ANDROID: KVM: arm64: Allow post-freeze backports to pKVM

The GKI policy allows the addition of new symbols to a frozen KMI as long as doing so has no impact on existing frozen symbols. Interestingly the hypervisor's ABI is defined by the pkvm_module_ops structure. Any addition to this struct will be flagged as a type change, which equates to a KMI breakage in the GKI world. This could become a major problem long term if it prevented backport of (security) fixes to KMI-frozen kernels. To allow such backports, add a set of reserved ABI slots to the pkvm_module_ops struct. These slots are usually reserved to fix LTS merges, but given that none of the pKVM module code is upstream yet, these slots are likely to be used by Android-specific fixes. Bug: 233587962 Change-Id: I61a00a09947ccff153c96a4829e083ef9ede19d3 Signed-off-by: Quentin Perret <qperret@google.com>
2026-06-06 02:50:49 +09:00 · 2023-03-13 15:01:29 +00:00
parent b4b279e9e3
commit 4f0e2cac4c
1 changed files with 34 additions and 0 deletions
--- a/arch/arm64/include/asm/kvm_pkvm_module.h
+++ b/arch/arm64/include/asm/kvm_pkvm_module.h
@@ -4,6 +4,7 @@
 #define __ARM64_KVM_PKVM_MODULE_H__

 #include <asm/kvm_pgtable.h>
+#include <linux/android_kabi.h>
 #include <linux/export.h>

 typedef void (*dyn_hcall_t)(struct kvm_cpu_context *);
@@ -48,6 +49,39 @@ struct pkvm_module_ops {
 	phys_addr_t (*hyp_pa)(void *x);
 	void* (*hyp_va)(phys_addr_t phys);
 	unsigned long (*kern_hyp_va)(unsigned long x);
+
+	ANDROID_KABI_RESERVE(1);
+	ANDROID_KABI_RESERVE(2);
+	ANDROID_KABI_RESERVE(3);
+	ANDROID_KABI_RESERVE(4);
+	ANDROID_KABI_RESERVE(5);
+	ANDROID_KABI_RESERVE(6);
+	ANDROID_KABI_RESERVE(7);
+	ANDROID_KABI_RESERVE(8);
+	ANDROID_KABI_RESERVE(9);
+	ANDROID_KABI_RESERVE(10);
+	ANDROID_KABI_RESERVE(11);
+	ANDROID_KABI_RESERVE(12);
+	ANDROID_KABI_RESERVE(13);
+	ANDROID_KABI_RESERVE(14);
+	ANDROID_KABI_RESERVE(15);
+	ANDROID_KABI_RESERVE(16);
+	ANDROID_KABI_RESERVE(17);
+	ANDROID_KABI_RESERVE(18);
+	ANDROID_KABI_RESERVE(19);
+	ANDROID_KABI_RESERVE(20);
+	ANDROID_KABI_RESERVE(21);
+	ANDROID_KABI_RESERVE(22);
+	ANDROID_KABI_RESERVE(23);
+	ANDROID_KABI_RESERVE(24);
+	ANDROID_KABI_RESERVE(25);
+	ANDROID_KABI_RESERVE(26);
+	ANDROID_KABI_RESERVE(27);
+	ANDROID_KABI_RESERVE(28);
+	ANDROID_KABI_RESERVE(29);
+	ANDROID_KABI_RESERVE(30);
+	ANDROID_KABI_RESERVE(31);
+	ANDROID_KABI_RESERVE(32);
 };

 int __pkvm_load_el2_module(struct module *this, unsigned long *token);