From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5B2B12B9BA
	for <linux-kernel@vger.kernel.org>; Fri, 19 Jun 2026 13:32:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.49
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1781875926; cv=none; b=DAeL1Tc81QPbVO/F11W3Jsi8Stm8W+YZZD25AnW91FnguIZ6hEjtBXHNMfkw3tmFTxBThdekaCO5XueWSvOlz610OAjQUvwQvC/MmMxS4Rx9S2893I835dEhBnBOmt14xC6rHx7AN8q7xv+ADjcwC1sf5hp0Y77bstILXSaNaA4=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1781875926; c=relaxed/simple;
	bh=Hq9ey9uzs+3MJ9Yw4ltOLbUxORnNpSEbpKgD6w0aGrw=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=YXidJbuOAZA6oa47I4dYVoWoTFrQLAcKJrVkFzhubinGH1eJLqaBCcN15sBQ/m2fPKJ7MRF6ZmiGRLvSYBn4fMd7cozb6F6WKNkhAX522sljW0eJ1x2j+V9F6B7offfinI+TKDvFir3Ind7pfmett9kjxCz6JfLm8uEy0Tb+qqQ=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=SwLukCS2; arc=none smtp.client-ip=209.85.128.49
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="SwLukCS2"
Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-490afc47455so8774445e9.2
        for <linux-kernel@vger.kernel.org>; Fri, 19 Jun 2026 06:32:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1781875924; x=1782480724; darn=vger.kernel.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=IAgiiNcrQNm379JlHAgcT50PxnyZ9fON8VGxnlQuPrI=;
        b=SwLukCS2x36/eA+jJEfaxbp/TqdMgA+Kpo7VS5ynVUKzvUi73dlj0iF4KrR3FdImA+
         9Uqj+2/lTkhqsrpjmBODPN6KjOtg+HPDoGvIAe8caSoswOj7gGDXUhnONEzgIEhQuIpI
         MgW16eI9kMZ2IjJoZJUI2wlJflidlmniyGTJBIi+XCLhubxYErPXCUGsaSr02cpn7rAG
         mI2kKBRc8p1ClVI6ET2HWhWkht7h2pur+NgSKH5pbTosY6RBjmEUwIH4ONRzMfDThGvQ
         gREdGQAxM36NK6OA5USmOX7y+Bexwn01lCeBH77YT2mPXgK0ZEIwP66jN2Q4v7fc4Xfl
         Ovvw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1781875924; x=1782480724;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=IAgiiNcrQNm379JlHAgcT50PxnyZ9fON8VGxnlQuPrI=;
        b=c94tbDl7KJMRfVc8NpzAhZKD649kzezCqEkydueZiY8PPP80pX8XSDdPUVHpBNF8D8
         C72HCOH/8Y4xvI1p23+9dKkM9qBn94Z/6PYS5KFhk2FeXePts73KMfBTfHXge/h1K9yq
         2QAqWLQ/Rk9Dfhe3c6d1lFEjkcdBV0e2g+JWVkzlxmhiu+aAUXsCuDzQlrZZC+ZSwKIb
         l2rJU6ESlShmdoClE4NDE/gXUrtKVkEGvB+YACQcudZAf8ziwfhPCBUcnwED0mlDpGjo
         Tz8RXyItTJGpsN4jcUh6djXSx+CPvau0vavBsjC33vHBgl5CSiqsmVeVRv2BD+uP5gDb
         HsEg==
X-Forwarded-Encrypted: i=1; AFNElJ9burJNbOnc7EnbbDs54uKNHIPH4waRme4cXe6TwoOl5dhmrUzK9lO3krL0i6QTWfk8KGMBwRtYH4dcdBM=@vger.kernel.org
X-Gm-Message-State: AOJu0YzvczRSKUXYXSNILC2JVN+JWNtIFNKR5Iakb3y52qLFzmEXOnWI
	VrqW1llV4mhwVweQeWBUHaUs25OmL05tgvy8rVYATA4KS0OipaC5T1T6+ixH2ud1Nw==
X-Gm-Gg: AfdE7cn2pWm/d2YcpFKNuj1HMJtDc5ooxoagEc8FEnrA5MeGCqZMmNfXodUxQHBJnIP
	nhdofzaCi0OCZ7412q23sErF/d1uuj3mRT0AKC+MiZnyEo/yOWkMMqefWTvE+wlEkcjhhln1uel
	5UIlJ0MT/c+pARWETd81sEhe4s6VnAXC1ocIBxJRw+OqAD1VUcGfGiBkBFjmH6nK1JnarYnuR83
	xRq+RQfG+Uxx4Z/L0NCLoDjIhWOLrTN9c9mSDk173QseQKT5ynoFdSI0lzRfrL9Lo/9ZzhU2DhB
	wXtxmScaX9wl1g1Lrejkd16jSH1r/lxHKhcmSb2d5/6MYJglIwEQgR9SCmFRsFrK5MfFqiP9QEo
	Q4ZNhaBxwA4t00X131ssQNRN92Q98I1gdYT+fC0K2SiCGs4EHCn7sdQndIy8HrYIhQVGPMLo5NF
	dc+fcAafHephX4gnbuapklJ+R0wCxo0Bc+p6032PysZo8lC2+5l0lwxgR8
X-Received: by 2002:a05:600c:21c4:b0:490:ce99:d2ee with SMTP id 5b1f17b1804b1-4923f437203mr47993525e9.15.1781875923118;
        Fri, 19 Jun 2026 06:32:03 -0700 (PDT)
Received: from google.com (135.91.155.104.bc.googleusercontent.com. [104.155.91.135])
        by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-46508a04b55sm8348813f8f.5.2026.06.19.06.32.01
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 19 Jun 2026 06:32:01 -0700 (PDT)
Date: Fri, 19 Jun 2026 14:31:58 +0100
From: Vincent Donnefort <vdonnefort@google.com>
To: Fuad Tabba <tabba@google.com>
Cc: Marc Zyngier <maz@kernel.org>, Oliver Upton <oupton@kernel.org>,
	kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
	linux-kernel@vger.kernel.org,
	Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>, Joey Gouly <joey.gouly@arm.com>,
	Steffen Eiden <seiden@linux.ibm.com>,
	Suzuki K Poulose <suzuki.poulose@arm.com>,
	Zenghui Yu <yuzenghui@huawei.com>,
	Quentin Perret <qperret@google.com>,
	Sebastian Ene <sebastianene@google.com>,
	Hyunwoo Kim <imv4bel@gmail.com>
Subject: Re: [PATCH v2 5/8] KVM: arm64: Add host and hypervisor vCPU lookup
 primitives
Message-ID: <ajVEzllsP9OIswhS@google.com>
References: <20260619070719.812227-1-tabba@google.com>
 <20260619070719.812227-6-tabba@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20260619070719.812227-6-tabba@google.com>

On Fri, Jun 19, 2026 at 08:07:16AM +0100, Fuad Tabba wrote:
> From: Marc Zyngier <maz@kernel.org>
> 
> The nVHE hypervisor repeatedly resolves a host vCPU into the EL2
> address space and validates that the loaded hyp vCPU matches it, with
> that logic open-coded in each handler.
> 
> Add __get_host_hyp_vcpus() and the get_host_hyp_vcpus() macro, which
> translate the host vCPU into the hypervisor's address space and, when
> pKVM is enabled, also return the loaded hyp vCPU if it matches. If pKVM
> is enabled but the loaded hyp vCPU does not correspond to the requested
> host vCPU, both the host and hyp vCPU are returned as NULL. Convert
> handle___kvm_vcpu_run() to use it.
> 
> No functional change intended.
> 
> Signed-off-by: Marc Zyngier <maz@kernel.org>
> Co-developed-by: Fuad Tabba <tabba@google.com>
> Signed-off-by: Fuad Tabba <tabba@google.com>

Reviewed-by: Vincent Donnefort <vdonnefort@google.com>

> ---
>  arch/arm64/kvm/hyp/nvhe/hyp-main.c | 52 ++++++++++++++++++++++--------
>  1 file changed, 38 insertions(+), 14 deletions(-)
> 
> diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
> index 1d01c6e547f5..8923f594c264 100644
> --- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
> +++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
> @@ -212,14 +212,45 @@ static void handle___pkvm_vcpu_put(struct kvm_cpu_context *host_ctxt)
>  		pkvm_put_hyp_vcpu(hyp_vcpu);
>  }
>  
> -static void handle___kvm_vcpu_run(struct kvm_cpu_context *host_ctxt)
> +static struct kvm_vcpu *__get_host_hyp_vcpus(struct kvm_vcpu *arg,
> +					     struct pkvm_hyp_vcpu **hyp_vcpup)
>  {
> -	DECLARE_REG(struct kvm_vcpu *, host_vcpu, host_ctxt, 1);
> -	int ret;
> +	struct kvm_vcpu *host_vcpu = kern_hyp_va(arg);
> +	struct pkvm_hyp_vcpu *hyp_vcpu = NULL;
>  
>  	if (unlikely(is_protected_kvm_enabled())) {
> -		struct pkvm_hyp_vcpu *hyp_vcpu = pkvm_get_loaded_hyp_vcpu();
> +		hyp_vcpu = pkvm_get_loaded_hyp_vcpu();
>  
> +		if (!hyp_vcpu || hyp_vcpu->host_vcpu != host_vcpu) {
> +			hyp_vcpu = NULL;
> +			host_vcpu = NULL;
> +		}
> +	}
> +
> +	*hyp_vcpup = hyp_vcpu;
> +	return host_vcpu;
> +}
> +
> +#define get_host_hyp_vcpus(ctxt, regnr, hyp_vcpup)			\
> +	({								\
> +		DECLARE_REG(struct kvm_vcpu *, __vcpu, ctxt, regnr);	\
> +		__get_host_hyp_vcpus(__vcpu, hyp_vcpup);		\
> +	})
> +
> +static void handle___kvm_vcpu_run(struct kvm_cpu_context *host_ctxt)
> +{
> +	struct pkvm_hyp_vcpu *hyp_vcpu;
> +	struct kvm_vcpu *host_vcpu;
> +	int ret;
> +
> +	host_vcpu = get_host_hyp_vcpus(host_ctxt, 1, &hyp_vcpu);
> +
> +	if (!host_vcpu) {
> +		ret = -EINVAL;
> +		goto out;
> +	}
> +
> +	if (unlikely(hyp_vcpu)) {
>  		/*
>  		 * KVM (and pKVM) doesn't support SME guests for now, and
>  		 * ensures that SME features aren't enabled in pstate when
> @@ -231,23 +262,16 @@ static void handle___kvm_vcpu_run(struct kvm_cpu_context *host_ctxt)
>  			goto out;
>  		}
>  
> -		if (!hyp_vcpu) {
> -			ret = -EINVAL;
> -			goto out;
> -		}
> -
>  		flush_hyp_vcpu(hyp_vcpu);
>  
>  		ret = __kvm_vcpu_run(&hyp_vcpu->vcpu);
>  
>  		sync_hyp_vcpu(hyp_vcpu);
>  	} else {
> -		struct kvm_vcpu *vcpu = kern_hyp_va(host_vcpu);
> -
>  		/* The host is fully trusted, run its vCPU directly. */
> -		fpsimd_lazy_switch_to_guest(vcpu);
> -		ret = __kvm_vcpu_run(vcpu);
> -		fpsimd_lazy_switch_to_host(vcpu);
> +		fpsimd_lazy_switch_to_guest(host_vcpu);
> +		ret = __kvm_vcpu_run(host_vcpu);
> +		fpsimd_lazy_switch_to_host(host_vcpu);
>  	}
>  out:
>  	cpu_reg(host_ctxt, 1) =  ret;
> -- 
> 2.55.0.rc0.738.g0c8ab3ebcc-goog
>