From: Eric Auger <eric.auger@redhat.com>
To: eric.auger.pro@gmail.com, eric.auger@redhat.com,
qemu-devel@nongnu.org, qemu-arm@nongnu.org,
peter.maydell@linaro.org, cohuck@redhat.com, maz@kernel.org,
oliver.upton@linux.dev, sebott@redhat.com, gshan@redhat.com,
ddutile@redhat.com, peterx@redhat.com, philmd@linaro.org,
pbonzini@redhat.com
Subject: [PATCH v2 5/8] kvm-all: Add the capability to blacklist some KVM regs
Date: Tue, 18 Nov 2025 17:07:35 +0100 [thread overview]
Message-ID: <20251118160920.554809-6-eric.auger@redhat.com> (raw)
In-Reply-To: <20251118160920.554809-1-eric.auger@redhat.com>
On ARM we want to be able to blacklist registers that are exposed
by KVM. To mitigate some mitigation failures that occur when a new
register is exposed and does not exist on the destination, some
registers are tagged "hidden" and their state won't be saved. As the
state is not saved and they are expected not to be used, we want to
enforce they aren't. So let's check this. The new CPUClass hide_reg()
callback is optional and will be implemented on ARM in a subsequent
patch.
Signed-off-by: Eric Auger <eric.auger@redhat.com>
---
include/hw/core/cpu.h | 2 ++
accel/kvm/kvm-all.c | 12 ++++++++++++
2 files changed, 14 insertions(+)
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 9615051774..5390e3e3d1 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -142,6 +142,7 @@ struct SysemuCPUOps;
* the caller will not g_free() it.
* @disas_set_info: Setup architecture specific components of disassembly info
* @adjust_watchpoint_address: Perform a target-specific adjustment to an
+ * @hide_reg: Check if a register must be hidden (optional)
* address before attempting to match it against watchpoints.
* @deprecation_note: If this CPUClass is deprecated, this field provides
* related information.
@@ -167,6 +168,7 @@ struct CPUClass {
int (*gdb_read_register)(CPUState *cpu, GByteArray *buf, int reg);
int (*gdb_write_register)(CPUState *cpu, uint8_t *buf, int reg);
vaddr (*gdb_adjust_breakpoint)(CPUState *cpu, vaddr addr);
+ bool (*hide_reg)(CPUState *cpu, uint64_t regidex);
const char *gdb_core_xml_file;
const char * (*gdb_arch_name)(CPUState *cpu);
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index f9254ae654..d047d49c0f 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -3784,9 +3784,15 @@ bool kvm_device_supported(int vmfd, uint64_t type)
int kvm_set_one_reg(CPUState *cs, uint64_t id, void *source)
{
+ CPUClass *cc = CPU_GET_CLASS(cs);
struct kvm_one_reg reg;
int r;
+ if (cc->hide_reg && cc->hide_reg(cs, id)) {
+ error_report("%s reg 0x%"PRIx64" is hidden and shall never been accessed",
+ __func__, id);
+ g_assert_not_reached();
+ }
reg.id = id;
reg.addr = (uintptr_t) source;
r = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
@@ -3798,9 +3804,15 @@ int kvm_set_one_reg(CPUState *cs, uint64_t id, void *source)
int kvm_get_one_reg(CPUState *cs, uint64_t id, void *target)
{
+ CPUClass *cc = CPU_GET_CLASS(cs);
struct kvm_one_reg reg;
int r;
+ if (cc->hide_reg && cc->hide_reg(cs, id)) {
+ error_report("%s reg 0x%"PRIx64" is hidden and shall never been accessed",
+ __func__, id);
+ g_assert_not_reached();
+ }
reg.id = id;
reg.addr = (uintptr_t) target;
r = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
--
2.51.1
next prev parent reply other threads:[~2025-11-18 16:11 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-18 16:07 [PATCH v2 0/8] Mitigation of "failed to load cpu:cpreg_vmstate_array_len" migration failures Eric Auger
2025-11-18 16:07 ` [PATCH v2 1/8] target/arm/machine: Improve traces on register mismatch during migration Eric Auger
2025-11-19 14:51 ` Cornelia Huck
2025-11-18 16:07 ` [PATCH v2 2/8] target/arm/cpu: Allow registers to be hidden Eric Auger
2025-11-19 16:35 ` Cornelia Huck
2025-11-19 17:35 ` Eric Auger
2025-11-18 16:07 ` [PATCH v2 3/8] target/arm/machine: Allow extra regs in the incoming stream Eric Auger
2025-11-18 16:07 ` [PATCH v2 4/8] target/arm/helper: Skip hidden registers Eric Auger
2025-11-19 8:32 ` Eric Auger
2025-11-18 16:07 ` Eric Auger [this message]
2025-11-18 16:07 ` [PATCH v2 6/8] target/arm/cpu: Implement hide_reg callback() Eric Auger
2025-11-18 16:07 ` [PATCH v2 7/8] target/arm/cpu: Expose x-mig-hidden-regs and x-mig-safe-missing-regs properties Eric Auger
2025-11-18 16:07 ` [PATCH v2 8/8] hw/arm/virt: [DO NOT UPSTREAM] Enforce compatibility with older kernels Eric Auger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251118160920.554809-6-eric.auger@redhat.com \
--to=eric.auger@redhat.com \
--cc=cohuck@redhat.com \
--cc=ddutile@redhat.com \
--cc=eric.auger.pro@gmail.com \
--cc=gshan@redhat.com \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=peterx@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=sebott@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).