From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-alma10-1.taild15c8.ts.net [100.103.45.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 921C23B8BD9; Wed, 17 Jun 2026 12:36:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=100.103.45.18 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1781699815; cv=none; b=NRuB1716JLZYWpeQIas75uxcw0HDpmAV5G5LAesnKTHvP61QeqMHwVXt3pmXsMBIqEmu6Xp5el+NlVg4FwAVCt7vtN/wbV3QeBlrTgF+HcWloCjXKXZgajbo4yPfwv61da4PR3VoUqvQs/UJvIZlE9brnoPdIlPQIjQwA4cPh6M= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1781699815; c=relaxed/simple; bh=dleS0YzrkFvYzjrggfNx+7NLbbEvpBRL1KMSLTKGCvM=; h=Date:Message-ID:From:To:Cc:Subject:In-Reply-To:References: MIME-Version:Content-Type; b=pl1O8gm1g7b1T2G14c52B6eFDEV6uW1RdxioUMr0yFrzz8LQi9qFhi8vGCa7ul1/7s8EtFMXcrx9uXMakLDgois/k4psFlvK1ooqgqy9yEBz2qUzCrSYM45ETXn9X8CyrJzd06WFk1uSgGAvbM+AJfsn32LKz5B8UZrNxksrQrw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=X625+yaT; arc=none smtp.client-ip=100.103.45.18 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="X625+yaT" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 39F481F000E9; Wed, 17 Jun 2026 12:36:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1781699814; bh=pmGF6ZEX1/jO7HdfFpaCMqxjkqXGmtFB3vh3ikghC7s=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=X625+yaTR3SzYm9vRLbi69wtalCbxVIKtG7zV8x2LXYBiJ5QRymTO1THCyOs7q5dK ivT8iYYhjxSg/d7RG6jL+ymXoU+mmk3sGVolU7jKs3eznjkGKgcuMzf/y9tecM0ajT f4WusPnbm/eYm1W6xRags1oObGgz6l7fgBorbXg04NiWlEaxeomjbsO7/tfuO4j2rI kGof8RWl2PrsR5xGxPOw65S5ct5bVQ/m2SL7ujcZ+pmyniKNP7E56NfnPeKg1tQi7U 2nPlih1Lbc0k+md2jFMZjuZ1XK4E4YSwD9mqqpdpG4Co3bR80eguuTwsirPkcVKVHX PEnZLkuk+Obbg== Received: from sofa.misterjones.org ([185.219.108.64] helo=goblin-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1wZpVk-0000000DgFH-0byB; Wed, 17 Jun 2026 12:36:52 +0000 Date: Wed, 17 Jun 2026 13:36:51 +0100 Message-ID: <86wlvxs5r0.wl-maz@kernel.org> From: Marc Zyngier To: Fuad Tabba Cc: sashiko-reviews@lists.linux.dev, Oliver Upton , kvmarm@lists.linux.dev Subject: Re: [PATCH 4/7] KVM: arm64: Set IL for injected FPAC exceptions during ERET emulation In-Reply-To: References: <20260614163336.3490925-5-tabba@google.com> <20260614164547.D398B1F000E9@smtp.kernel.org> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/30.1 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) Precedence: bulk X-Mailing-List: kvmarm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: tabba@google.com, sashiko-reviews@lists.linux.dev, oupton@kernel.org, kvmarm@lists.linux.dev X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false On Mon, 15 Jun 2026 13:42:23 +0100, Fuad Tabba wrote: > > On Sun, 14 Jun 2026 at 17:45, wrote: > > > One thing I noticed while looking at this: > kvm_check_illegal_exception_return() preserves {N,Z,C,V,D,A,I,F} from > the current PSTATE, but the Arm ARM says these should come from > SPSR_ELx on an illegal exception return (EL and SP are unchanged, but > the flags and masks are taken from SPSR). PAN and ALLINT should also > come from SPSR_ELx if their respective features are implemented. > > Marc, is the current behavior intentional, or should we be > constructing PSTATE from the original SPSR_EL2 for those fields? This looks like a long standing bug for something we really never tested. I reckon the patch below would do the trick. M. +++ b/arch/arm64/kvm/emulate-nested.c @@ -2746,17 +2746,29 @@ static u64 kvm_check_illegal_exception_return(struct kvm_vcpu *vcpu, u64 spsr) (spsr & PSR_MODE32_BIT) || (vcpu_el2_tge_is_set(vcpu) && (mode == PSR_MODE_EL1t || mode == PSR_MODE_EL1h))) { + u64 mask; + /* * The guest is playing with our nerves. Preserve EL, SP, - * masks, flags from the existing PSTATE, and set IL. - * The HW will then generate an Illegal State Exception - * immediately after ERET. + * masks, flags from the existing SPSR, and set IL (see + * R_VWJHB). The HW will then generate an Illegal State + * Exception immediately after ERET. */ - spsr = *vcpu_cpsr(vcpu); - - spsr &= (PSR_D_BIT | PSR_A_BIT | PSR_I_BIT | PSR_F_BIT | + mask = (PSR_D_BIT | PSR_A_BIT | PSR_I_BIT | PSR_F_BIT | PSR_N_BIT | PSR_Z_BIT | PSR_C_BIT | PSR_V_BIT | PSR_MODE_MASK | PSR_MODE32_BIT); + + if (kvm_has_feat(vcpu->kvm, ID_AA64MMFR1_EL1, PAN, IMP)) + mask |= PSR_PAN_BIT; + if (kvm_has_feat(vcpu->kvm, ID_AA64PFR1_EL1, NMI, IMP)) + mask |= ALLINT_ALLINT; + /* Account for FEAT_SPE_EXC and FEAT_TRBE_EXC one day... */ + if (kvm_has_feat(vcpu->kvm, ID_AA64DFR1_EL1, EBEP, IMP)) + mask |= BIT_ULL(32); + if (kvm_has_feat(vcpu->kvm, ID_AA64PFR1_EL1, GCS, IMP)) + mask |= BIT_ULL(34); + + spsr &= mask; spsr |= PSR_IL_BIT; } -- Without deviation from the norm, progress is not possible.