From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DD4AFCAC5B9 for ; Tue, 30 Sep 2025 07:44:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type:MIME-Version: References:In-Reply-To:Subject:Cc:To:From:Message-ID:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=nzJsKGiq7T7lyyctZEqr464FhWGTYy8w/EJi7Ph2FBc=; b=ZHrsBy3p7bX4CeE8+qi7BxH3a9 wjIe3ua10ArwMjN7WrNtnvWdoz4ZTX+ju1k6f8DUSQ64PZX/ZbPXI9xyGNPSlplSk3e7tl+lvjzKZ U01EUTHOxk/bX0cQ6ecUE+ZirNu6TY2fALZtrJMF18iIr5xghfadhB/Mz71w8+TUM6vCk/JeR6RzJ F3+TRXbJGfURgAnbyu+AOxtDg/Etq93FZFStK4ejkZdyR5nOK88S099KB8pCf9YJCWEI+ZE+WJ0+b iF4NSnbaRzHPefOWXqWtJEYCp0kAq4jfMBQOdp4QVfMFCCy1lqDElSr1G4cCNAEeiQtz3qxc28TXm QHnOZc7Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux)) id 1v3V2E-00000004Wpy-46DT; Tue, 30 Sep 2025 07:44:30 +0000 Received: from sea.source.kernel.org ([2600:3c0a:e001:78e:0:1991:8:25]) by bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux)) id 1v3V2B-00000004Wol-2Ooc for linux-arm-kernel@lists.infradead.org; Tue, 30 Sep 2025 07:44:29 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sea.source.kernel.org (Postfix) with ESMTP id 42CC6402AC; Tue, 30 Sep 2025 07:44:27 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1F3D3C4CEF0; Tue, 30 Sep 2025 07:44:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1759218267; bh=8/Vy0IpBdnBl3FqITdTg6fXAw6N3XdQbwsG+l9Eo8mQ=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=I+qJ5cUPYt9zuzbo3fVNhdOCGiIJeWqXPLm8P121Hi3fEM4gLQ9Uc4HUM9JggJZrJ AOYTlWZz/qprgsasmnH+PE4GGRDc7oioJ1laPXjGKuNUA21CyawfZ7azyZzdZ/CPNj H3dXhezGRebrLbcYm1HwChXGdMChBxPnwrlKMHQgRhwXZeupXYPMW4VXmolt5EjEqN C5BTIwItLLankmAr4YDD4GqCza9i2kdgbCStkM7/qCprmprAN9UdO9hv2MWieNYp1J bSP5fXqYEpTtKaBMMfUAH34bz40isnMzCtPOmQ7gZny/vM0eDvHjLdU8tuX1QkQ9Tb DlvuhrHU+XQ3w== Received: from sofa.misterjones.org ([185.219.108.64] helo=goblin-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1v3V28-0000000ASrQ-2v5h; Tue, 30 Sep 2025 07:44:24 +0000 Date: Tue, 30 Sep 2025 08:44:24 +0100 Message-ID: <86zfacz8o7.wl-maz@kernel.org> From: Marc Zyngier To: Oliver Upton Cc: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, Joey Gouly , Suzuki K Poulose , Zenghui Yu Subject: Re: [PATCH 01/13] KVM: arm64: Hide CNTHV_*_EL2 from userspace for nVHE guests In-Reply-To: References: <20250929160458.3351788-1-maz@kernel.org> <20250929160458.3351788-2-maz@kernel.org> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/30.1 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: oliver.upton@linux.dev, kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20250930_004427_688708_7F430216 X-CRM114-Status: GOOD ( 28.15 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Tue, 30 Sep 2025 01:35:07 +0100, Oliver Upton wrote: > > Hey, > > On Mon, Sep 29, 2025 at 05:04:45PM +0100, Marc Zyngier wrote: > > Although we correctly UNDEF any CNTHV_*_EL2 access from the guest > > when E2H==0, we still expose these registers to userspace, which > > is a bad idea. > > > > Drop the ad-hoc UNDEF injection and switch to a .visibility() > > callback which will also hide the register from userspace. > > > > Fixes: 0e45981028550 ("KVM: arm64: timer: Don't adjust the EL2 virtual timer offset") > > Signed-off-by: Marc Zyngier > > --- > > arch/arm64/kvm/sys_regs.c | 26 +++++++++++++------------- > > 1 file changed, 13 insertions(+), 13 deletions(-) > > > > diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c > > index ee8a7033c85bf..9f2f4e0b042e8 100644 > > --- a/arch/arm64/kvm/sys_regs.c > > +++ b/arch/arm64/kvm/sys_regs.c > > @@ -1594,16 +1594,6 @@ static bool access_arch_timer(struct kvm_vcpu *vcpu, > > return true; > > } > > > > -static bool access_hv_timer(struct kvm_vcpu *vcpu, > > - struct sys_reg_params *p, > > - const struct sys_reg_desc *r) > > -{ > > - if (!vcpu_el2_e2h_is_set(vcpu)) > > - return undef_access(vcpu, p, r); > > - > > - return access_arch_timer(vcpu, p, r); > > -} > > - > > static s64 kvm_arm64_ftr_safe_value(u32 id, const struct arm64_ftr_bits *ftrp, > > s64 new, s64 cur) > > { > > @@ -2831,6 +2821,16 @@ static unsigned int s1pie_el2_visibility(const struct kvm_vcpu *vcpu, > > return __el2_visibility(vcpu, rd, s1pie_visibility); > > } > > > > +static unsigned int cnthv_visibility(const struct kvm_vcpu *vcpu, > > + const struct sys_reg_desc *rd) > > +{ > > + if (vcpu_has_nv(vcpu) && > > + !vcpu_has_feature(vcpu, KVM_ARM_VCPU_HAS_EL2_E2H0)) > > + return 0; > > + > > + return REG_HIDDEN; > > +} > > Hmm. We've already exposed these to userspace at this point, we just > conveniently last the get-reg-list test to assert the accessibility of > these (broken) exposures. > > Given the amount of UAPI mishaps we've had with registers in the past I > don't have much appetite for taking away something we already > advertised. > > What about making these RAZ/WI from userspace? Honestly, I don't think we should bother. The only VMM supporting NV is QEMU, and it explicitly isn't able to select E2H0. I'm happy to Cc stable on this, but worrying about nVHE save/restore at this stage seems like an overreaction -- I'm pretty sure NV save/restore is generally broken in many more ways. Thanks, M. -- Without deviation from the norm, progress is not possible.