[PATCH] KVM: arm64: pkvm: Don't reprobe for ICH_VTR_EL2.TDS on CPU hotplug
Suzuki K Poulose
suzuki.poulose at arm.com
Tue Mar 10 03:13:03 PDT 2026
On 10/03/2026 09:43, Marc Zyngier wrote:
> On Tue, 10 Mar 2026 09:17:43 +0000,
> Suzuki K Poulose <suzuki.poulose at arm.com> wrote:
>>
>> On 10/03/2026 08:54, Marc Zyngier wrote:
>>> Hotplugging a CPU off and back on fails with pKVM, as we try to
>>> probe for ICH_VTR_EL2.TDS. In a non-VHE setup, this is achieved
>>> by using an EL2 stub helper. However, the stubs are out of reach
>>> once pKVM has deprivileged the kernel. The CPU never boots.
>>>
>>> Since pKVM doesn't allow late onlining of CPUs, we can detect
>>> that protected mode is enforced early on, and return the current
>>> state of the capability.
>>>
>>> Fixes: 2a28810cbb8b2 ("KVM: arm64: GICv3: Detect and work around the lack of ICV_DIR_EL1 trapping")
>>> Reported-by: Vincent Donnefort <vdonnefort at google.com>
>>> Signed-off-by: Marc Zyngier <maz at kernel.org>
>>> Cc: stable at vger.kernel.org
>>> ---
>>> arch/arm64/kernel/cpufeature.c | 3 +++
>>> 1 file changed, 3 insertions(+)
>>>
>>> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
>>> index c31f8e17732a3..947ff71b3b66b 100644
>>> --- a/arch/arm64/kernel/cpufeature.c
>>> +++ b/arch/arm64/kernel/cpufeature.c
>>> @@ -2345,6 +2345,9 @@ static bool can_trap_icv_dir_el1(const struct arm64_cpu_capabilities *entry,
>>> !is_midr_in_range_list(has_vgic_v3))
>>> return false;
>>> + if (system_capabilities_finalized() &&
>>> is_protected_kvm_enabled())
>>> + return cpus_have_final_cap(ARM64_HAS_ICH_HCR_EL2_TDIR);
>>
>> Is it a worth adding a comment here ? Otherwise this looks very odd -
>> Returning the system state of a capability for a "hotplugged" CPU.
>
> How about this?
>
> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
> index 947ff71b3b66b..32c2dbcc0c641 100644
> --- a/arch/arm64/kernel/cpufeature.c
> +++ b/arch/arm64/kernel/cpufeature.c
> @@ -2345,6 +2345,12 @@ static bool can_trap_icv_dir_el1(const struct arm64_cpu_capabilities *entry,
> !is_midr_in_range_list(has_vgic_v3))
> return false;
>
> + /*
> + * pKVM prevents late onlining of CPUs. This means that whatever
> + * state the capability is in after deprivilege cannot be affected
> + * by a new CPU booting -- this is garanteed to be a CPU we have
> + * already seen, and the cap is therefore unchanged.
> + */
Thanks, that looks good.
> if (system_capabilities_finalized() && is_protected_kvm_enabled())
> return cpus_have_final_cap(ARM64_HAS_ICH_HCR_EL2_TDIR);
>
>>
>> Otherwise
>>
>> Reviewed-by: Suzuki K Poulose <suzuki.poulose at arm.com>
Cheers
Suzuki
>
> Thanks!
>
> M.
>
More information about the linux-arm-kernel
mailing list