On 5/27/26 4:42 PM, Khushit Shah wrote:
>
>> On 19 May 2026, at 6:57 PM, Eric Auger <[email protected]> wrote:
>>
>> !-------------------------------------------------------------------|
>> CAUTION: External Email
>>
>> |-------------------------------------------------------------------!
>>
>> In case some ID reg values were overriden after their
>> initialization in kvm_arm_get_host_cpu_features() we need to
>> copy the new value stored in isar.idregs array back to the
>> cpreg_list and then sync the cpreg_list to KVM.
>>
>> Signed-off-by: Eric Auger <[email protected]>
>> Signed-off-by: Cornelia Huck <[email protected]>
>>
>> ---
>>
>> v4 -> v5:
>> - only call kvm_arm_writable_idregs_to_cpreg_list and
>> write_list_to_kvmstate if writable_map is allocated
>> - reinitialize the cpreg list after sync (Jinqian)
>> ---
>> target/arm/kvm.c | 69 ++++++++++++++++++++++++++++++++++++++++-
>> target/arm/trace-events | 1 +
>> 2 files changed, 69 insertions(+), 1 deletion(-)
>>
>> diff --git a/target/arm/kvm.c b/target/arm/kvm.c
>> index 92219ee62e..30c5175c68 100644
>> --- a/target/arm/kvm.c
>> +++ b/target/arm/kvm.c
>> @@ -274,6 +274,21 @@ static uint32_t kvm_arm_sve_get_vls(int fd)
>> return vls[0] & MAKE_64BIT_MASK(0, ARM_MAX_VQ);
>> }
>>
>> +static int kvm_feature_idx_to_idregs_idx(int kidx)
>> +{
>> + int op1, crm, op2;
>> + ARMSysRegs sysreg;
>> +
>> + op1 = kidx / 64;
>> + if (op1 == 2) {
>> + op1 = 3;
>> + }
>> + crm = (kidx % 64) / 8;
>> + op2 = kidx % 8;
>> + sysreg = ENCODE_ID_REG(3, op1, 0, crm, op2);
>> + return get_sysreg_idx(sysreg);
>> +}
>> +
>> static int idregs_idx_to_kvm_feature_idx(ARMIDRegisterIdx idx)
>> {
>> ARMSysRegs sysreg = id_register_sysreg[idx];
>> @@ -1189,6 +1204,40 @@ bool kvm_arm_cpu_post_load(ARMCPU *cpu)
>> return true;
>> }
>>
>> +/*
>> + * Copy writable ID regs from isar.idregs[] to cpreg_list
>> + * in case their value differs from the original init cpreg value
>> + */
>> +static void kvm_arm_writable_idregs_to_cpreg_list(ARMCPU *cpu)
>> +{
>> + for (int i = 0; i < KVM_ARM_FEATURE_ID_RANGE_SIZE; i++) {
>> + uint64_t writable_mask = cpu->writable_map[i];
>> +
>> + if (writable_mask) {
>> + int idx = kvm_feature_idx_to_idregs_idx(i);
>> + ARM64SysReg *sysregdesc;
>> + uint64_t previous, new;
>> + uint64_t *cpreg;
>> + uint32_t sysreg;
>> +
>> + if (idx == -1) {
>> + /* sysreg writable, but we don't know it */
>> + continue;
>> + }
>> + sysregdesc = &arm64_id_regs[idx];
>> + sysreg = id_register_sysreg[idx];
>> + cpreg = kvm_arm_get_cpreg_ptr(cpu,
>> idregs_sysreg_to_kvm_reg(sysreg));
>> + previous = *cpreg;
>> + new = cpu->isar.idregs[idx];
>> + if (previous != new) {
>> + *cpreg = new;
>> +
>> trace_kvm_arm_writable_idregs_to_cpreg_list(sysregdesc->name,
>> + previous, new);
>> + }
>> + }
>> + }
>> +}
>> +
>> void kvm_arm_reset_vcpu(ARMCPU *cpu)
>> {
>> int ret;
>> @@ -2140,7 +2189,25 @@ int kvm_arch_init_vcpu(CPUState *cs)
>> }
>> cpu->mp_affinity = mpidr & ARM64_AFFINITY_MASK;
>>
>> - return kvm_arm_init_cpreg_list(cpu);
>> + ret = kvm_arm_init_cpreg_list(cpu);
>> + if (ret) {
>> + return ret;
>> + }
>> + /* overwrite writable ID regs with their updated property values */
>> + if (cpu->writable_map) {
>> + kvm_arm_writable_idregs_to_cpreg_list(cpu);
>> + ret = write_list_to_kvmstate(cpu, KVM_PUT_FULL_STATE);
>> + if (!ret) {
>> + return -1;
>> + }
>> + /*
>> + * modified values may have changed the visibility of some regs,
>> + * reinitialize the cpreg_list accordingly
>> + */
>> + ret = kvm_arm_init_cpreg_list(cpu);
>> + }
>> +
>> + return ret;
>> }
>>
>> int kvm_arch_destroy_vcpu(CPUState *cs)
>> diff --git a/target/arm/trace-events b/target/arm/trace-events
>> index 8c7faf57c7..c25d2a1191 100644
>> --- a/target/arm/trace-events
>> +++ b/target/arm/trace-events
>> @@ -14,6 +14,7 @@ arm_gt_update_irq(int timer, int irqstate) "gt_update_irq:
>> timer %d irqstate %d"
>> # kvm.c
>> kvm_arm_fixup_msi_route(uint64_t iova, uint64_t gpa) "MSI iova = 0x%"PRIx64"
>> is translated into 0x%"PRIx64
>> get_host_cpu_idregs(const char *name, uint64_t value) "scratch vcpu host
>> value for %s is 0x%"PRIx64
>> +kvm_arm_writable_idregs_to_cpreg_list(const char *name, uint64_t previous,
>> uint64_t new) "%s overwrite default 0x%"PRIx64" with 0x%"PRIx64
>>
>> # cpu.c
>> arm_cpu_reset(uint64_t mp_aff) "cpu %" PRIu64
>> --
>> 2.53.0
>>
> Hi Eric,
>
> We can not safely rely on ahcf on all configurations. This will not work for
> a host kernel that is booted with nested virtualisation support but qemu
> started without virtualisation (i.e. -machine virt (no virtualisation=on)).
> This happens because scratch vCPU always enables EL2 support if supported
> by the host kernel. Why limits alot of ID register fields (see
> limit_nv_id_reg() in
> kernel). Then the actual vCPU is initialised with ahcf->isar.idregs[] (with
> EL2 support). When trying to write back this will result in error.
OK I see. Thank you for reporting the issue
Eric
>
> Will attach how we solved this is separate mail/reply.
>
> Warm Regards,
> Khushit.
