From: Oliver Upton <oupton@kernel.org>
To: tabba@google.com
Cc: Marc Zyngier <maz@kernel.org>, Joey Gouly <joey.gouly@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Zenghui Yu <yuzenghui@huawei.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Quentin Perret <qperret@google.com>,
linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] KVM: arm64: Flush HCR_EL2.VSE to deliver SErrors to pKVM guests
Date: Mon, 1 Jun 2026 12:16:16 -0700 [thread overview]
Message-ID: <ah3agGh1s61HKiPG@kernel.org> (raw)
In-Reply-To: <20260531154548.1505799-1-tabba@google.com>
On Sun, May 31, 2026 at 04:45:48PM +0100, tabba@google.com wrote:
> With pKVM enabled, the host injects a virtual SError by setting
> HCR_EL2.VSE on its vCPU copy, but flush_hyp_vcpu() only flows TWI/TWE
> into the hyp vCPU that runs, so VSE never reaches it and a deferred
> (masked) SError is never delivered. VSE is a host-owned injection
> control, not a trap-configuration bit, so restricting the host's
> trap-register values should not have dropped it. Flow it on entry;
> sync_hyp_vcpu() already copies hcr_el2 back, so delivery is reflected
> to the host.
Might be worth mentioning that flush_hyp_vcpu() also forwards VSESR_EL2
from the host since that bit is _just_ out of context of this diff :)
> Fixes: b56680de9c648 ("KVM: arm64: Initialize trap register values in hyp in pKVM")
> Reported-by: Sashiko (local):gemini-3.1-pro
> Signed-off-by: Fuad Tabba <tabba@google.com>
Reviewed-by: Oliver Upton <oupton@kernel.org>
Thanks,
Oliver
> ---
> Not an urgent fix. I should stop running Sashiko...
> ---
> arch/arm64/kvm/hyp/nvhe/hyp-main.c | 9 +++++++--
> 1 file changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
> index 06db299c37a8..9e4a20df6409 100644
> --- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
> +++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
> @@ -129,9 +129,14 @@ static void flush_hyp_vcpu(struct pkvm_hyp_vcpu *hyp_vcpu)
> hyp_vcpu->vcpu.arch.ctxt = host_vcpu->arch.ctxt;
>
> hyp_vcpu->vcpu.arch.mdcr_el2 = host_vcpu->arch.mdcr_el2;
> - hyp_vcpu->vcpu.arch.hcr_el2 &= ~(HCR_TWI | HCR_TWE);
> + /*
> + * HCR_EL2.VSE is host-owned (a pending virtual SError to inject), not a
> + * trap-control bit, so it must flow to the hyp vCPU alongside TWI/TWE
> + * for the vSError to be delivered. sync_hyp_vcpu() reflects it back.
> + */
> + hyp_vcpu->vcpu.arch.hcr_el2 &= ~(HCR_TWI | HCR_TWE | HCR_VSE);
> hyp_vcpu->vcpu.arch.hcr_el2 |= READ_ONCE(host_vcpu->arch.hcr_el2) &
> - (HCR_TWI | HCR_TWE);
> + (HCR_TWI | HCR_TWE | HCR_VSE);
>
> hyp_vcpu->vcpu.arch.iflags = host_vcpu->arch.iflags;
>
> --
> 2.54.0.929.g9b7fa37559-goog
>
next prev parent reply other threads:[~2026-06-01 19:16 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-31 15:45 [PATCH] KVM: arm64: Flush HCR_EL2.VSE to deliver SErrors to pKVM guests tabba
2026-06-01 19:16 ` Oliver Upton [this message]
2026-06-01 19:17 ` Fuad Tabba
2026-06-01 19:19 ` Oliver Upton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ah3agGh1s61HKiPG@kernel.org \
--to=oupton@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=joey.gouly@arm.com \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=qperret@google.com \
--cc=suzuki.poulose@arm.com \
--cc=tabba@google.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.