On Wed, Apr 10, 2024 at 11:32:02AM +0100, Marc Zyngier wrote:
Mark Brown broonie@kernel.org wrote:
On Sun, Mar 31, 2024 at 11:59:06AM +0100, Marc Zyngier wrote:
Mark Brown broonie@kernel.org wrote:
And when it comes to CPA, there are additional controls in SCTLR2_ELx, which doesn't even gets context switched for EL1. What could possibly go wrong?
Yes, I'd missed those - they were rather buried in the XML unfortunately. I'd already disabled CPA in my local code, and I've also refactored the exposure of FPMR to be in the patch that context switches it.
- ID_UNALLOCATED(6,3),
- ID_WRITABLE(ID_AA64ISAR3_EL1, ~(ID_AA64ISAR2_EL1_RES0 |
ID_AA64ISAR3_EL1_PACM |
ID_UNALLOCATED(6,4), ID_UNALLOCATED(6,5), ID_UNALLOCATED(6,6),
Where is the code that enforces the lack of support for MTEFAR, MTESTOREONLY, and MTEPERM for SCTLR_ELx, EnPACM and EnFPM in HCRX_EL2?
Could you please be more explicit regarding what you're expecting to see here?
I'm expecting you to add all the required masking and fine-grained disabling of features that are not explicitly advertised to the guest.
This should translate into additional init code in kvm_init_sysreg(), kvm_init_nv_sysregs() and limit_nv_id_reg(). You also should update
I see that in limit_nv_id_reg() I am missing updates to expose the new dpISA features to nested guests. However from a first pass it looks like kvm_init_nv_sysregs() already handles everything I'd expect it to, AFAICT it's handling all known trap bits? For kvm_init_sysreg() with HCRX AFAICT we default to having all bits 0 with explicit relaxations for supported features (currently FEAT_MOPS, also FEAT_FPMR with this series) meaning that I'm still unclear what exactly the updates you're looking for are. For SCTLR unless I'm misunderstanding things we've got an existing issue with not initialising the res0 and res1 fields in kvm_init_nv_sysregs() but that doesn't seem right...
the exception triaging infrastructure in emulate-nested.c.
Again I am really struggling to identify which specific updates you are looking for here.
And I haven't checked whether TLBI VMALLWS2 can be trapped.
I didn't see anything but I might not be aware of where to look, there doesn't seem to be anything for that specifically in HFGITR_EL2 or HFGITR2_EL2 which would be the main places I'd expect to find something.
That's a really odd place to look. This is a S2 invalidation primitive, which by definition is under the sole control of EL2, and therefore cannot be trapped by any of the FGT registers, as they only affect lesser-privileged ELs.
The instruction is described in the XML:
https://developer.arm.com/documentation/ddi0601/2024-03/AArch64-Instructions...
That's TLBI VMALLWSE1 which is a more specific instruction. TBH I can't remember exactly what I was looking for, I did go into the instruction pseudocode a bit (I was going in via SYS at one point) but didn't find anything so was also trawling sysregs looking for something. If I'm reading this right there are no traps?