[PATCH] KVM: arm64: Set a linux errno on SMCCC error in kvm_call_hyp_nvhe()

Sun Jun 7 07:01:03 PDT 2026

On Fri, 05 Jun 2026 12:23:40 +0100,
Will Deacon <will at kernel.org> wrote:
> 
> On Wed, Jun 03, 2026 at 12:03:12PM +0100, Vincent Donnefort wrote:
> > If the HVC called in kvm_call_hyp_nvhe() fails with an SMCCC error code,
> > we WARN. However, the returned value isn't initialized and the caller
> > might get garbage or 0 which is likely to be interpreted as success.
> > 
> > Set a default -EPERM error value, ensuring all callers get the message
> > when SMCCC calls fail.
> > 
> > Signed-off-by: Vincent Donnefort <vdonnefort at google.com>
> > 
> > ---
> > 
> > I have encountered this issue while working on a follow-up contribution to the
> > hypervisor tracing. In that case it completely crashed the kernel because
> > IS_ERR() failed on that res.a1 value.
> > 
> > Now, if it makes that function more robust, I do not believe it is fixing any
> > existing bug which is why I haven't added a "Fixes:" tag. 
> > 
> > In case we want to stick one, here it is:
> > 
> > Fixes: 054698316d87 ("KVM: arm64: nVHE: Migrate hyp interface to SMCCC")
> > 
> > diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
> > index a49042bfa801..6b8fd494792c 100644
> > --- a/arch/arm64/include/asm/kvm_host.h
> > +++ b/arch/arm64/include/asm/kvm_host.h
> > @@ -1273,13 +1273,14 @@ void kvm_arm_resume_guest(struct kvm *kvm);
> >  #define vcpu_has_run_once(vcpu)	(!!READ_ONCE((vcpu)->pid))
> >  
> >  #ifndef __KVM_NVHE_HYPERVISOR__
> > -#define kvm_call_hyp_nvhe(f, ...)						\
> > +#define kvm_call_hyp_nvhe(f, ...)					\
> >  	({								\
> >  		struct arm_smccc_res res;				\
> >  									\
> >  		arm_smccc_1_1_hvc(KVM_HOST_SMCCC_FUNC(f),		\
> >  				  ##__VA_ARGS__, &res);			\
> > -		WARN_ON(res.a0 != SMCCC_RET_SUCCESS);			\
> > +		if (WARN_ON(res.a0 != SMCCC_RET_SUCCESS))		\
> > +			res.a1 = -EPERM;				\
> >  									\
> >  		res.a1;							\
> >  	})
> 
> Looks like the only error code we return to the host is
> SMCCC_RET_NOT_SUPPORTED, so maybe -EOPNOTSUPP would be more appropriate?

Yes, this is better. I've hacked the patch to reflect this upon
applying it.

Thanks,

	M.

-- 
Jazz isn't dead. It just smells funny.