Hi Marc, On Fri, Jan 28, 2022 at 12:18:12PM +0000, Marc Zyngier wrote: > From: Christoffer Dall <christoffer.dall@xxxxxxxxxx> > > We were not allowing userspace to set a more privileged mode for the VCPU > than EL1, but we should allow this when nested virtualization is enabled > for the VCPU. > > Reviewed-by: Russell King (Oracle) <rmk+kernel@xxxxxxxxxxxxxxx> > Signed-off-by: Christoffer Dall <christoffer.dall@xxxxxxxxxx> > Signed-off-by: Marc Zyngier <maz@xxxxxxxxxx> > --- > arch/arm64/kvm/guest.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/arch/arm64/kvm/guest.c b/arch/arm64/kvm/guest.c > index e116c7767730..db6209622be9 100644 > --- a/arch/arm64/kvm/guest.c > +++ b/arch/arm64/kvm/guest.c > @@ -24,6 +24,7 @@ > #include <asm/fpsimd.h> > #include <asm/kvm.h> > #include <asm/kvm_emulate.h> > +#include <asm/kvm_nested.h> > #include <asm/sigcontext.h> > > #include "trace.h" > @@ -259,6 +260,11 @@ static int set_core_reg(struct kvm_vcpu *vcpu, const struct kvm_one_reg *reg) > if (vcpu_el1_is_32bit(vcpu)) > return -EINVAL; > break; > + case PSR_MODE_EL2h: > + case PSR_MODE_EL2t: > + if (vcpu_el1_is_32bit(vcpu) || !vcpu_has_nv(vcpu)) I'm a bit confused about the vcpu_el1_is_32bit() check. The function tests that HCR_EL2.RW is not set. HCR_EL2.RW is cleared when the KVM_ARM_VCPU_EL1_32BIT feature is preset for the VCPU. But the EL2 and the 32BIT features are incompatible (kvm_reset_vcpu() returns an error when both are set). Wouldn't checking only !vcpu_has_nv() be enough here? Thanks, Alex > + return -EINVAL; > + break; > default: > err = -EINVAL; > goto out; > -- > 2.30.2 >
