From: Marc Zyngier <maz@kernel.org>
To: Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>
Cc: "linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"kvmarm@lists.linux.dev" <kvmarm@lists.linux.dev>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Oliver Upton <oliver.upton@linux.dev>,
Joey Gouly <joey.gouly@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Zenghui Yu <yuzenghui@huawei.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>
Subject: Re: [PATCH v1 1/2] KVM: arm64: nv: fix S2 translation for nVHE guests
Date: Wed, 06 Aug 2025 18:45:24 +0100 [thread overview]
Message-ID: <868qjw9wej.wl-maz@kernel.org> (raw)
In-Reply-To: <20250806141707.3479194-2-volodymyr_babchuk@epam.com>
Hi Volodymyr,
Thanks for looking into this.
On Wed, 06 Aug 2025 15:17:55 +0100,
Volodymyr Babchuk <Volodymyr_Babchuk@epam.com> wrote:
>
> According to ARM architecture specification (ARM DDI 0487 L.a, section
> C5.4.3), Stage 2 translation should be skipped when VHE is active, or,
> in other words, E2H bit is set. Fix the code by inverting both check
> and comment.
>
> Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
> ---
> arch/arm64/kvm/at.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/arm64/kvm/at.c b/arch/arm64/kvm/at.c
> index a25be111cd8f8..5e7c3fb01273c 100644
> --- a/arch/arm64/kvm/at.c
> +++ b/arch/arm64/kvm/at.c
> @@ -1412,10 +1412,10 @@ void __kvm_at_s12(struct kvm_vcpu *vcpu, u32 op, u64 vaddr)
> return;
>
> /*
> - * If we only have a single stage of translation (E2H=0 or
> + * If we only have a single stage of translation (E2H=1 or
> * TGE=1), exit early. Same thing if {VM,DC}=={0,0}.
> */
> - if (!vcpu_el2_e2h_is_set(vcpu) || vcpu_el2_tge_is_set(vcpu) ||
> + if (vcpu_el2_e2h_is_set(vcpu) || vcpu_el2_tge_is_set(vcpu) ||
> !(vcpu_read_sys_reg(vcpu, HCR_EL2) & (HCR_VM | HCR_DC)))
> return;
The code we have here is clearly bogus, but what you are suggesting
doesn't look correct to me either. Here's what the spec says:
<quote>
Performs stage 1 and 2 address translation, with permissions as if
reading from the given virtual address from EL1, or from EL2 if the
Effective value of HCR_EL2.{E2H, TGE} is {1, 1}, using the following
translation regime:
* When EL2 is implemented and enabled in the Security state
described by the current Effective value of SCR_EL3.{NSE, NS}:
- If the Effective value of HCR_EL2.{E2H, TGE} is not {1, 1}, the
EL1&0 translation regime, accessed from EL1.
- If the Effective value of HCR_EL2.{E2H, TGE} is {1, 1}, the
EL2&0 translation regime, accessed from EL2.
* Otherwise, the EL1&0 translation regime, accessed from EL1.
</quote>
We're obviously in the first bullet, so we need to work out whether
this is applying to the EL1&0 or the EL2&0 translation regime. By the
letter of the spec, we need to check for E2H+TGE being both set to
elide the S2 final walk.
I suspect what you really want is the hack below, though I think the
DC handling has always been broken (who cares anyway?).
Thanks,
M.
diff --git a/arch/arm64/kvm/at.c b/arch/arm64/kvm/at.c
index 0e56105339493..3e591979f947e 100644
--- a/arch/arm64/kvm/at.c
+++ b/arch/arm64/kvm/at.c
@@ -1420,10 +1420,10 @@ void __kvm_at_s12(struct kvm_vcpu *vcpu, u32 op, u64 vaddr)
return;
/*
- * If we only have a single stage of translation (E2H=0 or
- * TGE=1), exit early. Same thing if {VM,DC}=={0,0}.
+ * If we only have a single stage of translation ({E2H,TGE}={1,1}),
+ * exit early. Same thing if {VM,DC}=={0,0}.
*/
- if (!vcpu_el2_e2h_is_set(vcpu) || vcpu_el2_tge_is_set(vcpu) ||
+ if ((vcpu_el2_e2h_is_set(vcpu) && vcpu_el2_tge_is_set(vcpu)) ||
!(vcpu_read_sys_reg(vcpu, HCR_EL2) & (HCR_VM | HCR_DC)))
return;
--
Without deviation from the norm, progress is not possible.
prev parent reply other threads:[~2025-08-06 17:45 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-06 14:17 [PATCH v1 0/2] KVM: arm: nv: fix AT S* behaviour Volodymyr Babchuk
2025-08-06 14:17 ` [PATCH v1 2/2] KVM: arm64: nv: update CPU register PAR_EL1 after 'at s*' Volodymyr Babchuk
2025-08-06 18:40 ` Oliver Upton
2025-08-06 20:30 ` Volodymyr Babchuk
2025-08-06 18:56 ` Marc Zyngier
2025-08-06 20:00 ` Volodymyr Babchuk
2025-08-06 14:17 ` [PATCH v1 1/2] KVM: arm64: nv: fix S2 translation for nVHE guests Volodymyr Babchuk
2025-08-06 17:37 ` Oliver Upton
2025-08-06 18:17 ` Marc Zyngier
2025-08-06 17:45 ` Marc Zyngier [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=868qjw9wej.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=Volodymyr_Babchuk@epam.com \
--cc=catalin.marinas@arm.com \
--cc=joey.gouly@arm.com \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=oliver.upton@linux.dev \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.