tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

KVM: arm64: Do not allow KVM_CAP_ARM_MTE for any guest in pKVM

Supporting MTE in pKVM introduces significant complexity to the
hypervisor at EL2, even for non-protected VMs, since it would require
EL2 to handle tag management.

For now, do not allow KVM_CAP_ARM_MTE for any VM type in protected mode.

Signed-off-by: Fuad Tabba <tabba@google.com>
Link: https://patch.msgid.link/20251211104710.151771-7-tabba@google.com
Signed-off-by: Marc Zyngier <maz@kernel.org>

authored by

Fuad Tabba and committed by
Marc Zyngier f4eee308 43a21a0f

+2
+2
arch/arm64/include/asm/kvm_pkvm.h
··· 44 44 case KVM_CAP_ARM_PTRAUTH_ADDRESS: 45 45 case KVM_CAP_ARM_PTRAUTH_GENERIC: 46 46 return true; 47 + case KVM_CAP_ARM_MTE: 48 + return false; 47 49 default: 48 50 return !kvm || !kvm_vm_is_protected(kvm); 49 51 }