From nobody Fri Apr 10 01:00:55 2026
Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com
 [209.85.210.177])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id C015E37F8C5
	for <linux-kernel@vger.kernel.org>; Wed,  4 Mar 2026 20:39:37 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.177
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1772656778; cv=none;
 b=c6hL9ZEqVV1HWkpH+j1t0RxeB1CNu5ii+JcMvGYPvo8TsyNuPsLW01utJW2agfzleQCZRi1b6eZSW8VuSVi2GK/xodt+FHlAP/MnZJGd4TEPVSBr5GCcCb7tp+9Ix+WaIt7Nj/aCrhit9nujkF/FgpXhq5kD7Osv3VG9LwXWgXs=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1772656778; c=relaxed/simple;
	bh=DpamcfXASa3ixa95to/Qe0lpjPoUekNG01dwO9YD5vE=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version;
 b=AtI2M2bt2cEKj4ENMUTVeyzUQlLaekeMzzyLY5OKnMQHczePv8Q2Fez9XdhmbLllI00zFvGoesLhJ0hF/fgtBNdn1sAvACE34BWHo+hxkqSzjr3TzATBkqfxucXXgrjqXiLCxuZQmj4FeY/yz0S+73n8Qg/syRX4Ul9gvuvKJ5E=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=roeck-us.net;
 spf=pass smtp.mailfrom=gmail.com;
 dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b=TrZQ6QHw; arc=none smtp.client-ip=209.85.210.177
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=none (p=none dis=none) header.from=roeck-us.net
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="TrZQ6QHw"
Received: by mail-pf1-f177.google.com with SMTP id
 d2e1a72fcca58-8274936d2c0so7195446b3a.3
        for <linux-kernel@vger.kernel.org>;
 Wed, 04 Mar 2026 12:39:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1772656777; x=1773261577;
 darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:sender:from:to:cc:subject:date:message-id:reply-to;
        bh=UnC23O+7DMPLYBexJgHR9A7aj/3fTz61QsNrjyndP4I=;
        b=TrZQ6QHw7Cc4FAsdBCfOkWmAD9Lk7aGax03zmFVIsBwNwMRXW0pTBeq0weSzrk+8fY
         f472AY4LC/J8mXpkWZmnnPQS68vuEzWD5UGA3Zn9qwlh9losjqSKKbnwh4ZyMnA9MnX1
         DRo709IMpnw8p/9UcWLvKfYMNBZAiCHY7cTcMfjanRNcZgterzOgGrS/Eqj3SNxHFfyb
         +wtShDgaKQOz8gqBaQ2ynXkH1C/P6KYy+v2D2pzhfKEddHFsbkm5Ff0Y0Nvm6MPXM9/r
         E2nNbn9SldvHYUDSIrxqD/5xXE8s8EiDFtABCRRkFs0GDjSe3Sb7VXlCjVOeRJG/61mK
         lrhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1772656777; x=1773261577;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:sender:x-gm-gg:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=UnC23O+7DMPLYBexJgHR9A7aj/3fTz61QsNrjyndP4I=;
        b=IR2z78TFur6gn6gWvzea4DpL2RNB5rtDHH4fL8yPWpSYJvGx6d2FL+jdGi9VSSYPC4
         Ad/XhFbzAqAeQCbgRjJ0e6vAkT65iDvUa9Vq21R1m4wnnq/9IT8jvBRgx6vRNTETdEGS
         SAog9tGHLtEGzwcDghyhc+rQxPO5KZ5xDviC7PejFqnKywK3fqZDyeePY3yFI7E4HAyM
         uOUbCZm8BEUEuMwK6WTcxNIFZPJNx6zF3KdY7eIZe2Dm5zAqKuPdxDK5emrQWiO49wI3
         /H/HO4PxJdVcE8vck1GQ+lK/eFWdUxW7N1wxuWdge8D4dShzfbZr9og0eeTSaPflcOwP
         Ut2A==
X-Forwarded-Encrypted: i=1;
 AJvYcCViQT47LnoGXfgBexMH9JEMwGrEshUtYT83iN1r11AkXibyQm9GgDb7W3IgbtyALDs5H+71ENDZXEP1elw=@vger.kernel.org
X-Gm-Message-State: AOJu0YxIMlZf+dQ2h2L2PgGvQGP6gGgCWCmZurbwxS5PsgrMFdi6Jcmc
	ZaB0o30PpRk4lnG8AszSdUOuuyK4fM1iRape0UEg02DrShx7KKK9ePrL2p+Hg1SS
X-Gm-Gg: ATEYQzyOERPNRQb4rXtvdH+7wLYMZGwtstcyjx9CNoPokTW+z14iTxOGlCV3koAfwGe
	peY04V5o7cHSw+Lh1RPAhlJXzeh2xHtnfs51/XkhKEKIBGk473daqUtS0L+V8knMrWvGCi0fnfi
	F2x52XbYCd8jwfledah+CvK60l3rv7OAhCaHNAsiqX/+swBEfrBN9hR2DZa5NVdOosaDD/lFQzD
	7DvbND17NjgjqT0M5QLzburHpbrWCw4b2vX39MAyIEbT2gez8STNKgtAPBMYz/CvLrXlsOAXFuo
	qzfxIPfOebt43bhVuhBxeNqayEWyJ8u5p1GImDgvqNFdsB8S/dPjGEQRH2Ymj9fwR59XWQkVSPy
	JXvpRJ4wvxaUpWA169NTzsaJdWA7fEJCEVGvbatog5admFf/7tGIQpvtEQo21/wlcj4RGaFVGf9
	bn53vrB57p3g7hrENbXlGxx18yq+Z+vaVVgc0d
X-Received: by 2002:a05:6a00:85a3:b0:829:803e:678b with SMTP id
 d2e1a72fcca58-829803e6925mr730720b3a.54.1772656777016;
        Wed, 04 Mar 2026 12:39:37 -0800 (PST)
Received: from server.roeck-us.net ([2600:1700:e321:62f0:da43:aeff:fecc:bfd5])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-82739d544ffsm19534010b3a.12.2026.03.04.12.39.36
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 04 Mar 2026 12:39:36 -0800 (PST)
Sender: Guenter Roeck <groeck7@gmail.com>
From: Guenter Roeck <linux@roeck-us.net>
To: Ashish Kalra <ashish.kalra@amd.com>
Cc: John Allen <john.allen@amd.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	"David S . Miller" <davem@davemloft.net>,
	linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	Guenter Roeck <linux@roeck-us.net>,
	Tycho Andersen <tycho@kernel.org>,
	Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH] crypto: ccp - Fix leaking the same page twice
Date: Wed,  4 Mar 2026 12:39:34 -0800
Message-ID: <20260304203934.3217058-1-linux@roeck-us.net>
X-Mailer: git-send-email 2.45.2
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Commit 551120148b67 ("crypto: ccp - Fix a case where SNP_SHUTDOWN is
missed") fixed a case where SNP is left in INIT state if page reclaim
fails. It removes the transition to the INIT state for this command and
adjusts the page state management.

While doing this, it added a call to snp_leak_pages() after a call to
snp_reclaim_pages() failed. Since snp_reclaim_pages() already calls
snp_leak_pages() internally on the pages it fails to reclaim, calling
it again leaks the exact same page twice.

Fix by removing the extra call to snp_leak_pages().

The problem was found by an experimental code review agent based on
gemini-3.1-pro while reviewing backports into v6.18.y.

Assisted-by: Gemini:gemini-3.1-pro
Fixes: 551120148b67 ("crypto: ccp - Fix a case where SNP_SHUTDOWN is missed=
")
Cc: Tycho Andersen (AMD) <tycho@kernel.org>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Tycho Andersen (AMD) <tycho@kernel.org>
---
 drivers/crypto/ccp/sev-dev.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 096f993974d1..bd31ebfc85d5 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -2410,10 +2410,8 @@ static int sev_ioctl_do_snp_platform_status(struct s=
ev_issue_cmd *argp)
 		 * in Firmware state on failure. Use snp_reclaim_pages() to
 		 * transition either case back to Hypervisor-owned state.
 		 */
-		if (snp_reclaim_pages(__pa(data), 1, true)) {
-			snp_leak_pages(__page_to_pfn(status_page), 1);
+		if (snp_reclaim_pages(__pa(data), 1, true))
 			return -EFAULT;
-		}
 	}
=20
 	if (ret)
--=20
2.45.2