git.ipfire.org Git - thirdparty/linux.git/commit

author	Sascha Bischoff <Sascha.Bischoff@arm.com>
	Thu, 19 Mar 2026 15:55:57 +0000 (15:55 +0000)
committer	Marc Zyngier <maz@kernel.org>
	Thu, 19 Mar 2026 18:21:28 +0000 (18:21 +0000)
commit	d1328c61511f6a2aeda48b8b9096e67d2443ec71
tree	d82e6d308fba7f7bf03a5f2db719cbc82f92b7ea	tree \| snapshot
parent	933e5288fa9714085e384a3d6ad6dcce8089a6b9	commit \| diff

KVM: arm64: gic-v5: Trap and mask guest ICC_PPI_ENABLERx_EL1 writes

A guest should not be able to detect if a PPI that is not exposed to
the guest is implemented or not. Avoid the guest enabling any PPIs
that are not implemented as far as the guest is concerned by trapping
and masking writes to the two ICC_PPI_ENABLERx_EL1 registers.

When a guest writes these registers, the write is masked with the set
of PPIs actually exposed to the guest, and the state is written back
to KVM's shadow state. As there is now no way for the guest to change
the PPI enable state without it being trapped, saving of the PPI
Enable state is dropped from guest exit.

Reads for the above registers are not masked. When the guest is
running and reads from the above registers, it is presented with what
KVM provides in the ICH_PPI_ENABLERx_EL2 registers, which is the
masked version of what the guest last wrote.

Signed-off-by: Sascha Bischoff <sascha.bischoff@arm.com>
Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei.com>
Link: https://patch.msgid.link/20260319154937.3619520-25-sascha.bischoff@arm.com
Signed-off-by: Marc Zyngier <maz@kernel.org>

arch/arm64/include/asm/kvm_host.h		diff \| blob \| blame \| history
arch/arm64/kvm/config.c		diff \| blob \| blame \| history
arch/arm64/kvm/hyp/vgic-v5-sr.c		diff \| blob \| blame \| history
arch/arm64/kvm/sys_regs.c		diff \| blob \| blame \| history