1. Patchew
  2. linux
  3. [PATCH v2 0/8] KVM: s390: More memory management fixes
  4. View patch

[PATCH v2 1/8] KVM: s390: vsie: Fix dat_split_ste()

Claudio Imbrenda posted 8 patches 2 weeks ago
There is a newer version of this series
[PATCH v2 1/8] KVM: s390: vsie: Fix dat_split_ste()
Posted by Claudio Imbrenda 2 weeks ago 
If the guest misbehaves and puts the page tables for its nested guest
inside the memory of the nested guest itself, the shadow mapping will
lose synchronization with the actual mapping.

Propagate the vsie_notif bit from shadowed large pages to smaller pages
when splitting a large page.

Fixes: 2db149a0a6c5 ("KVM: s390: KVM page table management functions: walks")
Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
---
 arch/s390/kvm/dat.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/s390/kvm/dat.c b/arch/s390/kvm/dat.c
index 670404d4fa44..48b5f2bcf172 100644
--- a/arch/s390/kvm/dat.c
+++ b/arch/s390/kvm/dat.c
@@ -292,6 +292,7 @@ static int dat_split_ste(struct kvm_s390_mmu_cache *mc, union pmd *pmdp, gfn_t g
 				pt->ptes[i].val = init.val | i * PAGE_SIZE;
 			/* No need to take locks as the page table is not installed yet. */
 			pgste_init.prefix_notif = old.s.fc1.prefix_notif;
+			pgste_init.vsie_notif = old.s.fc1.vsie_notif;
 			pgste_init.pcl = uses_skeys && init.h.i;
 			dat_init_pgstes(pt, pgste_init.val);
 		} else {
-- 
2.53.0
Re: [PATCH v2 1/8] KVM: s390: vsie: Fix dat_split_ste()
Posted by Janosch Frank 1 week, 3 days ago 
On 3/20/26 17:15, Claudio Imbrenda wrote:
> If the guest misbehaves and puts the page tables for its nested guest
> inside the memory of the nested guest itself, the shadow mapping will
> lose synchronization with the actual mapping.
> 

Maybe add this (or similar) instead of the sentence below:

This is due to the fact that we don't propagate the vsie bit from large 
STEs to all PTEs when splitting.

Let's copy that bit over just like the prefix bit.

> Propagate the vsie_notif bit from shadowed large pages to smaller pages
> when splitting a large page.

Reviewed-by: Janosch Frank <frankja@linux.ibm.com>
Re: [PATCH v2 1/8] KVM: s390: vsie: Fix dat_split_ste()
Posted by Christoph Schlameuss 1 week, 4 days ago 
On Fri Mar 20, 2026 at 5:15 PM CET, Claudio Imbrenda wrote:
> If the guest misbehaves and puts the page tables for its nested guest
> inside the memory of the nested guest itself, the shadow mapping will
> lose synchronization with the actual mapping.
>
> Propagate the vsie_notif bit from shadowed large pages to smaller pages
> when splitting a large page.
>
> Fixes: 2db149a0a6c5 ("KVM: s390: KVM page table management functions: walks")
> Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>

Reviewed-by: Christoph Schlameuss <schlameuss@linux.ibm.com>

> ---
>  arch/s390/kvm/dat.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/arch/s390/kvm/dat.c b/arch/s390/kvm/dat.c
> index 670404d4fa44..48b5f2bcf172 100644
> --- a/arch/s390/kvm/dat.c
> +++ b/arch/s390/kvm/dat.c
> @@ -292,6 +292,7 @@ static int dat_split_ste(struct kvm_s390_mmu_cache *mc, union pmd *pmdp, gfn_t g
>  				pt->ptes[i].val = init.val | i * PAGE_SIZE;
>  			/* No need to take locks as the page table is not installed yet. */
>  			pgste_init.prefix_notif = old.s.fc1.prefix_notif;
> +			pgste_init.vsie_notif = old.s.fc1.vsie_notif;
>  			pgste_init.pcl = uses_skeys && init.h.i;
>  			dat_init_pgstes(pt, pgste_init.val);
>  		} else {
Re: [PATCH v2 1/8] KVM: s390: vsie: Fix dat_split_ste()
Posted by Steffen Eiden 1 week, 4 days ago 
On Fri, Mar 20, 2026 at 05:15:35PM +0100, Claudio Imbrenda wrote:
> If the guest misbehaves and puts the page tables for its nested guest
> inside the memory of the nested guest itself, the shadow mapping will
> lose synchronization with the actual mapping.
> 
> Propagate the vsie_notif bit from shadowed large pages to smaller pages
> when splitting a large page.
> 
> Fixes: 2db149a0a6c5 ("KVM: s390: KVM page table management functions: walks")
> Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>

Reviewed-by: Steffen Eiden <seiden@linux.ibm.com>

> ---
>  arch/s390/kvm/dat.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/arch/s390/kvm/dat.c b/arch/s390/kvm/dat.c
> index 670404d4fa44..48b5f2bcf172 100644
> --- a/arch/s390/kvm/dat.c
> +++ b/arch/s390/kvm/dat.c
> @@ -292,6 +292,7 @@ static int dat_split_ste(struct kvm_s390_mmu_cache *mc, union pmd *pmdp, gfn_t g
>  				pt->ptes[i].val = init.val | i * PAGE_SIZE;
>  			/* No need to take locks as the page table is not installed yet. */
>  			pgste_init.prefix_notif = old.s.fc1.prefix_notif;
> +			pgste_init.vsie_notif = old.s.fc1.vsie_notif;
>  			pgste_init.pcl = uses_skeys && init.h.i;
>  			dat_init_pgstes(pt, pgste_init.val);
>  		} else {
> -- 
> 2.53.0
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.