Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp1662473pxb; Wed, 9 Feb 2022 01:32:21 -0800 (PST) X-Google-Smtp-Source: ABdhPJyET4ZckTCapZepCU3PpF+x+JIEUP/rnQei1yOyAEaGWuLG5PxLb872edexq2YN4grUbygu X-Received: by 2002:a63:338e:: with SMTP id z136mr1207616pgz.510.1644399141686; Wed, 09 Feb 2022 01:32:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644399141; cv=none; d=google.com; s=arc-20160816; b=uuyMO8JO4Copj90rEm9z6iOx15E9sxW0Wlgo5UHmBY5tl1tz8O5VmvYHrIJGkju/6K SLdeQ8vbYxlYYA1DxNAttap2zv/3Nk3m/9o6QBCqU3mU1dUoT1gTJvNs8+jM28NnYSh6 oBn2keFdrmym/RxXSkG7MpxFj7tSsoragEM0O68bxNH/JHa8NcSuNzZ+Zm0zrR1Iq6aU CXVwqTGy6UR6PZls921KbY+OjaLI3FRfWp3gCrMasB9FEvdDCkqCEvYLVrGik7LjskTQ Y4nXB2WcwBaVz3s2x3Utx5F1ESBqOX7mB39p+9e472mxlxge4ZWLMNe/5DWXQ5uylHj5 LFCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=A731yaYqpbYdWjODl1GaXfaBGrTvS6vVrDmmzv7ulzA=; b=jwie3gcItjrTbTP8AJ06AOiydFpwGJrJ9Ot+QnLmQruSBzDcxMvqrueHd+ymPNmWml eUO1BUNXi9hc/cwlyE0jreIN/7cODph2/I4XU5wirg+sxNQjsQ8wxjXFl4tWl57ETEY5 6pZ08+1DRd3Xz4jYzVE9yJZGr4XSwlaSvqQGdZcDbj5H+0IXbco55p0+VuHlAltvdDOG EmrSbQqOt/wvPsHr3Xn4d+dxJeH9bpG3jT0AA+D9M7z15UGKrfHIlehNhycDxwSOgwMj /ot7BB+2Vawqa7/m1TCb2SWWcz40xHY4hRbxQdWutAp4vxdSbbRbOKGlMbamUUr9fDAN g4qQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=uX7ZnLp0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id ob17si5076757pjb.136.2022.02.09.01.32.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Feb 2022 01:32:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=uX7ZnLp0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 121D9E057C01; Wed, 9 Feb 2022 01:00:04 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1388581AbiBGLoA (ORCPT + 99 others); Mon, 7 Feb 2022 06:44:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37484 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1384361AbiBGL2A (ORCPT ); Mon, 7 Feb 2022 06:28:00 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 26AC3C03FEFF; Mon, 7 Feb 2022 03:26:08 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 83E96B811B3; Mon, 7 Feb 2022 11:26:07 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C95ECC004E1; Mon, 7 Feb 2022 11:26:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1644233166; bh=tzgF2lLRVeO9JbCxJ6yO7uNVPTSA0/Rh2rbE1TmBoxs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=uX7ZnLp0r+ITwFkZPBvmyMgfN/ZG0pFX/kYkXIS60NYtUy31kPRIQ4pF4fttZw7kQ AaGFcdQx9bu0lNERJRl22TINzxqkVZDQeglJ3qp5k+RF0ams6NmAEqNCG5PkDsOd5t ngCHmCq+qr+k2jRdg0SJuaW3L+K39qMOIapdN2rU= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Steven Price , James Morse , Marc Zyngier Subject: [PATCH 5.15 037/110] KVM: arm64: Avoid consuming a stale esr value when SError occur Date: Mon, 7 Feb 2022 12:06:10 +0100 Message-Id: <20220207103803.530037238@linuxfoundation.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220207103802.280120990@linuxfoundation.org> References: <20220207103802.280120990@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: James Morse commit 1c71dbc8a179d99dd9bb7e7fc1888db613cf85de upstream. When any exception other than an IRQ occurs, the CPU updates the ESR_EL2 register with the exception syndrome. An SError may also become pending, and will be synchronised by KVM. KVM notes the exception type, and whether an SError was synchronised in exit_code. When an exception other than an IRQ occurs, fixup_guest_exit() updates vcpu->arch.fault.esr_el2 from the hardware register. When an SError was synchronised, the vcpu esr value is used to determine if the exception was due to an HVC. If so, ELR_EL2 is moved back one instruction. This is so that KVM can process the SError first, and re-execute the HVC if the guest survives the SError. But if an IRQ synchronises an SError, the vcpu's esr value is stale. If the previous non-IRQ exception was an HVC, KVM will corrupt ELR_EL2, causing an unrelated guest instruction to be executed twice. Check ARM_EXCEPTION_CODE() before messing with ELR_EL2, IRQs don't update this register so don't need to check. Fixes: defe21f49bc9 ("KVM: arm64: Move PC rollback on SError to HYP") Cc: stable@vger.kernel.org Reported-by: Steven Price Signed-off-by: James Morse Signed-off-by: Marc Zyngier Link: https://lore.kernel.org/r/20220127122052.1584324-3-james.morse@arm.com Signed-off-by: Greg Kroah-Hartman --- arch/arm64/kvm/hyp/include/hyp/switch.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/arch/arm64/kvm/hyp/include/hyp/switch.h +++ b/arch/arm64/kvm/hyp/include/hyp/switch.h @@ -425,7 +425,8 @@ static inline bool fixup_guest_exit(stru if (ARM_EXCEPTION_CODE(*exit_code) != ARM_EXCEPTION_IRQ) vcpu->arch.fault.esr_el2 = read_sysreg_el2(SYS_ESR); - if (ARM_SERROR_PENDING(*exit_code)) { + if (ARM_SERROR_PENDING(*exit_code) && + ARM_EXCEPTION_CODE(*exit_code) != ARM_EXCEPTION_IRQ) { u8 esr_ec = kvm_vcpu_trap_get_class(vcpu); /*