Will recently pointed out that when running on big-little systems that are known not to be vulnerable to Metldown, guests are not presented with the CSV3 property if the physical HW include a core that doesn't have CSV3, despite being known to be safe (it is on the kpti_safe_list). Since this is valuable information that can be cheaply given to the guest, let's just do that. The scheme is the same as what we do for CSV2, allowing userspace to change the default setting if this doesn't advertise a safer setting than what the kernel thinks it is. Marc Zyngier (2): arm64: Make the Meltdown mitigation state available KVM: arm64: Advertise ID_AA64PFR0_EL1.CSV3=1 if the CPUs are Meltdown-safe arch/arm64/include/asm/kvm_host.h | 1 + arch/arm64/include/asm/spectre.h | 2 ++ arch/arm64/kernel/cpufeature.c | 20 +++++++++++++++++--- arch/arm64/kvm/arm.c | 6 ++++-- arch/arm64/kvm/sys_regs.c | 15 ++++++++++++--- 5 files changed, 36 insertions(+), 8 deletions(-) -- 2.28.0 _______________________________________________ kvmarm mailing list kvmarm@xxxxxxxxxxxxxxxxxxxxx https://lists.cs.columbia.edu/mailman/listinfo/kvmarm