From: Oliver Upton <oupton@kernel.org>
To: Wei-Lin Chang <weilin.chang@arm.com>
Cc: kvmarm@lists.linux.dev, Marc Zyngier <maz@kernel.org>,
Joey Gouly <joey.gouly@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Zenghui Yu <yuzenghui@huawei.com>,
stable@vger.kernel.org
Subject: Re: [PATCH v2 1/2] KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX
Date: Wed, 3 Jun 2026 16:06:09 -0700 [thread overview]
Message-ID: <aiCzYWoSmKIRpMre@kernel.org> (raw)
In-Reply-To: <zzprmfdgkd4sfxjuvbj65ssmdbcxvb2lrdv7lgywysuthx6t4i@ffehlydwbwy7>
Hey Wei-Lin,
Thanks for the review.
On Wed, Jun 03, 2026 at 11:57:20PM +0100, Wei-Lin Chang wrote:
> Hi Oliver,
>
> On Tue, Jun 02, 2026 at 09:59:00AM -0700, Oliver Upton wrote:
> > XN has already been extracted from its bitfield position so using
> > FIELD_PREP() on the mask that clears XN[0] is completely broken, having
> > the effect of unconditionally granting execute permissions...
> >
> > Fix the obvious mistake by manipulating the right bit.
> >
> > Cc: stable@vger.kernel.org
> > Fixes: d93febe2ed2e ("KVM: arm64: nv: Forward FEAT_XNX permissions to the shadow stage-2")
> > Reviewed-by: Wei-Lin Chang <weilin.chang@arm.com>
> > Signed-off-by: Oliver Upton <oupton@kernel.org>
> > ---
> > arch/arm64/include/asm/kvm_nested.h | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/arm64/include/asm/kvm_nested.h b/arch/arm64/include/asm/kvm_nested.h
> > index 091544e6af44..a0eb83319c2e 100644
> > --- a/arch/arm64/include/asm/kvm_nested.h
> > +++ b/arch/arm64/include/asm/kvm_nested.h
> > @@ -131,7 +131,7 @@ static inline bool kvm_s2_trans_exec_el0(struct kvm *kvm, struct kvm_s2_trans *t
> > u8 xn = FIELD_GET(KVM_PTE_LEAF_ATTR_HI_S2_XN, trans->desc);
> >
> > if (!kvm_has_xnx(kvm))
> > - xn &= FIELD_PREP(KVM_PTE_LEAF_ATTR_HI_S2_XN, 0b10);
> > + xn &= 0b10;
> >
> > switch (xn) {
> > case 0b00:
> > @@ -147,7 +147,7 @@ static inline bool kvm_s2_trans_exec_el1(struct kvm *kvm, struct kvm_s2_trans *t
> > u8 xn = FIELD_GET(KVM_PTE_LEAF_ATTR_HI_S2_XN, trans->desc);
> >
> > if (!kvm_has_xnx(kvm))
> > - xn &= FIELD_PREP(KVM_PTE_LEAF_ATTR_HI_S2_XN, 0b10);
> > + xn &= 0b10;
> >
>
> Now that the other patch brings up kvm_pgtable_stage2_pte_prot(), what
> do you think about also using that here? It can save a little bit of
> duplicated decode logic.
>
> Other than this being in a header and we'll have to move the code
> around for this to work, I'm curious are there any other issues with
> this idea?
No issues with your suggestion but I plan on nuking the kvm_s2_trans*()
accessors soon :)
Ultimately kvm_s2_trans should just contain pre-computed permissions,
which matters more when dealing with descriptor fields that require the
MMU context to make sense of (like DBM). On top of that, getters for
obviously named fields isn't adding a whole lot.
Any concerns with leaving as-is for now?
--
Thanks,
Oliver
next prev parent reply other threads:[~2026-06-03 23:06 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-02 16:58 [PATCH v2 0/2] KVM: arm64: nv: Fixes for FEAT_XNX (and the lack thereof) Oliver Upton
2026-06-02 16:59 ` [PATCH v2 1/2] KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX Oliver Upton
2026-06-03 22:57 ` Wei-Lin Chang
2026-06-03 23:06 ` Oliver Upton [this message]
2026-06-04 12:37 ` Wei-Lin Chang
2026-06-02 16:59 ` [PATCH v2 2/2] KVM: arm64: Correctly identify executable PTEs at stage-2 Oliver Upton
2026-06-04 12:41 ` Wei-Lin Chang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aiCzYWoSmKIRpMre@kernel.org \
--to=oupton@kernel.org \
--cc=joey.gouly@arm.com \
--cc=kvmarm@lists.linux.dev \
--cc=maz@kernel.org \
--cc=stable@vger.kernel.org \
--cc=suzuki.poulose@arm.com \
--cc=weilin.chang@arm.com \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.