[PATCH] arm64: smccc: Save lr before calling __arm_smccc_sve_check()

[PATCH] arm64: smccc: Save lr before calling __arm_smccc_sve_check()

[Jean-Philippe Brucker]

Commit cfa7ff959a78 ("arm64: smccc: Support SMCCC v1.3 SVE register
saving hint") added a call to __arm_smccc_sve_check() which clobbers the
lr (register x30), causing __arm_smccc_hvc() to return to itself and
crash. Save lr on the stack before calling __arm_smccc_sve_check(), and
adjust the offsets used to access stack parameters.

Fixes: cfa7ff959a78 ("arm64: smccc: Support SMCCC v1.3 SVE register saving hint")
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
---

Under QEMU TCG (-cpu max), PSCI calls now cause a BUG(), since the
clobbered lr causes __arm_smccc_hvc() to return to the hvc instruction
with invalid x0 parameter, which is treated as undefined instruction by
TCG.
---
 arch/arm64/kernel/smccc-call.S | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/arch/arm64/kernel/smccc-call.S b/arch/arm64/kernel/smccc-call.S
index d3d37f932b97..c16679eec7af 100644
--- a/arch/arm64/kernel/smccc-call.S
+++ b/arch/arm64/kernel/smccc-call.S
@@ -32,20 +32,22 @@ SYM_FUNC_END(__arm_smccc_sve_check)
 EXPORT_SYMBOL(__arm_smccc_sve_check)
 
 	.macro SMCCC instr
+	stp     x29, x30, [sp, #-16]!
 alternative_if ARM64_SVE
 	bl	__arm_smccc_sve_check
 alternative_else_nop_endif
 	\instr	#0
-	ldr	x4, [sp]
+	ldr	x4, [sp, #16]
 	stp	x0, x1, [x4, #ARM_SMCCC_RES_X0_OFFS]
 	stp	x2, x3, [x4, #ARM_SMCCC_RES_X2_OFFS]
-	ldr	x4, [sp, #8]
+	ldr	x4, [sp, #24]
 	cbz	x4, 1f /* no quirk structure */
 	ldr	x9, [x4, #ARM_SMCCC_QUIRK_ID_OFFS]
 	cmp	x9, #ARM_SMCCC_QUIRK_QCOM_A6
 	b.ne	1f
 	str	x6, [x4, ARM_SMCCC_QUIRK_STATE_OFFS]
-1:	ret
+1:	ldp     x29, x30, [sp], #16
+	ret
 	.endm
 
 /*
-- 
2.32.0


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH] arm64: smccc: Save lr before calling __arm_smccc_sve_check()

[Ard Biesheuvel]

On Tue, 20 Jul 2021 at 18:37, Jean-Philippe Brucker
<jean-philippe@linaro.org> wrote:
>
> Commit cfa7ff959a78 ("arm64: smccc: Support SMCCC v1.3 SVE register
> saving hint") added a call to __arm_smccc_sve_check() which clobbers the
> lr (register x30), causing __arm_smccc_hvc() to return to itself and
> crash. Save lr on the stack before calling __arm_smccc_sve_check(), and
> adjust the offsets used to access stack parameters.
>
> Fixes: cfa7ff959a78 ("arm64: smccc: Support SMCCC v1.3 SVE register saving hint")
> Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>

> ---
>
> Under QEMU TCG (-cpu max), PSCI calls now cause a BUG(), since the
> clobbered lr causes __arm_smccc_hvc() to return to the hvc instruction
> with invalid x0 parameter, which is treated as undefined instruction by
> TCG.
> ---
>  arch/arm64/kernel/smccc-call.S | 8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm64/kernel/smccc-call.S b/arch/arm64/kernel/smccc-call.S
> index d3d37f932b97..c16679eec7af 100644
> --- a/arch/arm64/kernel/smccc-call.S
> +++ b/arch/arm64/kernel/smccc-call.S
> @@ -32,20 +32,22 @@ SYM_FUNC_END(__arm_smccc_sve_check)
>  EXPORT_SYMBOL(__arm_smccc_sve_check)
>
>         .macro SMCCC instr
> +       stp     x29, x30, [sp, #-16]!

Please add a

mov x29, sp

here to create a proper stack frame

With that

Acked-by: Ard Biesheuvel <ardb@kernel.org>


>  alternative_if ARM64_SVE
>         bl      __arm_smccc_sve_check
>  alternative_else_nop_endif
>         \instr  #0
> -       ldr     x4, [sp]
> +       ldr     x4, [sp, #16]
>         stp     x0, x1, [x4, #ARM_SMCCC_RES_X0_OFFS]
>         stp     x2, x3, [x4, #ARM_SMCCC_RES_X2_OFFS]
> -       ldr     x4, [sp, #8]
> +       ldr     x4, [sp, #24]
>         cbz     x4, 1f /* no quirk structure */
>         ldr     x9, [x4, #ARM_SMCCC_QUIRK_ID_OFFS]
>         cmp     x9, #ARM_SMCCC_QUIRK_QCOM_A6
>         b.ne    1f
>         str     x6, [x4, ARM_SMCCC_QUIRK_STATE_OFFS]
> -1:     ret
> +1:     ldp     x29, x30, [sp], #16
> +       ret
>         .endm
>
>  /*
> --
> 2.32.0
>
>
> _______________________________________________
> linux-arm-kernel mailing list
> linux-arm-kernel@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH] arm64: smccc: Save lr before calling __arm_smccc_sve_check()

[Mark Brown]

[-- Attachment #1.1: Type: text/plain, Size: 458 bytes --]

On Tue, Jul 20, 2021 at 06:31:05PM +0200, Jean-Philippe Brucker wrote:
> Commit cfa7ff959a78 ("arm64: smccc: Support SMCCC v1.3 SVE register
> saving hint") added a call to __arm_smccc_sve_check() which clobbers the
> lr (register x30), causing __arm_smccc_hvc() to return to itself and
> crash. Save lr on the stack before calling __arm_smccc_sve_check(), and
> adjust the offsets used to access stack parameters.

Acked-by: Mark Brown <broonie@kernel.org>

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

[-- Attachment #2: Type: text/plain, Size: 176 bytes --]

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel