• Mark Rutland's avatar
    arm64: kvm: restore EL1N SP for panic · db85c55f
    Mark Rutland authored
    If we panic in hyp mode, we inject a call to panic() into the EL1N host
    kernel. If a guest context is active, we first attempt to restore the
    minimal amount of state necessary to execute the host kernel with
    restore_sysregs.
    
    However, the SP is restored as part of restore_common_regs, and so we
    may return to the host's panic() function with the SP of the guest. Any
    calculations based on the SP will be bogus, and any attempt to access
    the stack will result in recursive data aborts.
    
    When running Linux as a guest, the guest's EL1N SP is like to be some
    valid kernel address. In this case, the host kernel may use that region
    as a stack for panic(), corrupting it in the process.
    
    Avoid the problem by restoring the host SP prior to returning to the
    host. To prevent misleading backtraces in the host, the FP is zeroed at
    the same time. We don't need any of the other "common" registers in
    order to panic successfully.
    Signed-off-by: default avatarMark Rutland <mark.rutland@arm.com>
    Acked-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
    Cc: Christoffer Dall <christoffer.dall@linaro.org>
    Cc: <kvmarm@lists.cs.columbia.edu>
    Signed-off-by: default avatarChristoffer Dall <christoffer.dall@linaro.org>
    db85c55f
hyp.S 23.6 KB