Re: [PATCH] KVM: arm64: Work around C1-Pro erratum 4193714 for protected guests

[Vincent Donnefort <vdonnefort@google.com>]

On Thu, Apr 30, 2026 at 04:59:11PM +0100, Catalin Marinas wrote:
> From: James Morse <james.morse@arm.com>
> 
> C1-Pro cores with SME have an erratum where TLBI+DSB does not complete
> all outstanding SME accesses. Instead a DSB needs to be executed on the
> affected CPUs. The implication is pages cannot be unmapped from the
> host Stage 2 then provided to the guest. Host SME accesses may occur
> after this point.
> 
> This erratum breaks pKVM's guarantees, and the workaround is hard to
> implement as EL2 and EL1 share a security state meaning EL1 can mask
> IPIs sent by EL2, leading to interrupt blackouts.
> 
> Instead, do this in EL3. This has the advantage of a separate security
> state, meaning lower EL cannot mask the IPI. It is also simpler for EL3
> to know about CPUs that are off or in PSCI's CPU_SUSPEND.
> 
> Add the needed hook to host_stage2_set_owner_metadata_locked(). This
> covers the cases where the host loses access to a page:
> 
>   __pkvm_host_donate_guest()
>   __pkvm_guest_unshare_host()
>   host_stage2_set_owner_locked() when owner_id == PKVM_ID_HYP
> 
> Signed-off-by: James Morse <james.morse@arm.com>
> [catalin.marinas@arm.com: move the hook to host_stage2_set_owner_metadata_locked()]
> [catalin.marinas@arm.com: use hyp_smccc_1_1_smc()]
> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Mark Rutland <mark.rutland@arm.com>
> Cc: Marc Zyngier <maz@kernel.org>
> Cc: Oliver Upton <oupton@kernel.org>
> Cc: Will Deacon <will@kernel.org>
> Cc: Vincent Donnefort <vdonnefort@google.com>
> Cc: Lorenzo Pieralisi <lpieralisi@kernel.org>
> Cc: Sudeep Holla <sudeep.holla@kernel.org>
> ---

Reviewed-by: Vincent Donnefort <vdonnefort@gogle.com>

> 
> That's a rebase to 7.1-rc1 together with a few tweaks. The initial
> workaround for pKVM was posted here:
> 
> https://lore.kernel.org/r/20260323162408.4163113-6-catalin.marinas@arm.com
> 
> I dropped the vN numbering since the original series evolved a bit. I
> also changed the subject here, more suitable for a stand-alone patch.
> 
> Changes since last time:
> 
> - Use hyp_smccc_1_1_smc() instead of arm_smccc_1_1_smc() as suggested by
>   Vincent
> 
> - Do the SMC only when the host loses access to a page and not when the
>   ownership transition happens in the other direction. Guests do not
>   have access to SME in current mainline
> 
> I looked at the Android16 backport from Vincent and it covers more
> cases but they do not apply to mainline (sglists, donate to FF-A). I
> could not figure out why changing a host permission from RW to R or
> !valid matters for this workaround, so that's not done here either.
> 
>  arch/arm64/kvm/hyp/nvhe/mem_protect.c | 20 +++++++++++++++++++-
>  include/linux/arm-smccc.h             |  6 ++++++
>  2 files changed, 25 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> index 28a471d1927c..75977179c9d1 100644
> --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> @@ -5,6 +5,8 @@
>   */
>  
>  #include <linux/kvm_host.h>
> +#include <linux/arm-smccc.h>
> +
>  #include <asm/kvm_emulate.h>
>  #include <asm/kvm_hyp.h>
>  #include <asm/kvm_mmu.h>
> @@ -14,6 +16,7 @@
>  
>  #include <hyp/fault.h>
>  
> +#include <nvhe/arm-smccc.h>
>  #include <nvhe/gfp.h>
>  #include <nvhe/memory.h>
>  #include <nvhe/mem_protect.h>
> @@ -29,6 +32,15 @@ static struct hyp_pool host_s2_pool;
>  static DEFINE_PER_CPU(struct pkvm_hyp_vm *, __current_vm);
>  #define current_vm (*this_cpu_ptr(&__current_vm))
>  
> +static void pkvm_sme_dvmsync_fw_call(void)
> +{
> +	if (alternative_has_cap_unlikely(ARM64_WORKAROUND_4193714)) {
> +		struct arm_smccc_res res;
> +
> +		hyp_smccc_1_1_smc(ARM_SMCCC_CPU_WORKAROUND_4193714, &res);
> +	}
> +}
> +
>  static void guest_lock_component(struct pkvm_hyp_vm *vm)
>  {
>  	hyp_spin_lock(&vm->lock);
> @@ -574,8 +586,14 @@ static int host_stage2_set_owner_metadata_locked(phys_addr_t addr, u64 size,
>  	ret = host_stage2_try(kvm_pgtable_stage2_annotate, &host_mmu.pgt,
>  			      addr, size, &host_s2_pool,
>  			      KVM_HOST_INVALID_PTE_TYPE_DONATION, annotation);
> -	if (!ret)
> +	if (!ret) {
> +		/*
> +		 * After stage2 maintenance has happened, but before the page
> +		 * owner has changed.
> +		 */
> +		pkvm_sme_dvmsync_fw_call();
>  		__host_update_page_state(addr, size, PKVM_NOPAGE);
> +	}
>  
>  	return ret;
>  }
> diff --git a/include/linux/arm-smccc.h b/include/linux/arm-smccc.h
> index 50b47eba7d01..e7195750d21b 100644
> --- a/include/linux/arm-smccc.h
> +++ b/include/linux/arm-smccc.h
> @@ -105,6 +105,12 @@
>  			   ARM_SMCCC_SMC_32,				\
>  			   0, 0x3fff)
>  
> +/* C1-Pro erratum 4193714: SME DVMSync early acknowledgement */
> +#define ARM_SMCCC_CPU_WORKAROUND_4193714				\
> +	ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL,				\
> +			   ARM_SMCCC_SMC_32,				\
> +			   ARM_SMCCC_OWNER_CPU, 0x10)
> +
>  #define ARM_SMCCC_VENDOR_HYP_CALL_UID_FUNC_ID				\
>  	ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL,				\
>  			   ARM_SMCCC_SMC_32,				\