Re: [PATCH 5/7] KVM: arm64: Set IL for emulated SError injection

All of lore.kernel.org
 help / color / mirror / Atom feed

From: sashiko-bot@kernel.org
To: "Fuad Tabba" <tabba@google.com>
Cc: "Oliver Upton" <oupton@kernel.org>,
	kvmarm@lists.linux.dev, "Marc Zyngier" <maz@kernel.org>
Subject: Re: [PATCH 5/7] KVM: arm64: Set IL for emulated SError injection
Date: Sun, 14 Jun 2026 16:46:39 +0000	[thread overview]
Message-ID: <20260614164640.2C2741F000E9@smtp.kernel.org> (raw)
In-Reply-To: <20260614163336.3490925-6-tabba@google.com>

Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:

Pre-existing issues:
- [High] The patch series attempts to fix SError syndrome IL bits, but the constructed ESR is silently dropped when injecting a nested SError because `kvm_inject_el2_exception()` ignores the `esr_el2` argument.
--

commit 3adb0abe8b63984396e6d2ad4fb963bab5512c79
Author: Fuad Tabba <tabba@google.com>
Subject: KVM: arm64: Set IL for emulated SError injection

This commit updates kvm_inject_serror_esr to include the IL bit when
constructing an SError syndrome. It fixes an architectural compliance issue
where IL must be 1 for SErrors unconditionally.

> diff --git a/arch/arm64/kvm/inject_fault.c b/arch/arm64/kvm/inject_fault.c
> index 444d219b02174..d6c4fc16f8795 100644
> --- a/arch/arm64/kvm/inject_fault.c
> +++ b/arch/arm64/kvm/inject_fault.c
> @@ -381,7 +381,7 @@ int kvm_inject_serror_esr(struct kvm_vcpu *vcpu, u64 esr)
>  	 */
>  	if (!serror_is_masked(vcpu)) {
>  		pend_serror_exception(vcpu);
> -		esr |= FIELD_PREP(ESR_ELx_EC_MASK, ESR_ELx_EC_SERROR);
> +		esr |= FIELD_PREP(ESR_ELx_EC_MASK, ESR_ELx_EC_SERROR) | ESR_ELx_IL;

[Severity: High]
This is a pre-existing issue, but while we are ensuring the SError syndrome
is correctly populated here, does the nested SError injection path drop the
syndrome entirely?

When injecting a nested SError, kvm_inject_nested_serror() passes the
constructed syndrome down to kvm_inject_el2_exception(). However, looking at
kvm_inject_el2_exception() in arch/arm64/kvm/emulate-nested.c:

arch/arm64/kvm/emulate-nested.c:kvm_inject_el2_exception() {
        ...
        switch (except_type) {
        case except_type_sync:
                kvm_pend_exception(vcpu, EXCEPT_AA64_EL2_SYNC);
                vcpu_write_sys_reg(vcpu, esr_el2, ESR_EL2);
                break;
        case except_type_serror:
                kvm_pend_exception(vcpu, EXCEPT_AA64_EL2_SERR);
                break;
        ...
}

Unlike the except_type_sync case, the except_type_serror case does not call
vcpu_write_sys_reg() to write esr_el2 into ESR_EL2.

Will this cause the guest hypervisor to observe a stale ESR_EL2 value when
it takes the SError, effectively rendering the syndrome fixes ineffective for
nested guests?

>  		vcpu_write_sys_reg(vcpu, esr, exception_esr_elx(vcpu));
>  		return 1;
>  	}

-- 
Sashiko AI review · https://sashiko.dev/#/patchset/20260614163336.3490925-1-tabba@google.com?part=5

next prev parent reply	other threads:[~2026-06-14 16:46 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-14 16:33 [PATCH 0/7] KVM: arm64: Fix missing ESR_ELx.IL in syndrome injection Fuad Tabba
2026-06-14 16:33 ` [PATCH 1/7] KVM: arm64: Set ESR_ELx.IL for injected undefined exceptions at EL2 Fuad Tabba
2026-06-14 16:33 ` [PATCH 2/7] KVM: arm64: Unconditionally set IL for injected undefined exceptions Fuad Tabba
2026-06-14 16:33 ` [PATCH 3/7] KVM: arm64: Unconditionally set IL for injected abort exceptions Fuad Tabba
2026-06-14 16:33 ` [PATCH 4/7] KVM: arm64: Set IL for injected FPAC exceptions during ERET emulation Fuad Tabba
2026-06-14 16:45   ` sashiko-bot
2026-06-15 12:42     ` Fuad Tabba
2026-06-14 16:33 ` [PATCH 5/7] KVM: arm64: Set IL for emulated SError injection Fuad Tabba
2026-06-14 16:46   ` sashiko-bot [this message]
2026-06-15 12:48     ` Fuad Tabba
2026-06-14 16:33 ` [PATCH 6/7] KVM: arm64: Set IL for nested " Fuad Tabba
2026-06-14 16:44   ` sashiko-bot
2026-06-15  4:46     ` Oliver Upton
2026-06-15 13:12       ` Fuad Tabba
2026-06-14 16:33 ` [PATCH 7/7] KVM: arm64: Set IL in fake ESR for pKVM memory sharing exit Fuad Tabba

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260614164640.2C2741F000E9@smtp.kernel.org \
    --to=sashiko-bot@kernel.org \
    --cc=kvmarm@lists.linux.dev \
    --cc=maz@kernel.org \
    --cc=oupton@kernel.org \
    --cc=sashiko-reviews@lists.linux.dev \
    --cc=tabba@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.