From 3a0107a38e48bff9057d369c63b0789b945bbef0 Mon Sep 17 00:00:00 2001 From: Fuad Tabba Date: Mon, 23 Jun 2025 11:28:53 +0100 Subject: [PATCH] ANDROID: KVM: arm64: Ensure SVE initialization precedes PSCI for protected VCPUs Reorder the initialization sequence for protected KVM VCPUs on arm64. Specifically, ensure that SVE state is initialized *before* PSCI (and PVM Firmare). The current order presents a problem: PSCI initialization triggers the bring-up of the PVM (Protected Virtual Machine) firmware. Should SVE initialization then fail due to insufficient memory, there is no reliable mechanism to roll back or clean up the already-initialized PVM firmware. This can lead to an undesirable and unrecoverable state for the protected VCPU. By initializing SVE first, any memory allocation failures will occur prior to the PVM firmware becoming active, allowing for a more controlled failure scenario. Bug: 278749606 Bug: 417970855 Bug: 420967829 Bug: 427128726 Reported-by: Shikha Panwar Change-Id: Ia82bb409d83bdc7560589152ec6cf50f54eebefe Signed-off-by: Fuad Tabba --- arch/arm64/kvm/hyp/nvhe/pkvm.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/arch/arm64/kvm/hyp/nvhe/pkvm.c b/arch/arm64/kvm/hyp/nvhe/pkvm.c index 98b0a173408f..feaad44fe204 100644 --- a/arch/arm64/kvm/hyp/nvhe/pkvm.c +++ b/arch/arm64/kvm/hyp/nvhe/pkvm.c @@ -702,16 +702,13 @@ static int init_pkvm_hyp_vcpu(struct pkvm_hyp_vcpu *hyp_vcpu, if (ret) goto done; - ret = pkvm_vcpu_init_psci(hyp_vcpu); - if (ret) - goto done; - if (test_bit(KVM_ARM_VCPU_SVE, hyp_vcpu->vcpu.arch.features)) { ret = init_pkvm_hyp_vcpu_sve(hyp_vcpu, host_vcpu); if (ret) goto done; } + WARN_ON(pkvm_vcpu_init_psci(hyp_vcpu)); pkvm_vcpu_init_traps(hyp_vcpu); kvm_reset_pvm_sys_regs(&hyp_vcpu->vcpu); done: