git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Marc Zyngier <maz@kernel.org>
	Wed, 7 Jan 2026 12:46:00 +0000 (12:46 +0000)
committer	Oliver Upton <oupton@kernel.org>
	Fri, 9 Jan 2026 23:43:14 +0000 (15:43 -0800)
commit	86364832ba6f2777db98391060b2d7f69938ad9b
tree	f8aba64141da361ebf4deb9d60de8c554dd2c164	tree \| snapshot
parent	9e27085c33cca7ad26bec0af2c17aab072dd802e	commit \| diff

KVM: arm64: Don't blindly set set PSTATE.PAN on guest exit

We set PSTATE.PAN to 1 on exiting from a guest if PAN support has
been compiled in and that it exists on the HW. However, this is not
necessarily correct.

In a nVHE configuration, there is no notion of PAN at EL2, so setting
PSTATE.PAN to anything is pointless.

Furthermore, not setting PAN to 0 when CONFIG_ARM64_PAN isn't set
means we run with the *guest's* PSTATE.PAN (which might be set to 1),
and we will explode on the next userspace access. Yes, the architecture
is delightful in that particular corner.

Fix the whole thing by always setting PAN to something when running
VHE (which implies PAN support), and only ignore it when running nVHE.

Reported-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://msgid.link/20260107124600.2736328-1-maz@kernel.org
Signed-off-by: Oliver Upton <oupton@kernel.org>

arch/arm64/include/asm/kvm_asm.h		diff \| blob \| blame \| history
arch/arm64/include/asm/sysreg.h		diff \| blob \| blame \| history
arch/arm64/kernel/image-vars.h		diff \| blob \| blame \| history
arch/arm64/kvm/hyp/entry.S		diff \| blob \| blame \| history
arch/arm64/kvm/va_layout.c		diff \| blob \| blame \| history