KVM: arm64: Populate ESR_ELx.EC for emulated SError injection

The hardware vSError injection mechanism populates ESR_ELx.EC as part of
ESR propagation and the contents of VSESR_EL2 populate the ISS field. Of
course, this means our emulated injection needs to set up the EC
correctly for an SError too.

Fixes: ce66109cec86 ("KVM: arm64: nv: Take "masked" aborts to EL2 when HCRX_EL2.TMEA is set")
Link: https://lore.kernel.org/r/20250708230632.1954240-2-oliver.upton@linux.dev
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>

diff --git a/arch/arm64/kvm/inject_fault.c b/arch/arm64/kvm/inject_fault.c
index 37f45461e32cd350f7ac8d2cbfd1ccd20866a732..6745f38b64f9c4adfbd5ae351053f3dd33f95b84 100644 (file)
--- a/arch/arm64/kvm/inject_fault.c
+++ b/arch/arm64/kvm/inject_fault.c
@@ -322,9 +322,13 @@ int kvm_inject_serror_esr(struct kvm_vcpu *vcpu, u64 esr)
         * the vCPU is in a nested context w/ vSErrors enabled then we've already
         * delegated he hardware vSError context (i.e. HCR_EL2.VSE, VSESR_EL2,
         * VDISR_EL2) to the guest hypervisor.
+        *
+        * As we're emulating the SError injection we need to explicitly populate
+        * ESR_ELx.EC because hardware will not do it on our behalf.
         */
        if (!serror_is_masked(vcpu)) {
                pend_serror_exception(vcpu);
+               esr |= FIELD_PREP(ESR_ELx_EC_MASK, ESR_ELx_EC_SERROR);
                vcpu_write_sys_reg(vcpu, esr, exception_esr_elx(vcpu));
                return 1;
        }