KVM: arm64: Correctly honor the presence of FEAT_TCRX

We currently blindly enable TCR2_EL1 use in a guest, irrespective
of the feature set. This is obviously wrong, and we should actually
honor the guest configuration and handle the possible trap resulting
from the guest being buggy.

Signed-off-by: Marc Zyngier <maz@kernel.org>
Reviewed-by: Joey Gouly <joey.gouly@arm.com>
Link: https://lore.kernel.org/r/20240625130042.259175-2-maz@kernel.org
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>

diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h
index b2adc2c6c82a545551064bad4079c485cc0a5084..e6682a3ace5af7a8215684a807f8158407bf2853 100644 (file)
--- a/arch/arm64/include/asm/kvm_arm.h
+++ b/arch/arm64/include/asm/kvm_arm.h
@@ -102,7 +102,7 @@
 #define HCR_HOST_NVHE_PROTECTED_FLAGS (HCR_HOST_NVHE_FLAGS | HCR_TSC)
 #define HCR_HOST_VHE_FLAGS (HCR_RW | HCR_TGE | HCR_E2H)
 
-#define HCRX_GUEST_FLAGS (HCRX_EL2_SMPME | HCRX_EL2_TCR2En)
+#define HCRX_GUEST_FLAGS (HCRX_EL2_SMPME)
 #define HCRX_HOST_FLAGS (HCRX_EL2_MSCEn | HCRX_EL2_TCR2En | HCRX_EL2_EnFPM)
 
 /* TCR_EL2 Registers bits */

diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c
index 22b45a15d06881ce25ee124f8b69a20491b5df3d..71996d36f37511760beb3f99bcce5fe8bafeec9b 100644 (file)
--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -383,6 +383,12 @@ static bool access_vm_reg(struct kvm_vcpu *vcpu,
        bool was_enabled = vcpu_has_cache_enabled(vcpu);
        u64 val, mask, shift;
 
+       if (reg_to_encoding(r) == SYS_TCR2_EL1 &&
+           !kvm_has_feat(vcpu->kvm, ID_AA64MMFR3_EL1, TCRX, IMP)) {
+               kvm_inject_undefined(vcpu);
+               return false;
+       }
+
        BUG_ON(!p->is_write);
 
        get_access_mask(r, &mask, &shift);
@@ -4060,6 +4066,9 @@ void kvm_init_sysreg(struct kvm_vcpu *vcpu)
 
                if (kvm_has_feat(kvm, ID_AA64ISAR2_EL1, MOPS, IMP))
                        vcpu->arch.hcrx_el2 |= (HCRX_EL2_MSCEn | HCRX_EL2_MCE2);
+
+               if (kvm_has_feat(kvm, ID_AA64MMFR3_EL1, TCRX, IMP))
+                       vcpu->arch.hcrx_el2 |= HCRX_EL2_TCR2En;
        }
 
        if (test_bit(KVM_ARCH_FLAG_FGU_INITIALIZED, &kvm->arch.flags))