[PATCH 2/5] KVM: arm64: pkvm: Simplify BTI handling on CPU boot
Fuad Tabba
tabba at google.com
Sun Mar 22 08:37:14 PDT 2026
On Sat, 21 Mar 2026 at 21:24, Marc Zyngier <maz at kernel.org> wrote:
>
> In order to perform an indirect branch to kvm_host_psci_cpu_entry()
> on a BTI-aware system, we first branch to a 'BTI j' landing pad,
> and from there branch again to the target.
>
> While this works, this is really not required:
>
> - BLR works with 'BTI c' and 'PACIASP' as the landing pad
>
> - Even if LR gets clobbered by BLR, we are going to restore the
> host's registers, so it is pointless to try and avoid touching
> LR
>
> Given the above, drop the veneer and directly call into C code.
> If we were to come back from it, we'd directly enter the error
> handler.
>
> Signed-off-by: Marc Zyngier <maz at kernel.org>
Reviewed-by: Fuad Tabba <tabba at google.com>
Cheers,
/fuad
> ---
> arch/arm64/kvm/hyp/nvhe/host.S | 10 ----------
> arch/arm64/kvm/hyp/nvhe/hyp-init.S | 9 +++++----
> 2 files changed, 5 insertions(+), 14 deletions(-)
>
> diff --git a/arch/arm64/kvm/hyp/nvhe/host.S b/arch/arm64/kvm/hyp/nvhe/host.S
> index eef15b374abb0..465f6f1dd6414 100644
> --- a/arch/arm64/kvm/hyp/nvhe/host.S
> +++ b/arch/arm64/kvm/hyp/nvhe/host.S
> @@ -291,13 +291,3 @@ SYM_CODE_START(__kvm_hyp_host_forward_smc)
>
> ret
> SYM_CODE_END(__kvm_hyp_host_forward_smc)
> -
> -/*
> - * kvm_host_psci_cpu_entry is called through br instruction, which requires
> - * bti j instruction as compilers (gcc and llvm) doesn't insert bti j for external
> - * functions, but bti c instead.
> - */
> -SYM_CODE_START(kvm_host_psci_cpu_entry)
> - bti j
> - b __kvm_host_psci_cpu_entry
> -SYM_CODE_END(kvm_host_psci_cpu_entry)
> diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-init.S b/arch/arm64/kvm/hyp/nvhe/hyp-init.S
> index 5d00bde092010..55e0dce65dc56 100644
> --- a/arch/arm64/kvm/hyp/nvhe/hyp-init.S
> +++ b/arch/arm64/kvm/hyp/nvhe/hyp-init.S
> @@ -213,12 +213,13 @@ SYM_CODE_START_LOCAL(__kvm_hyp_init_cpu)
> mov x0, x28
> bl ___kvm_hyp_init // Clobbers x0..x2
>
> - /* Leave idmap. */
> + /* Leave idmap -- using BLR is OK, LR is restored from host context */
> mov x0, x29
> - ldr x1, =kvm_host_psci_cpu_entry
> - br x1
> + ldr x1, =__kvm_host_psci_cpu_entry
> + blr x1
>
> - // The core booted in EL1. KVM cannot be initialized on it.
> + // The core booted in EL1, or the C code unexpectedly returned.
> + // Either way, KVM cannot be initialized on it.
> 1: wfe
> wfi
> b 1b
> --
> 2.47.3
>
More information about the linux-arm-kernel
mailing list