From b1863b9e8fa58521e64c157576e19d5b98304d8f Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 6 Oct 2025 12:08:25 +0200
Subject: [PATCH] 6.6-stable patches

added patches:
	kvm-arm64-fix-softirq-masking-in-fpsimd-register-saving-sequence.patch
	series
---
 ...g-in-fpsimd-register-saving-sequence.patch | 95 +++++++++++++++++++
 queue-6.6/series                              |  1 +
 2 files changed, 96 insertions(+)
 create mode 100644 queue-6.6/kvm-arm64-fix-softirq-masking-in-fpsimd-register-saving-sequence.patch
 create mode 100644 queue-6.6/series

diff --git a/queue-6.6/kvm-arm64-fix-softirq-masking-in-fpsimd-register-saving-sequence.patch b/queue-6.6/kvm-arm64-fix-softirq-masking-in-fpsimd-register-saving-sequence.patch
new file mode 100644
index 0000000000..020c246285
--- /dev/null
+++ b/queue-6.6/kvm-arm64-fix-softirq-masking-in-fpsimd-register-saving-sequence.patch
@@ -0,0 +1,95 @@
+From will@kernel.org  Mon Oct  6 11:58:17 2025
+From: Will Deacon <will@kernel.org>
+Date: Fri,  3 Oct 2025 19:40:54 +0100
+Subject: KVM: arm64: Fix softirq masking in FPSIMD register saving sequence
+To: stable@vger.kernel.org
+Cc: linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, Will Deacon <will@kernel.org>, Ard Biesheuvel <ardb@kernel.org>, Lee Jones <lee@kernel.org>, Sasha Levin <sashal@kernel.org>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Kenneth Van Alstyne <kvanals@kvanals.org>
+Message-ID: <20251003184054.4286-1-will@kernel.org>
+
+From: Will Deacon <will@kernel.org>
+
+Stable commit 28b82be094e2 ("KVM: arm64: Fix kernel BUG() due to bad
+backport of FPSIMD/SVE/SME fix") fixed a kernel BUG() caused by a bad
+backport of upstream commit fbc7e61195e2 ("KVM: arm64: Unconditionally
+save+flush host FPSIMD/SVE/SME state") by ensuring that softirqs are
+disabled/enabled across the fpsimd register save operation.
+
+Unfortunately, although this fixes the original issue, it can now lead
+to deadlock when re-enabling softirqs causes pending softirqs to be
+handled with locks already held:
+
+ | BUG: spinlock recursion on CPU#7, CPU 3/KVM/57616
+ |  lock: 0xffff3045ef850240, .magic: dead4ead, .owner: CPU 3/KVM/57616, .owner_cpu: 7
+ | CPU: 7 PID: 57616 Comm: CPU 3/KVM Tainted: G           O       6.1.152 #1
+ | Hardware name: SoftIron SoftIron Platform Mainboard/SoftIron Platform Mainboard, BIOS 1.31 May 11 2023
+ | Call trace:
+ |  dump_backtrace+0xe4/0x110
+ |  show_stack+0x20/0x30
+ |  dump_stack_lvl+0x6c/0x88
+ |  dump_stack+0x18/0x34
+ |  spin_dump+0x98/0xac
+ |  do_raw_spin_lock+0x70/0x128
+ |  _raw_spin_lock+0x18/0x28
+ |  raw_spin_rq_lock_nested+0x18/0x28
+ |  update_blocked_averages+0x70/0x550
+ |  run_rebalance_domains+0x50/0x70
+ |  handle_softirqs+0x198/0x328
+ |  __do_softirq+0x1c/0x28
+ |  ____do_softirq+0x18/0x28
+ |  call_on_irq_stack+0x30/0x48
+ |  do_softirq_own_stack+0x24/0x30
+ |  do_softirq+0x74/0x90
+ |  __local_bh_enable_ip+0x64/0x80
+ |  fpsimd_save_and_flush_cpu_state+0x5c/0x68
+ |  kvm_arch_vcpu_put_fp+0x4c/0x88
+ |  kvm_arch_vcpu_put+0x28/0x88
+ |  kvm_sched_out+0x38/0x58
+ |  __schedule+0x55c/0x6c8
+ |  schedule+0x60/0xa8
+
+Take a tiny step towards the upstream fix in 9b19700e623f ("arm64:
+fpsimd: Drop unneeded 'busy' flag") by additionally disabling hardirqs
+while saving the fpsimd registers.
+
+Cc: Ard Biesheuvel <ardb@kernel.org>
+Cc: Lee Jones <lee@kernel.org>
+Cc: Sasha Levin <sashal@kernel.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: <stable@vger.kernel.org> # 6.6.y
+Fixes: 28b82be094e2 ("KVM: arm64: Fix kernel BUG() due to bad backport of FPSIMD/SVE/SME fix")
+Reported-by: Kenneth Van Alstyne <kvanals@kvanals.org>
+Link: https://lore.kernel.org/r/010001999bae0958-4d80d25d-8dda-4006-a6b9-798f3e774f6c-000000@email.amazonses.com
+Signed-off-by: Will Deacon <will@kernel.org>
+Acked-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/arm64/kernel/fpsimd.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/arch/arm64/kernel/fpsimd.c b/arch/arm64/kernel/fpsimd.c
+index d0d836448a76..83827384982e 100644
+--- a/arch/arm64/kernel/fpsimd.c
++++ b/arch/arm64/kernel/fpsimd.c
+@@ -1873,13 +1873,17 @@ static void fpsimd_flush_cpu_state(void)
+  */
+ void fpsimd_save_and_flush_cpu_state(void)
+ {
++	unsigned long flags;
++
+ 	if (!system_supports_fpsimd())
+ 		return;
+ 	WARN_ON(preemptible());
+-	get_cpu_fpsimd_context();
++	local_irq_save(flags);
++	__get_cpu_fpsimd_context();
+ 	fpsimd_save();
+ 	fpsimd_flush_cpu_state();
+-	put_cpu_fpsimd_context();
++	__put_cpu_fpsimd_context();
++	local_irq_restore(flags);
+ }
+ 
+ #ifdef CONFIG_KERNEL_MODE_NEON
+-- 
+2.51.0.618.g983fd99d29-goog
+
diff --git a/queue-6.6/series b/queue-6.6/series
new file mode 100644
index 0000000000..19481ac8a3
--- /dev/null
+++ b/queue-6.6/series
@@ -0,0 +1 @@
+kvm-arm64-fix-softirq-masking-in-fpsimd-register-saving-sequence.patch
-- 
2.47.3