Re: [PATCH v2 1/3] arm64: mm: Fix rodata=full block mapping support for realm guests
From: Catalin Marinas
Date: Thu Apr 09 2026 - 10:09:48 EST
On Thu, Apr 09, 2026 at 10:38:03AM +0100, Suzuki K Poulose wrote:
> On 07/04/2026 18:21, Catalin Marinas wrote:
> > a166563e7ec3 ("arm64: mm: support large block mapping when rodata=full")
> > introduced force_pte_mapping() but it just copied the logic in the
> > existing can_set_direct_map(). Looking at the linear_map_requires_bbml2
> > assignment, we get (!is_realm_world() && is_realm_world()) and it
> > cancels out, no effect on it but we don't get pte mappings either (even
> > if we don't have BBML2).
>
> Yep, that's right.
> >
> > I think we need at least some safety checks:
> >
> > 1. BBML2_NOABORT support on the boot CPU - continue with the existing
> > logic (as per Ryan's series)
> >
> > 2. !system_supports_bbml2_noabort() - split in
> > linear_map_maybe_split_to_ptes(). This does not currently happen
> > because linear_map_requires_bbml2 may be false in the absence of
> > rodata=full. Not sure how to fix this without some variable telling
> > us how the linear map was mapped. The requires_bbml2 flag doesn't
> >
> > 3. Panic in arm64_rsi_init() if !BBML2_NOABORT on the boot CPU _and_ we
> > have block mappings already. People can avoid it with rodata=full
>
> It looks like this will be a common case :-(
>
> >
> > 4. If (3) is a common case, a better alternative is to rewrite the
> > linear map sometime after arm64_rsi_init() but before we call
> > split_kernel_leaf_mapping().
>
> We will explore this route.
>
> The other option is to move the RSI detection (and the PSCI probe)
> earlier to be able to make better decisions early on. I will play with
> that a bit too.
I thought we could reuse linear_map_split_to_ptes() but this function
assumes that the primary CPU supports BBML2_NOABORT. To do this live,
we'd have to clone the active kernel pgtable hierarchy, switch to it and
then continue with the splitting. kasan_init_shadow() does a bit of this
but not fully as it only cares about the shadow mapping.
Hmm, maybe probing the RSI early is easier ;).
--
Catalin