From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D2543CFD2F6 for ; Thu, 27 Nov 2025 14:17:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type:MIME-Version: References:In-Reply-To:Subject:Cc:To:From:Message-ID:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=2yu/s4MyUlN3QlTtp06QvqooyUV23GGpZxANGcxY6aI=; b=KU0wBjqrBg5PpTAw4+AUV93oOo cWjBjwM59sNNShjYBE/lEPU5v7rh5DrYZO9ULYovDJRr4WUZJsXvbsXJWvg7PhYs8cKg2Vy1RDoV2 A4hm7SFBljSL6j6jInYTEvJGbIn+KRT0msXJCwSa949zzNqzGZCPYA31SSQJcJZB/Ki9KUr6JginB BjeAroc7Frti0kC1sN1PjdbWP27GLli2O54nDucnwWKPOpHWvYpsXkkLRVj1Gbqt1LwXlcaln6N8l 9GuqPPlyN8kJb21tt4Y0QfmJbvTpo6dnQmifxeDOb4ssRXwPL6ddLgfQ3PMIHW6pWbBWfDPIbz2OH eYfhHohg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux)) id 1vOcoa-0000000Gll6-3CqQ; Thu, 27 Nov 2025 14:17:44 +0000 Received: from sea.source.kernel.org ([2600:3c0a:e001:78e:0:1991:8:25]) by bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux)) id 1vOcoY-0000000Glkf-3j3P for linux-arm-kernel@lists.infradead.org; Thu, 27 Nov 2025 14:17:44 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sea.source.kernel.org (Postfix) with ESMTP id 24D5D41973; Thu, 27 Nov 2025 14:17:42 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id F196FC4CEF8; Thu, 27 Nov 2025 14:17:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1764253062; bh=4haNjzaDLe2vliXcpa8qTI93RvKyr77GcBCX063zobE=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=oJfLpIm4JlHsksbmJy0cXlKOUMYyE+upDpGy8s/Yxp78yH/zDUiXw1zKUm0+1SDu7 2bcPrY1W16tK823RM9U096AsMWLrmfnr9Lz1cmNQF2RHRITB0zxiRlRkDQKtKbeV+k MG6OfKL91j5bM52CRWQ4+l8BDO2h5zud3IVF499gmnk09IamtmN0bENxMZ+Jl2KbBZ GPh3gCPIc+MwEMN5VeO+PAsv2mZ5KS4GSUicg0yJ5GGnM6Gw/so2UuwJuevetpN5C4 3x2YNEQKQ05O5qaPayjH+e5phAhEqBWPyaWpPCIz7Bm4hbJrTRLGrCe32P60bSjK6u /PcJVfxwAvA0g== Received: from sofa.misterjones.org ([185.219.108.64] helo=goblin-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1vOcoV-00000008oYy-2CpF; Thu, 27 Nov 2025 14:17:39 +0000 Date: Thu, 27 Nov 2025 14:17:39 +0000 Message-ID: <86345zr24c.wl-maz@kernel.org> From: Marc Zyngier To: Fuad Tabba Cc: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, oliver.upton@linux.dev, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, catalin.marinas@arm.com, will@kernel.org Subject: Re: [PATCH v1 4/5] arm64: Inject UNDEF when accessing MTE sysregs with MTE disabled In-Reply-To: <20251127122210.4111702-5-tabba@google.com> References: <20251127122210.4111702-1-tabba@google.com> <20251127122210.4111702-5-tabba@google.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/30.1 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: tabba@google.com, kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, oliver.upton@linux.dev, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, catalin.marinas@arm.com, will@kernel.org X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20251127_061742_990904_B6BF7C6B X-CRM114-Status: GOOD ( 23.37 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Thu, 27 Nov 2025 12:22:09 +0000, Fuad Tabba wrote: > > When MTE hardware is present but disabled via software (arm64.nomte or > CONFIG_ARM64_MTE=n), HCR_EL2.ATA is cleared to prevent use of MTE > instructions. However, this alone doesn't fully emulate hardware that > lacks MTE support. > > With HCR_EL2.ATA cleared, accesses to certain MTE system registers trap > to EL2 with exception class ESR_ELx_EC_SYS64. To faithfully emulate > hardware without MTE (where such accesses would cause an Undefined > Instruction exception), inject UNDEF into the host. > > Signed-off-by: Fuad Tabba > --- > arch/arm64/kvm/hyp/nvhe/hyp-main.c | 44 ++++++++++++++++++++++++++++++ > 1 file changed, 44 insertions(+) > > diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c > index 29430c031095..f542e4c17156 100644 > --- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c > +++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c > @@ -686,6 +686,46 @@ static void handle_host_smc(struct kvm_cpu_context *host_ctxt) > kvm_skip_host_instr(); > } > > +static void inject_undef64(void) > +{ > + unsigned long sctlr, vbar, old, new; > + u64 offset, esr; > + > + vbar = read_sysreg_el1(SYS_VBAR); > + sctlr = read_sysreg_el1(SYS_SCTLR); > + old = read_sysreg_el2(SYS_SPSR); > + new = get_except64_cpsr(old, system_supports_mte(), sctlr, PSR_MODE_EL1h); > + offset = get_except64_offset(old, PSR_MODE_EL1h, except_type_sync); > + esr = (ESR_ELx_EC_UNKNOWN << ESR_ELx_EC_SHIFT) | ESR_ELx_IL; > + > + write_sysreg_el1(esr, SYS_ESR); > + write_sysreg_el1(read_sysreg_el2(SYS_ELR), SYS_ELR); > + write_sysreg_el1(old, SYS_SPSR); > + write_sysreg_el2(vbar + offset, SYS_ELR); > + write_sysreg_el2(new, SYS_SPSR); > +} > + > +static bool handle_host_mte(u64 esr) > +{ > + /* If we're here for any reason other than MTE, then it's a bug. */ > + > + if (read_sysreg(HCR_EL2) & HCR_ATA) > + return false; > + > + switch (esr_sys64_to_sysreg(esr)) { > + case SYS_RGSR_EL1: > + case SYS_GCR_EL1: > + case SYS_TFSR_EL1: > + case SYS_TFSRE0_EL1: How about other things, such as DC GVA? Don't you need to trap and UNDEF it (which has the side effect of also trapping DC ZVA)? Same question for all the DC {C,I,CI}GVA{C,P} instructions. Thanks, M. -- Without deviation from the norm, progress is not possible.