KVM: arm64: Reject non compliant SMCCC function calls in pKVM

Prevent the propagation of a function-id that has the top bits set since
this is not compliant with the SMCCC spec and can overlap with the
already known function-id decoders. (eg. if we invoke an smc with
0xffffffffc4000012 it will be decoded as a PSCI reset call). Instead,
make it clear that we don't support it and return an error.

Signed-off-by: Sebastian Ene <sebastianene@google.com>
Link: https://patch.msgid.link/20260408114118.422604-1-sebastianene@google.com
Signed-off-by: Marc Zyngier <maz@kernel.org>

diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
index 1de9c70599c6561f4c8650839fffe8f0b3ee107f..06db299c37a89a9873936014370e64ac9ac254f7 100644 (file)
--- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
@@ -805,6 +805,10 @@ static void handle_host_smc(struct kvm_cpu_context *host_ctxt)
        }
 
        func_id &= ~ARM_SMCCC_CALL_HINTS;
+       if (upper_32_bits(func_id)) {
+               cpu_reg(host_ctxt, 0) = SMCCC_RET_NOT_SUPPORTED;
+               goto exit_skip_instr;
+       }
 
        handled = kvm_host_psci_handler(host_ctxt, func_id);
        if (!handled)