From: Sascha Bischoff Date: Thu, 19 Mar 2026 15:53:21 +0000 (+0000) Subject: KVM: arm64: gic-v5: Add emulation for ICC_IAFFIDR_EL1 accesses X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=607871ce633d3e0ca0eb375a04371f1130fc2c5a;p=thirdparty%2Fkernel%2Flinux.git KVM: arm64: gic-v5: Add emulation for ICC_IAFFIDR_EL1 accesses GICv5 doesn't provide an ICV_IAFFIDR_EL1 or ICH_IAFFIDR_EL2 for providing the IAFFID to the guest. A guest access to the ICC_IAFFIDR_EL1 must therefore be trapped and emulated to avoid the guest accessing the host's ICC_IAFFIDR_EL1. The virtual IAFFID is provided to the guest when it reads ICC_IAFFIDR_EL1 (which always traps back to the hypervisor). Writes are rightly ignored. KVM treats the GICv5 VPEID, the virtual IAFFID, and the vcpu_id as the same, and so the vcpu_id is returned. The trapping for the ICC_IAFFIDR_EL1 is always enabled when in a guest context. Co-authored-by: Timothy Hayes Signed-off-by: Timothy Hayes Signed-off-by: Sascha Bischoff Reviewed-by: Jonathan Cameron Link: https://patch.msgid.link/20260319154937.3619520-15-sascha.bischoff@arm.com Signed-off-by: Marc Zyngier --- diff --git a/arch/arm64/kvm/config.c b/arch/arm64/kvm/config.c index e4ec1bda8dfcb..bac5f49fdbdef 100644 --- a/arch/arm64/kvm/config.c +++ b/arch/arm64/kvm/config.c @@ -1684,6 +1684,14 @@ static void __compute_hdfgwtr(struct kvm_vcpu *vcpu) *vcpu_fgt(vcpu, HDFGWTR_EL2) |= HDFGWTR_EL2_MDSCR_EL1; } +static void __compute_ich_hfgrtr(struct kvm_vcpu *vcpu) +{ + __compute_fgt(vcpu, ICH_HFGRTR_EL2); + + /* ICC_IAFFIDR_EL1 *always* needs to be trapped when running a guest */ + *vcpu_fgt(vcpu, ICH_HFGRTR_EL2) &= ~ICH_HFGRTR_EL2_ICC_IAFFIDR_EL1; +} + void kvm_vcpu_load_fgt(struct kvm_vcpu *vcpu) { if (!cpus_have_final_cap(ARM64_HAS_FGT)) @@ -1705,7 +1713,7 @@ void kvm_vcpu_load_fgt(struct kvm_vcpu *vcpu) } if (cpus_have_final_cap(ARM64_HAS_GICV5_CPUIF)) { - __compute_fgt(vcpu, ICH_HFGRTR_EL2); + __compute_ich_hfgrtr(vcpu); __compute_fgt(vcpu, ICH_HFGWTR_EL2); __compute_fgt(vcpu, ICH_HFGITR_EL2); } diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c index cd6deaf473159..d4531457ea026 100644 --- a/arch/arm64/kvm/sys_regs.c +++ b/arch/arm64/kvm/sys_regs.c @@ -681,6 +681,21 @@ static bool access_gic_dir(struct kvm_vcpu *vcpu, return true; } +static bool access_gicv5_iaffid(struct kvm_vcpu *vcpu, struct sys_reg_params *p, + const struct sys_reg_desc *r) +{ + if (p->is_write) + return undef_access(vcpu, p, r); + + /* + * For GICv5 VMs, the IAFFID value is the same as the VPE ID. The VPE ID + * is the same as the VCPU's ID. + */ + p->regval = FIELD_PREP(ICC_IAFFIDR_EL1_IAFFID, vcpu->vcpu_id); + + return true; +} + static bool trap_raz_wi(struct kvm_vcpu *vcpu, struct sys_reg_params *p, const struct sys_reg_desc *r) @@ -3405,6 +3420,7 @@ static const struct sys_reg_desc sys_reg_descs[] = { { SYS_DESC(SYS_ICC_AP1R1_EL1), undef_access }, { SYS_DESC(SYS_ICC_AP1R2_EL1), undef_access }, { SYS_DESC(SYS_ICC_AP1R3_EL1), undef_access }, + { SYS_DESC(SYS_ICC_IAFFIDR_EL1), access_gicv5_iaffid }, { SYS_DESC(SYS_ICC_DIR_EL1), access_gic_dir }, { SYS_DESC(SYS_ICC_RPR_EL1), undef_access }, { SYS_DESC(SYS_ICC_SGI1R_EL1), access_gic_sgi }, diff --git a/arch/arm64/kvm/vgic/vgic.h b/arch/arm64/kvm/vgic/vgic.h index f2924f8211974..7b7eed69d7973 100644 --- a/arch/arm64/kvm/vgic/vgic.h +++ b/arch/arm64/kvm/vgic/vgic.h @@ -447,6 +447,11 @@ static inline bool kvm_has_gicv3(struct kvm *kvm) return kvm_has_feat(kvm, ID_AA64PFR0_EL1, GIC, IMP); } +static inline bool kvm_has_gicv5(struct kvm *kvm) +{ + return kvm_has_feat(kvm, ID_AA64PFR2_EL1, GCIE, IMP); +} + void vgic_v3_flush_nested(struct kvm_vcpu *vcpu); void vgic_v3_sync_nested(struct kvm_vcpu *vcpu); void vgic_v3_load_nested(struct kvm_vcpu *vcpu);