KVM/arm64 does not restrict the guest's view of the AArch32 feature registers when read from AArch32. HCR_EL2.TID3 is cleared for AArch32 guests, meaning that register reads come straight from hardware. This is problematic as KVM relies on read_sanitised_ftr_reg() to expose a set of features consistent for a particular system. Appropriate handlers must first be put in place for CP10 and CP15 ID register accesses before setting TID3. Rather than exhaustively enumerating each of the encodings for CP10 and CP15 registers, take the lazy route and aim the register accesses at the AArch64 system register table. Patch 1 reroutes the CP15 registers into the AArch64 table, taking care to immediately RAZ undefined ranges of registers. This is done to avoid possibly conflicting with encodings for future AArch64 registers. Patch 2 installs an exit handler for the CP10 ID registers and also relies on the general AArch64 register handler to implement reads. Finally, patch 3 actually sets TID3 for AArch32 guests, providing known-safe values for feature register accesses. I'll leave it as an exercise for the reader to decide whether or not I'm being _too_ lazy here ;-) Series applies cleanly to kvmarm/fixes at commit: 8872d9b3e35a ("KVM: arm64: Drop unneeded minor version check from PSCI v1.x handler") Tested with AArch32 kvm-unit-tests and booting an AArch32 debian image on a Raspberry Pi 4. Nothing seems to have gone up in smoke yet... Oliver Upton (3): KVM: arm64: Wire up CP15 feature registers to their AArch64 equivalents KVM: arm64: Plumb cp10 ID traps through the AArch64 sysreg handler KVM: arm64: Start trapping ID registers for 32 bit guests arch/arm64/include/asm/kvm_emulate.h | 8 -- arch/arm64/include/asm/kvm_host.h | 1 + arch/arm64/kvm/handle_exit.c | 1 + arch/arm64/kvm/sys_regs.c | 128 +++++++++++++++++++++++++++ 4 files changed, 130 insertions(+), 8 deletions(-) -- 2.35.1.1021.g381101b075-goog