From nobody Fri Oct 3 20:24:58 2025 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A53B62F360C; Mon, 25 Aug 2025 15:18:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756135122; cv=none; b=QQ+Yt0gMZbPDZs376o1eFL/kd0bmmm4UtF6lL4ajt2ZcMIjH+FnravYE8wINbcsgGHV4HzXibGUHaPzCUr64DagCVvzD5gzftYuHOFbGarjrknmsH8nSvfxcxy2r72vR/yVVwcKWDFeRWu8t6W5CB1MfhQZLgx/QGBXUYySmteY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756135122; c=relaxed/simple; bh=c2b39EvPjP8TBAdeCNjBhSRcYeMBfCGN+RJKGU/Vsoo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=HojfOqkV2V3bYTwyysogHy20lYJTkaMZUmUHi2Ko6QVxC64NOn/xVeiitP+FYz5uf2jWshXOS7BK7WkxpCufARw3sI+uEE9MBOKJAgIBwhPOT1rdF6pdLryEsnePjf0CZ9gVP20UHDqQ7XIzovi9LTCTxJY058SSGtpLsIRCXPE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=k2ljsN43; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="k2ljsN43" Received: from pps.filterd (m0356517.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 57PBfW80006043; Mon, 25 Aug 2025 15:18:37 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=nOvnaQQs8vs6gp+37 M0siP+2K2MaM0nGK78Ablmg7mQ=; b=k2ljsN43+eCAz1GEt02tx1f0flnH6fboV aoK0XDLl/RmHzn2CbCPdUViTEgG/9etJdPNh6FZ6GyRKz7sk8D+3JhSg/QaNSeaQ I8DSDfSx+zkF6vigazkoji3jG4GFXetvtZAW649ok7umMx4o2kTUb/Fw/x0QxIo/ /CgU2tjZI9WOQ272ckRckOZ6MRWho0u9hcIgjk+egqFQt9H+qFXIcTvUcASU+xUs 7HkyJUPXFT4EcTpmr6OXVDh4rbpF8k9BfQsFKkv1jV0fQqjb9QHUoKpEspBuaI9u kaujC56BQ79ByS4mONcZtLP444uIMAI5Fx6vatzeD7TDH2sm8SiNA== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 48q97511tp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 25 Aug 2025 15:18:37 +0000 (GMT) Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 57PDMd8K007458; Mon, 25 Aug 2025 15:18:36 GMT Received: from smtprelay04.fra02v.mail.ibm.com ([9.218.2.228]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 48qqyu6p7p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 25 Aug 2025 15:18:36 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay04.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 57PFIXXD34538028 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 25 Aug 2025 15:18:33 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E80A720049; Mon, 25 Aug 2025 15:18:32 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5104320040; Mon, 25 Aug 2025 15:18:32 +0000 (GMT) Received: from p-imbrenda (unknown [9.111.17.238]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 25 Aug 2025 15:18:32 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: linux-s390@vger.kernel.org, kvm@vger.kernel.org, david@redhat.com, frankja@linux.ibm.com, seiden@linux.ibm.com, nsg@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, mhartmay@linux.ibm.com, borntraeger@de.ibm.com Subject: [PATCH v3 1/2] KVM: s390: Fix incorrect usage of mmu_notifier_register() Date: Mon, 25 Aug 2025 17:18:30 +0200 Message-ID: <20250825151831.78221-2-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20250825151831.78221-1-imbrenda@linux.ibm.com> References: <20250825151831.78221-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: RGsn1MQY6_8xgoCnc7xfUl1qgeObtJk0 X-Proofpoint-ORIG-GUID: RGsn1MQY6_8xgoCnc7xfUl1qgeObtJk0 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwODIzMDA3MSBTYWx0ZWRfX9RCQyNDqHgvM 5WHXsviBvR9MiRJh8eIMnWNhv300pHJ2ii+gHTcogKAbgsQpaIAKo81trfK/NcFat5Z83ntFOC7 YQqC5tioH22zrohGw9tUXoj/7t129OTo/tLyGDA0oGKsXgSc5PFJg/I1j0ak0QGPBNpis0yLSCb 7Z5ztKIgvsTX4rbWJz+8CxfgUVGUdecY3N8KlPP4YuzhH6BRMv7oCZ8eMmW/wGR8AkU7ofELIY9 oWa1kbsTPC1h5JDwjoM5JceduEDQJkQvvFKyGK1FaNx8xe4iU+I+lKIpdyIuKuBy+ZeiBngdJOg Up7I09MEnGlL2v+iDRvInzOLm0bHdUNCAwD3h0zQuAggZ3hAXEKeLgXEkjY8r+Em4uK/40YYr1t pM+PCEee X-Authority-Analysis: v=2.4 cv=RtDFLDmK c=1 sm=1 tr=0 ts=68ac7ecd cx=c_pps a=bLidbwmWQ0KltjZqbj+ezA==:117 a=bLidbwmWQ0KltjZqbj+ezA==:17 a=2OwXVqhp2XgA:10 a=VnNF1IyMAAAA:8 a=20KFwNOVAAAA:8 a=GJtTgPQnudJMRmo940AA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.1.9,FMLib:17.12.80.40 definitions=2025-08-25_07,2025-08-20_03,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 suspectscore=0 malwarescore=0 spamscore=0 priorityscore=1501 bulkscore=0 clxscore=1015 phishscore=0 adultscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2507300000 definitions=main-2508230071 Content-Type: text/plain; charset="utf-8" If mmu_notifier_register() fails, for example because a signal was pending, the mmu_notifier will not be registered. But when the VM gets destroyed, it will get unregistered anyway and that will cause one extra mmdrop(), which will eventually cause the mm of the process to be freed too early, and cause a use-after free. This bug happens rarely, and only when secure guests are involved. The solution is to check the return value of mmu_notifier_register() and return it to the caller (ultimately it will be propagated all the way to userspace). In case of -EINTR, userspace will try again. Fixes: ca2fd0609b5d ("KVM: s390: pv: add mmu_notifier") Signed-off-by: Claudio Imbrenda Reviewed-by: Christian Borntraeger Reviewed-by: David Hildenbrand Reviewed-by: Steffen Eiden Reviewed-by: Christoph Schlameuss --- arch/s390/kvm/pv.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/arch/s390/kvm/pv.c b/arch/s390/kvm/pv.c index 14c330ec8ceb..ede790798fa3 100644 --- a/arch/s390/kvm/pv.c +++ b/arch/s390/kvm/pv.c @@ -622,6 +622,17 @@ int kvm_s390_pv_init_vm(struct kvm *kvm, u16 *rc, u16 = *rrc) int cc, ret; u16 dummy; =20 + /* Add the notifier only once. No races because we hold kvm->lock */ + if (kvm->arch.pv.mmu_notifier.ops !=3D &kvm_s390_pv_mmu_notifier_ops) { + /* The notifier will be unregistered when the VM is destroyed */ + kvm->arch.pv.mmu_notifier.ops =3D &kvm_s390_pv_mmu_notifier_ops; + ret =3D mmu_notifier_register(&kvm->arch.pv.mmu_notifier, kvm->mm); + if (ret) { + kvm->arch.pv.mmu_notifier.ops =3D NULL; + return ret; + } + } + ret =3D kvm_s390_pv_alloc_vm(kvm); if (ret) return ret; @@ -657,11 +668,6 @@ int kvm_s390_pv_init_vm(struct kvm *kvm, u16 *rc, u16 = *rrc) return -EIO; } kvm->arch.gmap->guest_handle =3D uvcb.guest_handle; - /* Add the notifier only once. No races because we hold kvm->lock */ - if (kvm->arch.pv.mmu_notifier.ops !=3D &kvm_s390_pv_mmu_notifier_ops) { - kvm->arch.pv.mmu_notifier.ops =3D &kvm_s390_pv_mmu_notifier_ops; - mmu_notifier_register(&kvm->arch.pv.mmu_notifier, kvm->mm); - } return 0; } =20 --=20 2.51.0 From nobody Fri Oct 3 20:24:58 2025 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 21B7D2FD7A0; Mon, 25 Aug 2025 15:18:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756135123; cv=none; b=ICxMhYJUGIJ+s+H+7ESsnt7kp/8evPze3/T/xAh33fQ4VXaif4Di5xww5ueL91rl+DNro8BkyyZ2w4d98nnAURv2iILDzZ2Jw2EHhK3mSALQQ9hXEKdNnRmaKrRL3/5trYNh/zQNpxewwNYCVmcfolkRE6AeUU/hANnkRxiRrMs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756135123; c=relaxed/simple; bh=9jue979FcYfxOki+KK2bWILOLINI7UkesT2kcaszFMs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=KcDS7TY0uOAV5so68r5FRKVPzPJ5nY8Nd6Ktslhv7zimJ9Ib4ZD/eh3uZUE8Hzrkg+Zt+8R3/eZOamqJ1IfqHk4s/6AQWnl+ZqEhZ6kGMGvx5QHCtlVXZBQgSdlV3OksTOfRmQVujqKPXuNB49rRUl+yrw2QLF4ok8R+2RJ70Ys= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=Mfs8PI9E; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Mfs8PI9E" Received: from pps.filterd (m0360083.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 57PBPvdq006945; Mon, 25 Aug 2025 15:18:38 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=Yo1FPoaVzx2q+Fti4 CXZWKIPzgzsSpuXAaNRBu5K/5A=; b=Mfs8PI9E+x6FWpXrF57+BOiIrxx137p5G RTlGy1tt+qXVQHdcBgyWPVxSIMTSpGzuft62UpkNFyd6YYpeLc8mQQAq7FZEn4UL GCwFFcQm/1pEKUnAlFvUrD5+OiSA6Qz8JAfUOGmNPePFKkrvFmucd2G2SlQjVIgL VXpShNm78XeoJ1/N8oU9wEbb6OaCp0fKxPI/YVbA0cYqRUlrPJlHkf7ifvRPEtXE 0LBQ6whQyjX7VJ9kAZJB5pzI7HQb5+MmXK2BKf1Qbtj5UesAD/bqqLKRpkogtXDM k9YDEjQHhf8bbiBWd9b8kdLmGwDXDrtlImb1TEe3i+JeMJvDRpmuQ== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 48q557srj5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 25 Aug 2025 15:18:38 +0000 (GMT) Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 57PEf8en002512; Mon, 25 Aug 2025 15:18:37 GMT Received: from smtprelay04.fra02v.mail.ibm.com ([9.218.2.228]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 48qt6m68w3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 25 Aug 2025 15:18:37 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay04.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 57PFIX9G34538030 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 25 Aug 2025 15:18:33 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A32E020049; Mon, 25 Aug 2025 15:18:33 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0AABE20040; Mon, 25 Aug 2025 15:18:33 +0000 (GMT) Received: from p-imbrenda (unknown [9.111.17.238]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 25 Aug 2025 15:18:32 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: linux-s390@vger.kernel.org, kvm@vger.kernel.org, david@redhat.com, frankja@linux.ibm.com, seiden@linux.ibm.com, nsg@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, mhartmay@linux.ibm.com, borntraeger@de.ibm.com Subject: [PATCH v3 2/2] KVM: s390: Fix FOLL_*/FAULT_FLAG_* confusion Date: Mon, 25 Aug 2025 17:18:31 +0200 Message-ID: <20250825151831.78221-3-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20250825151831.78221-1-imbrenda@linux.ibm.com> References: <20250825151831.78221-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: Dwi4QutgdwYqIGE9ccIXygT9ZEFCAov0 X-Proofpoint-ORIG-GUID: Dwi4QutgdwYqIGE9ccIXygT9ZEFCAov0 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwODIzMDAyMSBTYWx0ZWRfX+Bxj+qb3lFAd WsyvUC24TVM5XApsgEKtcEfk8qvOr0RjOtBOxux9AZUEZ0YuCQ+C+UTvZf1HOBTIeENu8eHMPWG AQiRLKW8Q5KrcaYiPnunut6/Rakftzm6xhqwP9N7izARacCNBBFUGen6fKYOeDLiNMQuCopp3It r8HHHn9Sub/hX25X40x6BE7dXFEWReoL/EQjwXrUW0UqoJQMK/uoYkzRIzaawGfxg+tvFsyAd3Q sWKnu1+L1gongosv1cAxrhHY2xq0stnxljfP5/23tneBxwgKAggai+tEWzwlLeD6ch8/90QtZV4 y1QVk2H0yuzM7njklAvESXGf0FHk5IGk/nxNNECbN6X3EOJ2ZUQYJEuMyNaFAC6eYEKDwAltDrR Q6U8VcjO X-Authority-Analysis: v=2.4 cv=A8ZsP7WG c=1 sm=1 tr=0 ts=68ac7ece cx=c_pps a=AfN7/Ok6k8XGzOShvHwTGQ==:117 a=AfN7/Ok6k8XGzOShvHwTGQ==:17 a=2OwXVqhp2XgA:10 a=VnNF1IyMAAAA:8 a=20KFwNOVAAAA:8 a=hH8_rHouDUwXcPhP104A:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.1.9,FMLib:17.12.80.40 definitions=2025-08-25_07,2025-08-20_03,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 adultscore=0 priorityscore=1501 suspectscore=0 clxscore=1015 spamscore=0 impostorscore=0 malwarescore=0 bulkscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2507300000 definitions=main-2508230021 Content-Type: text/plain; charset="utf-8" Pass the right type of flag to vcpu_dat_fault_handler(); it expects a FOLL_* flag (in particular FOLL_WRITE), but FAULT_FLAG_WRITE is passed instead. This still works because they happen to have the same integer value, but it's a mistake, thus the fix. Signed-off-by: Claudio Imbrenda Fixes: 05066cafa925 ("s390/mm/fault: Handle guest-related program interrupt= s in KVM") Acked-by: Christian Borntraeger Reviewed-by: David Hildenbrand Reviewed-by: Steffen Eiden Reviewed-by: Christoph Schlameu=C3=9F --- arch/s390/kvm/kvm-s390.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c index d5ad10791c25..4280b25b6b04 100644 --- a/arch/s390/kvm/kvm-s390.c +++ b/arch/s390/kvm/kvm-s390.c @@ -4863,12 +4863,12 @@ static void kvm_s390_assert_primary_as(struct kvm_v= cpu *vcpu) * @vcpu: the vCPU whose gmap is to be fixed up * @gfn: the guest frame number used for memslots (including fake memslots) * @gaddr: the gmap address, does not have to match @gfn for ucontrol gmaps - * @flags: FOLL_* flags + * @foll: FOLL_* flags * * Return: 0 on success, < 0 in case of error. * Context: The mm lock must not be held before calling. May sleep. */ -int __kvm_s390_handle_dat_fault(struct kvm_vcpu *vcpu, gfn_t gfn, gpa_t ga= ddr, unsigned int flags) +int __kvm_s390_handle_dat_fault(struct kvm_vcpu *vcpu, gfn_t gfn, gpa_t ga= ddr, unsigned int foll) { struct kvm_memory_slot *slot; unsigned int fault_flags; @@ -4882,13 +4882,13 @@ int __kvm_s390_handle_dat_fault(struct kvm_vcpu *vc= pu, gfn_t gfn, gpa_t gaddr, u if (!slot || slot->flags & KVM_MEMSLOT_INVALID) return vcpu_post_run_addressing_exception(vcpu); =20 - fault_flags =3D flags & FOLL_WRITE ? FAULT_FLAG_WRITE : 0; + fault_flags =3D foll & FOLL_WRITE ? FAULT_FLAG_WRITE : 0; if (vcpu->arch.gmap->pfault_enabled) - flags |=3D FOLL_NOWAIT; + foll |=3D FOLL_NOWAIT; vmaddr =3D __gfn_to_hva_memslot(slot, gfn); =20 try_again: - pfn =3D __kvm_faultin_pfn(slot, gfn, flags, &writable, &page); + pfn =3D __kvm_faultin_pfn(slot, gfn, foll, &writable, &page); =20 /* Access outside memory, inject addressing exception */ if (is_noslot_pfn(pfn)) @@ -4904,7 +4904,7 @@ int __kvm_s390_handle_dat_fault(struct kvm_vcpu *vcpu= , gfn_t gfn, gpa_t gaddr, u return 0; vcpu->stat.pfault_sync++; /* Could not setup async pfault, try again synchronously */ - flags &=3D ~FOLL_NOWAIT; + foll &=3D ~FOLL_NOWAIT; goto try_again; } /* Any other error */ @@ -4924,7 +4924,7 @@ int __kvm_s390_handle_dat_fault(struct kvm_vcpu *vcpu= , gfn_t gfn, gpa_t gaddr, u return rc; } =20 -static int vcpu_dat_fault_handler(struct kvm_vcpu *vcpu, unsigned long gad= dr, unsigned int flags) +static int vcpu_dat_fault_handler(struct kvm_vcpu *vcpu, unsigned long gad= dr, unsigned int foll) { unsigned long gaddr_tmp; gfn_t gfn; @@ -4949,18 +4949,18 @@ static int vcpu_dat_fault_handler(struct kvm_vcpu *= vcpu, unsigned long gaddr, un } gfn =3D gpa_to_gfn(gaddr_tmp); } - return __kvm_s390_handle_dat_fault(vcpu, gfn, gaddr, flags); + return __kvm_s390_handle_dat_fault(vcpu, gfn, gaddr, foll); } =20 static int vcpu_post_run_handle_fault(struct kvm_vcpu *vcpu) { - unsigned int flags =3D 0; + unsigned int foll =3D 0; unsigned long gaddr; int rc; =20 gaddr =3D current->thread.gmap_teid.addr * PAGE_SIZE; if (kvm_s390_cur_gmap_fault_is_write()) - flags =3D FAULT_FLAG_WRITE; + foll =3D FOLL_WRITE; =20 switch (current->thread.gmap_int_code & PGM_INT_CODE_MASK) { case 0: @@ -5002,7 +5002,7 @@ static int vcpu_post_run_handle_fault(struct kvm_vcpu= *vcpu) send_sig(SIGSEGV, current, 0); if (rc !=3D -ENXIO) break; - flags =3D FAULT_FLAG_WRITE; + foll =3D FOLL_WRITE; fallthrough; case PGM_PROTECTION: case PGM_SEGMENT_TRANSLATION: @@ -5012,7 +5012,7 @@ static int vcpu_post_run_handle_fault(struct kvm_vcpu= *vcpu) case PGM_REGION_SECOND_TRANS: case PGM_REGION_THIRD_TRANS: kvm_s390_assert_primary_as(vcpu); - return vcpu_dat_fault_handler(vcpu, gaddr, flags); + return vcpu_dat_fault_handler(vcpu, gaddr, foll); default: KVM_BUG(1, vcpu->kvm, "Unexpected program interrupt 0x%x, TEID 0x%016lx", current->thread.gmap_int_code, current->thread.gmap_teid.val); --=20 2.51.0