Exposing set/way cache maintenance to a virtual machine is unsafe, not least because the instructions are not permission-checked but also because they are not broadcast between CPUs. Consequently, KVM traps and emulates such maintenance in the host kernel using by-VA operations and looping over the stage-2 page-tables. However, when running under protected KVM, these instructions are not able to be emulated and will instead result in an exception being delivered to the guest.
Introduce CONFIG_CMO_BY_VA_ONLY so that virtual platforms can select this option and perform by-VA cache maintenance instead of using the set/way instructions. Ying-Chun Liu (PaulLiu) (2): arm: cpu: Add optional CMOs by VA arm64: Initialize TLB memory if CMO_BY_VA_ONLY arch/arm/cpu/armv8/Kconfig | 4 ++ arch/arm/cpu/armv8/cache.S | 50 +++++++++++++----- arch/arm/cpu/armv8/cache_v8.c | 97 ++++++++++++++++++++++++++++++++++- arch/arm/cpu/armv8/cpu.c | 30 +++++++---- arch/arm/lib/cache.c | 9 ++++ 5 files changed, 164 insertions(+), 26 deletions(-) -- 2.39.1
