lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251208152724.3637157-2-sascha.bischoff@arm.com>
Date: Mon, 8 Dec 2025 15:28:22 +0000
From: Sascha Bischoff <Sascha.Bischoff@....com>
To: "sascha.bischoff@...glemail.com" <sascha.bischoff@...glemail.com>,
	"linux-arm-kernel@...ts.infradead.org"
	<linux-arm-kernel@...ts.infradead.org>, "kvmarm@...ts.linux.dev"
	<kvmarm@...ts.linux.dev>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, "kvm@...r.kernel.org" <kvm@...r.kernel.org>
CC: nd <nd@....com>, "maz@...nel.org" <maz@...nel.org>,
	"oliver.upton@...ux.dev" <oliver.upton@...ux.dev>, Joey Gouly
	<Joey.Gouly@....com>, Suzuki Poulose <Suzuki.Poulose@....com>,
	"yuzenghui@...wei.com" <yuzenghui@...wei.com>, "will@...nel.org"
	<will@...nel.org>
Subject: [PATCH 0/2] Enable GICv5 Legacy CPUIF trapping & fix TDIR cap test

These changes address two trapping-related issues when running legacy
(i.e. GICv3) guests on GICv5 hosts.

The first change enables the vgic_v3_cpuif_trap static branch on GICv5
hosts with legacy support, if trapping is required. The missing enable
was caught as part of debugging why UNDEFs were being injected into
guests when the ICH_HCR_EL2.TC bit was set - the expected bahaviour
was that KVM should handle the trapped accesses, with the guest
remaining blissfully unaware.

The second change fixes the specific cause of the TC bit being set in
the first place. The test for the ICH_HCR_EL2_TDIR cap was checking
for GICv3 CPUIF support and returning false prior to checking for
GICv5 Legacy support. The result was that on GICv5 hosts, the test
always returned false, and therefore the TC bit was being set. The
issue is fixed by reordering the checks to check for GICv5 Legacy
support first.

These changes are based against kvmarm/next.

Thanks,
Sascha

Sascha Bischoff (2):
  KVM: arm64: gic: Enable GICv3 CPUIF trapping on GICv5 hosts if
    required
  KVM: arm64: Correct test for ICH_HCR_EL2_TDIR cap for GICv5 hosts

 arch/arm64/kernel/cpufeature.c |  8 ++++----
 arch/arm64/kvm/vgic/vgic-v3.c  | 25 +++++++++++++++----------
 arch/arm64/kvm/vgic/vgic-v5.c  |  2 ++
 arch/arm64/kvm/vgic/vgic.h     |  1 +
 4 files changed, 22 insertions(+), 14 deletions(-)

--
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ