On Sat, Nov 23, 2019 at 11:56:18AM +0000, Marc Zyngier wrote:
HCR_EL2.TID3 mandates that access from EL1 to a long list of id
registers traps to EL2, and QEMU has so far ignored this
requirement.
This breaks (among other things) KVM guests that have PtrAuth
enabled,
while the hypervisor doesn't want to expose the feature to its
guest.
To achieve this, KVM traps the ID registers (ID_AA64ISAR1_EL1 in
this
case), and masks out the unsupported feature.
QEMU not honoring the trap request means that the guest observes
that the feature is present in the HW, starts using it, and dies
a horrible death when KVM injects an UNDEF, because the feature
*really* isn't supported.
Do the right thing by trapping to EL2 if HCR_EL2.TID3 is set.
Reported-by: Will Deacon <address@hidden>
Signed-off-by: Marc Zyngier <address@hidden>
---
There is a number of other trap bits missing (TID[0-2], for
example),
but this at least gets a mainline Linux going with cpu=max.
target/arm/helper.c | 75
+++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 75 insertions(+)
I took your fixes/el2_traps branch for a spin and I no longer get an
unexpected undefined instruction trap on first access to the ptrauth
key
registers during context-switch:
Tested-by: Will Deacon <address@hidden>