On 6/21/19 10:38 AM, Marc Zyngier wrote: > We don't want to expose complicated features to guests until we have > a good grasp on the basic CPU emulation. So let's pretend that RAS, > just like SVE, doesn't exist in a nested guest. > > Signed-off-by: Marc Zyngier <marc.zyngier@xxxxxxx> > --- > arch/arm64/kvm/sys_regs.c | 32 +++++++++++++++++++++++++++++--- > 1 file changed, 29 insertions(+), 3 deletions(-) > > diff --git a/arch/arm64/kvm/sys_regs.c b/arch/arm64/kvm/sys_regs.c > index 34f1b79f7856..ec34b81da936 100644 > --- a/arch/arm64/kvm/sys_regs.c > +++ b/arch/arm64/kvm/sys_regs.c > @@ -577,6 +577,14 @@ static bool trap_raz_wi(struct kvm_vcpu *vcpu, > return read_zero(vcpu, p); > } > > +static bool trap_undef(struct kvm_vcpu *vcpu, > + struct sys_reg_params *p, > + const struct sys_reg_desc *r) > +{ > + kvm_inject_undefined(vcpu); > + return false; > +} > + > /* > * ARMv8.1 mandates at least a trivial LORegion implementation, where all the > * RW registers are RES0 (which we can implement as RAZ/WI). On an ARMv8.0 > @@ -1601,13 +1609,15 @@ static bool access_ccsidr(struct kvm_vcpu *vcpu, struct sys_reg_params *p, > } > > /* sys_reg_desc initialiser for known cpufeature ID registers */ > -#define ID_SANITISED(name) { \ > +#define ID_SANITISED_FN(name, fn) { \ > SYS_DESC(SYS_##name), \ > - .access = access_id_reg, \ > + .access = fn, \ > .get_user = get_id_reg, \ > .set_user = set_id_reg, \ > } > > +#define ID_SANITISED(name) ID_SANITISED_FN(name, access_id_reg) > + > /* > * sys_reg_desc initialiser for architecturally unallocated cpufeature ID > * register with encoding Op0=3, Op1=0, CRn=0, CRm=crm, Op2=op2 > @@ -1700,6 +1710,21 @@ static bool access_spsr_el2(struct kvm_vcpu *vcpu, > return true; > } > > +static bool access_id_aa64pfr0_el1(struct kvm_vcpu *v, > + struct sys_reg_params *p, > + const struct sys_reg_desc *r) > +{ > + u64 val; > + > + if (!nested_virt_in_use(v) || p->is_write) > + return access_id_reg(v, p, r); So SVE is masked in the nested case in access_id_reg (which calls read_id_reg, modified in patch 25 of the series). Looks to me that the above condition means that when nested virtualization is in use, on reads we don't go through access_id_reg and we could end up with SVE support advertised to the guest. How about we hide SVE from guests here, just like we do with RAS? > + > + val = read_sanitised_ftr_reg(SYS_ID_AA64PFR0_EL1); > + p->regval = val & ~(0xf << ID_AA64PFR0_RAS_SHIFT); > + > + return true; > +} > + > /* > * Architected system registers. > * Important: Must be sorted ascending by Op0, Op1, CRn, CRm, Op2 > @@ -1791,7 +1816,7 @@ static const struct sys_reg_desc sys_reg_descs[] = { > > /* AArch64 ID registers */ > /* CRm=4 */ > - ID_SANITISED(ID_AA64PFR0_EL1), > + ID_SANITISED_FN(ID_AA64PFR0_EL1, access_id_aa64pfr0_el1), > ID_SANITISED(ID_AA64PFR1_EL1), > ID_UNALLOCATED(4,2), > ID_UNALLOCATED(4,3), > @@ -2032,6 +2057,7 @@ static const struct sys_reg_desc sys_reg_descs[] = { > { SYS_DESC(SYS_VBAR_EL2), access_rw, reset_val, VBAR_EL2, 0 }, > { SYS_DESC(SYS_RVBAR_EL2), access_rw, reset_val, RVBAR_EL2, 0 }, > { SYS_DESC(SYS_RMR_EL2), access_rw, reset_val, RMR_EL2, 0 }, > + { SYS_DESC(SYS_VDISR_EL2), trap_undef }, > > { SYS_DESC(SYS_CONTEXTIDR_EL2), access_rw, reset_val, CONTEXTIDR_EL2, 0 }, > { SYS_DESC(SYS_TPIDR_EL2), access_rw, reset_val, TPIDR_EL2, 0 }, IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.