[PATCH v2 9/9] accel/mshv: disable la57 (5lvl paging)

Wed, 11 Mar 2026 04:37:03 -0700 

This change disable la57 paging on the mshv hypervisor on both the
mshv processor feature bitmap and mask the cpuid feature leaf to the
guest.

Since the removal of hypervisor-assisted gva=>gpa translation in
1c85a4a3d7 we have seen MMIO errors in guests on la57-enabled hw. We
will have to investigate and test this further.

Signed-off-by: Magnus Kulke <[email protected]>
---
 accel/mshv/mshv-all.c       | 7 +++++++
 target/i386/mshv/mshv-cpu.c | 6 ++++++
 2 files changed, 13 insertions(+)

diff --git a/accel/mshv/mshv-all.c b/accel/mshv/mshv-all.c
index eab967ff07..ea3aacf6e0 100644
--- a/accel/mshv/mshv-all.c
+++ b/accel/mshv/mshv-all.c
@@ -142,6 +142,8 @@ static int create_partition(int mshv_fd, int *vm_fd)
     int ret;
     uint64_t pt_flags, host_proc_features;
     union hv_partition_processor_xsave_features disabled_xsave_features;
+    union hv_partition_processor_features disabled_proc_features = {0};
+
     struct mshv_create_partition_v2 args = {0};
     uint32_t feature_banks[] = {
         HV_PARTITION_PROPERTY_PROCESSOR_FEATURES0,
@@ -181,6 +183,11 @@ static int create_partition(int mshv_fd, int *vm_fd)
     }
     args.pt_cpu_fbanks[1] = ~host_proc_features;
 
+    /* features we disable regardless of host support */
+    disabled_proc_features.la57_support = 1;
+    args.pt_cpu_fbanks[0] |= disabled_proc_features.as_uint64[0];
+    args.pt_cpu_fbanks[1] |= disabled_proc_features.as_uint64[1];
+
     /* populate args structure */
     args.pt_flags = pt_flags;
     args.pt_isolation = MSHV_PT_ISOLATION_NONE;
diff --git a/target/i386/mshv/mshv-cpu.c b/target/i386/mshv/mshv-cpu.c
index 2c66a52709..31fb788657 100644
--- a/target/i386/mshv/mshv-cpu.c
+++ b/target/i386/mshv/mshv-cpu.c
@@ -1677,6 +1677,12 @@ uint32_t mshv_get_supported_cpuid(uint32_t func, 
uint32_t idx, int reg)
      */
     if (func == 0x07 && idx == 0 && reg == R_ECX) {
         ret &= ~CPUID_7_0_ECX_CET_SHSTK;
+        /*
+         * LA57 (5-level paging) causes incorrect GVA=>GPA translations
+         * in the instruction decoder/emulator. Disable until page table
+         * walk in x86_mmu.c works w/ 5-level paging.
+         */
+        ret &= ~CPUID_7_0_ECX_LA57;
     }
     if (func == 0x07 && idx == 0 && reg == R_EDX) {
         ret &= ~CPUID_7_0_EDX_CET_IBT;
-- 
2.34.1

Reply via email to