arm64 fixes for 6.16

- Fix broken UUID value for the KVM/arm64 hypervisor SMCCC interface. - Fix stack corruption on context-switch, primarily seen on (but not limited to) configurations with both pNMI and SCS enabled. -----BEGIN PGP SIGNATURE----- iQFEBAABCgAuFiEEPxTL6PPUbjXGY88ct6xw3ITBYzQFAmiBBXwQHHdpbGxAa2Vy bmVsLm9yZwAKCRC3rHDchMFjNFitB/9qIwohXTPcwfFux3FJpiUAMzY0KlP2TIJF +wMRNSkYw/EKKorz4nzdEagyvWLvbFqg8eZDaoVTV7+DyQXb5Fz9R7s8yVQwBIpY naAPm5A+I9gitiISA8M1Kr44MpTJBUHRpOSIIiTQK0/ijmd02sDkZZJuTUqYRmUP 1SY7A6Ps3Oz3cfqDtOIKUy8LNi22Wha6n9r3YghO5nhlLgrO1vMf/2uX1fRULTee rpv4vICUjy9JK7F3W2osQ88UQkRY+l7vEtEzDdAYREPbg7m0ye1R1rTp2NiQ/mja b+YoKudvdce4Mwui3UB5kRCDBB5kJIX7Itvu/AfjJ5e/cr0fI15X =tkat -----END PGP SIGNATURE----- Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Will Deacon: "Two important arm64 fixes ahead of the 6.16 release. The first fixes a regression introduced during the merge window where the KVM UUID (which is used to advertise KVM-specific hypercalls for things like time synchronisation in the guest) was corrupted thanks to an endianness bug introduced when converting the code to use the UUID_INIT() helper. The second fixes a stack-pointer corruption issue during context-switch which has been observed in the wild when taking a pseudo-NMI with shadow call stack enabled. Summary: - Fix broken UUID value for the KVM/arm64 hypervisor SMCCC interface - Fix stack corruption on context-switch, primarily seen on (but not limited to) configurations with both pNMI and SCS enabled" * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() arm64: kvm, smccc: Fix vendor uuid
2025-09-15 09:07:11 +10:00 · 2025-07-24 08:50:55 -07:00 · 2025-07-24 08:50:55 -07:00 · cef6c8c92f
commit cef6c8c92f
parent 407c114c98 d42e6c20de
3 changed files with 12 additions and 1 deletions
--- a/arch/arm64/include/asm/assembler.h
+++ b/arch/arm64/include/asm/assembler.h
@ -41,6 +41,11 @@
 /*
 * Save/restore interrupts.
 */
+	.macro save_and_disable_daif, flags
+	mrs	\flags, daif
+	msr	daifset, #0xf
+	.endm
+
 	.macro	save_and_disable_irq, flags
 	mrs	\flags, daif
 	msr	daifset, #3
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@ -825,6 +825,7 @@ SYM_CODE_END(__bp_harden_el1_vectors)
 *
 */
 SYM_FUNC_START(cpu_switch_to)
+	save_and_disable_daif x11
 	mov	x10, #THREAD_CPU_CONTEXT
 	add	x8, x0, x10
 	mov	x9, sp
@ -848,6 +849,7 @@ SYM_FUNC_START(cpu_switch_to)
 	ptrauth_keys_install_kernel x1, x8, x9, x10
 	scs_save x0
 	scs_load_current
+	restore_irq x11
 	ret
 SYM_FUNC_END(cpu_switch_to)
 NOKPROBE(cpu_switch_to)
@ -874,6 +876,7 @@ NOKPROBE(ret_from_fork)
 * Calls func(regs) using this CPU's irq stack and shadow irq stack.
 */
 SYM_FUNC_START(call_on_irq_stack)
+	save_and_disable_daif x9
 #ifdef CONFIG_SHADOW_CALL_STACK
 	get_current_task x16
 	scs_save x16
@ -888,8 +891,10 @@ SYM_FUNC_START(call_on_irq_stack)

 	/* Move to the new stack and call the function there */
 	add	sp, x16, #IRQ_STACK_SIZE
+	restore_irq x9
 	blr	x1

+	save_and_disable_daif x9
 	/*
 	 * Restore the SP from the FP, and restore the FP and LR from the frame
 	 * record.
@ -897,6 +902,7 @@ SYM_FUNC_START(call_on_irq_stack)
 	mov	sp, x29
 	ldp	x29, x30, [sp], #16
 	scs_load_current
+	restore_irq x9
 	ret
 SYM_FUNC_END(call_on_irq_stack)
 NOKPROBE(call_on_irq_stack)
--- a/include/linux/arm-smccc.h
+++ b/include/linux/arm-smccc.h
@ -113,7 +113,7 @@

 /* KVM UID value: 28b46fb6-2ec5-11e9-a9ca-4b564d003a74 */
 #define ARM_SMCCC_VENDOR_HYP_UID_KVM UUID_INIT(\
-	0xb66fb428, 0xc52e, 0xe911, \
+	0x28b46fb6, 0x2ec5, 0x11e9, \
 	0xa9, 0xca, 0x4b, 0x56, \
 	0x4d, 0x00, 0x3a, 0x74)