1. Patchew
  2. linux
  3. View series

[PATCH 0/5] KVM: arm64: GICv5 legacy (GCIE_LEGACY) NV enablement and cleanup

Sascha Bischoff posted 5 patches 1 month ago 
arch/arm64/kernel/cpufeature.c        | 15 +++++++++++++++
arch/arm64/kvm/arm.c                  |  5 +++--
arch/arm64/kvm/hyp/vgic-v3-sr.c       | 27 +++++++--------------------
arch/arm64/kvm/vgic/vgic-v5.c         |  2 +-
arch/arm64/tools/cpucaps              |  1 +
drivers/irqchip/irq-gic-v5.c          |  7 -------
include/linux/irqchip/arm-vgic-info.h |  2 --
7 files changed, 27 insertions(+), 32 deletions(-)
[PATCH 0/5] KVM: arm64: GICv5 legacy (GCIE_LEGACY) NV enablement and cleanup
Posted by Sascha Bischoff 1 month ago 
Hi all,

This series enables nested virtualization for GICv3-based VMs on GICv5
hosts (w/ FEAT_GCIE_LEGACY) in KVM/arm64. In addition, it adds a CPU
capability to track support for FEAT_GCIE_LEGACY across all CPUs.

The series fixes ICC_SRE_EL2 access handling for GICv5 hosts (to match
the updated bet1+ specification [1]), and extends nested
virtualization support to vGICv3 guests running on compatible GICv5
systems. With these changes, it becomes possible to run with
kvm-arm.mode=nested, and these changes have been tested with three
levels of nesting on simulated hardware (Arm FVP).

Previously, the presence of FEAT_GCIE_LEGACY was tracked in the GICv5
driver via gic_kvm_info, and the probing logic could incorrectly
enable legacy support if the boot CPU exposed the feature while others
did not. This created the risk of mismatched configurations,
particularly when late-onlining CPUs without FEAT_GCIE_LEGACY.

To address this, the series introduces a proper ARM64_HAS_GICV5_LEGACY
CPU capability, and moves KVM to use cpus_have_final_cap() to ensure
consistent system-wide enablement. With this, late-onlined but
mismatched CPUs are cleanly rejected at bring-up.

Patch summary

KVM: arm64: allow ICC_SRE_EL2 accesses on a GICv5 host
    Update handling to reflect the corrected GICv5 specification.

KVM: arm64: Enable nested for GICv5 host with FEAT_GCIE_LEGACY
    Allow nested virtualization for vGICv3 guests on GICv5 hosts with
    legacy support.

arm64: cpucaps: Add GICv5 Legacy vCPU interface (GCIE_LEGACY) capability
    Introduce a new CPU capability that prevents mismatched
    configurations.

KVM: arm64: Use ARM64_HAS_GICV5_LEGACY for GICv5 probing
    Ensure probing is consistent across all CPUs by using cpucaps.

irqchip/gic-v5: Drop has_gcie_v3_compat from gic_kvm_info
    Remove obsolete compatibility flag, as FEAT_GCIE_LEGACY is now a
    CPU feature.

Comments and reviews are very welcome.

Thanks,
Sascha

[1] https://developer.arm.com/documentation/aes0070/latest/

Sascha Bischoff (5):
  KVM: arm64: Allow ICC_SRE_EL2 accesses on a GICv5 host
  KVM: arm64: Enable nested for GICv5 host with FEAT_GCIE_LEGACY
  arm64: cpucaps: Add GICv5 Legacy vCPU interface (GCIE_LEGACY)
    capability
  KVM: arm64: Use ARM64_HAS_GICV5_LEGACY for GICv5 probing
  irqchip/gic-v5: Drop has_gcie_v3_compat from gic_kvm_info

 arch/arm64/kernel/cpufeature.c        | 15 +++++++++++++++
 arch/arm64/kvm/arm.c                  |  5 +++--
 arch/arm64/kvm/hyp/vgic-v3-sr.c       | 27 +++++++--------------------
 arch/arm64/kvm/vgic/vgic-v5.c         |  2 +-
 arch/arm64/tools/cpucaps              |  1 +
 drivers/irqchip/irq-gic-v5.c          |  7 -------
 include/linux/irqchip/arm-vgic-info.h |  2 --
 7 files changed, 27 insertions(+), 32 deletions(-)

-- 
2.34.1
Re: [PATCH 0/5] KVM: arm64: GICv5 legacy (GCIE_LEGACY) NV enablement and cleanup
Posted by Marc Zyngier 2 weeks, 1 day ago 
On Thu, 28 Aug 2025 10:59:41 +0000, Sascha Bischoff wrote:
> This series enables nested virtualization for GICv3-based VMs on GICv5
> hosts (w/ FEAT_GCIE_LEGACY) in KVM/arm64. In addition, it adds a CPU
> capability to track support for FEAT_GCIE_LEGACY across all CPUs.
> 
> The series fixes ICC_SRE_EL2 access handling for GICv5 hosts (to match
> the updated bet1+ specification [1]), and extends nested
> virtualization support to vGICv3 guests running on compatible GICv5
> systems. With these changes, it becomes possible to run with
> kvm-arm.mode=nested, and these changes have been tested with three
> levels of nesting on simulated hardware (Arm FVP).
> 
> [...]

Applied to next, thanks!

[1/5] KVM: arm64: Allow ICC_SRE_EL2 accesses on a GICv5 host
      (no commit info)
[2/5] KVM: arm64: Enable nested for GICv5 host with FEAT_GCIE_LEGACY
      commit: d5a012af348d4d84287267547eb8637b937545af
[3/5] arm64: cpucaps: Add GICv5 Legacy vCPU interface (GCIE_LEGACY) capability
      commit: 7847f51189343b29a24ca7edafb60a9032d5acf8
[4/5] KVM: arm64: Use ARM64_HAS_GICV5_LEGACY for GICv5 probing
      commit: 754e43b09561f59dd04e0b8aafe4f5c9a71a4d1f
[5/5] irqchip/gic-v5: Drop has_gcie_v3_compat from gic_kvm_info
      commit: 5c5db9efe323dd0b0d7917dbe5b9c0999c95e79e

Cheers,

	M.
-- 
Without deviation from the norm, progress is not possible.
Re: [PATCH 0/5] KVM: arm64: GICv5 legacy (GCIE_LEGACY) NV enablement and cleanup
Posted by Oliver Upton 4 weeks, 1 day ago 
On Thu, Aug 28, 2025 at 10:59:41AM +0000, Sascha Bischoff wrote:
> Hi all,
> 
> This series enables nested virtualization for GICv3-based VMs on GICv5
> hosts (w/ FEAT_GCIE_LEGACY) in KVM/arm64. In addition, it adds a CPU
> capability to track support for FEAT_GCIE_LEGACY across all CPUs.
> 
> The series fixes ICC_SRE_EL2 access handling for GICv5 hosts (to match
> the updated bet1+ specification [1]), and extends nested
> virtualization support to vGICv3 guests running on compatible GICv5
> systems. With these changes, it becomes possible to run with
> kvm-arm.mode=nested, and these changes have been tested with three
> levels of nesting on simulated hardware (Arm FVP).
> 
> Previously, the presence of FEAT_GCIE_LEGACY was tracked in the GICv5
> driver via gic_kvm_info, and the probing logic could incorrectly
> enable legacy support if the boot CPU exposed the feature while others
> did not. This created the risk of mismatched configurations,
> particularly when late-onlining CPUs without FEAT_GCIE_LEGACY.
> 
> To address this, the series introduces a proper ARM64_HAS_GICV5_LEGACY
> CPU capability, and moves KVM to use cpus_have_final_cap() to ensure
> consistent system-wide enablement. With this, late-onlined but
> mismatched CPUs are cleanly rejected at bring-up.
> 
> Patch summary
> 
> KVM: arm64: allow ICC_SRE_EL2 accesses on a GICv5 host
>     Update handling to reflect the corrected GICv5 specification.
> 
> KVM: arm64: Enable nested for GICv5 host with FEAT_GCIE_LEGACY
>     Allow nested virtualization for vGICv3 guests on GICv5 hosts with
>     legacy support.
> 
> arm64: cpucaps: Add GICv5 Legacy vCPU interface (GCIE_LEGACY) capability
>     Introduce a new CPU capability that prevents mismatched
>     configurations.
> 
> KVM: arm64: Use ARM64_HAS_GICV5_LEGACY for GICv5 probing
>     Ensure probing is consistent across all CPUs by using cpucaps.
> 
> irqchip/gic-v5: Drop has_gcie_v3_compat from gic_kvm_info
>     Remove obsolete compatibility flag, as FEAT_GCIE_LEGACY is now a
>     CPU feature.
> 
> Comments and reviews are very welcome.
> 
> Thanks,
> Sascha
> 
> [1] https://developer.arm.com/documentation/aes0070/latest/
> 
> Sascha Bischoff (5):
>   KVM: arm64: Allow ICC_SRE_EL2 accesses on a GICv5 host
>   KVM: arm64: Enable nested for GICv5 host with FEAT_GCIE_LEGACY
>   arm64: cpucaps: Add GICv5 Legacy vCPU interface (GCIE_LEGACY)
>     capability
>   KVM: arm64: Use ARM64_HAS_GICV5_LEGACY for GICv5 probing
>   irqchip/gic-v5: Drop has_gcie_v3_compat from gic_kvm_info

For the series:

Reviewed-by: Oliver Upton <oliver.upton@linux.dev>

Thanks,
Oliver

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.