[PATCH v6 4/4] arm64: paravirt: Enable errata based on implementation CPUs
Marc Zyngier
maz at kernel.org
Fri Feb 7 10:17:37 PST 2025
On Fri, 07 Feb 2025 18:10:08 +0000,
Catalin Marinas <catalin.marinas at arm.com> wrote:
>
> On Fri, Feb 07, 2025 at 02:31:12PM +0000, Marc Zyngier wrote:
> > On Fri, 07 Feb 2025 14:08:44 +0000,
> > Catalin Marinas <catalin.marinas at arm.com> wrote:
> > > On Wed, Feb 05, 2025 at 01:22:22PM +0000, Shameer Kolothum wrote:
> > > > static inline bool is_midr_in_range(struct midr_range const *range)
> > > > {
> > > > - return midr_is_cpu_model_range(read_cpuid_id(), range->model,
> > > > - range->rv_min, range->rv_max);
> > > > + int i;
> > > > +
> > > > + if (!target_impl_cpu_num)
> > > > + return midr_is_cpu_model_range(read_cpuid_id(), range->model,
> > > > + range->rv_min, range->rv_max);
> > > > +
> > > > + for (i = 0; i < target_impl_cpu_num; i++) {
> > > > + if (midr_is_cpu_model_range(target_impl_cpus[i].midr,
> > > > + range->model,
> > > > + range->rv_min, range->rv_max))
> > > > + return true;
> > > > + }
> > > > + return false;
> > > > }
> > >
> > > It's a interesting approach but how does this work in practice if an
> > > erratum requires a firmware counterpart? Do we expect firmwares on all
> > > machines involved to have workarounds for the other machines? Or is KVM
> > > going to intercept those SMCs and pretend the EL3 counterpart is there?
> >
> > KVM already traps SMCs, and could do something on behalf of the guest
> > (such as pretending that the mitigation has happened if not on the
> > correct host) *IF* the mitigation is architected (à la WA{1,2,3}).
>
> That's the main thing I had in mind. I don't think we have any other
> errata that requires firmware run-time discovery and interaction, though
> you never know when we'll add new one.
>
> > If it is implementation specific, then we can immediately stop
> > pretending that a guest running on those systems can be migrated.
>
> Makes sense.
>
> > The only thing it helps a bit is big-little.
>
> It does help a bit or, at least, we have some code for handling these
> variations that cab be extended. However, with this patchset, the host
> only probes the availability of the workarounds on the SoC it booted. It
> has no idea about the extra MIDRs the VMM picks and what the other
> machines in the clouds support.
But that's the contract. The VMM has to be omniscient and know exactly
what it can safely migrate to. It literally says "trust me, I know
what I'm doing".
> Anyway, let's hope the VMs only migrate between platforms that are
> equally broken.
No shortage of that, I'm afraid! :)
M.
--
Without deviation from the norm, progress is not possible.
More information about the linux-arm-kernel
mailing list