KVM: arm64: PMU: Preserve AArch32 counter low bits

AArch32 writes to PMU event counters cannot update the top 32 bits,
even when PMUv3p5 makes the counters 64-bit. KVM therefore needs to
preserve the existing high half and only update the low half written by
the guest, unless the caller explicitly forces a full reset through
PMCR.P.

The current code masks @val down to the old high half before taking
lower_32_bits(val), which means the low half is always zero. As a
result, AArch32 writes to event counters discard the guest-provided low
32 bits instead of storing them.

Build the new value from the old high 32 bits and the low 32 bits of
the value supplied by the guest.

Fixes: 26d2d0594d70 ("KVM: arm64: PMU: Do not let AArch32 change the counters' top 32 bits")
Signed-off-by: Qiang Ma <maqianga@uniontech.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://patch.msgid.link/20260526074640.791991-1-maqianga@uniontech.com
Cc: stable@vger.kernel.org

diff --git a/arch/arm64/kvm/pmu-emul.c b/arch/arm64/kvm/pmu-emul.c
index e1860acae641fa2f6da711898355a6be1e0a7c36..c816db5d6761128f7f996816a35abace3ea5406e 100644 (file)
--- a/arch/arm64/kvm/pmu-emul.c
+++ b/arch/arm64/kvm/pmu-emul.c
@@ -174,8 +174,8 @@ static void kvm_pmu_set_pmc_value(struct kvm_pmc *pmc, u64 val, bool force)
                 * action is to use PMCR.P, which will reset them to
                 * 0 (the only use of the 'force' parameter).
                 */
-               val  = __vcpu_sys_reg(vcpu, reg) & GENMASK(63, 32);
-               val |= lower_32_bits(val);
+               val = (__vcpu_sys_reg(vcpu, reg) & GENMASK(63, 32)) |
+                     lower_32_bits(val);
        }
 
        __vcpu_assign_sys_reg(vcpu, reg, val);