From: Marc Zyngier <maz@kernel.org>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Alexandru Elisei" <alexandru.elisei@arm.com>,
"Andrew Jones" <andrew.jones@linux.dev>,
"Arnd Bergmann" <arnd@arndb.de>,
"Ben Dooks" <ben.dooks@codethink.co.uk>,
"Ben Horgan" <ben.horgan@arm.com>,
"Catalin Marinas" <catalin.marinas@arm.com>,
"Dongxu Sun" <sundongxu1024@163.com>,
"Fuad Tabba" <tabba@google.com>,
"Itaru Kitayama" <itaru.kitayama@fujitsu.com>,
"Jinqian Yang" <yangjinqian1@huawei.com>,
"Joey Gouly" <joey.gouly@arm.com>,
"Jonathan Cameron" <jonathan.cameron@huawei.com>,
"Kornel Dulęba" <korneld@google.com>,
"Lorenzo Pieralisi" <lpieralisi@kernel.org>,
"Mark Brown" <broonie@kernel.org>,
"Mark Rutland" <mark.rutland@arm.com>,
"Nathan Chancellor" <nathan@kernel.org>,
"Oliver Upton" <oliver.upton@linux.dev>,
"Oliver Upton" <oupton@kernel.org>,
"Petteri Kangaslampi" <pekangas@google.com>,
"Quentin Perret" <qperret@google.com>,
"Sascha Bischoff" <sascha.bischoff@arm.com>,
"Suzuki K Poulose" <suzuki.poulose@arm.com>,
"Vincent Donnefort" <vdonnefort@google.com>,
"Will Deacon" <will@kernel.org>,
"Yicong Yang" <yangyicong@hisilicon.com>,
"Yuan Yao" <yaoyuan@linux.alibaba.com>,
"Zenghui Yu" <zenghui.yu@linux.dev>,
"Zhou Wang" <wangzhou1@hisilicon.com>,
"Zenghui Yu" <yuzenghui@huawei.com>,
kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
kvm@vger.kernel.org
Subject: [GIT PULL] KVM/arm64 updates for 7.0
Date: Fri, 6 Feb 2026 15:33:45 +0000 [thread overview]
Message-ID: <20260206153345.3582574-1-maz@kernel.org> (raw)
[With the various lists on Cc this time around, apologies for the
noise]
Paolo,
Here's the initial set of updates for 7.0.
This time, the changes are more or less separated in two cagegories:
- a bunch of pKVM fixes, mostly ensuring that features that are not
exposed to guest or host are indeed out of reach
- a lot of rework of the register sanitisation infrastructure,
including new registers being sanitised
The rest is a set of random, low key changes -- details in the tag
below.
Note that this pull request also brings two additional branches to
avoid ugly conflicts:
- the kvmarm-fixes-6.19-1 tag, which made it into Linus' tree after
the base for the kvmarm/next branch was created,
- a shared branch with the arm64 tree (arm64/for-next/cpufeature),
which also touches KVM
Please pull,
M.
The following changes since commit 9ace4753a5202b02191d54e9fdf7f9e3d02b85eb:
Linux 6.19-rc4 (2026-01-04 14:41:55 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git tags/kvmarm-7.0
for you to fetch changes up to 6316366129d2885fae07c2774f4b7ae0a45fb55d:
Merge branch kvm-arm64/misc-6.20 into kvmarm-master/next (2026-02-05 09:17:58 +0000)
----------------------------------------------------------------
KVM/arm64 updates for 7.0
- Add support for FEAT_IDST, allowing ID registers that are not
implemented to be reported as a normal trap rather than as an UNDEF
exception.
- Add sanitisation of the VTCR_EL2 register, fixing a number of
UXN/PXN/XN bugs in the process.
- Full handling of RESx bits, instead of only RES0, and resulting in
SCTLR_EL2 being added to the list of sanitised registers.
- More pKVM fixes for features that are not supposed to be exposed to
guests.
- Make sure that MTE being disabled on the pKVM host doesn't give it
the ability to attack the hypervisor.
- Allow pKVM's host stage-2 mappings to use the Force Write Back
version of the memory attributes by using the "pass-through'
encoding.
- Fix trapping of ICC_DIR_EL1 on GICv5 hosts emulating GICv3 for the
guest.
- Preliminary work for guest GICv5 support.
- A bunch of debugfs fixes, removing pointless custom iterators stored
in guest data structures.
- A small set of FPSIMD cleanups.
- Selftest fixes addressing the incorrect alignment of page
allocation.
- Other assorted low-impact fixes and spelling fixes.
----------------------------------------------------------------
Alexandru Elisei (4):
KVM: arm64: Copy FGT traps to unprotected pKVM VCPU on VCPU load
KVM: arm64: Inject UNDEF for a register trap without accessor
KVM: arm64: Remove extra argument for __pvkm_host_{share,unshare}_hyp()
KVM: arm64: Remove unused parameter in synchronize_vcpu_pstate()
Ben Dooks (1):
KVM: arm64: Fix missing <asm/stackpage/nvhe.h> include
Dongxu Sun (1):
KVM: arm64: Remove unused vcpu_{clear,set}_wfx_traps()
Fuad Tabba (22):
KVM: arm64: selftests: Disable unused TTBR1_EL1 translations
KVM: arm64: selftests: Fix incorrect rounding in page_align()
KVM: riscv: selftests: Fix incorrect rounding in page_align()
KVM: selftests: Move page_align() to shared header
KVM: selftests: Fix typos and stale comments in kvm_util
KVM: arm64: Fix Trace Buffer trapping for protected VMs
KVM: arm64: Fix Trace Buffer trap polarity for protected VMs
KVM: arm64: Fix MTE flag initialization for protected VMs
KVM: arm64: Introduce helper to calculate fault IPA offset
KVM: arm64: Include VM type when checking VM capabilities in pKVM
KVM: arm64: Do not allow KVM_CAP_ARM_MTE for any guest in pKVM
KVM: arm64: Track KVM IOCTLs and their associated KVM caps
KVM: arm64: Check whether a VM IOCTL is allowed in pKVM
KVM: arm64: Prevent host from managing timer offsets for protected VMs
KVM: arm64: Remove dead code resetting HCR_EL2 for pKVM
KVM: arm64: Trap MTE access and discovery when MTE is disabled
KVM: arm64: Inject UNDEF when accessing MTE sysregs with MTE disabled
KVM: arm64: Use kvm_has_mte() in pKVM trap initialization
KVM: arm64: Use standard seq_file iterator for idregs debugfs
KVM: arm64: Reimplement vgic-debug XArray iteration
KVM: arm64: Use standard seq_file iterator for vgic-debug debugfs
KVM: arm64: nv: Avoid NV stage-2 code when NV is not supported
Jinqian Yang (1):
arm64: Add support for TSV110 Spectre-BHB mitigation
Kornel Dulęba (1):
KVM: arm64: Fix error checking for FFA_VERSION
Marc Zyngier (59):
KVM: arm64: Fix EL2 S1 XN handling for hVHE setups
KVM: arm64: Don't blindly set set PSTATE.PAN on guest exit
Merge branch kvmarm-fixes-6.19-1 into kvm-arm64/vtcr
arm64: Convert ID_AA64MMFR0_EL1.TGRAN{4,16,64}_2 to UnsignedEnum
arm64: Convert VTCR_EL2 to sysreg infratructure
KVM: arm64: Account for RES1 bits in DECLARE_FEAT_MAP() and co
KVM: arm64: Convert VTCR_EL2 to config-driven sanitisation
KVM: arm64: Honor UX/PX attributes for EL2 S1 mappings
arm64: Repaint ID_AA64MMFR2_EL1.IDS description
KVM: arm64: Add trap routing for GMID_EL1
KVM: arm64: Add a generic synchronous exception injection primitive
KVM: arm64: Handle FEAT_IDST for sysregs without specific handlers
KVM: arm64: Handle CSSIDR2_EL1 and SMIDR_EL1 in a generic way
KVM: arm64: Force trap of GMID_EL1 when the guest doesn't have MTE
KVM: arm64: pkvm: Add a generic synchronous exception injection primitive
KVM: arm64: pkvm: Report optional ID register traps with a 0x18 syndrome
KVM: arm64: selftests: Add a test for FEAT_IDST
KVM: arm64: Always populate FGT masks at boot time
arm64: Unconditionally enable LSE support
arm64: Unconditionally enable PAN support
KVM: arm64: Add exit to userspace on {LD,ST}64B* outside of memslots
KVM: arm64: Add documentation for KVM_EXIT_ARM_LDST64B
Merge branch arm64/for-next/cpufeature into kvmarm-master/next
Merge branch kvm-arm64/vtcr into kvmarm-master/next
Merge branch kvm-arm64/selftests-6.20 into kvmarm-master/next
Merge branch kvm-arm64/feat_idst into kvmarm-master/next
Merge branch kvm-arm64/pkvm-features-6.20 into kvmarm-master/next
arm64: Add MT_S2{,_FWB}_AS_S1 encodings
KVM: arm64: Add KVM_PGTABLE_S2_AS_S1 flag
KVM: arm64: Switch pKVM host S2 over to KVM_PGTABLE_S2_AS_S1
KVM: arm64: Kill KVM_PGTABLE_S2_NOFWB
KVM: arm64: Simplify PAGE_S2_MEMATTR
arm64: Convert SCTLR_EL2 to sysreg infrastructure
KVM: arm64: Remove duplicate configuration for SCTLR_EL1.{EE,E0E}
KVM: arm64: Introduce standalone FGU computing primitive
KVM: arm64: Introduce data structure tracking both RES0 and RES1 bits
KVM: arm64: Extend unified RESx handling to runtime sanitisation
KVM: arm64: Inherit RESx bits from FGT register descriptors
KVM: arm64: Allow RES1 bits to be inferred from configuration
KVM: arm64: Correctly handle SCTLR_EL1 RES1 bits for unsupported features
KVM: arm64: Convert HCR_EL2.RW to AS_RES1
KVM: arm64: Simplify FIXED_VALUE handling
KVM: arm64: Add REQUIRES_E2H1 constraint as configuration flags
KVM: arm64: Add RES1_WHEN_E2Hx constraints as configuration flags
KVM: arm64: Move RESx into individual register descriptors
KVM: arm64: Simplify handling of HCR_EL2.E2H RESx
KVM: arm64: Get rid of FIXED_VALUE altogether
KVM: arm64: Simplify handling of full register invalid constraint
KVM: arm64: Remove all traces of FEAT_TME
KVM: arm64: Remove all traces of HCR_EL2.MIOCNCE
KVM: arm64: Add sanitisation to SCTLR_EL2
KVM: arm64: Add debugfs file dumping computed RESx values
Merge branch kvm-arm64/pkvm-no-mte into kvmarm-master/next
Merge branch kvm-arm64/fwb-for-all into kvmarm-master/next
Merge branch kvm-arm64/gicv3-tdir-fixes into kvmarm-master/next
Merge branch kvm-arm64/gicv5-prologue into kvmarm-master/next
Merge branch kvm-arm64/debugfs-fixes into kvmarm-master/next
Merge branch kvm-arm64/resx into kvmarm-master/next
Merge branch kvm-arm64/misc-6.20 into kvmarm-master/next
Mark Rutland (3):
KVM: arm64: Fix comment in fpsimd_lazy_switch_to_host()
KVM: arm64: Shuffle KVM_HOST_DATA_FLAG_* indices
KVM: arm64: Remove ISB after writing FPEXC32_EL2
Oliver Upton (1):
KVM: arm64: nv: Respect stage-2 write permssion when setting stage-1 AF
Petteri Kangaslampi (1):
KVM: arm64: Calculate hyp VA size only once
Sascha Bischoff (7):
KVM: arm64: gic: Check for vGICv3 when clearing TWI
KVM: arm64: gic: Enable GICv3 CPUIF trapping on GICv5 hosts if required
KVM: arm64: Correct test for ICH_HCR_EL2_TDIR cap for GICv5 hosts
KVM: arm64: gic-v3: Switch vGIC-v3 to use generated ICH_VMCR_EL2
arm64/sysreg: Drop ICH_HFGRTR_EL2.ICC_HAPR_EL1 and make RES1
KVM: arm64: gic: Set vgic_model before initing private IRQs
irqchip/gic-v5: Check if impl is virt capable
Will Deacon (1):
KVM: arm64: Invert KVM_PGTABLE_WALK_HANDLE_FAULT to fix pKVM walkers
Yicong Yang (4):
KVM: arm64: Handle DABT caused by LS64* instructions on unsupported memory
arm64: Provide basic EL2 setup for FEAT_{LS64, LS64_V} usage at EL0/1
KVM: arm64: Enable FEAT_{LS64, LS64_V} in the supported guest
arm64: Add support for FEAT_{LS64, LS64_V}
Zenghui Yu (Huawei) (3):
KVM: arm64: nv: Return correct RES0 bits for FGT registers
KVM: arm64: nv: Add trap config for DBGWCR<15>_EL1
KVM: arm64: Fix various comments
Documentation/arch/arm64/booting.rst | 12 +
Documentation/arch/arm64/elf_hwcaps.rst | 7 +
Documentation/virt/kvm/api.rst | 43 +-
arch/arm64/Kconfig | 33 --
arch/arm64/include/asm/cpucaps.h | 2 -
arch/arm64/include/asm/el2_setup.h | 13 +-
arch/arm64/include/asm/esr.h | 8 +
arch/arm64/include/asm/hwcap.h | 1 +
arch/arm64/include/asm/insn.h | 23 -
arch/arm64/include/asm/kvm_arm.h | 56 +--
arch/arm64/include/asm/kvm_emulate.h | 24 +-
arch/arm64/include/asm/kvm_host.h | 56 ++-
arch/arm64/include/asm/kvm_mmu.h | 3 +-
arch/arm64/include/asm/kvm_pgtable.h | 15 +-
arch/arm64/include/asm/kvm_pkvm.h | 32 +-
arch/arm64/include/asm/lse.h | 9 -
arch/arm64/include/asm/memory.h | 11 +-
arch/arm64/include/asm/pgtable-prot.h | 4 +-
arch/arm64/include/asm/sysreg.h | 32 +-
arch/arm64/include/asm/uaccess.h | 6 +-
arch/arm64/include/uapi/asm/hwcap.h | 1 +
arch/arm64/kernel/cpufeature.c | 42 +-
arch/arm64/kernel/cpuinfo.c | 1 +
arch/arm64/kernel/head.S | 2 +-
arch/arm64/kernel/proton-pack.c | 1 +
arch/arm64/kvm/arch_timer.c | 18 +-
arch/arm64/kvm/arm.c | 64 ++-
arch/arm64/kvm/at.c | 15 +-
arch/arm64/kvm/config.c | 505 +++++++++++++--------
arch/arm64/kvm/emulate-nested.c | 105 +++--
arch/arm64/kvm/hyp/entry.S | 2 +-
arch/arm64/kvm/hyp/include/hyp/switch.h | 8 +-
arch/arm64/kvm/hyp/nvhe/ffa.c | 4 +-
arch/arm64/kvm/hyp/nvhe/hyp-init.S | 5 -
arch/arm64/kvm/hyp/nvhe/hyp-main.c | 70 +++
arch/arm64/kvm/hyp/nvhe/mem_protect.c | 4 +-
arch/arm64/kvm/hyp/nvhe/pkvm.c | 21 +-
arch/arm64/kvm/hyp/nvhe/switch.c | 2 +-
arch/arm64/kvm/hyp/nvhe/sys_regs.c | 39 +-
arch/arm64/kvm/hyp/pgtable.c | 63 ++-
arch/arm64/kvm/hyp/vgic-v2-cpuif-proxy.c | 2 +-
arch/arm64/kvm/hyp/vgic-v3-sr.c | 69 +--
arch/arm64/kvm/hyp/vhe/switch.c | 2 +-
arch/arm64/kvm/hyp/vhe/sysreg-sr.c | 2 +-
arch/arm64/kvm/inject_fault.c | 46 +-
arch/arm64/kvm/mmio.c | 27 +-
arch/arm64/kvm/mmu.c | 58 +--
arch/arm64/kvm/nested.c | 172 +++----
arch/arm64/kvm/sys_regs.c | 127 ++++--
arch/arm64/kvm/sys_regs.h | 10 +
arch/arm64/kvm/va_layout.c | 33 +-
arch/arm64/kvm/vgic/vgic-debug.c | 108 ++---
arch/arm64/kvm/vgic/vgic-init.c | 8 +-
arch/arm64/kvm/vgic/vgic-v3-nested.c | 10 +-
arch/arm64/kvm/vgic/vgic-v3.c | 73 +--
arch/arm64/kvm/vgic/vgic-v5.c | 2 +
arch/arm64/kvm/vgic/vgic.h | 1 +
arch/arm64/lib/insn.c | 2 -
arch/arm64/net/bpf_jit_comp.c | 7 -
arch/arm64/tools/cpucaps | 2 +
arch/arm64/tools/sysreg | 154 ++++++-
drivers/irqchip/irq-gic-v5-irs.c | 2 +
drivers/irqchip/irq-gic-v5.c | 10 +
include/kvm/arm_vgic.h | 4 -
include/linux/irqchip/arm-gic-v5.h | 4 +
include/uapi/linux/kvm.h | 3 +-
tools/arch/arm64/include/asm/sysreg.h | 6 -
tools/perf/Documentation/perf-arm-spe.txt | 1 -
tools/testing/selftests/kvm/Makefile.kvm | 1 +
tools/testing/selftests/kvm/arm64/idreg-idst.c | 117 +++++
tools/testing/selftests/kvm/arm64/set_id_regs.c | 1 -
.../selftests/kvm/include/arm64/processor.h | 4 +
tools/testing/selftests/kvm/include/kvm_util.h | 9 +-
tools/testing/selftests/kvm/lib/arm64/processor.c | 9 +-
tools/testing/selftests/kvm/lib/kvm_util.c | 2 +-
tools/testing/selftests/kvm/lib/riscv/processor.c | 7 +-
76 files changed, 1538 insertions(+), 919 deletions(-)
create mode 100644 tools/testing/selftests/kvm/arm64/idreg-idst.c
next reply other threads:[~2026-02-06 15:33 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-06 15:33 Marc Zyngier [this message]
2026-02-09 17:19 ` [GIT PULL] KVM/arm64 updates for 7.0 Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260206153345.3582574-1-maz@kernel.org \
--to=maz@kernel.org \
--cc=alexandru.elisei@arm.com \
--cc=andrew.jones@linux.dev \
--cc=arnd@arndb.de \
--cc=ben.dooks@codethink.co.uk \
--cc=ben.horgan@arm.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=itaru.kitayama@fujitsu.com \
--cc=joey.gouly@arm.com \
--cc=jonathan.cameron@huawei.com \
--cc=korneld@google.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=lpieralisi@kernel.org \
--cc=mark.rutland@arm.com \
--cc=nathan@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=oupton@kernel.org \
--cc=pbonzini@redhat.com \
--cc=pekangas@google.com \
--cc=qperret@google.com \
--cc=sascha.bischoff@arm.com \
--cc=sundongxu1024@163.com \
--cc=suzuki.poulose@arm.com \
--cc=tabba@google.com \
--cc=vdonnefort@google.com \
--cc=wangzhou1@hisilicon.com \
--cc=will@kernel.org \
--cc=yangjinqian1@huawei.com \
--cc=yangyicong@hisilicon.com \
--cc=yaoyuan@linux.alibaba.com \
--cc=yuzenghui@huawei.com \
--cc=zenghui.yu@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.