| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <187ac0bf-cd7e-4fed-8236-9097c938ab8c@arm.com>
Date: Fri, 2 Jan 2026 11:43:42 +0000
From: Ben Horgan <ben.horgan@....com>
To: Oliver Upton <oupton@...nel.org>
Cc: amitsinght@...vell.com, baisheng.gao@...soc.com,
baolin.wang@...ux.alibaba.com, carl@...amperecomputing.com,
dave.martin@....com, david@...nel.org, dfustini@...libre.com,
fenghuay@...dia.com, gshan@...hat.com, james.morse@....com,
jonathan.cameron@...wei.com, kobak@...dia.com, lcherian@...vell.com,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
peternewman@...gle.com, punit.agrawal@....qualcomm.com,
quic_jiles@...cinc.com, reinette.chatre@...el.com, rohit.mathew@....com,
scott@...amperecomputing.com, sdonthineni@...dia.com,
tan.shaopeng@...itsu.com, xhao@...ux.alibaba.com, catalin.marinas@....com,
will@...nel.org, corbet@....net, maz@...nel.org, joey.gouly@....com,
suzuki.poulose@....com, kvmarm@...ts.linux.dev
Subject: Re: [PATCH v2 05/45] KVM: arm64: Preserve host MPAM configuration
when changing traps
Hi Oliver,
On 12/19/25 20:01, Oliver Upton wrote:
> Hi Ben,
>
> On Fri, Dec 19, 2025 at 06:11:07PM +0000, Ben Horgan wrote:
>> When kvm enables or disables MPAM traps to EL2 it clears all other bits in
>> MPAM2_EL2. Notably, it clears the partition ids (PARTIDs) and performance
>> monitoring groups (PMGs). Avoid changing these bits in anticipation of
>> adding support for MPAM in the kernel. Otherwise, on a VHE system with the
>> host running at EL2 where MPAM2_EL2 and MPAM1_EL1 access the same register,
>> any attempt to use MPAM to monitor or partition resources for kernel space
>> would be foiled by running a KVM guest. Additionally, MPAM2_EL2.EnMPAMSM is
>> always set to 0 which causes MPAMSM_EL1 to always trap. Keep EnMPAMSM set
>> to 1 when not in a guest so that the kernel can use MPAMSM_EL1.
>>
>> Signed-off-by: Ben Horgan <ben.horgan@....com>
>> ---
>> arch/arm64/kvm/hyp/include/hyp/switch.h | 12 ++++++++----
>> 1 file changed, 8 insertions(+), 4 deletions(-)
>>
>> diff --git a/arch/arm64/kvm/hyp/include/hyp/switch.h b/arch/arm64/kvm/hyp/include/hyp/switch.h
>> index c5d5e5b86eaf..63195275a8b8 100644
>> --- a/arch/arm64/kvm/hyp/include/hyp/switch.h
>> +++ b/arch/arm64/kvm/hyp/include/hyp/switch.h
>> @@ -269,7 +269,8 @@ static inline void __deactivate_traps_hfgxtr(struct kvm_vcpu *vcpu)
>>
>> static inline void __activate_traps_mpam(struct kvm_vcpu *vcpu)
>> {
>> - u64 r = MPAM2_EL2_TRAPMPAM0EL1 | MPAM2_EL2_TRAPMPAM1EL1;
>> + u64 clr = MPAM2_EL2_EnMPAMSM;
>> + u64 set = MPAM2_EL2_TRAPMPAM0EL1 | MPAM2_EL2_TRAPMPAM1EL1;
>>
>> if (!system_supports_mpam())
>> return;
>> @@ -279,18 +280,21 @@ static inline void __activate_traps_mpam(struct kvm_vcpu *vcpu)
>> write_sysreg_s(MPAMHCR_EL2_TRAP_MPAMIDR_EL1, SYS_MPAMHCR_EL2);
>> } else {
>> /* From v1.1 TIDR can trap MPAMIDR, set it unconditionally */
>> - r |= MPAM2_EL2_TIDR;
>> + set |= MPAM2_EL2_TIDR;
>> }
>>
>> - write_sysreg_s(r, SYS_MPAM2_EL2);
>> + sysreg_clear_set_s(SYS_MPAM2_EL2, clr, set);
>
> I'd recommend documenting that writes to MPAM1_EL1 are followed by an
> ISB. Otherwise it isn't obvious here where context synchronization is
> happening (if at all).
Ok, but why are you mentioning it here?
This is just updating the traps while ensuring the partid/pmg are
unchanged. The traps are only relevant once we change exception level
and for activation they are synchronized in __guest_enter() and the eret
when returning to userspace.
>
> Thanks,
> Oliver
Thanks,
Ben
Powered by blists - more mailing lists