[PATCH v2 02/14] KVM: arm64: Hide ID_AA64MMFR2_EL1.NV from guest and userspace
Sebastian Ott
sebott at redhat.com
Thu Feb 20 23:52:15 PST 2025
On Thu, 20 Feb 2025, Marc Zyngier wrote:
> On Thu, 20 Feb 2025 17:36:35 +0000,
> Sebastian Ott <sebott at redhat.com> wrote:
>> On Thu, 20 Feb 2025, Marc Zyngier wrote:
>>> Since our take on FEAT_NV is to only support FEAT_NV2, we should
>>> never expose ID_AA64MMFR2_EL1.NV to a guest nor userspace.
>>>
>>> Make sure we mask this field for good.
>>>
>>> Signed-off-by: Marc Zyngier <maz at kernel.org>
>>> ---
>>> arch/arm64/kvm/sys_regs.c | 1 +
>>> 1 file changed, 1 insertion(+)
>>>
>>> diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
>>> index 82430c1e1dd02..9f10dbd26e348 100644
>>> --- a/arch/arm64/kvm/sys_regs.c
>>> +++ b/arch/arm64/kvm/sys_regs.c
>>> @@ -1627,6 +1627,7 @@ static u64 __kvm_read_sanitised_id_reg(const struct kvm_vcpu *vcpu,
>>> break;
>>> case SYS_ID_AA64MMFR2_EL1:
>>> val &= ~ID_AA64MMFR2_EL1_CCIDX_MASK;
>>> + val &= ~ID_AA64MMFR2_EL1_NV;
>>> break;
>>
>> This would cause issues when you update the host kernel while keeping the
>> guests register state. Could we allow to write (but ignore) the previously
>> valid value? Like it was handled in:
>> 6685f5d572c2 KVM: arm64: Disable MPAM visibility by default and ignore VMM writes
>
> Yeah, this falls into the same "shouldn't have exposed this the first
> place" bucket. Annoying. Something like the diff below?
Yes, thanks!
More information about the linux-arm-kernel
mailing list