[PATCH v3 5/5] KVM: arm64: Add SMC hook for SME dvmsync erratum
Catalin Marinas
catalin.marinas at arm.com
Tue Mar 24 05:56:56 PDT 2026
On Tue, Mar 24, 2026 at 10:14:40AM +0000, Vincent Donnefort wrote:
> On Mon, Mar 23, 2026 at 04:24:05PM +0000, Catalin Marinas wrote:
> > From: James Morse <james.morse at arm.com>
> >
> > C1-Pro cores with SME have an erratum where TLBI+DSB does not complete
> > all outstanding SME accesses. Instead a DSB needs to be executed on the
> > affecteed CPUs. The implication is pages cannot be unmapped from the
> > host stage2 then provided to the guest. Host SME accesses may occur
> > after this point.
> >
> > This erratum breaks pKVM's guarantees, and the workaround is hard to
> > implement as EL2 and EL1 share a security state meaning EL1 can mask
> > IPI sent by EL2, leading to interrupt blackouts.
> >
> > Instead, do this in EL3. This has the advantage of a separate security
> > state, meaning lower EL cannot mask the IPI. It is also simpler for EL3
> > to know about CPUs that are off or in PSCI's CPU_SUSPEND.
> >
> > Add the needed hook.
> >
> > Signed-off-by: James Morse <james.morse at arm.com>
> > Signed-off-by: Catalin Marinas <catalin.marinas at arm.com>
> > Cc: Marc Zyngier <maz at kernel.org>
> > Cc: Oliver Upton <oupton at kernel.org>
> > Cc: Will Deacon <will at kernel.org>
> > Cc: Mark Rutland <mark.rutland at arm.com>
> > Cc: Lorenzo Pieralisi <lpieralisi at kernel.org>
> > Cc: Sudeep Holla <sudeep.holla at kernel.org>
>
> In case this goes in before Will's p-guest series and with just a small comment
> below:
>
> Reviewed-by: Vincent Donnefort <vdonnefort at google.com>
Thanks.
I can leave this patch for later, maybe merge it after -rc1.
> > diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> > index 38f66a56a766..ef8afbdd421b 100644
> > --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> > +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> > @@ -5,6 +5,8 @@
> > */
> >
> > #include <linux/kvm_host.h>
> > +#include <linux/arm-smccc.h>
> > +
> > #include <asm/kvm_emulate.h>
> > #include <asm/kvm_hyp.h>
> > #include <asm/kvm_mmu.h>
> > @@ -28,6 +30,15 @@ static struct hyp_pool host_s2_pool;
> > static DEFINE_PER_CPU(struct pkvm_hyp_vm *, __current_vm);
> > #define current_vm (*this_cpu_ptr(&__current_vm))
> >
> > +static void pkvm_sme_dvmsync_fw_call(void)
> > +{
> > + if (alternative_has_cap_unlikely(ARM64_WORKAROUND_4193714)) {
> > + struct arm_smccc_res res;
> > +
> > + arm_smccc_1_1_smc(ARM_SMCCC_CPU_WORKAROUND_4193714, &res);
>
> With hyp tracing in kvmarm/next, this should be hyp_smccc_1_1_smc().
One more reason to leave it after -rc1.
--
Catalin
More information about the linux-arm-kernel
mailing list