From: Catalin Marinas <catalin.marinas@arm.com>
To: Vincent Donnefort <vdonnefort@google.com>
Cc: Will Deacon <will@kernel.org>, Marc Zyngier <maz@kernel.org>,
linux-arm-kernel@lists.infradead.org,
James Morse <james.morse@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
Oliver Upton <oupton@kernel.org>,
Lorenzo Pieralisi <lpieralisi@kernel.org>,
Sudeep Holla <sudeep.holla@kernel.org>
Subject: Re: [PATCH] KVM: arm64: Work around C1-Pro erratum 4193714 for protected guests
Date: Wed, 6 May 2026 13:40:39 +0100 [thread overview]
Message-ID: <afs2xxlaGdQk3Utn@arm.com> (raw)
In-Reply-To: <afsgm6pVTFwtqc4e@google.com>
On Wed, May 06, 2026 at 12:06:03PM +0100, Vincent Donnefort wrote:
> On Thu, Apr 30, 2026 at 04:59:11PM +0100, Catalin Marinas wrote:
> > From: James Morse <james.morse@arm.com>
> >
> > C1-Pro cores with SME have an erratum where TLBI+DSB does not complete
> > all outstanding SME accesses. Instead a DSB needs to be executed on the
> > affected CPUs. The implication is pages cannot be unmapped from the
> > host Stage 2 then provided to the guest. Host SME accesses may occur
> > after this point.
> >
> > This erratum breaks pKVM's guarantees, and the workaround is hard to
> > implement as EL2 and EL1 share a security state meaning EL1 can mask
> > IPIs sent by EL2, leading to interrupt blackouts.
> >
> > Instead, do this in EL3. This has the advantage of a separate security
> > state, meaning lower EL cannot mask the IPI. It is also simpler for EL3
> > to know about CPUs that are off or in PSCI's CPU_SUSPEND.
> >
> > Add the needed hook to host_stage2_set_owner_metadata_locked(). This
> > covers the cases where the host loses access to a page:
> >
> > __pkvm_host_donate_guest()
> > __pkvm_guest_unshare_host()
> > host_stage2_set_owner_locked() when owner_id == PKVM_ID_HYP
> >
> > Signed-off-by: James Morse <james.morse@arm.com>
> > [catalin.marinas@arm.com: move the hook to host_stage2_set_owner_metadata_locked()]
> > [catalin.marinas@arm.com: use hyp_smccc_1_1_smc()]
> > Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
> > Cc: Mark Rutland <mark.rutland@arm.com>
> > Cc: Marc Zyngier <maz@kernel.org>
> > Cc: Oliver Upton <oupton@kernel.org>
> > Cc: Will Deacon <will@kernel.org>
> > Cc: Vincent Donnefort <vdonnefort@google.com>
> > Cc: Lorenzo Pieralisi <lpieralisi@kernel.org>
> > Cc: Sudeep Holla <sudeep.holla@kernel.org>
> > ---
>
> Reviewed-by: Vincent Donnefort <vdonnefort@gogle.com>
Thanks Vincent. Would you mind having a look at v2 as well:
https://lore.kernel.org/r/20260505165205.2690919-1-catalin.marinas@arm.com
The only addition is not initialising pKVM if the firmware doesn't
implement the SMC handler.
--
Catalin
prev parent reply other threads:[~2026-05-06 12:40 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-30 15:59 [PATCH] KVM: arm64: Work around C1-Pro erratum 4193714 for protected guests Catalin Marinas
2026-05-06 11:06 ` Vincent Donnefort
2026-05-06 12:40 ` Catalin Marinas [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afs2xxlaGdQk3Utn@arm.com \
--to=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=lpieralisi@kernel.org \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=oupton@kernel.org \
--cc=sudeep.holla@kernel.org \
--cc=vdonnefort@google.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.