From bf674eef9aab2f1e7d6e8b5cb34a15a46a2a756d Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 8 Aug 2022 15:25:56 +0200
Subject: [PATCH] 5.18-stable patches

added patches:
	arm64-set-uxn-on-swapper-page-tables.patch
---
 ...arm64-set-uxn-on-swapper-page-tables.patch | 59 +++++++++++++++++++
 queue-5.18/series                             |  1 +
 2 files changed, 60 insertions(+)
 create mode 100644 queue-5.18/arm64-set-uxn-on-swapper-page-tables.patch

diff --git a/queue-5.18/arm64-set-uxn-on-swapper-page-tables.patch b/queue-5.18/arm64-set-uxn-on-swapper-page-tables.patch
new file mode 100644
index 00000000000..695976a60f3
--- /dev/null
+++ b/queue-5.18/arm64-set-uxn-on-swapper-page-tables.patch
@@ -0,0 +1,59 @@
+From will@kernel.org  Mon Aug  8 15:23:59 2022
+From: Will Deacon <will@kernel.org>
+Date: Mon,  8 Aug 2022 13:53:21 +0100
+Subject: arm64: set UXN on swapper page tables
+To: gregkh@linuxfoundation.org
+Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, Peter Collingbourne <pcc@google.com>, stable@vger.kernel.org, Will Deacon <will@kernel.org>, Ard Biesheuvel <ardb@kernel.org>, Catalin Marinas <catalin.marinas@arm.com>
+Message-ID: <20220808125321.32598-1-will@kernel.org>
+
+From: Peter Collingbourne <pcc@google.com>
+
+[ This issue was fixed upstream by accident in c3cee924bd85 ("arm64:
+  head: cover entire kernel image in initial ID map") as part of a
+  large refactoring of the arm64 boot flow. This simple fix is therefore
+  preferred for -stable backporting ]
+
+On a system that implements FEAT_EPAN, read/write access to the idmap
+is denied because UXN is not set on the swapper PTEs. As a result,
+idmap_kpti_install_ng_mappings panics the kernel when accessing
+__idmap_kpti_flag. Fix it by setting UXN on these PTEs.
+
+Fixes: 18107f8a2df6 ("arm64: Support execute-only permissions with Enhanced PAN")
+Cc: <stable@vger.kernel.org> # 5.15
+Link: https://linux-review.googlesource.com/id/Ic452fa4b4f74753e54f71e61027e7222a0fae1b1
+Signed-off-by: Peter Collingbourne <pcc@google.com>
+Acked-by: Will Deacon <will@kernel.org>
+Cc: Ard Biesheuvel <ardb@kernel.org>
+Cc: Catalin Marinas <catalin.marinas@arm.com>
+Link: https://lore.kernel.org/r/20220719234909.1398992-1-pcc@google.com
+Signed-off-by: Will Deacon <will@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/arm64/include/asm/kernel-pgtable.h |    4 ++--
+ arch/arm64/kernel/head.S                |    2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/arch/arm64/include/asm/kernel-pgtable.h
++++ b/arch/arm64/include/asm/kernel-pgtable.h
+@@ -103,8 +103,8 @@
+ /*
+  * Initial memory map attributes.
+  */
+-#define SWAPPER_PTE_FLAGS	(PTE_TYPE_PAGE | PTE_AF | PTE_SHARED)
+-#define SWAPPER_PMD_FLAGS	(PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S)
++#define SWAPPER_PTE_FLAGS	(PTE_TYPE_PAGE | PTE_AF | PTE_SHARED | PTE_UXN)
++#define SWAPPER_PMD_FLAGS	(PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S | PMD_SECT_UXN)
+ 
+ #if ARM64_KERNEL_USES_PMD_MAPS
+ #define SWAPPER_MM_MMUFLAGS	(PMD_ATTRINDX(MT_NORMAL) | SWAPPER_PMD_FLAGS)
+--- a/arch/arm64/kernel/head.S
++++ b/arch/arm64/kernel/head.S
+@@ -285,7 +285,7 @@ SYM_FUNC_START_LOCAL(__create_page_table
+ 	subs	x1, x1, #64
+ 	b.ne	1b
+ 
+-	mov	x7, SWAPPER_MM_MMUFLAGS
++	mov_q	x7, SWAPPER_MM_MMUFLAGS
+ 
+ 	/*
+ 	 * Create the identity mapping.
diff --git a/queue-5.18/series b/queue-5.18/series
index f1c221207fe..f3babbf6724 100644
--- a/queue-5.18/series
+++ b/queue-5.18/series
@@ -16,3 +16,4 @@ kvm-selftests-restrict-test-region-to-48-bit-physica.patch
 tools-kvm_stat-fix-display-of-error-when-multiple-pr.patch
 selftests-kvm-handle-compiler-optimizations-in-ucall.patch
 kvm-x86-svm-add-__gfp_account-to-__sev_dbg_-en-de-cr.patch
+arm64-set-uxn-on-swapper-page-tables.patch
-- 
2.47.3