* [PATCH] KVM: arm64: Set a linux errno on SMCCC error in kvm_call_hyp_nvhe()
@ 2026-06-03 11:03 Vincent Donnefort
2026-06-03 11:22 ` Fuad Tabba
2026-06-05 11:23 ` Will Deacon
0 siblings, 2 replies; 4+ messages in thread
From: Vincent Donnefort @ 2026-06-03 11:03 UTC (permalink / raw)
To: maz, oliver.upton, joey.gouly, suzuki.poulose, yuzenghui,
catalin.marinas, will
Cc: linux-arm-kernel, kvmarm, kernel-team, tabba, Vincent Donnefort
If the HVC called in kvm_call_hyp_nvhe() fails with an SMCCC error code,
we WARN. However, the returned value isn't initialized and the caller
might get garbage or 0 which is likely to be interpreted as success.
Set a default -EPERM error value, ensuring all callers get the message
when SMCCC calls fail.
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
---
I have encountered this issue while working on a follow-up contribution to the
hypervisor tracing. In that case it completely crashed the kernel because
IS_ERR() failed on that res.a1 value.
Now, if it makes that function more robust, I do not believe it is fixing any
existing bug which is why I haven't added a "Fixes:" tag.
In case we want to stick one, here it is:
Fixes: 054698316d87 ("KVM: arm64: nVHE: Migrate hyp interface to SMCCC")
diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
index a49042bfa801..6b8fd494792c 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -1273,13 +1273,14 @@ void kvm_arm_resume_guest(struct kvm *kvm);
#define vcpu_has_run_once(vcpu) (!!READ_ONCE((vcpu)->pid))
#ifndef __KVM_NVHE_HYPERVISOR__
-#define kvm_call_hyp_nvhe(f, ...) \
+#define kvm_call_hyp_nvhe(f, ...) \
({ \
struct arm_smccc_res res; \
\
arm_smccc_1_1_hvc(KVM_HOST_SMCCC_FUNC(f), \
##__VA_ARGS__, &res); \
- WARN_ON(res.a0 != SMCCC_RET_SUCCESS); \
+ if (WARN_ON(res.a0 != SMCCC_RET_SUCCESS)) \
+ res.a1 = -EPERM; \
\
res.a1; \
})
base-commit: e43ffb69e0438cddd72aaa30898b4dc446f664f8
--
2.54.0.1032.g2f8565e1d1-goog
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] KVM: arm64: Set a linux errno on SMCCC error in kvm_call_hyp_nvhe()
2026-06-03 11:03 [PATCH] KVM: arm64: Set a linux errno on SMCCC error in kvm_call_hyp_nvhe() Vincent Donnefort
@ 2026-06-03 11:22 ` Fuad Tabba
2026-06-05 11:23 ` Will Deacon
1 sibling, 0 replies; 4+ messages in thread
From: Fuad Tabba @ 2026-06-03 11:22 UTC (permalink / raw)
To: Vincent Donnefort
Cc: maz, oliver.upton, joey.gouly, suzuki.poulose, yuzenghui,
catalin.marinas, will, linux-arm-kernel, kvmarm, kernel-team
Hi Vincent,
On Wed, 3 Jun 2026 at 12:03, Vincent Donnefort <vdonnefort@google.com> wrote:
>
> If the HVC called in kvm_call_hyp_nvhe() fails with an SMCCC error code,
> we WARN. However, the returned value isn't initialized and the caller
> might get garbage or 0 which is likely to be interpreted as success.
>
> Set a default -EPERM error value, ensuring all callers get the message
> when SMCCC calls fail.
>
> Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
>
> ---
>
> I have encountered this issue while working on a follow-up contribution to the
> hypervisor tracing. In that case it completely crashed the kernel because
> IS_ERR() failed on that res.a1 value.
>
> Now, if it makes that function more robust, I do not believe it is fixing any
> existing bug which is why I haven't added a "Fixes:" tag.
>
> In case we want to stick one, here it is:
>
> Fixes: 054698316d87 ("KVM: arm64: nVHE: Migrate hyp interface to SMCCC")
You are fixing a real bug, even if it's latent; I think you should include it.
>
> diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
> index a49042bfa801..6b8fd494792c 100644
> --- a/arch/arm64/include/asm/kvm_host.h
> +++ b/arch/arm64/include/asm/kvm_host.h
> @@ -1273,13 +1273,14 @@ void kvm_arm_resume_guest(struct kvm *kvm);
> #define vcpu_has_run_once(vcpu) (!!READ_ONCE((vcpu)->pid))
>
> #ifndef __KVM_NVHE_HYPERVISOR__
> -#define kvm_call_hyp_nvhe(f, ...) \
> +#define kvm_call_hyp_nvhe(f, ...) \
nit: This realignment would muddle a git blame on this. Prefer you drop it.
Otherwise,
Reviewed-by: Fuad Tabba <tabba@google.com>
Cheers,
/fuad
> ({ \
> struct arm_smccc_res res; \
> \
> arm_smccc_1_1_hvc(KVM_HOST_SMCCC_FUNC(f), \
> ##__VA_ARGS__, &res); \
> - WARN_ON(res.a0 != SMCCC_RET_SUCCESS); \
> + if (WARN_ON(res.a0 != SMCCC_RET_SUCCESS)) \
> + res.a1 = -EPERM; \
> \
> res.a1; \
> })
>
> base-commit: e43ffb69e0438cddd72aaa30898b4dc446f664f8
> --
> 2.54.0.1032.g2f8565e1d1-goog
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] KVM: arm64: Set a linux errno on SMCCC error in kvm_call_hyp_nvhe()
2026-06-03 11:03 [PATCH] KVM: arm64: Set a linux errno on SMCCC error in kvm_call_hyp_nvhe() Vincent Donnefort
2026-06-03 11:22 ` Fuad Tabba
@ 2026-06-05 11:23 ` Will Deacon
2026-06-07 14:01 ` Marc Zyngier
1 sibling, 1 reply; 4+ messages in thread
From: Will Deacon @ 2026-06-05 11:23 UTC (permalink / raw)
To: Vincent Donnefort
Cc: maz, oliver.upton, joey.gouly, suzuki.poulose, yuzenghui,
catalin.marinas, linux-arm-kernel, kvmarm, kernel-team, tabba
On Wed, Jun 03, 2026 at 12:03:12PM +0100, Vincent Donnefort wrote:
> If the HVC called in kvm_call_hyp_nvhe() fails with an SMCCC error code,
> we WARN. However, the returned value isn't initialized and the caller
> might get garbage or 0 which is likely to be interpreted as success.
>
> Set a default -EPERM error value, ensuring all callers get the message
> when SMCCC calls fail.
>
> Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
>
> ---
>
> I have encountered this issue while working on a follow-up contribution to the
> hypervisor tracing. In that case it completely crashed the kernel because
> IS_ERR() failed on that res.a1 value.
>
> Now, if it makes that function more robust, I do not believe it is fixing any
> existing bug which is why I haven't added a "Fixes:" tag.
>
> In case we want to stick one, here it is:
>
> Fixes: 054698316d87 ("KVM: arm64: nVHE: Migrate hyp interface to SMCCC")
>
> diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
> index a49042bfa801..6b8fd494792c 100644
> --- a/arch/arm64/include/asm/kvm_host.h
> +++ b/arch/arm64/include/asm/kvm_host.h
> @@ -1273,13 +1273,14 @@ void kvm_arm_resume_guest(struct kvm *kvm);
> #define vcpu_has_run_once(vcpu) (!!READ_ONCE((vcpu)->pid))
>
> #ifndef __KVM_NVHE_HYPERVISOR__
> -#define kvm_call_hyp_nvhe(f, ...) \
> +#define kvm_call_hyp_nvhe(f, ...) \
> ({ \
> struct arm_smccc_res res; \
> \
> arm_smccc_1_1_hvc(KVM_HOST_SMCCC_FUNC(f), \
> ##__VA_ARGS__, &res); \
> - WARN_ON(res.a0 != SMCCC_RET_SUCCESS); \
> + if (WARN_ON(res.a0 != SMCCC_RET_SUCCESS)) \
> + res.a1 = -EPERM; \
> \
> res.a1; \
> })
Looks like the only error code we return to the host is
SMCCC_RET_NOT_SUPPORTED, so maybe -EOPNOTSUPP would be more appropriate?
Either way:
Acked-by: Will Deacon <will@kernel.org>
Will
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] KVM: arm64: Set a linux errno on SMCCC error in kvm_call_hyp_nvhe()
2026-06-05 11:23 ` Will Deacon
@ 2026-06-07 14:01 ` Marc Zyngier
0 siblings, 0 replies; 4+ messages in thread
From: Marc Zyngier @ 2026-06-07 14:01 UTC (permalink / raw)
To: Will Deacon
Cc: Vincent Donnefort, oliver.upton, joey.gouly, suzuki.poulose,
yuzenghui, catalin.marinas, linux-arm-kernel, kvmarm, kernel-team,
tabba
On Fri, 05 Jun 2026 12:23:40 +0100,
Will Deacon <will@kernel.org> wrote:
>
> On Wed, Jun 03, 2026 at 12:03:12PM +0100, Vincent Donnefort wrote:
> > If the HVC called in kvm_call_hyp_nvhe() fails with an SMCCC error code,
> > we WARN. However, the returned value isn't initialized and the caller
> > might get garbage or 0 which is likely to be interpreted as success.
> >
> > Set a default -EPERM error value, ensuring all callers get the message
> > when SMCCC calls fail.
> >
> > Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
> >
> > ---
> >
> > I have encountered this issue while working on a follow-up contribution to the
> > hypervisor tracing. In that case it completely crashed the kernel because
> > IS_ERR() failed on that res.a1 value.
> >
> > Now, if it makes that function more robust, I do not believe it is fixing any
> > existing bug which is why I haven't added a "Fixes:" tag.
> >
> > In case we want to stick one, here it is:
> >
> > Fixes: 054698316d87 ("KVM: arm64: nVHE: Migrate hyp interface to SMCCC")
> >
> > diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
> > index a49042bfa801..6b8fd494792c 100644
> > --- a/arch/arm64/include/asm/kvm_host.h
> > +++ b/arch/arm64/include/asm/kvm_host.h
> > @@ -1273,13 +1273,14 @@ void kvm_arm_resume_guest(struct kvm *kvm);
> > #define vcpu_has_run_once(vcpu) (!!READ_ONCE((vcpu)->pid))
> >
> > #ifndef __KVM_NVHE_HYPERVISOR__
> > -#define kvm_call_hyp_nvhe(f, ...) \
> > +#define kvm_call_hyp_nvhe(f, ...) \
> > ({ \
> > struct arm_smccc_res res; \
> > \
> > arm_smccc_1_1_hvc(KVM_HOST_SMCCC_FUNC(f), \
> > ##__VA_ARGS__, &res); \
> > - WARN_ON(res.a0 != SMCCC_RET_SUCCESS); \
> > + if (WARN_ON(res.a0 != SMCCC_RET_SUCCESS)) \
> > + res.a1 = -EPERM; \
> > \
> > res.a1; \
> > })
>
> Looks like the only error code we return to the host is
> SMCCC_RET_NOT_SUPPORTED, so maybe -EOPNOTSUPP would be more appropriate?
Yes, this is better. I've hacked the patch to reflect this upon
applying it.
Thanks,
M.
--
Jazz isn't dead. It just smells funny.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2026-06-07 13:58 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-03 11:03 [PATCH] KVM: arm64: Set a linux errno on SMCCC error in kvm_call_hyp_nvhe() Vincent Donnefort
2026-06-03 11:22 ` Fuad Tabba
2026-06-05 11:23 ` Will Deacon
2026-06-07 14:01 ` Marc Zyngier
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox