Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp3798910pxp;
        Tue, 15 Mar 2022 06:34:51 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzmgemo6wP4eSXQPaXO51PwOq4OS+ujpDbQFgpNLXjJNiEjsklvXoyU+uOGhj3nGXHy/CEN
X-Received: by 2002:a63:6a41:0:b0:37c:7a6e:e7a3 with SMTP id f62-20020a636a41000000b0037c7a6ee7a3mr23577025pgc.528.1647351290935;
        Tue, 15 Mar 2022 06:34:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1647351290; cv=none;
        d=google.com; s=arc-20160816;
        b=fLEyS8iHP1HpmOTN+Nn/bRSgM6Ng+T+veA+SdEy1ajOthuZ7B/njRkwkx1xJSo7Y2H
         VeB30liCsM3z3hLZadKcrAziyJVocR6iYm1Y4b0UxhlCx0En5B8eHNKOLDHNH6fT166E
         wQGyMeY3GkNqQIHTjDYAsq3GJm0bhcc2OBZNoXJ4fIS1p31ddvoxQFTufPkM9ifdE3Nn
         nppztiKWO+mqOwoNeu7IXmihNXyBZC+n+ME94yTdlt8ON92RwqGZ6DlMf9GBYPhwoSfD
         8lFFX0t+3qZlqaMtkYDZlYdXp/wDBj7FJNOYjMQFgzymbArj7CeoF8j8YKpejrONVBUf
         fouQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=84Y+52MwsE2+msUVUEOtqcZ8zaOu7od7fFcFjtFL188=;
        b=XGn1gza3R0yWSEjoIxHZsRJyII6NOuQdugfNTiqRv9fCY/qk8708nkC1Zibb+s55Yq
         HvYu3kT43WQaP2dxJoAq3c4dEqwpcSdqP5ym3aG+PtlItsuFEeQwJ05j8N/MA7BXF/+k
         lKF9qa2g3/hWINiZurk8KeRV8mcNsfFqgciu07Ao9OisQK+fJtf5Z2FJx3omlq2MYwXo
         6ewlZVUO8M80M1WI89bxLbXx1Tz1mQgmpceG00ocOpdXKZ7XiZsG6+nHiQmT4yRhTn3S
         HEDMuiQ2tFM3ph+TefeECuaW31A2c+bI4K7nAcJCu83VM7Cll4LgN5rGK8d2jDkRxfj2
         NZNA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=U1fHlND1;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id 14-20020a63114e000000b003713a2e32d1si18507302pgr.285.2022.03.15.06.34.36;
        Tue, 15 Mar 2022 06:34:50 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=U1fHlND1;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S239583AbiCNLpI (ORCPT <rfc822;shakeebbk@gmail.com> + 99 others);
        Mon, 14 Mar 2022 07:45:08 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41564 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S239527AbiCNLmr (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 14 Mar 2022 07:42:47 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 624E23BA4E;
        Mon, 14 Mar 2022 04:40:11 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id 0942CB80DC4;
        Mon, 14 Mar 2022 11:40:11 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 667D9C340EC;
        Mon, 14 Mar 2022 11:40:09 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1647258009;
        bh=cLHQDXAZOpyLaLgN179kv4tfiwa3d6XUTCrpezCTBoQ=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=U1fHlND19THm0CdVVZsYheUk+NgsQYyDqmqj57KEVtPkOiHw6XjSMyGVc0RpdSdCy
         FfU+EPgBTHqdtnJCZUb6lirnvfQQRG00WOKQDzvzBf2JTXn0pbuMNg4nUc6n8F5ABb
         7C3HHVnBlK4hTds/oGlnGgOkL7FHCcnkdNMNkjS8=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, James Morse <james.morse@arm.com>
Subject: [PATCH 4.19 22/30] KVM: arm64: Reset PMC_EL0 to avoid a panic() on systems with no PMU
Date:   Mon, 14 Mar 2022 12:34:40 +0100
Message-Id: <20220314112732.412975093@linuxfoundation.org>
X-Mailer: git-send-email 2.35.1
In-Reply-To: <20220314112731.785042288@linuxfoundation.org>
References: <20220314112731.785042288@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: James Morse <james.morse@arm.com>

The logic in commit 2a5f1b67ec57 "KVM: arm64: Don't access PMCR_EL0 when no
PMU is available" relies on an empty reset handler being benign.  This was
not the case in earlier kernel versions, so the stable backport of this
patch is causing problems.

KVMs behaviour in this area changed over time. In particular, prior to commit
03fdfb269009 ("KVM: arm64: Don't write junk to sysregs on reset"), an empty
reset handler will trigger a warning, as the guest registers have been
poisoned.
Prior to commit 20589c8cc47d ("arm/arm64: KVM: Don't panic on failure to
properly reset system registers"), this warning was a panic().

Instead of reverting the backport, make it write 0 to the sys_reg[] array.
This keeps the reset logic happy, and the dodgy value can't be seen by
the guest as it can't request the emulation.

The original bug was accessing the PMCR_EL0 register on CPUs that don't
implement that feature. There is no known silicon that does this, but
v4.9's ACPI support is unable to find the PMU, so triggers this code:

| Kernel panic - not syncing: Didn't reset vcpu_sys_reg(24)
| CPU: 1 PID: 3055 Comm: lkvm Not tainted 4.9.302-00032-g64e078a56789 #13476
| Hardware name: ARM LTD ARM Juno Development Platform/ARM Juno Development Platform, BIOS EDK II Jul 30 2018
| Call trace:
| [<ffff00000808b4b0>] dump_backtrace+0x0/0x1a0
| [<ffff00000808b664>] show_stack+0x14/0x20
| [<ffff0000088f0e18>] dump_stack+0x98/0xb8
| [<ffff0000088eef08>] panic+0x118/0x274
| [<ffff0000080b50e0>] access_actlr+0x0/0x20
| [<ffff0000080b2620>] kvm_reset_vcpu+0x5c/0xac
| [<ffff0000080ac688>] kvm_arch_vcpu_ioctl+0x3e4/0x490
| [<ffff0000080a382c>] kvm_vcpu_ioctl+0x5b8/0x720
| [<ffff000008201e44>] do_vfs_ioctl+0x2f4/0x884
| [<ffff00000820244c>] SyS_ioctl+0x78/0x9c
| [<ffff000008083a9c>] __sys_trace_return+0x0/0x4

Cc: <stable@vger.kernel.org> # < v5.3 with 2a5f1b67ec57 backported
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 arch/arm64/kvm/sys_regs.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

--- a/arch/arm64/kvm/sys_regs.c
+++ b/arch/arm64/kvm/sys_regs.c
@@ -620,8 +620,10 @@ static void reset_pmcr(struct kvm_vcpu *
 	u64 pmcr, val;
 
 	/* No PMU available, PMCR_EL0 may UNDEF... */
-	if (!kvm_arm_support_pmu_v3())
+	if (!kvm_arm_support_pmu_v3()) {
+		vcpu_sys_reg(vcpu, PMCR_EL0) = 0;
 		return;
+	}
 
 	pmcr = read_sysreg(pmcr_el0);
 	/*