[PATCH v2 0/5] KVM: arm64: Enforce MTE disablement at EL2

Fuad Tabba tabba at google.com
Tue Jan 20 01:05:18 PST 2026 

Hi,

I was wondering if there's anything else you would like me to do for
this series. Should I rebase it on 6.19-rc6?

Cheers,
/fuad

On Thu, 11 Dec 2025 at 11:38, Fuad Tabba <tabba at google.com> wrote:
>
> pKVM never exposes MTE to protected guests (pVM), but we must also
> ensure a malicious host cannot use MTE to attack the hypervisor or a
> pVM.
>
> If MTE is supported by the hardware (and is enabled at EL3), it remains
> available to lower exception levels by default. Disabling it in the host
> kernel (e.g., via 'arm64.nomte') only stops the kernel from advertising
> the feature; it does not physically disable MTE in the hardware.
>
> The ability to disable MTE in the host kernel is used by some systems,
> such as Android, so that the physical memory otherwise used as tag
> storage can be used for other things (i.e. treated just like the rest of
> memory).
>
> In this scenario, a malicious host could still access tags in pages
> donated to a guest using MTE instructions (e.g., STG and LDG), bypassing
> the kernel's configuration.
>
> To prevent this, explicitly disable MTE at EL2 (by clearing HCR_EL2.ATA)
> when the host has MTE disabled. This causes any MTE instruction usage to
> generate a Data Abort (trap) to the hypervisor.
>
> Additionally, to faithfully mimic hardware that does not support MTE,
> trap accesses to MTE system registers (e.g., GCR_EL1) and inject an
> Undefined Instruction exception back to the host.
>
> This logic is applied in all non-VHE modes. For non-protected modes,
> this remains beneficial as it prevents unpredictable behavior caused by
> accessing allocation tags when the system considers them disabled.
>
> Note that this ties into my other outgoing patch series [1], which also
> has some MTE-related fixes, but is not dependent on it.
>
> Based on Linux 6.18
>
> Cheers,
> /fuad
>
> [1] https://lore.kernel.org/all/20251211104710.151771-1-tabba@google.com/
> [2] https://lore.kernel.org/all/20251127122210.4111702-1-tabba@google.com/
>
> Fuad Tabba (4):
>   arm64: Remove dead code resetting HCR_EL2 for pKVM
>   arm64: Clear HCR_EL2.ATA when MTE is not supported or disabled
>   arm64: Inject UNDEF when accessing MTE sysregs with MTE disabled
>   KVM: arm64: Use kvm_has_mte() in pKVM trap initialization
>
> Quentin Perret (1):
>   KVM: arm64: Refactor enter_exception64()
>
>  arch/arm64/include/asm/kvm_arm.h     |   2 +-
>  arch/arm64/include/asm/kvm_emulate.h |   5 ++
>  arch/arm64/kernel/head.S             |   2 +-
>  arch/arm64/kvm/arm.c                 |   4 ++
>  arch/arm64/kvm/hyp/exception.c       | 100 ++++++++++++++++-----------
>  arch/arm64/kvm/hyp/nvhe/hyp-init.S   |   5 --
>  arch/arm64/kvm/hyp/nvhe/hyp-main.c   |  44 ++++++++++++
>  arch/arm64/kvm/hyp/nvhe/pkvm.c       |   2 +-
>  8 files changed, 114 insertions(+), 50 deletions(-)
>
>
> base-commit: 7d0a66e4bb9081d75c82ec4957c50034cb0ea449
> --
> 2.52.0.223.gf5cc29aaa4-goog
>

More information about the linux-arm-kernel mailing list