Re: [PATCH 2/2] KVM: arm64: Fix vcpu_{read,write}_sys_reg() accessors

[Marc Zyngier <maz@kernel.org>]

On Tue, 12 Aug 2025 21:23:33 +0100,
Oliver Upton <oliver.upton@linux.dev> wrote:
> 
> On Sat, Aug 09, 2025 at 03:48:11PM +0100, Marc Zyngier wrote:
> > @@ -144,125 +156,120 @@ static bool get_el2_to_el1_mapping(unsigned int reg,
> >  		MAPPED_EL2_SYSREG(ZCR_EL2,     ZCR_EL1,     NULL	     );
> >  		MAPPED_EL2_SYSREG(CONTEXTIDR_EL2, CONTEXTIDR_EL1, NULL	     );
> >  		MAPPED_EL2_SYSREG(SCTLR2_EL2,  SCTLR2_EL1,  NULL	     );
> > +	case CNTHCTL_EL2:
> > +		/* CNTHCTL_EL2 is super special, until we support NV2.1 */
> > +		loc->loc = ((is_hyp_ctxt(vcpu) && vcpu_el2_e2h_is_set(vcpu)) ?
> > +			    SR_LOC_SPECIAL : SR_LOC_MEMORY);
> > +		break;
> > +	case TPIDR_EL0:
> > +	case TPIDRRO_EL0:
> > +	case TPIDR_EL1:
> > +	case PAR_EL1:
> > +		/* These registers are always loaded, no matter what */
> > +		loc->loc = SR_LOC_LOADED;
> > +		break;
> >  	default:
> > -		return false;
> > +		/*
> > +		 * Non-mapped EL2 registers are by definition in memory, but
> > +		 * we don't need to distinguish them here, as the CPU
> > +		 * register accessors will bail out and we'll end-up using
> > +		 * the backing store.
> > +		 *
> > +		 * EL1 registers are, however, only loaded if we're
> > +		 * not in hypervisor context.
> > +		 */
> > +		loc->loc = is_hyp_ctxt(vcpu) ? SR_LOC_MEMORY : SR_LOC_LOADED;
> 
> Hmm... I get the feeling that this flow is becoming even more subtle.
> There's some implicit coupling between this switch statement and the
> __vcpu_{read,write}_sys_reg_from_cpu() which feels like it could be
> error prone. Especially since we're gonna lose the WARN() that would
> inform us if an on-CPU register was actually redirected to memory.
> 
> I'm wondering if we need some macro hell containing the block of
> registers we handle on-CPU and expand that can be expanded into this
> triage switch case as well as the sysreg accessor.
> 
> What you have definitely seems correct, though. I'll twiddle a bit and
> see if I come up with something, although I imagine what you have is
> what we'll use in the end anyway.

My current conclusion is that a macro hack is not really practical, if
only because we end-up here from out-of-line C code, and that at this
stage we've lost all symbolic information.

We *could* take the nuclear option of re-modelling the sysreg enum as
a bunch of #define, similar to the way we deal with vcpu flags, and
have accessors for the various bits of information, but that comes
with two different problems:

- we don't have a good way to iterate over symbolic registers

- we need to repaint a large portion of the code base

Given that, I've taken another approach, which is to move all these
things close together (no more inlining), and add enough WARN_ON()s
that you really have to try and game the code to miss something and
not get caught. In the process, I found a couple of extra stragglers
that are always loaded when running a 32bit guest (the *32_EL2
registers...).

I've pushed the current state on my kvm-arm64/at-fixes-6.17 branch,
and I'll try to repost patches over the weekend.

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.