From nobody Mon Apr 13 21:06:47 2026 Received: from mxhk.zte.com.cn (mxhk.zte.com.cn [160.30.148.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6B52E35CB70; Wed, 4 Mar 2026 09:26:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=160.30.148.34 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772616380; cv=none; b=HpylmyTEmjw/cLA2QPvZo6pgCyzxiVbB3NR8AzLQ4sG9OAptagwpRyH0hqad4DRDhl/x0LI7Lhr22nCdWdp5Yy3GUIWKZbBkkqNCf87uXM6kMrGNB4dpB1xMYXJk2bY1j+3oXo9l/hwiEz6yBmlF5LuT62jkQz2JBVMbh2x53pY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772616380; c=relaxed/simple; bh=eKJCJEl2Ht+aniDNfplngtE/vhaYlBUnaWl07XDbyIk=; h=Message-ID:In-Reply-To:References:Date:Mime-Version:From:To:Cc: Subject:Content-Type; b=BRXE59W8Aooh7eX+5RYl02El2yk4HxVOwH9mORJbgiZlooc+fWf7N07c6wkTDiZqKhSwR1Z3E+otNcCUqOjhqBrLinCUOUj0Qx8/EcR0s8LHaqXkMrO/VWvPwQdC8IvzKwAbjQDNfYcxok67gk0DnN0F9uwzCctrDil1mtWID1A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zte.com.cn; spf=pass smtp.mailfrom=zte.com.cn; arc=none smtp.client-ip=160.30.148.34 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zte.com.cn Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=zte.com.cn Received: from mse-fl1.zte.com.cn (unknown [10.5.228.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mxhk.zte.com.cn (FangMail) with ESMTPS id 4fQnNM1Dmvz5B12g; Wed, 04 Mar 2026 17:26:11 +0800 (CST) Received: from szxl2zmapp07.zte.com.cn ([10.1.32.52]) by mse-fl1.zte.com.cn with SMTP id 6249PwJO088803; Wed, 4 Mar 2026 17:25:58 +0800 (+08) (envelope-from wang.yechao255@zte.com.cn) Received: from mapi (szxlzmapp01[null]) by mapi (Zmail) with MAPI id mid12; Wed, 4 Mar 2026 17:26:01 +0800 (CST) X-Zmail-TransId: 2b0369a7faa9f44-4504a X-Mailer: Zmail v1.0 Message-ID: <20260304172601396IhMZyDqdV3dRmc2rVopfJ@zte.com.cn> In-Reply-To: <20260304172139131ChDubMSpGDUB03lY4UCbK@zte.com.cn> References: 20260304172139131ChDubMSpGDUB03lY4UCbK@zte.com.cn Date: Wed, 4 Mar 2026 17:26:01 +0800 (CST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 From: To: , , , , , Cc: , , , , Subject: =?UTF-8?B?W1BBVENIIHYyIDEvM10gUklTQy1WOiBLVk06IEZpeCBsb3N0IHdyaXRlIHByb3RlY3Rpb24gb24gaHVnZSBwYWdlcwogZHVyaW5nIGRpcnR5IGxvZ2dpbmc=?= X-MAIL: mse-fl1.zte.com.cn 6249PwJO088803 X-TLS: YES X-SPF-DOMAIN: zte.com.cn X-ENVELOPE-SENDER: wang.yechao255@zte.com.cn X-SPF: None X-SOURCE-IP: 10.5.228.132 unknown Wed, 04 Mar 2026 17:26:11 +0800 X-Fangmail-Anti-Spam-Filtered: true X-Fangmail-MID-QID: 69A7FAB3.000/4fQnNM1Dmvz5B12g Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Wang Yechao When enabling dirty log in small chunks (e.g., QEMU default chunk size of 256K), the chunk size is always smaller than the page size of huge pages (1G or 2M) used in the gstage page tables. This caused the write protection to be incorrectly skipped for huge PTEs because the condition `(end - addr) >=3D page_size` was not satisfied. Remove the size check in `kvm_riscv_gstage_wp_range()` to ensure huge PTEs are always write-protected regardless of the chunk size. Additionally, explicitly align the address down to the page size before invoking `kvm_riscv_gstage_op_pte()` to guarantee that the address passed to the operation function is page-aligned. This fixes the issue where dirty pages might not be tracked correctly when using huge pages. Signed-off-by: Wang Yechao --- arch/riscv/kvm/gstage.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/arch/riscv/kvm/gstage.c b/arch/riscv/kvm/gstage.c index b67d60d722c2..d2001d508046 100644 --- a/arch/riscv/kvm/gstage.c +++ b/arch/riscv/kvm/gstage.c @@ -304,10 +304,9 @@ void kvm_riscv_gstage_wp_range(struct kvm_gstage *gsta= ge, gpa_t start, gpa_t end if (!found_leaf) goto next; - if (!(addr & (page_size - 1)) && ((end - addr) >=3D page_size)) - kvm_riscv_gstage_op_pte(gstage, addr, ptep, - ptep_level, GSTAGE_OP_WP); - + addr =3D ALIGN_DOWN(addr, page_size); + kvm_riscv_gstage_op_pte(gstage, addr, ptep, + ptep_level, GSTAGE_OP_WP); next: addr +=3D page_size; } --=20 2.47.3 From nobody Mon Apr 13 21:06:47 2026 Received: from mxct.zte.com.cn (mxct.zte.com.cn [183.62.165.209]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DDE1937F00D; Wed, 4 Mar 2026 09:28:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=183.62.165.209 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772616497; cv=none; b=uTc0gH9EKJbKVC98ftcgM/9A4YeoABTkP4Z0v3i6EVdSqyu8Hix75s5XdlcSbyM1PHwFI5sV0MRTozDb5bZ7ZFMm7LbjtzUuBD9KzbLmsxZppmmUxxKBtB76l11WvranVh53ibcPuDoz7zuOPgThogirRi7hmspN0zRw4v9A9xI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772616497; c=relaxed/simple; bh=GX4yyBupfhHLTcqmX4PbBwngjcpIJzWsD9aEmQP7gN0=; h=Message-ID:In-Reply-To:References:Date:Mime-Version:From:To:Cc: Subject:Content-Type; b=HiYYDtxInGH7euvNtACSuHZKPYjgc4Z3rDgSzXWzioofxOKYebuKMLhjq310s6QioeC5kWNffWM0ZYSfRtyFU4trq1HUvqzHzlWYaGOaFHPGMmQMBy4pFJlSbdapETA16yDe9nKR3J+PHI41O706NNuazGrqy59auUh0T+qm3Ao= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zte.com.cn; spf=pass smtp.mailfrom=zte.com.cn; arc=none smtp.client-ip=183.62.165.209 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zte.com.cn Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=zte.com.cn Received: from mse-fl2.zte.com.cn (unknown [10.5.228.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mxct.zte.com.cn (FangMail) with ESMTPS id 4fQnQf6wLqz4xPSq; Wed, 04 Mar 2026 17:28:10 +0800 (CST) Received: from szxlzmapp01.zte.com.cn ([10.5.231.85]) by mse-fl2.zte.com.cn with SMTP id 6249S1pZ058883; Wed, 4 Mar 2026 17:28:01 +0800 (+08) (envelope-from wang.yechao255@zte.com.cn) Received: from mapi (szxlzmapp02[null]) by mapi (Zmail) with MAPI id mid12; Wed, 4 Mar 2026 17:28:03 +0800 (CST) X-Zmail-TransId: 2b0469a7fb23038-4c136 X-Mailer: Zmail v1.0 Message-ID: <20260304172803832bNWZwe5J-jmNTNt79mGq2@zte.com.cn> In-Reply-To: <20260304172139131ChDubMSpGDUB03lY4UCbK@zte.com.cn> References: 20260304172139131ChDubMSpGDUB03lY4UCbK@zte.com.cn Date: Wed, 4 Mar 2026 17:28:03 +0800 (CST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 From: To: , , , , , Cc: , , , , Subject: =?UTF-8?B?W1BBVENIIHYyIDIvM10gUklTQy1WOiBLVk06IEFsbG93IHNwbGl0dGluZyBodWdlIHBhZ2VzIHRvIGFyYml0cmFyeQoKIGxldmVs?= X-MAIL: mse-fl2.zte.com.cn 6249S1pZ058883 X-TLS: YES X-SPF-DOMAIN: zte.com.cn X-ENVELOPE-SENDER: wang.yechao255@zte.com.cn X-SPF: None X-SOURCE-IP: 10.5.228.133 unknown Wed, 04 Mar 2026 17:28:11 +0800 X-Fangmail-Anti-Spam-Filtered: true X-Fangmail-MID-QID: 69A7FB2A.000/4fQnQf6wLqz4xPSq Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Wang Yechao This patch introduces the function kvm_riscv_gstage_split_huge(). It splits the huge page covering a given guest physical address down to a specified target level (e.g., from 1G to 2M or 4K). The caller provides a memory cache for allocating any intermediate page tables and may request a TLB flush after the split. This functionality will be used by subsequent patches to split huge pages before handling the write-protection fault, or for other operations that require page-level granularity. Signed-off-by: Wang Yechao --- arch/riscv/include/asm/kvm_gstage.h | 4 ++ arch/riscv/kvm/gstage.c | 69 +++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+) diff --git a/arch/riscv/include/asm/kvm_gstage.h b/arch/riscv/include/asm/k= vm_gstage.h index 595e2183173e..373748c6745e 100644 --- a/arch/riscv/include/asm/kvm_gstage.h +++ b/arch/riscv/include/asm/kvm_gstage.h @@ -53,6 +53,10 @@ int kvm_riscv_gstage_map_page(struct kvm_gstage *gstage, bool page_rdonly, bool page_exec, struct kvm_gstage_mapping *out_map); +int kvm_riscv_gstage_split_huge(struct kvm_gstage *gstage, + struct kvm_mmu_memory_cache *pcache, + gpa_t addr, u32 target_level, bool flush); + enum kvm_riscv_gstage_op { GSTAGE_OP_NOP =3D 0, /* Nothing */ GSTAGE_OP_CLEAR, /* Clear/Unmap */ diff --git a/arch/riscv/kvm/gstage.c b/arch/riscv/kvm/gstage.c index d2001d508046..92331e9b0bb8 100644 --- a/arch/riscv/kvm/gstage.c +++ b/arch/riscv/kvm/gstage.c @@ -209,6 +209,75 @@ int kvm_riscv_gstage_map_page(struct kvm_gstage *gstag= e, return kvm_riscv_gstage_set_pte(gstage, pcache, out_map); } +static inline unsigned long make_child_pte(unsigned long huge_pte, int ind= ex, + unsigned long child_page_size) +{ + unsigned long child_pte =3D huge_pte; + unsigned long child_pfn_offset; + + /* + * The child_pte already has the base address of the huge page being + * split. So we just have to OR in the offset to the page at the next + * lower level for the given index. + */ + child_pfn_offset =3D index * (child_page_size / PAGE_SIZE); + child_pte |=3D pte_val(pfn_pte(child_pfn_offset, __pgprot(0))); + + return child_pte; +} + +int kvm_riscv_gstage_split_huge(struct kvm_gstage *gstage, + struct kvm_mmu_memory_cache *pcache, + gpa_t addr, u32 target_level, bool flush) +{ + u32 current_level =3D kvm_riscv_gstage_pgd_levels - 1; + pte_t *next_ptep =3D (pte_t *)gstage->pgd; + pte_t *ptep; + unsigned long huge_pte, child_pte; + unsigned long child_page_size; + int i, ret; + + while(current_level > target_level) { + ptep =3D (pte_t *)&next_ptep[gstage_pte_index(addr, current_level)]; + + if (!pte_val(ptep_get(ptep))) + break; + + if (!gstage_pte_leaf(ptep)) { + next_ptep =3D (pte_t *)gstage_pte_page_vaddr(ptep_get(ptep)); + current_level--; + continue; + } + + huge_pte =3D pte_val(ptep_get(ptep)); + + ret =3D gstage_level_to_page_size(current_level - 1, &child_page_size); + if (ret) + return ret; + + if (!pcache) + return -ENOMEM; + next_ptep =3D kvm_mmu_memory_cache_alloc(pcache); + if (!next_ptep) + return -ENOMEM; + + set_pte(ptep, pfn_pte(PFN_DOWN(__pa(next_ptep)), + __pgprot(_PAGE_TABLE))); + + for (i =3D 0; i < PTRS_PER_PTE; i++) { + child_pte =3D make_child_pte(huge_pte, i, child_page_size); + set_pte((pte_t *)&next_ptep[i], __pte(child_pte)); + } + + if (flush) + gstage_tlb_flush(gstage, current_level, addr); + + current_level--; + } + + return 0; +} + void kvm_riscv_gstage_op_pte(struct kvm_gstage *gstage, gpa_t addr, pte_t *ptep, u32 ptep_level, enum kvm_riscv_gstage_op op) { --=20 2.47.3 From nobody Mon Apr 13 21:06:47 2026 Received: from mxhk.zte.com.cn (mxhk.zte.com.cn [160.30.148.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EECF53542E1; Wed, 4 Mar 2026 09:30:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=160.30.148.35 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772616658; cv=none; b=j4E1qw2XikzPSo0AIyLj4H8RFvDSyIpEZRilwwcnjTgltwD31qt8r2zeCZePoozIlo3UXrqe/Ejr/DeQ0CZRYITIa1Za+AyuCQWU2RX7M310K1su5LaQlzK1dS2G/vdGWi2hBokDTh0SyZ8m4g/fsoPtBDoW3EpAdXq1LcgQdPg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772616658; c=relaxed/simple; bh=nMell/kkU0VvEVuaTGzTi4X9ynwOzwk/jFX27NlmQYs=; h=Message-ID:In-Reply-To:References:Date:Mime-Version:From:To:Cc: Subject:Content-Type; b=M5LFs79yVGkMgtwT1YIR6ehT7UwjBCttdp5nNGiQulXzzFW7h1nHjAmPZ3v/+PB2YzomkZ240ZHGHlxLUdXw+hIP1wkoU+xoYOEJTC/z89dyEALpkwlKdLimT5efFOi8onCvgOY30kd8YHupEFQChjKbwqgM70fQDRz7sz3kdLM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zte.com.cn; spf=pass smtp.mailfrom=zte.com.cn; arc=none smtp.client-ip=160.30.148.35 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zte.com.cn Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=zte.com.cn Received: from mse-fl1.zte.com.cn (unknown [10.5.228.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mxhk.zte.com.cn (FangMail) with ESMTPS id 4fQnTq1RMmz8Xs72; Wed, 04 Mar 2026 17:30:55 +0800 (CST) Received: from szxlzmapp02.zte.com.cn ([10.5.231.79]) by mse-fl1.zte.com.cn with SMTP id 6249Uk2v099658; Wed, 4 Mar 2026 17:30:46 +0800 (+08) (envelope-from wang.yechao255@zte.com.cn) Received: from mapi (szxl2zmapp06[null]) by mapi (Zmail) with MAPI id mid12; Wed, 4 Mar 2026 17:30:49 +0800 (CST) X-Zmail-TransId: 2b0869a7fbc9022-35137 X-Mailer: Zmail v1.0 Message-ID: <20260304173049328qFHOTh8G2sgzCY7pyCVpr@zte.com.cn> In-Reply-To: <20260304172139131ChDubMSpGDUB03lY4UCbK@zte.com.cn> References: 20260304172139131ChDubMSpGDUB03lY4UCbK@zte.com.cn Date: Wed, 4 Mar 2026 17:30:49 +0800 (CST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 From: To: , , , , , Cc: , , , , Subject: =?UTF-8?B?W1BBVENIIHYyIDMvM10gUklTQy1WOiBLVk06IFNwbGl0IGh1Z2UgcGFnZXMgZHVyaW5nIGZhdWx0IGhhbmRsaW5nIGZvcgoKIGRpcnR5IGxvZ2dpbmc=?= X-MAIL: mse-fl1.zte.com.cn 6249Uk2v099658 X-TLS: YES X-SPF-DOMAIN: zte.com.cn X-ENVELOPE-SENDER: wang.yechao255@zte.com.cn X-SPF: None X-SOURCE-IP: 10.5.228.132 unknown Wed, 04 Mar 2026 17:30:55 +0800 X-Fangmail-Anti-Spam-Filtered: true X-Fangmail-MID-QID: 69A7FBCF.000/4fQnTq1RMmz8Xs72 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Wang Yechao During dirty logging, all huge pages are write-protected. When the guest writes to a write-protected huge page, a page fault is triggered. Before recovering the write permission, the huge page must be split into smaller pages (e.g., 4K). After splitting, the normal mapping process proceeds, allowing write permission to be restored at the smaller page granularity. This ensures that dirty logging works correctly with huge pages. Signed-off-by: Wang Yechao --- arch/riscv/kvm/gstage.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/riscv/kvm/gstage.c b/arch/riscv/kvm/gstage.c index 92331e9b0bb8..27ea6bb81553 100644 --- a/arch/riscv/kvm/gstage.c +++ b/arch/riscv/kvm/gstage.c @@ -171,6 +171,9 @@ int kvm_riscv_gstage_map_page(struct kvm_gstage *gstage, { pgprot_t prot; int ret; + pte_t *ptep; + u32 ptep_level; + bool found_leaf; out_map->addr =3D gpa; out_map->level =3D 0; @@ -179,6 +182,12 @@ int kvm_riscv_gstage_map_page(struct kvm_gstage *gstag= e, if (ret) return ret; + found_leaf =3D kvm_riscv_gstage_get_leaf(gstage, gpa, &ptep, &ptep_level); + if (found_leaf && ptep_level > out_map->level) { + kvm_riscv_gstage_split_huge(gstage, pcache, gpa, + out_map->level, true); + } + /* * A RISC-V implementation can choose to either: * 1) Update 'A' and 'D' PTE bits in hardware --=20 2.47.3