Commit cde5042a authored Jun 09, 2022 by Will Deacon Committed by Marc Zyngier Jun 09, 2022

KVM: arm64: Ignore 'kvm-arm.mode=protected' when using VHE



Ignore 'kvm-arm.mode=protected' when using VHE so that kvm_get_mode()
only returns KVM_MODE_PROTECTED on systems where the feature is available.

Cc: David Brazdil <dbrazdil@google.com>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20220609121223.2551-4-will@kernel.org

parent fa7a1721

Documentation/admin-guide/kernel-parameters.txt

+0 −1

Original line number	Diff line number	Diff line
		@@ -2469,7 +2469,6 @@

		protected: nVHE-based mode with support for guests whose
		state is kept private from the host.
		Not valid if the kernel is running in EL2.

		Defaults to VHE/nVHE based on hardware support. Setting
		mode to "protected" will disable kexec and hibernation

arch/arm64/kernel/cpufeature.c

+1 −9

Original line number	Diff line number	Diff line
		@@ -1974,15 +1974,7 @@ static void cpu_enable_mte(struct arm64_cpu_capabilities const *cap)
		#ifdef CONFIG_KVM
		static bool is_kvm_protected_mode(const struct arm64_cpu_capabilities *entry, int __unused)
		{
		if (kvm_get_mode() != KVM_MODE_PROTECTED)
		return false;

		if (is_kernel_in_hyp_mode()) {
		pr_warn("Protected KVM not available with VHE\n");
		return false;
		}

		return true;
		return kvm_get_mode() == KVM_MODE_PROTECTED;
		}
		#endif /* CONFIG_KVM */

arch/arm64/kvm/arm.c

+5 −1

Original line number	Diff line number	Diff line
		@@ -2273,7 +2273,11 @@ static int __init early_kvm_mode_cfg(char *arg)
		return -EINVAL;

		if (strcmp(arg, "protected") == 0) {
		if (!is_kernel_in_hyp_mode())
		kvm_mode = KVM_MODE_PROTECTED;
		else
		pr_warn_once("Protected KVM not available with VHE\n");

		return 0;
		}