The uaccess write handlers for GICD_IIDR extract the revision field
from the wrong variable, making it impossible for userspace to actually
change the implementation revision. Fix that.
Additionally, allow userspace to select IIDR revision 1, restoring the
behaviour from before commit d53c2c29ae0d ("KVM: arm/arm64: vgic: Allow
configuration of interrupt groups") where interrupt groups are not
guest-configurable. This is needed by hypervisors that were reverting
that commit to preserve the original guest-visible semantics, and to
allow for a safely controlled deployment of the new behaviour.
For GICv2, kill the v2_groups_user_writable flag and make the behaviour
depend directly on the IIDR. The existing default behaviour of setting
the IIDR to revision 3 and allowing the groups to be writable by the
*guest* but just not by userspace was just weird, and almost certainly
not intentional. (New in v2 posting).
Tested on Graviton 3 (Neoverse-V1) metal for GICv3 selftests, and
under QEMU TCG with GICv2 emulation for GICv2 selftests.
v2:
• Fixed -Wdiscarded-qualifiers warning from 0-day bot.
• Remove GICv2 v2_groups_user_writable flag and just use IIDR.
• Address Marc's review feedback (no special cases in read_group,
other minor cleanups).
v1: https://lore.kernel.org/all/[email protected]/
David Woodhouse (5):
KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value
KVM: arm64: vgic: Allow userspace to set IIDR revision 1
KVM: arm64: selftests: Add vgic IIDR revision test
KVM: arm64: vgic: Remove v2_groups_user_writable and use IIDR revision
directly
KVM: arm64: selftests: Add GICv2 IGROUPR writability test
arch/arm64/kvm/vgic/vgic-mmio-v2.c | 18 +--
arch/arm64/kvm/vgic/vgic-mmio-v3.c | 6 +-
arch/arm64/kvm/vgic/vgic-mmio.c | 4 +
include/kvm/arm_vgic.h | 4 +-
tools/testing/selftests/kvm/Makefile.kvm | 2 +
.../testing/selftests/kvm/arm64/vgic_group_iidr.c | 118 +++++++++++++++
tools/testing/selftests/kvm/arm64/vgic_group_v2.c | 168 +++++++++++++++++++++
7 files changed, 306 insertions(+), 14 deletions(-)
