[PATCH] arm64: Revamp HCR_EL2.E2H RES1 detection

Tue Oct 14 01:53:19 PDT 2025

On Fri, 10 Oct 2025 10:36:03 +0100,
Mark Rutland <mark.rutland at arm.com> wrote:
> 
> On Fri, Oct 10, 2025 at 10:22:18AM +0100, Marc Zyngier wrote:
> > On Thu, 09 Oct 2025 22:30:34 +0100,
> > Oliver Upton <oliver.upton at linux.dev> wrote:
> > > 
> > > Hey,
> > > 
> > > On Thu, Oct 09, 2025 at 01:12:39PM +0100, Marc Zyngier wrote:
> > > > We currently have two ways to identify CPUs that only implement FEAT_VHE
> > > > and not FEAT_E2H0:
> > > > 
> > > > - either they advertise it via ID_AA64MMFR4_EL1.E2H0,
> > > > - or the HCR_EL2.E2H bit is RAO/WI
> > > > 
> > > > However, there is a third category of "cpus" that fall between these
> > > > two cases: on CPUs that do not implement FEAT_FGT, it is IMPDEF whether
> > > > an access to ID_AA64MMFR4_EL1 can trap to EL2 when the register value
> > > > is zero.
> > > > 
> > > > A consequence of this is that on systems such as Neoverse V2, a NV
> > > > guest cannot reliably detect that it is in a VHE-only configuration
> > > > (E2H is writable, and ID_AA64MMFR0_EL1 is 0), despite the hypervisor's
> > > > best effort to repaint the id register.
> > > > 
> > > > Replace the RAO/WI test by a sequence that makes use of the VHE
> > > > register remnapping between EL1 and EL2 to detect this situation,
> > > > and work out whether we get the VHE behaviour even after having
> > > > set HCR_EL2.E2H to 0.
> > > > 
> > > > This solves the NV problem, and provides a more reliable acid test
> > > > for CPUs that do not completely follow the letter of the architecture
> > > > while providing a RES1 behaviour for HCR_EL2.E2H.
> > > > 
> > > > Suggested-by: Marc Rutland <mark.rutland at arm.com>
> > > 		^~~~
> > > 
> > > Thank you *Mark* for the suggestion here, neat trick :)
> > 
> > Too many Mar[ck]s. I'm struggling! ;-)
> 
> Time to file a deed poll. ;)
> 
> > > I'd be in favor of this patch being sent to stable, happy to handle the
> > > backports if you don't have the time for it. VMs mysteriously dying
> > > isn't a very good experience on NV and I'd like to not scare folks away.
> > 
> > I think Mark (yes, him!) had a plan to backport some of the !FEAT_E2H0
> > patches back to earlier kernels. I'll let him comment on that.
> 
> Yep; I had a (delayed) plan to backport:
> 
>   https://lore.kernel.org/linux-arm-kernel/20250227180526.1204723-1-mark.rutland@arm.com/ 
> 
> ... to v6.12, as folk are trying to run stable/android v6.12 kernels on
> models and HW with the RES1 behaviour, and IIRC we didn't try to handle
> this at all back in v6.6 (so no need to backport that far). I was
> expecting to backport this patch at the same time.
> 
> If someone else has the time to do the backport, I'm more than happy to
> leave it to them! Otherwise, I was planning to wait for this patch to
> land in mainline before starting that.

So I've taken the patch as is, without a Cc: stable, because I don't
trust this to be automatically AI-slopped^W^Wbackported to stable, and
the dependency chain isn't in stable either.

Happy to help with that though.

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.