Patch "KVM: arm64: Always start with clearing SVE flag on load" has been added to the 5.15-stable tree

Mon Apr 21 23:45:13 PDT 2025

This is a note to let you know that I've just added the patch titled

    KVM: arm64: Always start with clearing SVE flag on load

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     kvm-arm64-always-start-with-clearing-sve-flag-on-load.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable at vger.kernel.org> know about it.


>From stable+bounces-131827-greg=kroah.com at vger.kernel.org Tue Apr  8 20:23:41 2025
From: Mark Brown <broonie at kernel.org>
Date: Tue, 08 Apr 2025 19:09:57 +0100
Subject: KVM: arm64: Always start with clearing SVE flag on load
To: Greg Kroah-Hartman <gregkh at linuxfoundation.org>,  Marc Zyngier <maz at kernel.org>, James Morse <james.morse at arm.com>,  Suzuki K Poulose <suzuki.poulose at arm.com>,  Catalin Marinas <catalin.marinas at arm.com>, Will Deacon <will at kernel.org>,  Oleg Nesterov <oleg at redhat.com>, Oliver Upton <oliver.upton at linux.dev>
Cc: linux-arm-kernel at lists.infradead.org, kvmarm at lists.cs.columbia.edu,  linux-kernel at vger.kernel.org, stable at vger.kernel.org,  Mark Brown <broonie at kernel.org>
Message-ID: <20250408-stable-sve-5-15-v3-2-ca9a6b850f55 at kernel.org>

From: Marc Zyngier <maz at kernel.org>

[ Upstream commit d52d165d67c5aa26c8c89909003c94a66492d23d ]

On each vcpu load, we set the KVM_ARM64_HOST_SVE_ENABLED
flag if SVE is enabled for EL0 on the host. This is used to restore
the correct state on vpcu put.

However, it appears that nothing ever clears this flag. Once
set, it will stick until the vcpu is destroyed, which has the
potential to spuriously enable SVE for userspace.

We probably never saw the issue because no VMM uses SVE, but
that's still pretty bad. Unconditionally clearing the flag
on vcpu load addresses the issue.

Fixes: 8383741ab2e7 ("KVM: arm64: Get rid of host SVE tracking/saving")
Signed-off-by: Marc Zyngier <maz at kernel.org>
Cc: stable at vger.kernel.org
Reviewed-by: Mark Brown <broonie at kernel.org>
Link: https://lore.kernel.org/r/20220528113829.1043361-2-maz@kernel.org
Signed-off-by: Mark Brown <broonie at kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
---
 arch/arm64/kvm/fpsimd.c |    1 +
 1 file changed, 1 insertion(+)

--- a/arch/arm64/kvm/fpsimd.c
+++ b/arch/arm64/kvm/fpsimd.c
@@ -75,6 +75,7 @@ void kvm_arch_vcpu_load_fp(struct kvm_vc
 	vcpu->arch.flags &= ~KVM_ARM64_FP_ENABLED;
 	vcpu->arch.flags |= KVM_ARM64_FP_HOST;
 
+	vcpu->arch.flags &= ~KVM_ARM64_HOST_SVE_ENABLED;
 	if (read_sysreg(cpacr_el1) & CPACR_EL1_ZEN_EL0EN)
 		vcpu->arch.flags |= KVM_ARM64_HOST_SVE_ENABLED;
 }


Patches currently in stable-queue which might be from broonie at kernel.org are

queue-5.15/kvm-arm64-remove-host-fpsimd-saving-for-non-protected-kvm.patch
queue-5.15/spi-cadence-qspi-fix-probe-on-am62a-lp-sk.patch
queue-5.15/asoc-qdsp6-q6asm-dai-fix-q6asm_dai_compr_set_params-error-path.patch
queue-5.15/kvm-arm64-eagerly-switch-zcr_el-1-2.patch
queue-5.15/kvm-arm64-unconditionally-save-flush-host-fpsimd-sve-sme-state.patch
queue-5.15/kvm-arm64-always-start-with-clearing-sve-flag-on-load.patch
queue-5.15/asoc-codecs-lpass-wsa-macro-fix-vi-feedback-rate.patch
queue-5.15/arm64-fpsimd-track-the-saved-fpsimd-state-type-separately-to-tif_sve.patch
queue-5.15/kvm-arm64-get-rid-of-host-sve-tracking-saving.patch
queue-5.15/kvm-arm64-remove-vhe-host-restore-of-cpacr_el1.zen.patch
queue-5.15/asoc-fsl_audmix-register-card-device-depends-on-dais.patch
queue-5.15/arm64-fpsimd-have-kvm-explicitly-say-which-fp-registers-to-save.patch
queue-5.15/kvm-arm64-discard-any-sve-state-when-entering-kvm-guests.patch
queue-5.15/arm64-fpsimd-stop-using-tif_sve-to-manage-register-saving-in-kvm.patch
queue-5.15/asoc-codecs-lpass-wsa-macro-fix-logic-of-enabling-vi-channels.patch
queue-5.15/kvm-arm64-calculate-cptr_el2-traps-on-activating-traps.patch

