Hi all,
This series enables nested virtualization for GICv3-based VMs on GICv5
hosts (w/ FEAT_GCIE_LEGACY) in KVM/arm64. In addition, it adds a CPU
capability to track support for FEAT_GCIE_LEGACY across all CPUs.
The series fixes ICC_SRE_EL2 access handling for GICv5 hosts (to match
the updated bet1+ specification [1]), and extends nested
virtualization support to vGICv3 guests running on compatible GICv5
systems. With these changes, it becomes possible to run with
kvm-arm.mode=nested, and these changes have been tested with three
levels of nesting on simulated hardware (Arm FVP).
Previously, the presence of FEAT_GCIE_LEGACY was tracked in the GICv5
driver via gic_kvm_info, and the probing logic could incorrectly
enable legacy support if the boot CPU exposed the feature while others
did not. This created the risk of mismatched configurations,
particularly when late-onlining CPUs without FEAT_GCIE_LEGACY.
To address this, the series introduces a proper ARM64_HAS_GICV5_LEGACY
CPU capability, and moves KVM to use cpus_have_final_cap() to ensure
consistent system-wide enablement. With this, late-onlined but
mismatched CPUs are cleanly rejected at bring-up.
Patch summary
KVM: arm64: allow ICC_SRE_EL2 accesses on a GICv5 host
Update handling to reflect the corrected GICv5 specification.
KVM: arm64: Enable nested for GICv5 host with FEAT_GCIE_LEGACY
Allow nested virtualization for vGICv3 guests on GICv5 hosts with
legacy support.
arm64: cpucaps: Add GICv5 Legacy vCPU interface (GCIE_LEGACY) capability
Introduce a new CPU capability that prevents mismatched
configurations.
KVM: arm64: Use ARM64_HAS_GICV5_LEGACY for GICv5 probing
Ensure probing is consistent across all CPUs by using cpucaps.
irqchip/gic-v5: Drop has_gcie_v3_compat from gic_kvm_info
Remove obsolete compatibility flag, as FEAT_GCIE_LEGACY is now a
CPU feature.
Comments and reviews are very welcome.
Thanks,
Sascha
[1] https://developer.arm.com/documentation/aes0070/latest/
Sascha Bischoff (5):
KVM: arm64: Allow ICC_SRE_EL2 accesses on a GICv5 host
KVM: arm64: Enable nested for GICv5 host with FEAT_GCIE_LEGACY
arm64: cpucaps: Add GICv5 Legacy vCPU interface (GCIE_LEGACY)
capability
KVM: arm64: Use ARM64_HAS_GICV5_LEGACY for GICv5 probing
irqchip/gic-v5: Drop has_gcie_v3_compat from gic_kvm_info
arch/arm64/kernel/cpufeature.c | 15 +++++++++++++++
arch/arm64/kvm/arm.c | 5 +++--
arch/arm64/kvm/hyp/vgic-v3-sr.c | 27 +++++++--------------------
arch/arm64/kvm/vgic/vgic-v5.c | 2 +-
arch/arm64/tools/cpucaps | 1 +
drivers/irqchip/irq-gic-v5.c | 7 -------
include/linux/irqchip/arm-vgic-info.h | 2 --
7 files changed, 27 insertions(+), 32 deletions(-)
--
2.34.1
