From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D38A135FF66; Wed, 3 Dec 2025 16:43:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764780214; cv=none; b=m7VCBCbf0IxNZUeOsak7W1oWXIobxpZkwkx2RLpe689dOqPpilLaG2qu9CiE4Kr/ED+z+e8SnjIKxVoff3C/Y8vw2IJ5knxAbCam3j6zI5+rbLj3asoOBQF8bdx8CVRCSBXSq0QubBRjUCTrS5BiQdeTyBMxfbq8O1yseeHHT98= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1764780214; c=relaxed/simple; bh=iyflUZchaw873FTzogwUNqRT8cclH8+Swqz8EPmoL5w=; h=Date:Message-ID:From:To:Cc:Subject:In-Reply-To:References: MIME-Version:Content-Type; b=r+tiaLudl1lwYLLeqEEivueA2L55gE3p688ZKED0dNWEI8F6F+qXDJ2b+Wz+ZAVlMEdDwxifh7idGazcOvaEYiwwZIOEuZHauenXIRbonb1IniZqmeigkuSGPHX190xiJnY+QYFaYABXIaxVuwcD0Omn7YOA8vDUJs4MW9FsFZk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=CA29AkXS; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="CA29AkXS" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 230B0C4CEF5; Wed, 3 Dec 2025 16:43:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1764780214; bh=iyflUZchaw873FTzogwUNqRT8cclH8+Swqz8EPmoL5w=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=CA29AkXSlTUEp4TCKC8TjYGZYOKPd7DJierroBKco/xQli3ma3HoMF9l3c6PHRdya jn0FuRwOgU8vlGAA18fWSxmbb2JYp0V60Fo9NO6UZRgRDpPNnObaaSjXFUenWstB4d RX9+AEOh0SUG7hMiiXnCgLzluYqH8tFVr06KHaiSlQyA4UTxM6Ft85SKI7nY+rPW63 wxzUaIGBLxg62Z3EMxd/SKSHs5niGm/vb/7o/fSh1hGblzPKepAHg1nijjeYC6oWbR vyi7w+lsxnnkZuvJ6eWUpI8PNTOuU+Y7kdL3QaREIITPtwOpY29PZE59u62LJOVeAv ooqXhHdtZoEXA== Received: from sofa.misterjones.org ([185.219.108.64] helo=goblin-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1vQpwx-0000000AEDg-38lh; Wed, 03 Dec 2025 16:43:31 +0000 Date: Wed, 03 Dec 2025 16:43:31 +0000 Message-ID: <86fr9rplcc.wl-maz@kernel.org> From: Marc Zyngier To: Joey Gouly Cc: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, Suzuki K Poulose , Oliver Upton , Zenghui Yu , Alexandru Elisei Subject: Re: [PATCH 4/4] KVM: arm64: Convert VTCR_EL2 to config-driven sanitisation In-Reply-To: <20251203161715.GA4187196@e124191.cambridge.arm.com> References: <20251129144525.2609207-1-maz@kernel.org> <20251129144525.2609207-5-maz@kernel.org> <20251203161715.GA4187196@e124191.cambridge.arm.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/30.1 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: joey.gouly@arm.com, kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, suzuki.poulose@arm.com, oupton@kernel.org, yuzenghui@huawei.com, alexandru.elisei@arm.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false On Wed, 03 Dec 2025 16:17:15 +0000, Joey Gouly wrote: > > Hi! > > On Sat, Nov 29, 2025 at 02:45:25PM +0000, Marc Zyngier wrote: > > Describe all the VTCR_EL2 fields and their respective configurations, > > making sure that we correctly ignore the bits that are not defined > > for a given guest configuration. > > > > Signed-off-by: Marc Zyngier > > --- > > arch/arm64/kvm/config.c | 69 +++++++++++++++++++++++++++++++++++++++++ > > arch/arm64/kvm/nested.c | 3 +- > > 2 files changed, 70 insertions(+), 2 deletions(-) > > > > diff --git a/arch/arm64/kvm/config.c b/arch/arm64/kvm/config.c > > index a02c28d6a61c9..c36e133c51912 100644 > > --- a/arch/arm64/kvm/config.c > > +++ b/arch/arm64/kvm/config.c > > @@ -141,6 +141,7 @@ struct reg_feat_map_desc { > > #define FEAT_AA64EL1 ID_AA64PFR0_EL1, EL1, IMP > > #define FEAT_AA64EL2 ID_AA64PFR0_EL1, EL2, IMP > > #define FEAT_AA64EL3 ID_AA64PFR0_EL1, EL3, IMP > > +#define FEAT_SEL2 ID_AA64PFR0_EL1, SEL2, IMP > > #define FEAT_AIE ID_AA64MMFR3_EL1, AIE, IMP > > #define FEAT_S2POE ID_AA64MMFR3_EL1, S2POE, IMP > > #define FEAT_S1POE ID_AA64MMFR3_EL1, S1POE, IMP > > @@ -202,6 +203,8 @@ struct reg_feat_map_desc { > > #define FEAT_ASID2 ID_AA64MMFR4_EL1, ASID2, IMP > > #define FEAT_MEC ID_AA64MMFR3_EL1, MEC, IMP > > #define FEAT_HAFT ID_AA64MMFR1_EL1, HAFDBS, HAFT > > +#define FEAT_HDBSS ID_AA64MMFR1_EL1, HAFDBS, HDBSS > > +#define FEAT_HPDS2 ID_AA64MMFR1_EL1, HPDS, HPDS2 > > #define FEAT_BTI ID_AA64PFR1_EL1, BT, IMP > > #define FEAT_ExS ID_AA64MMFR0_EL1, EXS, IMP > > #define FEAT_IESB ID_AA64MMFR2_EL1, IESB, IMP > > @@ -219,6 +222,7 @@ struct reg_feat_map_desc { > > #define FEAT_FGT2 ID_AA64MMFR0_EL1, FGT, FGT2 > > #define FEAT_MTPMU ID_AA64DFR0_EL1, MTPMU, IMP > > #define FEAT_HCX ID_AA64MMFR1_EL1, HCX, IMP > > +#define FEAT_S2PIE ID_AA64MMFR3_EL1, S2PIE, IMP > > > > static bool not_feat_aa64el3(struct kvm *kvm) > > { > > @@ -362,6 +366,28 @@ static bool feat_pmuv3p9(struct kvm *kvm) > > return check_pmu_revision(kvm, V3P9); > > } > > > > +#define has_feat_s2tgran(k, s) \ > > + ((kvm_has_feat_enum(kvm, ID_AA64MMFR0_EL1, TGRAN##s##_2, TGRAN##s) && \ > > + !kvm_has_feat_enum(kvm, ID_AA64MMFR0_EL1, TGRAN##s, NI)) || \ > > + kvm_has_feat(kvm, ID_AA64MMFR0_EL1, TGRAN##s##_2, IMP)) > > + > > +static bool feat_lpa2(struct kvm *kvm) > > +{ > > + return ((kvm_has_feat(kvm, ID_AA64MMFR0_EL1, TGRAN4, 52_BIT) || > > + !kvm_has_feat(kvm, ID_AA64MMFR0_EL1, TGRAN4, IMP)) && > > + (kvm_has_feat(kvm, ID_AA64MMFR0_EL1, TGRAN16, 52_BIT) || > > + !kvm_has_feat(kvm, ID_AA64MMFR0_EL1, TGRAN16, IMP)) && > > + (kvm_has_feat(kvm, ID_AA64MMFR0_EL1, TGRAN4_2, 52_BIT) || > > + !has_feat_s2tgran(kvm, 4)) && > > + (kvm_has_feat(kvm, ID_AA64MMFR0_EL1, TGRAN16_2, 52_BIT) || > > + !has_feat_s2tgran(kvm, 16))); > > +} > > + > > +static bool feat_vmid16(struct kvm *kvm) > > +{ > > + return kvm_has_feat_enum(kvm, ID_AA64MMFR1_EL1, VMIDBits, 16); > > +} > > + > > static bool compute_hcr_rw(struct kvm *kvm, u64 *bits) > > { > > /* This is purely academic: AArch32 and NV are mutually exclusive */ > > @@ -1168,6 +1194,44 @@ static const struct reg_bits_to_feat_map mdcr_el2_feat_map[] = { > > static const DECLARE_FEAT_MAP(mdcr_el2_desc, MDCR_EL2, > > mdcr_el2_feat_map, FEAT_AA64EL2); > > > > +static const struct reg_bits_to_feat_map vtcr_el2_feat_map[] = { > > + NEEDS_FEAT(VTCR_EL2_HDBSS, FEAT_HDBSS), > > + NEEDS_FEAT(VTCR_EL2_HAFT, FEAT_HAFT), > > + NEEDS_FEAT(VTCR_EL2_TL0 | > > + VTCR_EL2_TL1 | > > + VTCR_EL2_AssuredOnly | > > + VTCR_EL2_GCSH, > > + FEAT_THE), > > The text for VTCR_EL2.AssuredOnly says: > > This field is RES0 when VTCR_EL2.D128 is 1. > > > + NEEDS_FEAT(VTCR_EL2_D128, FEAT_D128), > > + NEEDS_FEAT(VTCR_EL2_S2POE, FEAT_S2POE), > > + NEEDS_FEAT(VTCR_EL2_S2PIE, FEAT_S2PIE), > > The text for VTCR_EL2.S2PIE says: > > This field is RES1 when VTCR_EL2.D128 is set. > > > Are these cases that need to be handled here somehow? These are not static configurations. They are dynamic behaviours depending on other control bits. D128 code, if it ever exists, will have to *interpret* these bits as RES0 (resp. RES1) when evaluating the page tables. If you want a similar example in existing code, look at the way we handle TCR_EL1.HPDn in the S1 PTW. They are treated as RES1 if TCR2_EL1.PIE is set, as per R_JHSVW. Thanks, M. -- Without deviation from the norm, progress is not possible.