[GIT PULL] KVM/arm64 updates for 6.18
Paolo Bonzini
pbonzini at redhat.com
Tue Sep 30 10:12:31 PDT 2025
On Thu, Sep 25, 2025 at 8:26 PM Marc Zyngier <maz at kernel.org> wrote:
>
> Paolo,
>
> Here's the initial set of updates for 6.18.
>
> As expected, we have a bunch of NV follow-ups, fixing a number of
> issues and working around some architectural misfeatures. Of note is
> the addition of a basic framework to run our EL1 tests at EL2 in a
> more or less transparent way. On the pKVM side, the only new thing is
> the FF-A 1.2 support, which I'm sure will change the world as we know
> it </sarcasm>.
>
> As usual, a whole lot of more or less interesting fixes, details in
> the tag below.
>
> Please pull,
Can't complain about more self tests! Pulled, thanks - sorry for the delay.
Paolo
> M.
>
> The following changes since commit b320789d6883cc00ac78ce83bccbfe7ed58afcf0:
>
> Linux 6.17-rc4 (2025-08-31 15:33:07 -0700)
>
> are available in the Git repository at:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git tags/kvmarm-6.18
>
> for you to fetch changes up to 10fd0285305d0b48e8a3bf15d4f17fc4f3d68cb6:
>
> Merge branch kvm-arm64/selftests-6.18 into kvmarm-master/next (2025-09-24 19:35:50 +0100)
>
> ----------------------------------------------------------------
> KVM/arm64 updates for 6.18
>
> - Add support for FF-A 1.2 as the secure memory conduit for pKVM,
> allowing more registers to be used as part of the message payload.
>
> - Change the way pKVM allocates its VM handles, making sure that the
> privileged hypervisor is never tricked into using uninitialised
> data.
>
> - Speed up MMIO range registration by avoiding unnecessary RCU
> synchronisation, which results in VMs starting much quicker.
>
> - Add the dump of the instruction stream when panic-ing in the EL2
> payload, just like the rest of the kernel has always done. This will
> hopefully help debugging non-VHE setups.
>
> - Add 52bit PA support to the stage-1 page-table walker, and make use
> of it to populate the fault level reported to the guest on failing
> to translate a stage-1 walk.
>
> - Add NV support to the GICv3-on-GICv5 emulation code, ensuring
> feature parity for guests, irrespective of the host platform.
>
> - Fix some really ugly architecture problems when dealing with debug
> in a nested VM. This has some bad performance impacts, but is at
> least correct.
>
> - Add enough infrastructure to be able to disable EL2 features and
> give effective values to the EL2 control registers. This then allows
> a bunch of features to be turned off, which helps cross-host
> migration.
>
> - Large rework of the selftest infrastructure to allow most tests to
> transparently run at EL2. This is the first step towards enabling
> NV testing.
>
> - Various fixes and improvements all over the map, including one BE
> fix, just in time for the removal of the feature.
>
> ----------------------------------------------------------------
> Alexandru Elisei (1):
> KVM: arm64: Update stale comment for sanitise_mte_tags()
>
> Ben Horgan (1):
> KVM: arm64: Fix debug checking for np-guests using huge mappings
>
> Fuad Tabba (10):
> KVM: arm64: Add build-time check for duplicate DECLARE_REG use
> KVM: arm64: Rename pkvm.enabled to pkvm.is_protected
> KVM: arm64: Rename 'host_kvm' to 'kvm' in pKVM host code
> KVM: arm64: Clarify comments to distinguish pKVM mode from protected VMs
> KVM: arm64: Decouple hyp VM creation state from its handle
> KVM: arm64: Separate allocation and insertion of pKVM VM table entries
> KVM: arm64: Consolidate pKVM hypervisor VM initialization logic
> KVM: arm64: Introduce separate hypercalls for pKVM VM reservation and initialization
> KVM: arm64: Reserve pKVM handle during pkvm_init_host_vm()
> KVM: arm64: Fix page leak in user_mem_abort()
>
> James Clark (1):
> KVM: arm64: Add trap configs for PMSDSFR_EL1
>
> Jinqian Yang (2):
> KVM: arm64: Make ID_AA64MMFR1_EL1.{HCX, TWED} writable from userspace
> KVM: arm64: selftests: Test writes to ID_AA64MMFR1_EL1.{HCX, TWED}
>
> Keir Fraser (4):
> KVM: arm64: vgic-init: Remove vgic_ready() macro
> KVM: arm64: vgic: Explicitly implement vgic_dist::ready ordering
> KVM: Implement barriers before accessing kvm->buses[] on SRCU read paths
> KVM: Avoid synchronize_srcu() in kvm_io_bus_register_dev()
>
> Marc Zyngier (39):
> Merge branch kvm-arm64/ffa-1.2 into kvmarm-master/next
> Merge branch kvm-arm64/pkvm_vm_handle into kvmarm-master/next
> KVM: arm64: Fix kvm_vcpu_{set,is}_be() to deal with EL2 state
> Merge branch kvm-arm64/mmio-rcu into kvmarm-master/next
> Merge branch kvm-arm64/dump-instr into kvmarm-master/next
> KVM: arm64: Don't access ICC_SRE_EL2 if GICv3 doesn't support v2 compatibility
> KVM: arm64: Remove duplicate FEAT_{SYSREG128,MTE2} descriptions
> KVM: arm64: Add reg_feat_map_desc to describe full register dependency
> KVM: arm64: Enforce absence of FEAT_FGT on FGT registers
> KVM: arm64: Enforce absence of FEAT_FGT2 on FGT2 registers
> KVM: arm64: Enforce absence of FEAT_HCX on HCRX_EL2
> KVM: arm64: Convert HCR_EL2 RES0 handling to compute_reg_res0_bits()
> KVM: arm64: Enforce absence of FEAT_SCTLR2 on SCTLR2_EL{1,2}
> KVM: arm64: Enforce absence of FEAT_TCR2 on TCR2_EL2
> KVM: arm64: Convert SCTLR_EL1 RES0 handling to compute_reg_res0_bits()
> KVM: arm64: Convert MDCR_EL2 RES0 handling to compute_reg_res0_bits()
> KVM: arm64: Add helper computing the state of 52bit PA support
> KVM: arm64: Account for 52bit when computing maximum OA
> KVM: arm64: Compute 52bit TTBR address and alignment
> KVM: arm64: Decouple output address from the PT descriptor
> KVM: arm64: Pass the walk_info structure to compute_par_s1()
> KVM: arm64: Compute shareability for LPA2
> KVM: arm64: Populate PAR_EL1 with 52bit addresses
> KVM: arm64: Expand valid block mappings to FEAT_LPA/LPA2 support
> KVM: arm64: Report faults from S1 walk setup at the expected start level
> KVM: arm64: Allow use of S1 PTW for non-NV vcpus
> KVM: arm64: Allow EL1 control registers to be accessed from the CPU state
> KVM: arm64: Don't switch MMU on translation from non-NV context
> KVM: arm64: Add filtering hook to S1 page table walk
> KVM: arm64: Add S1 IPA to page table level walker
> KVM: arm64: Populate level on S1PTW SEA injection
> KVM: arm64: selftest: Expand external_aborts test to look for TTW levels
> Merge branch kvm-arm64/52bit-at into kvmarm-master/next
> Merge branch kvm-arm64/gic-v5-nv into kvmarm-master/next
> Merge branch kvm-arm64/nv-debug into kvmarm-master/next
> Merge branch kvm-arm64/el2-feature-control into kvmarm-master/next
> Merge branch kvm-arm64/nv-misc-6.18 into kvmarm-master/next
> Merge branch kvm-arm64/misc-6.18 into kvmarm-master/next
> Merge branch kvm-arm64/selftests-6.18 into kvmarm-master/next
>
> Mark Brown (3):
> KVM: arm64: Expose FEAT_LSFE to guests
> KVM: arm64: selftests: Remove a duplicate register listing in set_id_regs
> KVM: arm64: selftests: Cover ID_AA64ISAR3_EL1 in set_id_regs
>
> Mostafa Saleh (2):
> KVM: arm64: Dump instruction on hyp panic
> KVM: arm64: Map hyp text as RO and dump instr on panic
>
> Oliver Upton (29):
> KVM: arm64: nv: Trap debug registers when in hyp context
> KVM: arm64: nv: Apply guest's MDCR traps in nested context
> KVM: arm64: nv: Treat AMO as 1 when at EL2 and {E2H,TGE} = {1, 0}
> KVM: arm64: nv: Allow userspace to de-feature stage-2 TGRANs
> KVM: arm64: nv: Convert masks to denylists in limit_nv_id_reg()
> KVM: arm64: nv: Don't erroneously claim FEAT_DoubleLock for NV VMs
> KVM: arm64: nv: Expose FEAT_DF2 to NV-enabled VMs
> KVM: arm64: nv: Expose FEAT_RASv1p1 via RAS_frac
> KVM: arm64: nv: Expose FEAT_ECBHB to NV-enabled VMs
> KVM: arm64: nv: Expose FEAT_AFP to NV-enabled VMs
> KVM: arm64: nv: Exclude guest's TWED configuration when TWE isn't set
> KVM: arm64: nv: Expose FEAT_TWED to NV-enabled VMs
> KVM: arm64: nv: Advertise FEAT_SpecSEI to NV-enabled VMs
> KVM: arm64: nv: Advertise FEAT_TIDCP1 to NV-enabled VMs
> KVM: arm64: nv: Expose up to FEAT_Debugv8p8 to NV-enabled VMs
> KVM: arm64: selftests: Provide kvm_arch_vm_post_create() in library code
> KVM: arm64: selftests: Initialize VGICv3 only once
> KVM: arm64: selftests: Add helper to check for VGICv3 support
> KVM: arm64: selftests: Add unsanitised helpers for VGICv3 creation
> KVM: arm64: selftests: Create a VGICv3 for 'default' VMs
> KVM: arm64: selftests: Alias EL1 registers to EL2 counterparts
> KVM: arm64: selftests: Provide helper for getting default vCPU target
> KVM: arm64: selftests: Select SMCCC conduit based on current EL
> KVM: arm64: selftests: Use hyp timer IRQs when test runs at EL2
> KVM: arm64: selftests: Use the vCPU attr for setting nr of PMU counters
> KVM: arm64: selftests: Initialize HCR_EL2
> KVM: arm64: selftests: Enable EL2 by default
> KVM: arm64: selftests: Add basic test for running in VHE EL2
> KVM: arm64: selftests: Cope with arch silliness in EL2 selftest
>
> Per Larsen (6):
> KVM: arm64: Correct return value on host version downgrade attempt
> KVM: arm64: Use SMCCC 1.2 for FF-A initialization and in host handler
> KVM: arm64: Mark FFA_NOTIFICATION_* calls as unsupported
> KVM: arm64: Mark optional FF-A 1.2 interfaces as unsupported
> KVM: arm64: Mask response to FFA_FEATURE call
> KVM: arm64: Bump the supported version of FF-A to 1.2
>
> Sascha Bischoff (4):
> KVM: arm64: Enable nested for GICv5 host with FEAT_GCIE_LEGACY
> arm64: cpucaps: Add GICv5 Legacy vCPU interface (GCIE_LEGACY) capability
> KVM: arm64: Use ARM64_HAS_GICV5_LEGACY for GICv5 probing
> irqchip/gic-v5: Drop has_gcie_v3_compat from gic_kvm_info
>
> Wei-Lin Chang (1):
> KVM: arm64: ptdump: Don't test PTE_VALID alongside other attributes
>
> Yingchao Deng (1):
> KVM: arm64: Return early from trace helpers when KVM isn't available
>
> arch/arm64/include/asm/kvm_asm.h | 2 +
> arch/arm64/include/asm/kvm_emulate.h | 34 +-
> arch/arm64/include/asm/kvm_host.h | 5 +-
> arch/arm64/include/asm/kvm_nested.h | 27 +-
> arch/arm64/include/asm/kvm_pkvm.h | 1 +
> arch/arm64/include/asm/traps.h | 1 +
> arch/arm64/include/asm/vncr_mapping.h | 2 +
> arch/arm64/kernel/cpufeature.c | 15 +
> arch/arm64/kernel/image-vars.h | 3 +
> arch/arm64/kernel/traps.c | 15 +-
> arch/arm64/kvm/arm.c | 19 +-
> arch/arm64/kvm/at.c | 376 +++++++++++++++------
> arch/arm64/kvm/config.c | 358 +++++++++++++-------
> arch/arm64/kvm/debug.c | 25 +-
> arch/arm64/kvm/emulate-nested.c | 1 +
> arch/arm64/kvm/handle_exit.c | 3 +
> arch/arm64/kvm/hyp/include/nvhe/pkvm.h | 4 +-
> arch/arm64/kvm/hyp/include/nvhe/trap_handler.h | 3 +-
> arch/arm64/kvm/hyp/nvhe/Makefile | 1 +
> arch/arm64/kvm/hyp/nvhe/ffa.c | 217 ++++++++----
> arch/arm64/kvm/hyp/nvhe/hyp-main.c | 14 +
> arch/arm64/kvm/hyp/nvhe/mem_protect.c | 9 +-
> arch/arm64/kvm/hyp/nvhe/pkvm.c | 177 +++++++---
> arch/arm64/kvm/hyp/nvhe/setup.c | 12 +-
> arch/arm64/kvm/hyp/vgic-v3-sr.c | 25 +-
> arch/arm64/kvm/hyp/vhe/switch.c | 7 +
> arch/arm64/kvm/inject_fault.c | 27 +-
> arch/arm64/kvm/mmu.c | 16 +-
> arch/arm64/kvm/nested.c | 80 ++++-
> arch/arm64/kvm/pkvm.c | 76 +++--
> arch/arm64/kvm/ptdump.c | 20 +-
> arch/arm64/kvm/sys_regs.c | 55 ++-
> arch/arm64/kvm/vgic/vgic-init.c | 14 +-
> arch/arm64/kvm/vgic/vgic-v3.c | 8 +
> arch/arm64/kvm/vgic/vgic-v5.c | 2 +-
> arch/arm64/tools/cpucaps | 1 +
> arch/x86/kvm/vmx/vmx.c | 7 +
> drivers/irqchip/irq-gic-v5.c | 7 -
> include/kvm/arm_vgic.h | 2 +-
> include/linux/arm_ffa.h | 1 +
> include/linux/irqchip/arm-vgic-info.h | 2 -
> include/linux/kvm_host.h | 11 +-
> tools/testing/selftests/kvm/Makefile.kvm | 1 +
> tools/testing/selftests/kvm/arm64/arch_timer.c | 13 +-
> .../selftests/kvm/arm64/arch_timer_edge_cases.c | 13 +-
> .../testing/selftests/kvm/arm64/external_aborts.c | 42 +++
> tools/testing/selftests/kvm/arm64/hello_el2.c | 71 ++++
> tools/testing/selftests/kvm/arm64/hypercalls.c | 2 +-
> tools/testing/selftests/kvm/arm64/kvm-uuid.c | 2 +-
> tools/testing/selftests/kvm/arm64/no-vgic-v3.c | 2 +
> tools/testing/selftests/kvm/arm64/psci_test.c | 13 +-
> tools/testing/selftests/kvm/arm64/set_id_regs.c | 44 +--
> tools/testing/selftests/kvm/arm64/smccc_filter.c | 17 +-
> tools/testing/selftests/kvm/arm64/vgic_init.c | 2 +
> tools/testing/selftests/kvm/arm64/vgic_irq.c | 4 +-
> .../testing/selftests/kvm/arm64/vgic_lpi_stress.c | 8 +-
> .../selftests/kvm/arm64/vpmu_counter_access.c | 75 ++--
> tools/testing/selftests/kvm/dirty_log_perf_test.c | 35 --
> tools/testing/selftests/kvm/dirty_log_test.c | 1 +
> tools/testing/selftests/kvm/get-reg-list.c | 9 +-
> .../selftests/kvm/include/arm64/arch_timer.h | 24 ++
> .../selftests/kvm/include/arm64/kvm_util_arch.h | 5 +-
> .../selftests/kvm/include/arm64/processor.h | 74 ++++
> tools/testing/selftests/kvm/include/arm64/vgic.h | 3 +
> tools/testing/selftests/kvm/include/kvm_util.h | 7 +-
> tools/testing/selftests/kvm/lib/arm64/processor.c | 104 +++++-
> tools/testing/selftests/kvm/lib/arm64/vgic.c | 64 ++--
> tools/testing/selftests/kvm/lib/kvm_util.c | 15 +-
> tools/testing/selftests/kvm/lib/x86/processor.c | 2 +-
> tools/testing/selftests/kvm/s390/cmma_test.c | 2 +-
> tools/testing/selftests/kvm/steal_time.c | 2 +-
> virt/kvm/kvm_main.c | 43 ++-
> 72 files changed, 1696 insertions(+), 688 deletions(-)
> create mode 100644 tools/testing/selftests/kvm/arm64/hello_el2.c
>
More information about the linux-arm-kernel
mailing list