[PATCH 05/20] KVM: arm64: Extend unified RESx handling to runtime sanitisation

Tue Jan 27 02:52:47 PST 2026

On Mon, 26 Jan 2026 19:15:00 +0000,
Fuad Tabba <tabba at google.com> wrote:
> 
> Hi Marc,
> 
> On Mon, 26 Jan 2026 at 12:17, Marc Zyngier <maz at kernel.org> wrote:
> >
> > Add a new helper to retrieve the RESx values for a given system
> > register, and use it for the runtime sanitisation.
> >
> > This results in slightly better code generation for a fairly hot
> > path in the hypervisor.
> >
> > Signed-off-by: Marc Zyngier <maz at kernel.org>
> > ---
> >  arch/arm64/include/asm/kvm_host.h | 13 +++++++++++++
> >  arch/arm64/kvm/emulate-nested.c   | 10 +---------
> >  arch/arm64/kvm/nested.c           | 13 ++++---------
> >  3 files changed, 18 insertions(+), 18 deletions(-)
> >
> > diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
> > index a7e4cd8ebf56f..9dca94e4361f0 100644
> > --- a/arch/arm64/include/asm/kvm_host.h
> > +++ b/arch/arm64/include/asm/kvm_host.h
> > @@ -635,6 +635,19 @@ struct kvm_sysreg_masks {
> >         struct resx mask[NR_SYS_REGS - __SANITISED_REG_START__];
> >  };
> >
> > +#define kvm_get_sysreg_resx(k, sr)                                     \
> > +       ({                                                              \
> > +               struct kvm_sysreg_masks *__masks;                       \
> > +               struct resx __resx = {};                                \
> > +                                                                       \
> > +               __masks = (k)->arch.sysreg_masks;                       \
> > +               if (likely(__masks &&                                   \
> > +                          sr >= __SANITISED_REG_START__ &&             \
> > +                          sr < NR_SYS_REGS))                           \
> > +                       __resx = __masks->mask[sr - __SANITISED_REG_START__]; \
> > +               __resx;                                                 \
> > +       })
> > +
> 
> This now covers all registers that need to be sanitized, not just
> VNCR-backed ones now.

Only kvm_get_sysreg_res0() was previously limited to VNCR-registers,
and that was a bug found by Zenghui. What I'm trying to do here is to
concentrate the decision about accessing the masks in a single place
that is safe to use from any context.

> 
> nit: wouldn't it be better to capture sr in a local variable rather
> than reuse it? It is an enum, but it would make checkpatch feel
> slightly better :)

Indeed, this macro is pretty horrible, and needs some tidying up. I'll
have a look at pimping it up ;-)

>
> Reviewed-by: Fuad Tabba <tabba at google.com>

Thanks!

	M.

-- 
Without deviation from the norm, progress is not possible.