Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
---
target/arm/cpu.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index ccc47c8a9a..5ffb1e3096 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -685,6 +685,10 @@ void arm_emulate_firmware_reset(CPUState *cpustate, int target_el)
}
}
+ if (have_el2 && !cpu_isar_feature(aa64_e2h0, cpu)) {
+ env->cp15.hcr_el2 |= HCR_E2H;
+ }
+
/* Set the CPU to the desired state */
if (env->aarch64) {
env->pstate = aarch64_pstate_mode(target_el, true);
--
2.50.1 (Apple Git-155)On Wed, 1 Apr 2026 at 23:07, Mohamed Mediouni <mohamed@unpredictable.fr> wrote:
>
> Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
This could use some rationale in the commit message:
why do we need it, what goes wrong, etc.
> ---
> target/arm/cpu.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/target/arm/cpu.c b/target/arm/cpu.c
> index ccc47c8a9a..5ffb1e3096 100644
> --- a/target/arm/cpu.c
> +++ b/target/arm/cpu.c
> @@ -685,6 +685,10 @@ void arm_emulate_firmware_reset(CPUState *cpustate, int target_el)
> }
> }
>
> + if (have_el2 && !cpu_isar_feature(aa64_e2h0, cpu)) {
> + env->cp15.hcr_el2 |= HCR_E2H;
> + }
> +
> /* Set the CPU to the desired state */
> if (env->aarch64) {
> env->pstate = aarch64_pstate_mode(target_el, true);
> --
> 2.50.1 (Apple Git-155)
thanks
-- PMM
On 4/2/26 21:17, Peter Maydell wrote:
> On Wed, 1 Apr 2026 at 23:07, Mohamed Mediouni <mohamed@unpredictable.fr> wrote:
>>
>> Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
>
> This could use some rationale in the commit message:
> why do we need it, what goes wrong, etc.
Indeed. I would expect this to be handled via hcr_reset and
a2834b853d9 ("target/arm: implement FEAT_E2H0")
Specifically,
+ /* Strictly E2H is RES1 unless FEAT_E2H0 relaxes the requirement */
+ if (!cpu_isar_feature(aa64_e2h0, cpu)) {
+ value |= HCR_E2H;
+ }
r~
>
>> ---
>> target/arm/cpu.c | 4 ++++
>> 1 file changed, 4 insertions(+)
>>
>> diff --git a/target/arm/cpu.c b/target/arm/cpu.c
>> index ccc47c8a9a..5ffb1e3096 100644
>> --- a/target/arm/cpu.c
>> +++ b/target/arm/cpu.c
>> @@ -685,6 +685,10 @@ void arm_emulate_firmware_reset(CPUState *cpustate, int target_el)
>> }
>> }
>>
>> + if (have_el2 && !cpu_isar_feature(aa64_e2h0, cpu)) {
>> + env->cp15.hcr_el2 |= HCR_E2H;
>> + }
>> +
>> /* Set the CPU to the desired state */
>> if (env->aarch64) {
>> env->pstate = aarch64_pstate_mode(target_el, true);
>> --
>> 2.50.1 (Apple Git-155)
>
> thanks
> -- PMM
>
> On 3. Apr 2026, at 23:53, Richard Henderson <richard.henderson@linaro.org> wrote:
>
> On 4/2/26 21:17, Peter Maydell wrote:
>> On Wed, 1 Apr 2026 at 23:07, Mohamed Mediouni <mohamed@unpredictable.fr> wrote:
>>>
>>> Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
>> This could use some rationale in the commit message:
>> why do we need it, what goes wrong, etc.
>
> Indeed. I would expect this to be handled via hcr_reset and
> a2834b853d9 ("target/arm: implement FEAT_E2H0")
>
> Specifically,
>
> + /* Strictly E2H is RES1 unless FEAT_E2H0 relaxes the requirement */
> + if (!cpu_isar_feature(aa64_e2h0, cpu)) {
> + value |= HCR_E2H;
> + }
>
>
> r~
>
>
Hello,
That’s indeed the case, missed that commit.
Some context: the issue is an edge case around nested virt on hardware
without FEAT_NV2p2 where the guest cannot flip between VHE and nVHE
at runtime - but the OS supports both nested virt impls.
While KVM handles HCR_EL2.E2H’s effective value via a KVM cap,
that’s not the only option around. An HV tries to be clever
and sets the state depending on what HCR_EL2 is read as.
© 2016 - 2026 Red Hat, Inc.