diff options
| author | Quentin Perret <qperret@google.com> | 2025-06-25 10:55:48 +0000 | 
|---|---|---|
| committer | Marc Zyngier <maz@kernel.org> | 2025-06-26 08:04:43 +0100 | 
| commit | e728e705802fec20f65d974a5d5eb91217ac618d (patch) | |
| tree | c827ab62c26b204433326219e4fe56a641a59d72 /lib/timerqueue.c | |
| parent | af040a9a296044fd4b748786c2516f172a7617f1 (diff) | |
KVM: arm64: Adjust range correctly during host stage-2 faults
host_stage2_adjust_range() tries to find the largest block mapping that
fits within a memory or mmio region (represented by a kvm_mem_range in
this function) during host stage-2 faults under pKVM. To do so, it walks
the host stage-2 page-table, finds the faulting PTE and its level, and
then progressively increments the level until it finds a granule of the
appropriate size. However, the condition in the loop implementing the
above is broken as it checks kvm_level_supports_block_mapping() for the
next level instead of the current, so pKVM may attempt to map a region
larger than can be covered with a single block.
This is not a security problem and is quite rare in practice (the
kvm_mem_range check usually forces host_stage2_adjust_range() to choose a
smaller granule), but this is clearly not the expected behaviour.
Refactor the loop to fix the bug and improve readability.
Fixes: c4f0935e4d95 ("KVM: arm64: Optimize host memory aborts")
Signed-off-by: Quentin Perret <qperret@google.com>
Link: https://lore.kernel.org/r/20250625105548.984572-1-qperret@google.com
Signed-off-by: Marc Zyngier <maz@kernel.org>
Diffstat (limited to 'lib/timerqueue.c')
0 files changed, 0 insertions, 0 deletions
