On Thu, Feb 09, 2023 at 04:54:27AM +0800, Ying-Chun Liu (PaulLiu) wrote:
From: Marc Zyngier maz@kernel.org
Exposing set/way cache maintenance to a virtual machine is unsafe, not least because the instructions are not permission-checked but also because they are not broadcast between CPUs. Consequently, KVM traps and emulates such maintenance in the host kernel using by-VA operations and looping over the stage-2 page-tables. However, when running under protected KVM, these instructions are not able to be emulated and will instead result in an exception being delivered to the guest.
Introduce CONFIG_CMO_BY_VA_ONLY so that virtual platforms can select this option and perform by-VA cache maintenance instead of using the set/way instructions.
Signed-off-by: Marc Zyngier maz@kernel.org Signed-off-by: Will Deacon willdeacon@google.com Signed-off-by: Pierre-Clément Tosi ptosi@google.com [ Paul: pick from the Android tree. Fixup Pierre's commit. And fix some checkpatch warnings. Rebased to upstream. ] Signed-off-by: Ying-Chun Liu (PaulLiu) paul.liu@linaro.org Cc: Tom Rini trini@konsulko.com Link: https://android.googlesource.com/platform/external/u-boot/+/db5507f47f4f57f7... Link: https://android.googlesource.com/platform/external/u-boot/+/2baf54e743380a1e...
Applied to u-boot/next, thanks!