[PATCH v2 21/36] KVM: arm64: gic-v5: Finalize GICv5 PPIs and generate mask

Thu Jan 8 08:51:45 PST 2026

On Wed, 2026-01-07 at 15:08 +0000, Jonathan Cameron wrote:
> On Fri, 19 Dec 2025 15:52:43 +0000
> Sascha Bischoff <Sascha.Bischoff at arm.com> wrote:
> 
> > We only want to expose a subset of the PPIs to a guest. If a PPI
> > does
> > not have an owner, it is not being actively driven by a device. The
> > SW_PPI is a special case, as it is likely for userspace to wish to
> > inject that.
> > 
> > Therefore, just prior to running the guest for the first time, we
> > need
> > to finalize the PPIs. A mask is generated which, when combined with
> > trapping a guest's PPI accesses, allows for the guest's view of the
> > PPI to be filtered.
> > 
> > Signed-off-by: Sascha Bischoff <sascha.bischoff at arm.com>
> 
> Minor suggestion inline. Either way
> 
> Reviewed-by: Jonathan Cameron <jonathan.cameron at huawei.com>
> 
> > diff --git a/arch/arm64/kvm/vgic/vgic-v5.c
> > b/arch/arm64/kvm/vgic/vgic-v5.c
> > index c7ecc4f40b1e5..f1fa63e67c1f6 100644
> > --- a/arch/arm64/kvm/vgic/vgic-v5.c
> > +++ b/arch/arm64/kvm/vgic/vgic-v5.c
> > @@ -81,6 +81,66 @@ static u32
> > vgic_v5_get_effective_priority_mask(struct kvm_vcpu *vcpu)
> >  	return priority_mask;
> >  }
> >  
> > +static int vgic_v5_finalize_state(struct kvm_vcpu *vcpu)
> > +{
> > +	if (!ppi_caps)
> > +		return -ENXIO;
> > +
> > +	vcpu->arch.vgic_cpu.vgic_v5.vgic_ppi_mask[0] = 0;
> > +	vcpu->arch.vgic_cpu.vgic_v5.vgic_ppi_mask[1] = 0;
> > +	vcpu->arch.vgic_cpu.vgic_v5.vgic_ppi_hmr[0] = 0;
> > +	vcpu->arch.vgic_cpu.vgic_v5.vgic_ppi_hmr[1] = 0;
> > +	for (int i = 0; i < VGIC_V5_NR_PRIVATE_IRQS; ++i) {
> > +		int reg = i / 64;
> > +		u64 bit = BIT_ULL(i % 64);
> > +		struct vgic_irq *irq = &vcpu-
> > >arch.vgic_cpu.private_irqs[i];
> > +
> > +		raw_spin_lock(&irq->irq_lock);
> > +
> A little nicer perhaps with:
> 		guard(raw_spin_lock(&irq->irq_lock);

Harder to break in the future too. Done.

Thanks,
Sascha

> > +		/*
> > +		 * We only expose PPIs with an owner or thw SW_PPI
> > to
> > +		 * the guest.
> > +		 */
> > +		if (!irq->owner && irq->intid == GICV5_SW_PPI)
> > +			goto unlock;
> and
> 			continue;
> > +
> > +		/*
> > +		 * If the PPI isn't implemented, we can't pass it
> > +		 * through to a guest anyhow.
> > +		 */
> > +		if (!(ppi_caps->impl_ppi_mask[reg] & bit))
> > +			goto unlock;
> and
> 			continue;
> > +
> > +		vcpu->arch.vgic_cpu.vgic_v5.vgic_ppi_mask[reg] |=
> > bit;
> > +
> > +		if (irq->config == VGIC_CONFIG_LEVEL)
> > +			vcpu-
> > >arch.vgic_cpu.vgic_v5.vgic_ppi_hmr[reg] |= bit;
> > +
> > +unlock:
> > +		raw_spin_unlock(&irq->irq_lock);
> Then the label and unlock can go away.
> 
> > +	}
> > +
> > +	return 0;
> > +}
> 