KVM: arm64: nv: Sanitise ICH_HCR_EL2 accesses

As ICH_HCR_EL2 is a VNCR accessor when runnintg NV, add some
sanitising to what gets written. Crucially, mark TDIR as RES0
if the HW doesn't support it (unlikely, but hey...), as well
as anything GICv4 related, since we only expose a GICv3 to the
uest.

Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20250225172930.1850838-8-maz@kernel.org
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>

diff --git a/arch/arm64/kvm/nested.c b/arch/arm64/kvm/nested.c
index 0c9387d2f50708565b5aac1fc0f86fefffd94ea1..7c8f39070a50386ae29175acaa4231ba01b19cd4 100644 (file)
--- a/arch/arm64/kvm/nested.c
+++ b/arch/arm64/kvm/nested.c
@@ -1290,6 +1290,15 @@ int kvm_init_nv_sysregs(struct kvm_vcpu *vcpu)
                res0 |= GENMASK(11, 8);
        set_sysreg_masks(kvm, CNTHCTL_EL2, res0, res1);
 
+       /* ICH_HCR_EL2 */
+       res0 = ICH_HCR_EL2_RES0;
+       res1 = ICH_HCR_EL2_RES1;
+       if (!(kvm_vgic_global_state.ich_vtr_el2 & ICH_VTR_EL2_TDS))
+               res0 |= ICH_HCR_EL2_TDIR;
+       /* No GICv4 is presented to the guest */
+       res0 |= ICH_HCR_EL2_DVIM | ICH_HCR_EL2_vSGIEOICount;
+       set_sysreg_masks(kvm, ICH_HCR_EL2, res0, res1);
+
 out:
        for (enum vcpu_sysreg sr = __SANITISED_REG_START__; sr < NR_SYS_REGS; sr++)
                (void)__vcpu_sys_reg(vcpu, sr);