HI Varun,
On Fri, 31 Jul 2020 at 21:57, Varun Wadekar vwadekar@nvidia.com wrote:
Hi Mark,
There is no dependency between TF-A and KVM, other than the implicit promise that firmware doesn't break non-secure software.
Don’t we need a certain version of TF-A to allow KVM to work as expected?
No. KVM predates TF-A, so there was never a dependency between the two, and KVM runs happily on systems that do not have TF-A, or even missing EL3 altogether. I fail to see why there would be a dependency between the two, to be honest.
If your firmware isn't upgradeable, you have many more issues than just KVM...
With this change, we are forcing vendors to upgrade the firmware. This might involve testing and qualification on their part. I wanted to understand if this is a big deal.
This HW erratum *is* a big deal, as you can observe TLB corruption. So each EL has to carefully manage its own workaround as well as that of the ELs it controls (EL0/EL1 for EL2, EL0/EL1/EL2 for EL3). This cannot be a coordinated workaround either as: - these are independent SW entities - traps and interrupts can occur in any context
M.