From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-alma10-1.taild15c8.ts.net [100.103.45.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 472032571A0; Thu, 2 Jul 2026 21:09:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=100.103.45.18 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783026546; cv=none; b=lfPjgHhQ1M6UpMVDmxdIa/1nx5CEFh7Bm6zOjelkzqFz3JsIhOuNIAgcugZbt9niv5h1gpPUqJQJ8Bim5kFU/2plZ4dqm+LI8K74zMh+LX+QToZbivXdFJmX76jZZ0HnSZQBJiUV05PPE+2It6WNT6DBk/9eL+Kj2ahnSv3jHO4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783026546; c=relaxed/simple; bh=mzs6FRafv33MXO1zybO+JdaXsOEUI4d/26FJHEAPywM=; h=Date:Message-ID:From:To:Cc:Subject:In-Reply-To:References: MIME-Version:Content-Type; b=o4NQ6jWKqVHH6XOQG5WO6r/zoiuQXrlilScMGyGmx/lD7ygpOLRtAQ0uQNn8lXCf9/klb3rmIg8WgXFfG/n92sakURX2jsA3dwZgsU9chX2ItgMkTaGBMUtK6nTIJKqyHJSXMig65MO2DGkz3mHY/9k28qeIDVb4KX0D0ywSHfs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=dEkDBLRJ; arc=none smtp.client-ip=100.103.45.18 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="dEkDBLRJ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 206101F000E9; Thu, 2 Jul 2026 21:09:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1783026545; bh=sTV+0NATucxumtqWnyxNET7XN5P2JSkBWXP+lsg9RYM=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=dEkDBLRJvq59oQRoRRbxxS8HQ1v/cRLT3mr4EAQi+I6ON9LGFMaw0GnghHi5f4Ryq sYZGeFiLqtjEbwPyG+FeqJk2j0e6ZCBAUhsCmWvzqah/mo1nRDAUBIfUaSNhfBLr9j RTVTOwIG5fivyXKITO8h/s2pcOEm8OFnP/7xQtIujSvxMvLWxlUH2I0svYmXGaDq5S 15KhdljNbT45H+SaXZ+8Ikc8WSKtTY8uOuJ260m812xyRFzTZAIIPf/5W/Jg8794mV Mllif1pLky85RB0xFI7dMjbz+Lxk6FGtMov782kwf6MnzNZ2k+lTVGyomnIeSHuXKZ qwBxPDmUiR5fw== Received: from sofa.misterjones.org ([185.219.108.64] helo=lobster-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1wfOed-00000000upt-1eLF; Thu, 02 Jul 2026 21:09:03 +0000 Date: Thu, 02 Jul 2026 22:10:51 +0100 Message-ID: <87ldbt6qsk.wl-maz@kernel.org> From: Marc Zyngier To: sashiko-reviews@lists.linux.dev Cc: kvm@vger.kernel.org, kvmarm@lists.linux.dev, "Oliver Upton" Subject: Re: [PATCH 04/28] KVM: arm64: Drop __HCRX_EL2_* masks In-Reply-To: <20260702183449.B14E81F000E9@smtp.kernel.org> References: <20260702160248.1377250-1-maz@kernel.org> <20260702160248.1377250-5-maz@kernel.org> <20260702183449.B14E81F000E9@smtp.kernel.org> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/30.1 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: sashiko-reviews@lists.linux.dev, kvm@vger.kernel.org, kvmarm@lists.linux.dev, oupton@kernel.org X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false On Thu, 02 Jul 2026 19:34:49 +0100, sashiko-bot@kernel.org wrote: > > Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider: > > Pre-existing issues: > - [High] Unsanitized architectural RES0/RES1 bits in HCRX_EL2 allow nested guests to enable hidden hardware features and trigger CONSTRAINED UNPREDICTABLE behavior. > -- > > commit c528765403e37bb993d380c50856d508033ad43a > Author: Marc Zyngier > > KVM: arm64: Drop __HCRX_EL2_* masks > > This patch removes the legacy __HCRX_EL2_* masks and the manual RES1 > sanitization in get_reg_fixed_bits(). It intends to rely on existing > auto-generated masks and boot-time checks to prevent unhandled bits from > being exploited. > > > diff --git a/arch/arm64/kvm/config.c b/arch/arm64/kvm/config.c > > index 0622162b089e5..16d8148dc3f12 100644 > > --- a/arch/arm64/kvm/config.c > > +++ b/arch/arm64/kvm/config.c > [ ... ] > > @@ -933,7 +933,7 @@ static const struct reg_bits_to_feat_map hcrx_feat_map[] = { > > }; > > > > > > -static const DECLARE_FEAT_MAP(hcrx_desc, __HCRX_EL2, > > +static const DECLARE_FEAT_MAP(hcrx_desc, HCRX_EL2, > > hcrx_feat_map, FEAT_HCX); > > [Severity: High] > This is a pre-existing issue, but hcrx_feat_map lacks FORCE_RES0 and > FORCE_RES1 declarations. Unlike other system register maps, this means > compute_reg_resx_bits() will omit the architectural RES0/RES1 bits from > the KVM masks. No. Again. M. -- Jazz isn't dead. It just smells funny.