comments
against v1 of the series. Thanks a lot Marc, Joey, and Lorenzo!
I'm posting V2 even though I've yet to address all review comments as
I shall be out of office for the next 2 weeks. Therefore, I wanted to
make sure that the latest version was available for anyone to take a
look. Any outstanding and new comments will be addressed on my return.
The main outstanding changes are:
1. Rework the PPI save/restore mechanisms to remove the _entry/_exit
from the vcpu, and instead use per-cpu data structures.
2. PPI injection needs clean up around shadow state tracking an
manipulation.
3. PPI state tracking needs to be heaviliy optimised to reduce the
number of locks taken and PPIs iterated over. This is now possible
with the introduction of the masks, but remains to be implemented.
4. Allow for sparse PPI state storage. Given that most of the 128
potential PPIs will never be used with a guest, it is extremely
wasteful to allocate storage for them.
These changes are based on v6.19-rc1. As before, the first commit has
been cherry-picked from Marc's VTCR sanitisation series [3].
For those that are interested in the overall direction of the GICv5
KVM support, Marc Zyngier has very kindly agreed to host the full
*WIP* set of GICv5 KVM patches which can be found at [4]. These are
not intended for review, and require some serious clean up, but should
give a rough idea of what is still to come.
Thanks all for the feedback so far and any more you have,
Sascha
[1] https://developer.arm.com/documentation/aes0070/latest
[2] https://lore.kernel.org/all/20251212152215.675767-1-sascha.bischoff@arm.com/
[3] https://lore.kernel.org/all/20251210173024.561160-1-maz@kernel.org/
[4] https://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git/log/?h=kvm-arm64/gicv5-full
Marc Zyngier (1):
KVM: arm64: Account for RES1 bits in DECLARE_FEAT_MAP() and co
Sascha Bischoff (35):
KVM: arm64: gic-v3: Switch vGIC-v3 to use generated ICH_VMCR_EL2
arm64/sysreg: Drop ICH_HFGRTR_EL2.ICC_HAPR_EL1 and make RES1
arm64/sysreg: Add remaining GICv5 ICC_ & ICH_ sysregs for KVM support
arm64/sysreg: Add GICR CDNMIA encoding
KVM: arm64: gic-v5: Add ARM_VGIC_V5 device to KVM headers
KVM: arm64: gic: Introduce interrupt type helpers
KVM: arm64: Introduce kvm_call_hyp_nvhe_res()
KVM: arm64: gic-v5: Detect implemented PPIs on boot
KVM: arm64: gic-v5: Sanitize ID_AA64PFR2_EL1.GCIE
KVM: arm64: gic-v5: Support GICv5 FGTs & FGUs
KVM: arm64: gic-v5: Add emulation for ICC_IAFFIDR_EL1 accesses
KVM: arm64: gic: Set vgic_model before initing private IRQs
KVM: arm64: gic-v5: Add vgic-v5 save/restore hyp interface
KVM: arm64: gic-v5: Implement GICv5 load/put and save/restore
KVM: arm64: gic-v5: Implement direct injection of PPIs
KVM: arm64: gic: Introduce irq_queue and set_pending_state to irq_ops
KVM: arm64: gic-v5: Implement PPI interrupt injection
KVM: arm64: gic-v5: Check for pending PPIs
KVM: arm64: gic-v5: Init Private IRQs (PPIs) for GICv5
KVM: arm64: gic-v5: Finalize GICv5 PPIs and generate mask
KVM: arm64: gic-v5: Trap and mask guest PPI register accesses
KVM: arm64: gic-v5: Support GICv5 interrupts with KVM_IRQ_LINE
KVM: arm64: gic-v5: Create, init vgic_v5
KVM: arm64: gic-v5: Reset vcpu state
KVM: arm64: gic-v5: Bump arch timer for GICv5
KVM: arm64: gic-v5: Mandate architected PPI for PMU emulation on GICv5
KVM: arm64: gic: Hide GICv5 for protected guests
KVM: arm64: gic-v5: Hide FEAT_GCIE from NV GICv5 guests
KVM: arm64: gic-v5: Introduce kvm_arm_vgic_v5_ops and register them
KVM: arm64: gic-v5: Set ICH_VCTLR_EL2.En on boot
irqchip/gic-v5: Check if impl is virt capable
KVM: arm64: gic-v5: Probe for GICv5 device
Documentation: KVM: Introduce documentation for VGICv5
KVM: arm64: selftests: Introduce a minimal GICv5 PPI selftest
KVM: arm64: gic-v5: Communicate userspace-drivable PPIs via a UAPI
Documentation/virt/kvm/api.rst | 6 +-
.../virt/kvm/devices/arm-vgic-v5.rst | 50 ++
Documentation/virt/kvm/devices/index.rst | 1 +
arch/arm64/include/asm/el2_setup.h | 3 +-
arch/arm64/include/asm/kvm_asm.h | 5 +
arch/arm64/include/asm/kvm_host.h | 35 +-
arch/arm64/include/asm/kvm_hyp.h | 10 +
arch/arm64/include/asm/sysreg.h | 28 +-
arch/arm64/include/asm/vncr_mapping.h | 3 +
arch/arm64/include/uapi/asm/kvm.h | 1 +
arch/arm64/kvm/arch_timer.c | 112 +++-
arch/arm64/kvm/arm.c | 29 +-
arch/arm64/kvm/config.c | 145 ++++-
arch/arm64/kvm/emulate-nested.c | 123 +++-
arch/arm64/kvm/hyp/include/hyp/switch.h | 27 +
arch/arm64/kvm/hyp/nvhe/Makefile | 2 +-
arch/arm64/kvm/hyp/nvhe/hyp-main.c | 43 ++
arch/arm64/kvm/hyp/nvhe/switch.c | 15 +
arch/arm64/kvm/hyp/nvhe/sys_regs.c | 8 +
arch/arm64/kvm/hyp/vgic-v3-sr.c | 64 +-
arch/arm64/kvm/hyp/vgic-v5-sr.c | 146 +++++
arch/arm64/kvm/hyp/vhe/Makefile | 2 +-
arch/arm64/kvm/nested.c | 5 +
arch/arm64/kvm/pmu-emul.c | 21 +-
arch/arm64/kvm/sys_regs.c | 190 +++++-
arch/arm64/kvm/vgic/vgic-init.c | 123 +++-
arch/arm64/kvm/vgic/vgic-kvm-device.c | 99 ++-
arch/arm64/kvm/vgic/vgic-mmio.c | 28 +-
arch/arm64/kvm/vgic/vgic-v3-nested.c | 8 +-
arch/arm64/kvm/vgic/vgic-v3.c | 48 +-
arch/arm64/kvm/vgic/vgic-v5.c | 571 +++++++++++++++++-
arch/arm64/kvm/vgic/vgic.c | 125 +++-
arch/arm64/kvm/vgic/vgic.h | 70 ++-
arch/arm64/tools/sysreg | 482 ++++++++++++++-
drivers/irqchip/irq-gic-v5-irs.c | 4 +
drivers/irqchip/irq-gic-v5.c | 10 +
include/kvm/arm_arch_timer.h | 7 +-
include/kvm/arm_pmu.h | 5 +-
include/kvm/arm_vgic.h | 160 ++++-
include/linux/irqchip/arm-gic-v5.h | 15 +
include/linux/kvm_host.h | 1 +
include/uapi/linux/kvm.h | 2 +
tools/arch/arm64/include/uapi/asm/kvm.h | 1 +
tools/include/uapi/linux/kvm.h | 2 +
tools/testing/selftests/kvm/Makefile.kvm | 1 +
tools/testing/selftests/kvm/arm64/vgic_v5.c | 248 ++++++++
.../selftests/kvm/include/arm64/gic_v5.h | 148 +++++
47 files changed, 2965 insertions(+), 267 deletions(-)
create mode 100644 Documentation/virt/kvm/devices/arm-vgic-v5.rst
create mode 100644 arch/arm64/kvm/hyp/vgic-v5-sr.c
create mode 100644 tools/testing/selftests/kvm/arm64/vgic_v5.c
create mode 100644 tools/testing/selftests/kvm/include/arm64/gic_v5.h
--
2.34.1
More information about the linux-arm-kernel
mailing list