From nobody Thu Apr 2 23:54:51 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 459B525A2B5; Wed, 25 Mar 2026 17:13:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458801; cv=none; b=cq3iCpaB1tb9YLj69RNyvgkuFs/unGu0QPnZVXC4s6pCb6T/QdSS3tN28J6PelBSddAH4pMi6kN8zCSsFAo8Xi2RBzCRi/Vqye0vE1R0klAKwBDFk5lqSkF/8PDKQhoY3JT/3Z3T+zovD31cmE6Z0Y8X6+gEudvob5CXgjdyJd4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458801; c=relaxed/simple; bh=OJ0YppEpXxWljpnDo2C4R25lit9Ina1zpzH2IgqgCAY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YV59gauLrYzofCJEq+UwZCJS2LwpOlxn1NhWnejcyU2q1x4eZae7SGPRE9/ptqKVGWX/HzbBJ7EqFPFQmQqgbJYu+dFiL0FttfANuceAVqvGJ2D0fTBgSanelwAlJk0P93vCozd4Qh9xQ6OTuzXeil97aKabKTx//jwuiWJDP7o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=S0QKFJ3x; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="S0QKFJ3x" Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62PEip8W2664877; Wed, 25 Mar 2026 17:13:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=oDSu/bQDxMYWLBwio nStkeQoi6NLCfGdNBrHSiGUtoI=; b=S0QKFJ3xJKBdqudQMNTGvQQrqPYBIpZtt pcVfAcLKJM+zWwQqf6hBVbS9/ZIYHDES+9/34D78LSnxnPTn1ln3rteSALo4oUPD j/luUEoKpAdE+vr5QMyaaBamUCpSqxm3b1ktrsRe4zC5J5Fy9wepAFO6R/6Tg17r SCkCPEcIstSfug+ditxI9lssFx/zgm3POXaucgQw8Zs5ta7ACvf46jh8cakw+lIw 2Bu7IgWeEdepaTsqd6snjBBJ+oJ4muAAkCvZiHanHu1S78/DFDa/hdjEqCaJhUbh skKbOto2/sE9EC++pU6vG4FjOYlr00RdWXAj8oPgURzqN2J/lDh+g== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1ktv0qx2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:16 +0000 (GMT) Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PGPgW3004375; Wed, 25 Mar 2026 17:13:16 GMT Received: from smtprelay06.fra02v.mail.ibm.com ([9.218.2.230]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 4d28c277ee-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:16 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay06.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDCko31195430 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:12 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 78ED620040; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4AFB92004B; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 01/10] KVM: s390: vsie: Fix dat_split_ste() Date: Wed, 25 Mar 2026 18:13:02 +0100 Message-ID: <20260325171311.182210-2-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: yNHng_GbjatIV3mG8XYevlJnCAe6UiOE X-Authority-Analysis: v=2.4 cv=aMr9aL9m c=1 sm=1 tr=0 ts=69c417ac cx=c_pps a=aDMHemPKRhS1OARIsFnwRA==:117 a=aDMHemPKRhS1OARIsFnwRA==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=Y2IxJ9c9Rs8Kov3niI8_:22 a=VnNF1IyMAAAA:8 a=LsQdvuOhCgcXfIND9tsA:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfX08BF/hbvPkzY hhhZ3418TJb/W1LZsQU/gHV6S5mQA85AkzguC7rz9uF8FWv/PgEaqhuPda0etU6HgxMRion89gj V6QCHXubyKiLHsyRsq/nTieGFucHKXSH02vIUDMd3bzIXZqu8Y49Y3PKoBC1pzBClWK5pj6KuXD WTXCBgQRJkecADMEghkDrIB5kZc0lvfXtVUrovlHC/Wc2o1dmvhgN5I2MyKtlKLAIMrtgg3y2UC OFBf2YLRUINVLQBgZDLA2aySOgmQkzyZTdEXS8AO99pZS6ZMGYarGpiy8Wne6UH3mGAiqOlhOEX b98rqNsBDtafAd/eRsb5JZAHqBXSNAKZBWWgiGmyKfRAjg6HJa+KfRMlBek9yNDfucvQ2r6Hula y6G6hGoIfbSTJ9UcJLL7lCQC5fDxUqnuromRV8M5SFS62tcS6KhpWbeYqzmkaA6BGUSKBQOq0V8 2bPJjs2/pLpewKsHYCQ== X-Proofpoint-GUID: yNHng_GbjatIV3mG8XYevlJnCAe6UiOE X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 lowpriorityscore=0 adultscore=0 impostorscore=0 malwarescore=0 suspectscore=0 phishscore=0 priorityscore=1501 bulkscore=0 clxscore=1015 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" If the guest misbehaves and puts the page tables for its nested guest inside the memory of the nested guest itself, and the guest and nested guest are being mapped with large pages, the shadow mapping will lose synchronization with the actual mapping, since this will cause the large page with the vsie notification bit to be split, but the vsie notification bit will not be propagated to the resulting small pages. Fix this by propagating the vsie_notif bit from large pages to normal pages when splitting a large page. Fixes: 2db149a0a6c5 ("KVM: s390: KVM page table management functions: walks= ") Signed-off-by: Claudio Imbrenda Reviewed-by: Christoph Schlameuss Reviewed-by: Steffen Eiden Reviewed-by: Janosch Frank --- arch/s390/kvm/dat.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/s390/kvm/dat.c b/arch/s390/kvm/dat.c index 670404d4fa44..48b5f2bcf172 100644 --- a/arch/s390/kvm/dat.c +++ b/arch/s390/kvm/dat.c @@ -292,6 +292,7 @@ static int dat_split_ste(struct kvm_s390_mmu_cache *mc,= union pmd *pmdp, gfn_t g pt->ptes[i].val =3D init.val | i * PAGE_SIZE; /* No need to take locks as the page table is not installed yet. */ pgste_init.prefix_notif =3D old.s.fc1.prefix_notif; + pgste_init.vsie_notif =3D old.s.fc1.vsie_notif; pgste_init.pcl =3D uses_skeys && init.h.i; dat_init_pgstes(pt, pgste_init.val); } else { --=20 2.53.0 From nobody Thu Apr 2 23:54:51 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C80803D669E; Wed, 25 Mar 2026 17:13:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458802; cv=none; b=cEE6rMJ6G5PkfWoy8WjnnXzPbksN3Z36s82/q004yFH6wO3rSvKDPY2lddR5dUaLxP5/3GOGb2cO6tFpIIfh0KY90p041bDNyPw/UbCoYvKxkB4U8hs1wSqIOG/0n88DUqihiCSmTJ50qbqkJC2+nRZd1sqUwQJDeNADcUnULAw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458802; c=relaxed/simple; bh=x9Dwo9eGIdpNtx9CuaUZoB/tREQkjX0cqrVUgV6nnlo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Mn9rC0wfwwgGb2RAjFQMKZxSC4sdWt0q261U/XIcrEVRRXdcD5rN0qcJgmaQZDTWM26wzcFiPGcrz1Cl3Us2Z1rJWf2fU4+vz+zBS4J00tUk6Uwk82XSXaksimmyWITnaATU8UvKq/OZdDIHIy9CwYu2KY627dYeZxww/iIMq6M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=r0ML/6tn; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="r0ML/6tn" Received: from pps.filterd (m0353725.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62PBDcJp561845; Wed, 25 Mar 2026 17:13:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=BLMIvelPDKR0ELsTb xsfx05HMFwKnYIBqajoieQu2xI=; b=r0ML/6tnKPFIzP2xnhi/XEHhAigsYUgRm ta1cxk5t3bDFSqDuZYB46qeatGnHUZj60fyt7Hklu81XW/5V6phM1m++wwC9ap2y 4DyLFle/P2eeSJ0FXQrbhhs3mN5tPJaFYIYEpEFl+uSD7XYeipLdvLt85wjsodMB yMmgszE1x8EHbJai/mxQ0L/RFi/bXrnXZ+miaIFQdrRjy631nFETu/GNf61j24pi CHPhS/dDCPfPFxtwtmF+BeIRf4t1LETsDd/6iuQ/KBbsFs88sFdhflvKCpgDx1oV 4kIk+JLuh88SKQIHK/aKHDgbNaFobvorTL+EGfot1aiaPXsdk+myA== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1ky08p1m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:17 +0000 (GMT) Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PEX7iM031614; Wed, 25 Mar 2026 17:13:16 GMT Received: from smtprelay06.fra02v.mail.ibm.com ([9.218.2.230]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 4d25nsyku7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:16 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay06.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDCsf31195432 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:12 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B541320040; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7FCBC20043; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 02/10] KVM: s390: Remove non-atomic dat_crstep_xchg() Date: Wed, 25 Mar 2026 18:13:03 +0100 Message-ID: <20260325171311.182210-3-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfX0sueM1iiaAKD qRe4sTg7mgjeIVHKDdyEe6KDKDjJ7ulrXOYVKPaLzx5mrrFVPzd3XO81zixwBYL8jk84zkB9i+M qlUbx91LYtJ3O9AGKEV2c9WDcS4f8/f2/CrArSEJ6Rwp6X8F+g5OTXmflrXrrdI1UTAfjsmtjjj BxI/zFAzrzsWoV89u10LAI0mm7FenVhKyUjMyIK8B75kdIoBiZWec4DKoLJuhccmvH3fxC4v3/T u7fmCzTq9mb3EMy9oXOrnVcU7dc7UA155FnE4E1/J6tFWXSbBhfd6Tbxrv+suOtAGUngLF6D/GH UjsbdNDXvxvWVJZFKvInep80o9/sszS9ujGHLRSP0B7Ujf+AdgFTc3j/G/94Sf8IDbNvGzLbsn7 nic8Oo2ALlJh2+HmWg3a5ZlaVV0hhlfQLKmevx3HZN+gISGuzKS0VOqiau+NEfotTTtywh3TPNu UdV6hckj/cqqOVvPxrg== X-Authority-Analysis: v=2.4 cv=JK42csKb c=1 sm=1 tr=0 ts=69c417ad cx=c_pps a=bLidbwmWQ0KltjZqbj+ezA==:117 a=bLidbwmWQ0KltjZqbj+ezA==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=V8glGbnc2Ofi9Qvn3v5h:22 a=VnNF1IyMAAAA:8 a=UWa3PdyAdGT8wWmJkKEA:9 X-Proofpoint-ORIG-GUID: 1tDrU8zlLEqwN9VufOqIrleYUR9J0o-k X-Proofpoint-GUID: 1tDrU8zlLEqwN9VufOqIrleYUR9J0o-k X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 clxscore=1015 priorityscore=1501 malwarescore=0 adultscore=0 spamscore=0 suspectscore=0 phishscore=0 lowpriorityscore=0 bulkscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" In practice dat_crstep_xchg() is racy and hard to use correctly. Simply remove it and replace its uses with dat_crstep_xchg_atomic(). This solves some actual races that lead to system hangs / crashes. Opportunistically fix an alignment issue in _gmap_crstep_xchg_atomic(). Signed-off-by: Claudio Imbrenda Fixes: 589071eaaa8f ("KVM: s390: KVM page table management functions: clear= and replace") Fixes: 94fd9b16cc67 ("KVM: s390: KVM page table management functions: lifec= ycle management") Reviewed-by: Steffen Eiden --- arch/s390/kvm/dat.c | 51 +++++++------------------ arch/s390/kvm/dat.h | 9 +++-- arch/s390/kvm/gaccess.c | 26 +++++++------ arch/s390/kvm/gmap.c | 82 ++++++++++++++++++++++++----------------- arch/s390/kvm/gmap.h | 29 +++++++++------ 5 files changed, 100 insertions(+), 97 deletions(-) diff --git a/arch/s390/kvm/dat.c b/arch/s390/kvm/dat.c index 48b5f2bcf172..4d44c0f9ad45 100644 --- a/arch/s390/kvm/dat.c +++ b/arch/s390/kvm/dat.c @@ -134,32 +134,6 @@ int dat_set_asce_limit(struct kvm_s390_mmu_cache *mc, = union asce *asce, int newt return 0; } =20 -/** - * dat_crstep_xchg() - Exchange a gmap CRSTE with another. - * @crstep: Pointer to the CRST entry - * @new: Replacement entry. - * @gfn: The affected guest address. - * @asce: The ASCE of the address space. - * - * Context: This function is assumed to be called with kvm->mmu_lock held. - */ -void dat_crstep_xchg(union crste *crstep, union crste new, gfn_t gfn, unio= n asce asce) -{ - if (crstep->h.i) { - WRITE_ONCE(*crstep, new); - return; - } else if (cpu_has_edat2()) { - crdte_crste(crstep, *crstep, new, gfn, asce); - return; - } - - if (machine_has_tlb_guest()) - idte_crste(crstep, gfn, IDTE_GUEST_ASCE, asce, IDTE_GLOBAL); - else - idte_crste(crstep, gfn, 0, NULL_ASCE, IDTE_GLOBAL); - WRITE_ONCE(*crstep, new); -} - /** * dat_crstep_xchg_atomic() - Atomically exchange a gmap CRSTE with anothe= r. * @crstep: Pointer to the CRST entry. @@ -175,8 +149,8 @@ void dat_crstep_xchg(union crste *crstep, union crste n= ew, gfn_t gfn, union asce * * Return: %true if the exchange was successful. */ -bool dat_crstep_xchg_atomic(union crste *crstep, union crste old, union cr= ste new, gfn_t gfn, - union asce asce) +bool __must_check dat_crstep_xchg_atomic(union crste *crstep, union crste = old, union crste new, + gfn_t gfn, union asce asce) { if (old.h.i) return arch_try_cmpxchg((long *)crstep, &old.val, new.val); @@ -894,7 +868,8 @@ static long _dat_slot_crste(union crste *crstep, gfn_t = gfn, gfn_t next, struct d =20 /* This table entry needs to be updated. */ if (walk->start <=3D gfn && walk->end >=3D next) { - dat_crstep_xchg_atomic(crstep, crste, new_crste, gfn, walk->asce); + if (!dat_crstep_xchg_atomic(crstep, crste, new_crste, gfn, walk->asce)) + return -EINVAL; /* A lower level table was present, needs to be freed. */ if (!crste.h.fc && !crste.h.i) { if (is_pmd(crste)) @@ -1072,17 +1047,19 @@ int dat_link(struct kvm_s390_mmu_cache *mc, union a= sce asce, int level, =20 static long dat_set_pn_crste(union crste *crstep, gfn_t gfn, gfn_t next, s= truct dat_walk *walk) { - union crste crste =3D READ_ONCE(*crstep); + union crste newcrste, oldcrste; int *n =3D walk->priv; =20 - if (!crste.h.fc || crste.h.i || crste.h.p) - return 0; - + do { + oldcrste =3D READ_ONCE(*crstep); + if (!oldcrste.h.fc || oldcrste.h.i || oldcrste.h.p) + return 0; + if (oldcrste.s.fc1.prefix_notif) + break; + newcrste =3D oldcrste; + newcrste.s.fc1.prefix_notif =3D 1; + } while (!dat_crstep_xchg_atomic(crstep, oldcrste, newcrste, gfn, walk->a= sce)); *n =3D 2; - if (crste.s.fc1.prefix_notif) - return 0; - crste.s.fc1.prefix_notif =3D 1; - dat_crstep_xchg(crstep, crste, gfn, walk->asce); return 0; } =20 diff --git a/arch/s390/kvm/dat.h b/arch/s390/kvm/dat.h index 123e11dcd70d..22dafc775335 100644 --- a/arch/s390/kvm/dat.h +++ b/arch/s390/kvm/dat.h @@ -938,11 +938,14 @@ static inline bool dat_pudp_xchg_atomic(union pud *pu= dp, union pud old, union pu return dat_crstep_xchg_atomic(_CRSTEP(pudp), _CRSTE(old), _CRSTE(new), gf= n, asce); } =20 -static inline void dat_crstep_clear(union crste *crstep, gfn_t gfn, union = asce asce) +static inline union crste dat_crstep_clear_atomic(union crste *crstep, gfn= _t gfn, union asce asce) { - union crste newcrste =3D _CRSTE_EMPTY(crstep->h.tt); + union crste oldcrste, empty =3D _CRSTE_EMPTY(crstep->h.tt); =20 - dat_crstep_xchg(crstep, newcrste, gfn, asce); + do { + oldcrste =3D READ_ONCE(*crstep); + } while (!dat_crstep_xchg_atomic(crstep, oldcrste, empty, gfn, asce)); + return oldcrste; } =20 static inline int get_level(union crste *crstep, union pte *ptep) diff --git a/arch/s390/kvm/gaccess.c b/arch/s390/kvm/gaccess.c index a9da9390867d..4ee862424ca0 100644 --- a/arch/s390/kvm/gaccess.c +++ b/arch/s390/kvm/gaccess.c @@ -1456,7 +1456,7 @@ static int _do_shadow_pte(struct gmap *sg, gpa_t radd= r, union pte *ptep_h, union static int _do_shadow_crste(struct gmap *sg, gpa_t raddr, union crste *hos= t, union crste *table, struct guest_fault *f, bool p) { - union crste newcrste; + union crste newcrste, oldcrste; gfn_t gfn; int rc; =20 @@ -1469,16 +1469,20 @@ static int _do_shadow_crste(struct gmap *sg, gpa_t = raddr, union crste *host, uni if (rc) return rc; =20 - newcrste =3D _crste_fc1(f->pfn, host->h.tt, f->writable, !p); - newcrste.s.fc1.d |=3D host->s.fc1.d; - newcrste.s.fc1.sd |=3D host->s.fc1.sd; - newcrste.h.p &=3D host->h.p; - newcrste.s.fc1.vsie_notif =3D 1; - newcrste.s.fc1.prefix_notif =3D host->s.fc1.prefix_notif; - _gmap_crstep_xchg(sg->parent, host, newcrste, f->gfn, false); - - newcrste =3D _crste_fc1(f->pfn, host->h.tt, 0, !p); - dat_crstep_xchg(table, newcrste, gpa_to_gfn(raddr), sg->asce); + do { + oldcrste =3D READ_ONCE(*host); + newcrste =3D _crste_fc1(f->pfn, oldcrste.h.tt, f->writable, !p); + newcrste.s.fc1.d |=3D oldcrste.s.fc1.d; + newcrste.s.fc1.sd |=3D oldcrste.s.fc1.sd; + newcrste.h.p &=3D oldcrste.h.p; + newcrste.s.fc1.vsie_notif =3D 1; + newcrste.s.fc1.prefix_notif =3D oldcrste.s.fc1.prefix_notif; + } while (!_gmap_crstep_xchg_atomic(sg->parent, host, oldcrste, newcrste, = f->gfn, false)); + + newcrste =3D _crste_fc1(f->pfn, oldcrste.h.tt, 0, !p); + gfn =3D gpa_to_gfn(raddr); + while (!dat_crstep_xchg_atomic(table, READ_ONCE(*table), newcrste, gfn, s= g->asce)) + ; return 0; } =20 diff --git a/arch/s390/kvm/gmap.c b/arch/s390/kvm/gmap.c index ef0c6ebfdde2..956be4c01797 100644 --- a/arch/s390/kvm/gmap.c +++ b/arch/s390/kvm/gmap.c @@ -313,13 +313,16 @@ static long gmap_clear_young_crste(union crste *crste= p, gfn_t gfn, gfn_t end, st struct clear_young_pte_priv *priv =3D walk->priv; union crste crste, new; =20 - crste =3D READ_ONCE(*crstep); + do { + crste =3D READ_ONCE(*crstep); + + if (!crste.h.fc) + return 0; + if (!crste.s.fc1.y && crste.h.i) + return 0; + if (crste_prefix(crste) && !gmap_mkold_prefix(priv->gmap, gfn, end)) + break; =20 - if (!crste.h.fc) - return 0; - if (!crste.s.fc1.y && crste.h.i) - return 0; - if (!crste_prefix(crste) || gmap_mkold_prefix(priv->gmap, gfn, end)) { new =3D crste; new.h.i =3D 1; new.s.fc1.y =3D 0; @@ -328,8 +331,8 @@ static long gmap_clear_young_crste(union crste *crstep,= gfn_t gfn, gfn_t end, st folio_set_dirty(phys_to_folio(crste_origin_large(crste))); new.s.fc1.d =3D 0; new.h.p =3D 1; - dat_crstep_xchg(crstep, new, gfn, walk->asce); - } + } while (!dat_crstep_xchg_atomic(crstep, crste, new, gfn, walk->asce)); + priv->young =3D 1; return 0; } @@ -391,14 +394,18 @@ static long _gmap_unmap_crste(union crste *crstep, gf= n_t gfn, gfn_t next, struct { struct gmap_unmap_priv *priv =3D walk->priv; struct folio *folio =3D NULL; + union crste old =3D *crstep; =20 - if (crstep->h.fc) { - if (crstep->s.fc1.pr && test_bit(GMAP_FLAG_EXPORT_ON_UNMAP, &priv->gmap-= >flags)) - folio =3D phys_to_folio(crste_origin_large(*crstep)); - gmap_crstep_xchg(priv->gmap, crstep, _CRSTE_EMPTY(crstep->h.tt), gfn); - if (folio) - uv_convert_from_secure_folio(folio); - } + if (!old.h.fc) + return 0; + + if (old.s.fc1.pr && test_bit(GMAP_FLAG_EXPORT_ON_UNMAP, &priv->gmap->flag= s)) + folio =3D phys_to_folio(crste_origin_large(old)); + /* No races should happen because kvm->mmu_lock is held in write mode */ + KVM_BUG_ON(!gmap_crstep_xchg_atomic(priv->gmap, crstep, old, _CRSTE_EMPTY= (old.h.tt), gfn), + priv->gmap->kvm); + if (folio) + uv_convert_from_secure_folio(folio); =20 return 0; } @@ -474,23 +481,24 @@ static long _crste_test_and_clear_softdirty(union crs= te *table, gfn_t gfn, gfn_t =20 if (fatal_signal_pending(current)) return 1; - crste =3D READ_ONCE(*table); - if (!crste.h.fc) - return 0; - if (crste.h.p && !crste.s.fc1.sd) - return 0; + do { + crste =3D READ_ONCE(*table); + if (!crste.h.fc) + return 0; + if (crste.h.p && !crste.s.fc1.sd) + return 0; =20 - /* - * If this large page contains one or more prefixes of vCPUs that are - * currently running, do not reset the protection, leave it marked as - * dirty. - */ - if (!crste.s.fc1.prefix_notif || gmap_mkold_prefix(gmap, gfn, end)) { + /* + * If this large page contains one or more prefixes of vCPUs that are + * currently running, do not reset the protection, leave it marked as + * dirty. + */ + if (crste.s.fc1.prefix_notif && !gmap_mkold_prefix(gmap, gfn, end)) + break; new =3D crste; new.h.p =3D 1; new.s.fc1.sd =3D 0; - gmap_crstep_xchg(gmap, table, new, gfn); - } + } while (!gmap_crstep_xchg_atomic(gmap, table, crste, new, gfn)); =20 for ( ; gfn < end; gfn++) mark_page_dirty(gmap->kvm, gfn); @@ -646,8 +654,8 @@ int gmap_link(struct kvm_s390_mmu_cache *mc, struct gma= p *gmap, struct guest_fau static int gmap_ucas_map_one(struct kvm_s390_mmu_cache *mc, struct gmap *g= map, gfn_t p_gfn, gfn_t c_gfn, bool force_alloc) { + union crste newcrste, oldcrste; struct page_table *pt; - union crste newcrste; union crste *crstep; union pte *ptep; int rc; @@ -673,7 +681,11 @@ static int gmap_ucas_map_one(struct kvm_s390_mmu_cache= *mc, struct gmap *gmap, &crstep, &ptep); if (rc) return rc; - dat_crstep_xchg(crstep, newcrste, c_gfn, gmap->asce); + do { + oldcrste =3D READ_ONCE(*crstep); + if (oldcrste.val =3D=3D newcrste.val) + break; + } while (!dat_crstep_xchg_atomic(crstep, oldcrste, newcrste, c_gfn, gmap-= >asce)); return 0; } =20 @@ -777,8 +789,10 @@ static void gmap_ucas_unmap_one(struct gmap *gmap, gfn= _t c_gfn) int rc; =20 rc =3D dat_entry_walk(NULL, c_gfn, gmap->asce, 0, TABLE_TYPE_SEGMENT, &cr= step, &ptep); - if (!rc) - dat_crstep_xchg(crstep, _PMD_EMPTY, c_gfn, gmap->asce); + if (rc) + return; + while (!dat_crstep_xchg_atomic(crstep, READ_ONCE(*crstep), _PMD_EMPTY, c_= gfn, gmap->asce)) + ; } =20 void gmap_ucas_unmap(struct gmap *gmap, gfn_t c_gfn, unsigned long count) @@ -1017,8 +1031,8 @@ static void gmap_unshadow_level(struct gmap *sg, gfn_= t r_gfn, int level) dat_ptep_xchg(ptep, _PTE_EMPTY, r_gfn, sg->asce, uses_skeys(sg)); return; } - crste =3D READ_ONCE(*crstep); - dat_crstep_clear(crstep, r_gfn, sg->asce); + + crste =3D dat_crstep_clear_atomic(crstep, r_gfn, sg->asce); if (crste_leaf(crste) || crste.h.i) return; if (is_pmd(crste)) diff --git a/arch/s390/kvm/gmap.h b/arch/s390/kvm/gmap.h index ccb5cd751e31..150e91e15ee0 100644 --- a/arch/s390/kvm/gmap.h +++ b/arch/s390/kvm/gmap.h @@ -194,35 +194,40 @@ static inline union pgste gmap_ptep_xchg(struct gmap = *gmap, union pte *ptep, uni return _gmap_ptep_xchg(gmap, ptep, newpte, pgste, gfn, true); } =20 -static inline void _gmap_crstep_xchg(struct gmap *gmap, union crste *crste= p, union crste ne, - gfn_t gfn, bool needs_lock) +static inline bool __must_check _gmap_crstep_xchg_atomic(struct gmap *gmap= , union crste *crstep, + union crste oldcrste, union crste newcrste, + gfn_t gfn, bool needs_lock) { - unsigned long align =3D 8 + (is_pmd(*crstep) ? 0 : 11); + unsigned long align =3D is_pmd(newcrste) ? _PAGE_ENTRIES : _PAGE_ENTRIES = * _CRST_ENTRIES; + + if (KVM_BUG_ON(crstep->h.tt !=3D oldcrste.h.tt || newcrste.h.tt !=3D oldc= rste.h.tt, gmap->kvm)) + return true; =20 lockdep_assert_held(&gmap->kvm->mmu_lock); if (!needs_lock) lockdep_assert_held(&gmap->children_lock); =20 gfn =3D ALIGN_DOWN(gfn, align); - if (crste_prefix(*crstep) && (ne.h.p || ne.h.i || !crste_prefix(ne))) { - ne.s.fc1.prefix_notif =3D 0; + if (crste_prefix(oldcrste) && (newcrste.h.p || newcrste.h.i || !crste_pre= fix(newcrste))) { + newcrste.s.fc1.prefix_notif =3D 0; gmap_unmap_prefix(gmap, gfn, gfn + align); } - if (crste_leaf(*crstep) && crstep->s.fc1.vsie_notif && - (ne.h.p || ne.h.i || !ne.s.fc1.vsie_notif)) { - ne.s.fc1.vsie_notif =3D 0; + if (crste_leaf(oldcrste) && oldcrste.s.fc1.vsie_notif && + (newcrste.h.p || newcrste.h.i || !newcrste.s.fc1.vsie_notif)) { + newcrste.s.fc1.vsie_notif =3D 0; if (needs_lock) gmap_handle_vsie_unshadow_event(gmap, gfn); else _gmap_handle_vsie_unshadow_event(gmap, gfn); } - dat_crstep_xchg(crstep, ne, gfn, gmap->asce); + return dat_crstep_xchg_atomic(crstep, oldcrste, newcrste, gfn, gmap->asce= ); } =20 -static inline void gmap_crstep_xchg(struct gmap *gmap, union crste *crstep= , union crste ne, - gfn_t gfn) +static inline bool __must_check gmap_crstep_xchg_atomic(struct gmap *gmap,= union crste *crstep, + union crste oldcrste, union crste newcrste, + gfn_t gfn) { - return _gmap_crstep_xchg(gmap, crstep, ne, gfn, true); + return _gmap_crstep_xchg_atomic(gmap, crstep, oldcrste, newcrste, gfn, tr= ue); } =20 /** --=20 2.53.0 From nobody Thu Apr 2 23:54:51 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D5CAD3D9043; Wed, 25 Mar 2026 17:13:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458802; cv=none; b=i70DAFNbrH+gf1q0d4NNZKAgGJ1YlVRlxTYtS3aVPkFOaNEpD9c1iuPnRN1R8Zra2zTIBuIEMkzMRfTenwFWnqNzGLNkgeG+kw7ulHNpQNSiaIRD+stv4INwJ39NrzCmzq91+XJGW+GhKIu4PQmK+y1rBylZmUdjlhHw6k/vYBA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458802; c=relaxed/simple; bh=AD1Wo2ci/5DqF4gGSVesfq5rSxmCnlBmXMXYiJZ+rMg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Xr+swQ40GrFs6zoTH6Rc6y51KE2iV3VquCshYrj1dlK+bFteT3zBZXW58f+XYhATzD1u9r2HtOoMSr54TupBFd6fPFHNDM8BAI5F4zOBHkXSnT0qd0GhYZr8J1vSMVRYiwfHtb8gohsbfOZGmBOH8NF1O+9w/PH9vX2fr6RNELw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=Lk9Qol6l; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Lk9Qol6l" Received: from pps.filterd (m0353725.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62P81GDs3317009; Wed, 25 Mar 2026 17:13:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=lTiUuR+K7zie45gtF ik5T0EO3v+6hZxFUJ+mJC7sVzA=; b=Lk9Qol6loy2zKouijFB+5V5wkDRTGjwIS iwnP1JRTyybQcsQMUK2K2cBZo/k1WN4nYso33GyW+WjIh8GxmcoWHk1EilbZWfc+ Eh6lN9mYMP3vb+HIoblC3htexFgC+gQwnona+vwsoxYr+O8LM/jiEH7LW91eoeNr cO2UEBCEsBF+vKyeRp3O0cG7F1W06ThiYw5dnCtjSgqaiM86EoCYELzztu99kRta Yj8WFtaerKEKG5q3VCPIFGAgCEUQ7czx8yO9jkYNgIEEnZ2Q98gSZq5EIuDSZN5f ajH9hqXdIU6gD4atuLSuj/LWDOEwxzCZAFdOvM6kQrCOg7kPSWVUw== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1ky08p1p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:17 +0000 (GMT) Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PF50Kh031631; Wed, 25 Mar 2026 17:13:16 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 4d25nsyku8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:16 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDDSP46399994 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:13 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F04EE20040; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BAEC62004B; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 03/10] KVM: s390: vsie: Fix check for pre-existing shadow mapping Date: Wed, 25 Mar 2026 18:13:04 +0100 Message-ID: <20260325171311.182210-4-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfX/ylaM9y9kc8J qQVoyPzWhC7zUP4LK427gJ5ZO0yIPCinfJB4oZ0YGVOk0HPVO2EAH090B0gxvht3Rdm9NQkui72 /ahDoL0nHsGQ9RWLrkNx28F4fvF7UqiH1Qbb0L4u3mM1PdBhF4kVvDyrrkdScGASwQkVFtX/r5e Yn3ZlxPK/G7DlFEPKHsbDexMOetgGN9/DZ5i/uW5WUepVwetRlO0PiumZLsRMS9ShFQuRkZf42q rE4IPaZekQotf7Vm0uIGL1HKoI9jsQ4lcIVarRZiPAsM+oNbhntiY8P6HiFKM6R9UJl6Rbla/2U +kG8ZrTk0505T5BpbaUg10H4Dhz/5eAYWt2fiMeVceZI1JynxY7R+gP10m+X6FkbzaHooAWroHq tPetXLaI+wNm2kJ3p9NS0jebEKFdtmllW9Nd5275WAApBaZ7Zx5h7omrjRG0HPv+7D5Fdg3+WNj JEOHwEQDkhzNOtlQPLQ== X-Authority-Analysis: v=2.4 cv=JK42csKb c=1 sm=1 tr=0 ts=69c417ad cx=c_pps a=bLidbwmWQ0KltjZqbj+ezA==:117 a=bLidbwmWQ0KltjZqbj+ezA==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=V8glGbnc2Ofi9Qvn3v5h:22 a=VnNF1IyMAAAA:8 a=IDpXgTtpuR7I2MJaEF4A:9 X-Proofpoint-ORIG-GUID: mu6qjxOasey2VQ5WBsl5dw8oQsLrZsFv X-Proofpoint-GUID: mu6qjxOasey2VQ5WBsl5dw8oQsLrZsFv X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 clxscore=1015 priorityscore=1501 malwarescore=0 adultscore=0 spamscore=0 suspectscore=0 phishscore=0 lowpriorityscore=0 bulkscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" When shadowing a nested guest, a check is performed and no shadowing is attempted if the nested guest is already shadowed. The existing check was incomplete; fix it by also checking whether the leaf DAT table entry in the existing shadow gmap has the same protection as the one specified in the guest DAT entry. Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") Reviewed-by: Steffen Eiden Reviewed-by: Janosch Frank --- arch/s390/kvm/gaccess.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/s390/kvm/gaccess.c b/arch/s390/kvm/gaccess.c index 4ee862424ca0..8fd690255e1b 100644 --- a/arch/s390/kvm/gaccess.c +++ b/arch/s390/kvm/gaccess.c @@ -1506,8 +1506,9 @@ static int _gaccess_do_shadow(struct kvm_s390_mmu_cac= he *mc, struct gmap *sg, if (rc) return rc; =20 - /* A race occourred. The shadow mapping is already valid, nothing to do */ - if ((ptep && !ptep->h.i) || (!ptep && crste_leaf(*table))) + /* A race occurred. The shadow mapping is already valid, nothing to do */ + if ((ptep && !ptep->h.i && ptep->h.p =3D=3D w->p) || + (!ptep && crste_leaf(*table) && !table->h.i && table->h.p =3D=3D w->p= )) return 0; =20 gl =3D get_level(table, ptep); --=20 2.53.0 From nobody Thu Apr 2 23:54:51 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2B5DB401A15; Wed, 25 Mar 2026 17:13:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458811; cv=none; b=BfSBSK7kxlJV4gZlvPQOF+CiMQXnAbLtRUCefES7o9I34Q/VQJV3TDKs9uS8NvSWG0HrkQRz9StUHR2g4Iby9Zq/rsPk1jJk7rbqhZ3sjeRri017DLWNC5iHmEPnGXzHbWJHNN+bk/N/wjUVb42Ept2MrvOlvBVKEvrs3byQxYs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458811; c=relaxed/simple; bh=UQtUEHaQsqRmHnv53TrlrarbtmDWCkbdmo7byFNh86I=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=DQUvs1WpnY57i/RsKUED/EDkc0Gv7n69cFEvIroDWh5/8saIwa1HJGOdRKLjCKhFUalLfbHeo1b6OhfYo42Rbh0y4DrnQYxWNRXjMRx+10soy9K12NWe40kofQthWoCtR+wyjfPx+5O7wKsLNkZYaWb6HFldk3X+KTcryyoTVwI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=McwHpgFp; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="McwHpgFp" Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62PA09r8124777; Wed, 25 Mar 2026 17:13:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=8c26P9cAngHTk0pkx z5TB+Mqm0wiAwcu3yunCC1wMDY=; b=McwHpgFp8Y4Uiybw8qohLxAFB3BpRzn5D E98hfOPjCZxjGLFMI4g2Rv3t9GH99GlrorksV7eSwTsZI/NPloelh3K3vS1auTe7 6XTTmrmrq3tYzbn4yfOBQ9jVtnPZSjkdCkagbTJvQgjAAVuDMDs6LvjDZ7/bInHY 8iydiicD/RAS0CQHUvq2pHIGyy8LzrfT64/jQYOCz8nrWcSpjxo6ZCfC/1HVI2dv QMUcDdPjJcDHBxFiT4n0sRP99C0gDcMkSqR9WHJAv2u4jEnN2S4uWeWn56LEjZFQ 2gOnikayGrtrshVxAe0oc4gnbiuwgu3hpcJVF/aLu1LG8ZzWh3P3g== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1ktv0qx5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:17 +0000 (GMT) Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PG1BRc011824; Wed, 25 Mar 2026 17:13:17 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 4d27vk79c0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:16 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDDlH44040584 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:13 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2DE2F20040; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 01A7520043; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:12 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 04/10] KVM: s390: Fix gmap_link() Date: Wed, 25 Mar 2026 18:13:05 +0100 Message-ID: <20260325171311.182210-5-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 4vKJH0UNDNF2zjngFjAsiLL0SSmDa6uX X-Authority-Analysis: v=2.4 cv=aMr9aL9m c=1 sm=1 tr=0 ts=69c417ad cx=c_pps a=AfN7/Ok6k8XGzOShvHwTGQ==:117 a=AfN7/Ok6k8XGzOShvHwTGQ==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=Y2IxJ9c9Rs8Kov3niI8_:22 a=VnNF1IyMAAAA:8 a=jDauOpCy_z-6rDg_B6MA:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfXzy6py7uo+WEL +CknDwosQi24V6ekUIkqzmbFXZ0ki8jw1k82SXYO++GmB1ili52fajaQZNNqQAkdk0ncyJhkqjc LCY22Eu7ghIToUD+SEDqz6wvviQRert/+VqMK0SsXvTcZUphWqE9ZYarsbfths+e57Fzh4wCUb4 LW1hK1pPoNAuxbytQ5TpPkE1xq13RnAw3gfg8alQ8I4BdZBTQu6oMHqxWssu7bE/Gmv6IRs1Ks7 CeDAEhunYeWp6pVtndH07sYun8LB2sFPdgOn/CWb4rbyquqT93J9YfCbT0ZCIfclkx+/6AQnT9Y nkS0nwxym1CO3Jg2huU19K9KU3pqYXcAAG6+j8iAmEUP3/80WDwFQ0WC2pMRtxPgWFd2QbAiKRK cCyyBUtWYcije3O3yUi7YKtJnFmVIQLWZBqYW7xlfz3YdnCjwaq2s8jAJiyJx6nupSpD0Gyq+LJ C1780fIsyAK1kznrfVw== X-Proofpoint-GUID: 4vKJH0UNDNF2zjngFjAsiLL0SSmDa6uX X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 lowpriorityscore=0 adultscore=0 impostorscore=0 malwarescore=0 suspectscore=0 phishscore=0 priorityscore=1501 bulkscore=0 clxscore=1015 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" The slow path of the fault handler ultimately called gmap_link(), which assumed the fault was a major fault, and blindly called dat_link(). In case of minor faults, things were not always handled properly; in particular the prefix and vsie marker bits were ignored. Move dat_link() into gmap.c, renaming it accordingly. Once moved, the new _gmap_link() function will be able to correctly honour the prefix and vsie markers. This will cause spurious unshadows in some uncommon cases. Signed-off-by: Claudio Imbrenda Fixes: 94fd9b16cc67 ("KVM: s390: KVM page table management functions: lifec= ycle management") Fixes: a2c17f9270cc ("KVM: s390: New gmap code") Reviewed-by: Steffen Eiden --- arch/s390/kvm/dat.c | 48 ------------------------------------- arch/s390/kvm/dat.h | 2 -- arch/s390/kvm/gmap.c | 56 ++++++++++++++++++++++++++++++++++++++++---- 3 files changed, 52 insertions(+), 54 deletions(-) diff --git a/arch/s390/kvm/dat.c b/arch/s390/kvm/dat.c index 4d44c0f9ad45..7b8d70fe406d 100644 --- a/arch/s390/kvm/dat.c +++ b/arch/s390/kvm/dat.c @@ -997,54 +997,6 @@ bool dat_test_age_gfn(union asce asce, gfn_t start, gf= n_t end) return _dat_walk_gfn_range(start, end, asce, &test_age_ops, 0, NULL) > 0; } =20 -int dat_link(struct kvm_s390_mmu_cache *mc, union asce asce, int level, - bool uses_skeys, struct guest_fault *f) -{ - union crste oldval, newval; - union pte newpte, oldpte; - union pgste pgste; - int rc =3D 0; - - rc =3D dat_entry_walk(mc, f->gfn, asce, DAT_WALK_ALLOC_CONTINUE, level, &= f->crstep, &f->ptep); - if (rc =3D=3D -EINVAL || rc =3D=3D -ENOMEM) - return rc; - if (rc) - return -EAGAIN; - - if (WARN_ON_ONCE(unlikely(get_level(f->crstep, f->ptep) > level))) - return -EINVAL; - - if (f->ptep) { - pgste =3D pgste_get_lock(f->ptep); - oldpte =3D *f->ptep; - newpte =3D _pte(f->pfn, f->writable, f->write_attempt | oldpte.s.d, !f->= page); - newpte.s.sd =3D oldpte.s.sd; - oldpte.s.sd =3D 0; - if (oldpte.val =3D=3D _PTE_EMPTY.val || oldpte.h.pfra =3D=3D f->pfn) { - pgste =3D __dat_ptep_xchg(f->ptep, pgste, newpte, f->gfn, asce, uses_sk= eys); - if (f->callback) - f->callback(f); - } else { - rc =3D -EAGAIN; - } - pgste_set_unlock(f->ptep, pgste); - } else { - oldval =3D READ_ONCE(*f->crstep); - newval =3D _crste_fc1(f->pfn, oldval.h.tt, f->writable, - f->write_attempt | oldval.s.fc1.d); - newval.s.fc1.sd =3D oldval.s.fc1.sd; - if (oldval.val !=3D _CRSTE_EMPTY(oldval.h.tt).val && - crste_origin_large(oldval) !=3D crste_origin_large(newval)) - return -EAGAIN; - if (!dat_crstep_xchg_atomic(f->crstep, oldval, newval, f->gfn, asce)) - return -EAGAIN; - if (f->callback) - f->callback(f); - } - - return rc; -} - static long dat_set_pn_crste(union crste *crstep, gfn_t gfn, gfn_t next, s= truct dat_walk *walk) { union crste newcrste, oldcrste; diff --git a/arch/s390/kvm/dat.h b/arch/s390/kvm/dat.h index 22dafc775335..efedcf96110c 100644 --- a/arch/s390/kvm/dat.h +++ b/arch/s390/kvm/dat.h @@ -540,8 +540,6 @@ int dat_set_slot(struct kvm_s390_mmu_cache *mc, union a= sce asce, gfn_t start, gf u16 type, u16 param); int dat_set_prefix_notif_bit(union asce asce, gfn_t gfn); bool dat_test_age_gfn(union asce asce, gfn_t start, gfn_t end); -int dat_link(struct kvm_s390_mmu_cache *mc, union asce asce, int level, - bool uses_skeys, struct guest_fault *f); =20 int dat_perform_essa(union asce asce, gfn_t gfn, int orc, union essa_state= *state, bool *dirty); long dat_reset_cmma(union asce asce, gfn_t start_gfn); diff --git a/arch/s390/kvm/gmap.c b/arch/s390/kvm/gmap.c index 956be4c01797..03e15b5e0b9a 100644 --- a/arch/s390/kvm/gmap.c +++ b/arch/s390/kvm/gmap.c @@ -631,10 +631,60 @@ static inline bool gmap_1m_allowed(struct gmap *gmap,= gfn_t gfn) return test_bit(GMAP_FLAG_ALLOW_HPAGE_1M, &gmap->flags); } =20 +static int _gmap_link(struct kvm_s390_mmu_cache *mc, struct gmap *gmap, in= t level, + struct guest_fault *f) +{ + union crste oldval, newval; + union pte newpte, oldpte; + union pgste pgste; + int rc =3D 0; + + rc =3D dat_entry_walk(mc, f->gfn, gmap->asce, DAT_WALK_ALLOC_CONTINUE, le= vel, + &f->crstep, &f->ptep); + if (rc =3D=3D -ENOMEM) + return rc; + if (KVM_BUG_ON(rc =3D=3D -EINVAL, gmap->kvm)) + return rc; + if (rc) + return -EAGAIN; + if (KVM_BUG_ON(get_level(f->crstep, f->ptep) > level, gmap->kvm)) + return -EINVAL; + + if (f->ptep) { + pgste =3D pgste_get_lock(f->ptep); + oldpte =3D *f->ptep; + newpte =3D _pte(f->pfn, f->writable, f->write_attempt | oldpte.s.d, !f->= page); + newpte.s.sd =3D oldpte.s.sd; + oldpte.s.sd =3D 0; + if (oldpte.val =3D=3D _PTE_EMPTY.val || oldpte.h.pfra =3D=3D f->pfn) { + pgste =3D gmap_ptep_xchg(gmap, f->ptep, newpte, pgste, f->gfn); + if (f->callback) + f->callback(f); + } else { + rc =3D -EAGAIN; + } + pgste_set_unlock(f->ptep, pgste); + } else { + do { + oldval =3D READ_ONCE(*f->crstep); + newval =3D _crste_fc1(f->pfn, oldval.h.tt, f->writable, + f->write_attempt | oldval.s.fc1.d); + newval.s.fc1.sd =3D oldval.s.fc1.sd; + if (oldval.val !=3D _CRSTE_EMPTY(oldval.h.tt).val && + crste_origin_large(oldval) !=3D crste_origin_large(newval)) + return -EAGAIN; + } while (!gmap_crstep_xchg_atomic(gmap, f->crstep, oldval, newval, f->gf= n)); + if (f->callback) + f->callback(f); + } + + return rc; +} + int gmap_link(struct kvm_s390_mmu_cache *mc, struct gmap *gmap, struct gue= st_fault *f) { unsigned int order; - int rc, level; + int level; =20 lockdep_assert_held(&gmap->kvm->mmu_lock); =20 @@ -646,9 +696,7 @@ int gmap_link(struct kvm_s390_mmu_cache *mc, struct gma= p *gmap, struct guest_fau else if (order >=3D get_order(_SEGMENT_SIZE) && gmap_1m_allowed(gmap, f-= >gfn)) level =3D TABLE_TYPE_SEGMENT; } - rc =3D dat_link(mc, gmap->asce, level, uses_skeys(gmap), f); - KVM_BUG_ON(rc =3D=3D -EINVAL, gmap->kvm); - return rc; + return _gmap_link(mc, gmap, level, f); } =20 static int gmap_ucas_map_one(struct kvm_s390_mmu_cache *mc, struct gmap *g= map, --=20 2.53.0 From nobody Thu Apr 2 23:54:51 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C70FC40244C; Wed, 25 Mar 2026 17:13:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458810; cv=none; b=mhHtX60c3dS4fVan9sJhWivG1n7r9DwNAotXrayQNfC9oPbj3jpkjIBs+2pnV7dOTPxjbXbPf2CE23ANwFPf+ikc37XLK8s5je/N3Wl7VFwUiETWwHn1vTwg2AiSe4CHCPbYutrlULWRfA4A2oqt5QZdxgH5iofWiH//1oCHR24= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458810; c=relaxed/simple; bh=VDusSxgoDYGAh2GCyL/uoPtDzMLdO29kDce9PMY4OJo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YpzAWwHG9K2MC30FfmZC3s1X/5OL1nkgrIJRRqM/yV7RlgmT0cIfLXdZ+XoXXsojbp+GnjvrTmlXx6l6Efhw1EwJ+TAO2oldeBu+BHqcfYHWFyR+CMdgcbdM8Cnt7gR/lfp8N0OQDfwj5//GoAAJimihmHj8VAZy71ZADvMrfF0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=Spt7LF4b; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Spt7LF4b" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62PCe3D41172616; Wed, 25 Mar 2026 17:13:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=IPRwo6QncZgKHtfSq 5N2hHB9Ez2BfBUWIR4hvBTz68k=; b=Spt7LF4bCSdsBofWodJHmfbFsEsaY+6tk oXdq/VTcut6qEEZFR5lARiN16etRUUSkilXq5DB3hcMouXd3Hd32RlpAu4SAover NF4kS2ymXC1TVz+YX7QypvP1svNQdHBDyxxdgXvIy6gjVarTH7qyKFG3pDVSC6sw LIjXcyfmQsg064U6at5+0uV4rN3dt/sdW6K5BOZKk4vIy11nERZ7quAJ1a2+StW8 dmRH0FigR20KxDJ3e6bcOZWEriDXnQocbQvgjLWPOC6xpLrUMyo05moS9WHQ2x6A bXl8xQz3e0JERWs4yFvIQfyqVj0DohLpMmK15uBSSHH2QKPNePsng== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1kumrs7j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:17 +0000 (GMT) Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PF1lti005964; Wed, 25 Mar 2026 17:13:17 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4d261yqjwe-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:17 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDDde44040586 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:13 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5FC5E20040; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 336ED2004B; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 05/10] KVM: s390: Correctly handle guest mappings without struct page Date: Wed, 25 Mar 2026 18:13:06 +0100 Message-ID: <20260325171311.182210-6-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: n1Yv5DFcZ_ChFMSf5u9YuUPwqvADQHyc X-Proofpoint-ORIG-GUID: n1Yv5DFcZ_ChFMSf5u9YuUPwqvADQHyc X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfX7BqS9aT8pAd8 IQTE5d7b77gfSFNwGC6KmdiWWGVjrexhWESBNdtu8+H2PbDbNh8rcULRPg3ScYOPjqFPIcFlCi0 9aOp8LkPA04L4B+ISneGstS5altUX7oPbtokBq1Upe4Xs4n6zsEepbfVXiTd2F/kTRu7Ngcgu/p 7hTTJVTzei8YKmLYz+ia66/+SqQUUTVUQdHZl9f3fSQ6w5LHjm4OiWQOaCy5RLF170Ihd7OGjMD fe+cOFZqeSgMyPZb9Ao2z4Q0P2MJJ+gRRNB7KIiBLeD3ImUgeFWcSZOi23HTbhHsXDiNIUer1fV NiwwG9AThdBsXIUmfzSKljKJOQzsn7K98iZmn+VK0rkCnpaHjhdaQD1aWdC4A12w6fZzG98pG+t z4bOiquZKjDo2eRcL1ehk4CnBmZUUEGmL5WimuOFnvYMHssnWKxYc9XGsmIAxCNNrMIL09gZ/mR x3bWMlbBbIxgS5qD8dQ== X-Authority-Analysis: v=2.4 cv=KbXfcAYD c=1 sm=1 tr=0 ts=69c417ad cx=c_pps a=5BHTudwdYE3Te8bg5FgnPg==:117 a=5BHTudwdYE3Te8bg5FgnPg==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=RzCfie-kr_QcCd8fBx8p:22 a=VnNF1IyMAAAA:8 a=x4-NZlbSC-zwRaKax1cA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 impostorscore=0 malwarescore=0 adultscore=0 clxscore=1015 priorityscore=1501 bulkscore=0 lowpriorityscore=0 phishscore=0 spamscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" Introduce a new special softbit for large pages, like already presend for normal pages, and use it to mark guest mappings that do not have struct pages. Whenever a leaf DAT entry becomes dirty, check the special softbit and only call SetPageDirty() if there is an actual struct page. Move the logic to mark pages dirty inside _gmap_ptep_xchg() and _gmap_crstep_xchg_atomic(), to avoid needlessly duplicating the code. Signed-off-by: Claudio Imbrenda Fixes: 5a74e3d93417 ("KVM: s390: KVM-specific bitfields and helper function= s") Fixes: a2c17f9270cc ("KVM: s390: New gmap code") --- arch/s390/kvm/dat.h | 12 ++++++------ arch/s390/kvm/gmap.c | 5 +---- arch/s390/kvm/gmap.h | 4 ++++ 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/arch/s390/kvm/dat.h b/arch/s390/kvm/dat.h index efedcf96110c..874cc962e196 100644 --- a/arch/s390/kvm/dat.h +++ b/arch/s390/kvm/dat.h @@ -160,14 +160,14 @@ union pmd { unsigned long :44; /* HW */ unsigned long : 3; /* Unused */ unsigned long : 1; /* HW */ + unsigned long s : 1; /* Special */ unsigned long w : 1; /* Writable soft-bit */ unsigned long r : 1; /* Readable soft-bit */ unsigned long d : 1; /* Dirty */ unsigned long y : 1; /* Young */ - unsigned long prefix_notif : 1; /* Guest prefix invalidation notificati= on */ unsigned long : 3; /* HW */ + unsigned long prefix_notif : 1; /* Guest prefix invalidation notificati= on */ unsigned long vsie_notif : 1; /* Referenced in a shadow table */ - unsigned long : 1; /* Unused */ unsigned long : 4; /* HW */ unsigned long sd : 1; /* Soft-Dirty */ unsigned long pr : 1; /* Present */ @@ -183,14 +183,14 @@ union pud { unsigned long :33; /* HW */ unsigned long :14; /* Unused */ unsigned long : 1; /* HW */ + unsigned long s : 1; /* Special */ unsigned long w : 1; /* Writable soft-bit */ unsigned long r : 1; /* Readable soft-bit */ unsigned long d : 1; /* Dirty */ unsigned long y : 1; /* Young */ - unsigned long prefix_notif : 1; /* Guest prefix invalidation notificati= on */ unsigned long : 3; /* HW */ + unsigned long prefix_notif : 1; /* Guest prefix invalidation notificati= on */ unsigned long vsie_notif : 1; /* Referenced in a shadow table */ - unsigned long : 1; /* Unused */ unsigned long : 4; /* HW */ unsigned long sd : 1; /* Soft-Dirty */ unsigned long pr : 1; /* Present */ @@ -254,14 +254,14 @@ union crste { struct { unsigned long :47; unsigned long : 1; /* HW (should be 0) */ + unsigned long s : 1; /* Special */ unsigned long w : 1; /* Writable */ unsigned long r : 1; /* Readable */ unsigned long d : 1; /* Dirty */ unsigned long y : 1; /* Young */ - unsigned long prefix_notif : 1; /* Guest prefix invalidation notificati= on */ unsigned long : 3; /* HW */ + unsigned long prefix_notif : 1; /* Guest prefix invalidation notificati= on */ unsigned long vsie_notif : 1; /* Referenced in a shadow table */ - unsigned long : 1; unsigned long : 4; /* HW */ unsigned long sd : 1; /* Soft-Dirty */ unsigned long pr : 1; /* Present */ diff --git a/arch/s390/kvm/gmap.c b/arch/s390/kvm/gmap.c index 03e15b5e0b9a..e9fc471a5141 100644 --- a/arch/s390/kvm/gmap.c +++ b/arch/s390/kvm/gmap.c @@ -544,8 +544,6 @@ static int gmap_handle_minor_crste_fault(union asce asc= e, struct guest_fault *f) newcrste.s.fc1.d =3D 1; newcrste.s.fc1.sd =3D 1; } - if (!oldcrste.s.fc1.d && newcrste.s.fc1.d) - SetPageDirty(phys_to_page(crste_origin_large(newcrste))); /* In case of races, let the slow path deal with it. */ return !dat_crstep_xchg_atomic(f->crstep, oldcrste, newcrste, f->gfn, as= ce); } @@ -576,8 +574,6 @@ static int _gmap_handle_minor_pte_fault(struct gmap *gm= ap, union pgste *pgste, newpte.s.d =3D 1; newpte.s.sd =3D 1; } - if (!oldpte.s.d && newpte.s.d) - SetPageDirty(pfn_to_page(newpte.h.pfra)); *pgste =3D gmap_ptep_xchg(gmap, f->ptep, newpte, *pgste, f->gfn); =20 return 0; @@ -669,6 +665,7 @@ static int _gmap_link(struct kvm_s390_mmu_cache *mc, st= ruct gmap *gmap, int leve oldval =3D READ_ONCE(*f->crstep); newval =3D _crste_fc1(f->pfn, oldval.h.tt, f->writable, f->write_attempt | oldval.s.fc1.d); + newval.s.fc1.s =3D !f->page; newval.s.fc1.sd =3D oldval.s.fc1.sd; if (oldval.val !=3D _CRSTE_EMPTY(oldval.h.tt).val && crste_origin_large(oldval) !=3D crste_origin_large(newval)) diff --git a/arch/s390/kvm/gmap.h b/arch/s390/kvm/gmap.h index 150e91e15ee0..1b900819bab2 100644 --- a/arch/s390/kvm/gmap.h +++ b/arch/s390/kvm/gmap.h @@ -185,6 +185,8 @@ static inline union pgste _gmap_ptep_xchg(struct gmap *= gmap, union pte *ptep, un else _gmap_handle_vsie_unshadow_event(gmap, gfn); } + if (!ptep->s.d && newpte.s.d && !ptep->s.s) + SetPageDirty(pfn_to_page(newpte.h.pfra)); return __dat_ptep_xchg(ptep, pgste, newpte, gfn, gmap->asce, uses_skeys(g= map)); } =20 @@ -220,6 +222,8 @@ static inline bool __must_check _gmap_crstep_xchg_atomi= c(struct gmap *gmap, unio else _gmap_handle_vsie_unshadow_event(gmap, gfn); } + if (!oldcrste.s.fc1.d && newcrste.s.fc1.d && !oldcrste.s.fc1.s) + SetPageDirty(phys_to_page(crste_origin_large(newcrste))); return dat_crstep_xchg_atomic(crstep, oldcrste, newcrste, gfn, gmap->asce= ); } =20 --=20 2.53.0 From nobody Thu Apr 2 23:54:51 2026 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 23C5D3FCB1C; Wed, 25 Mar 2026 17:13:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458810; cv=none; b=e/VOcwNSjaoI77XZE77bkG8Mg5mtYS6V3idBxmsV3YibeRBemUILMK7vEQBrsGUw5yOzgw9a7y++rGkKUvzZl9mpPZL0QbqHbMsLgGcfyxofG6iK3uJtLAZw8cozCctyxjxUo9N1PbATXesIlTlweKDVgJbQqXcODgrk2zp385s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458810; c=relaxed/simple; bh=TUIP8O/Lmpp9kp3YWRLfpndaoRJAsPL8xMtXjD9HidQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Bmdq4NAet7l422K5XSjcQ9EzR7wH03PtKurydg/VQ7WFHmwbaIR0DPjPKQudOnt1wdsPkeDJ70FRZzjzq3FaaV7ncVyGwic7NkSvcTUNwiZx3fMvF1k6BgQouoOKhGVf+W7TTCP1jgpiQNnw3pSLzIm/N7diwUHBoILVrBZ/V70= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=Zo2sRYaM; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Zo2sRYaM" Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62PBXv0i618716; Wed, 25 Mar 2026 17:13:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=TPCEcBpmx9auzUSLj 7LRAxCfvlT/PVkVjehko+uH5/0=; b=Zo2sRYaMLREAmFKd/fVZ62T4UCJrspweE SCAqgjq20SpgAyYMhbwHnPW6CuYRu1za7S/VsqC8bFs1YVYl4EFtYZrYA+1yEV/d YjQRR3x2nngrG1bGZ5wM/rLYroWIYUHWHNIN6zFGSOTDcMKEm9hYjE0Dso4eFQl3 i6b/LdbHxccly7NByhbr8kitFhuPReeIqjVoPjBnWcCqvrX1VfAPqVz3xDujkexg iV7SuBU9XX+rEmV2429/7StaK5JKs6Tqsc8QZwWbUQ4e+3KNXReTA4Qyq8y3PDMP YDOB1Zbz/xv/mqplMYtpGciNATcEgxc9QgHFTuePYQLlJklQG6GJA== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1kty1hkk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:18 +0000 (GMT) Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PG1BRd011824; Wed, 25 Mar 2026 17:13:17 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 4d27vk79c2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:17 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDDvF44040588 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:13 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 930F620040; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6674520043; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 06/10] KVM: s390: vsie: Fix nested guest memory shadowing Date: Wed, 25 Mar 2026 18:13:07 +0100 Message-ID: <20260325171311.182210-7-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Authority-Analysis: v=2.4 cv=IqITsb/g c=1 sm=1 tr=0 ts=69c417ae cx=c_pps a=AfN7/Ok6k8XGzOShvHwTGQ==:117 a=AfN7/Ok6k8XGzOShvHwTGQ==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=uAbxVGIbfxUO_5tXvNgY:22 a=VnNF1IyMAAAA:8 a=qWq0Kag4T7NBTqZ9-FgA:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfX4vcXyDNEObCC WzdaPZFdFP8L3oy0kOTJhtqPMRbKPYoC+Aw2X1EtyBs9LRsEENuVGnNZ33Lh891Im3O0mUCee2m dljhVAkMbsGnRhgMRz4bQ8/++A08pWVxHOH4hFJsiQ9cn9byUGWTDpju7FnaIMpY4tR0i8HK+w5 /zRKvpWrb5wi4WX6EGPJZPEEB6gKN9Y2Mkx03GbRAw0/8EIxxvBVCrE6s2aIDlejR30Q95RxNdR H6uuXbh3rBl649Ow1KrRlquOAL3U2hKVPYHjiyd5W5ddp2IXUFfFNfsWO5m/GulRXEiUwy2yIX8 cTsS8aJzGYBigsJJpImR7NVrPjtg/PMPA5dzMzsRWmidcGwhe2gditS6xk+7Oc8X+EEQ+pUVm8F cAXuTtk2OQqVMZZlLQFBGwNH2SlxY33Ie6VOLN39WTBeb8QJdIZ138XUq2bjswWQf09dg3qRM75 8ighdEX5U/GiZ2oulaw== X-Proofpoint-GUID: ysqmxU_ZB-yLVL-UzdrHjJTqTDwp_LGb X-Proofpoint-ORIG-GUID: ysqmxU_ZB-yLVL-UzdrHjJTqTDwp_LGb X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 clxscore=1015 spamscore=0 impostorscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0 priorityscore=1501 lowpriorityscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" Fix _do_shadow_pte() to use the correct pointer (guest pte instead of nested guest) to set up the new pte. Add a check to return -EOPNOTSUPP if the mapping for the nested guest is writeable but the same page in the guest is only read-only. Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") --- arch/s390/kvm/gaccess.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/arch/s390/kvm/gaccess.c b/arch/s390/kvm/gaccess.c index 8fd690255e1b..6655c214f2d7 100644 --- a/arch/s390/kvm/gaccess.c +++ b/arch/s390/kvm/gaccess.c @@ -1436,10 +1436,12 @@ static int _do_shadow_pte(struct gmap *sg, gpa_t ra= ddr, union pte *ptep_h, union =20 if (!pgste_get_trylock(ptep_h, &pgste)) return -EAGAIN; - newpte =3D _pte(f->pfn, f->writable, !p, 0); - newpte.s.d |=3D ptep->s.d; - newpte.s.sd |=3D ptep->s.sd; - newpte.h.p &=3D ptep->h.p; + newpte =3D _pte(f->pfn, f->writable, !p, ptep_h->s.s); + newpte.s.d |=3D ptep_h->s.d; + newpte.s.sd |=3D ptep_h->s.sd; + newpte.h.p &=3D ptep_h->h.p; + if (!newpte.h.p && !f->writable) + return -EOPNOTSUPP; pgste =3D _gmap_ptep_xchg(sg->parent, ptep_h, newpte, pgste, f->gfn, fals= e); pgste.vsie_notif =3D 1; pgste_set_unlock(ptep_h, pgste); @@ -1477,6 +1479,9 @@ static int _do_shadow_crste(struct gmap *sg, gpa_t ra= ddr, union crste *host, uni newcrste.h.p &=3D oldcrste.h.p; newcrste.s.fc1.vsie_notif =3D 1; newcrste.s.fc1.prefix_notif =3D oldcrste.s.fc1.prefix_notif; + newcrste.s.fc1.s =3D oldcrste.s.fc1.s; + if (!newcrste.h.p && !f->writable) + return -EOPNOTSUPP; } while (!_gmap_crstep_xchg_atomic(sg->parent, host, oldcrste, newcrste, = f->gfn, false)); =20 newcrste =3D _crste_fc1(f->pfn, oldcrste.h.tt, 0, !p); --=20 2.53.0 From nobody Thu Apr 2 23:54:51 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AB9EA3F7874; Wed, 25 Mar 2026 17:13:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458803; cv=none; b=boyEKS7q+Yy2RJcomkcRC04WFM2Ftl//istvt6UwAMLlF8yjOz3y5nC3cOy+Ydi4TUfHucdh1SPaRBhKjcPL9Px6LlyCW0TV4brGCbWZeXifousvtjPGmIt4hvDUQ1AZQexL9S7HloshAaW/bAPLF8qf/p5BFP0ZqHf15dPdHLo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458803; c=relaxed/simple; bh=MHdHLXyH7iuszd98LWnqBxEDGf2GEpHU/fgdAeQvjjg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YxIwGlzn2OROjUk+pGQ59fuTqyzknIOnec/Q8VO/qxFV3Rb2h1vqCrzjcwri5xa/3N/wKoPRaIk1Y2dAjLBcl60eS+o6VhyQyzcDgTzSRv2OxrpMm9olEd2s3kQmZuOmUtoF/bGzLMy/+2WSlkW93ixjv7nMysMuw+FwWkhAh+k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=Fd4LaAXw; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Fd4LaAXw" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62PC16LL819878; Wed, 25 Mar 2026 17:13:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=vT3yYaXEv73JcuJ65 PY4vf5XD+MWDZsakgN4+t2qViA=; b=Fd4LaAXwiaQFL9prED45BohYWNXHalQ2z cXCfZRfTZblABrVgmDDDLnfuNrLsb8R93fD4eBf0FtQXa5uGzKo/escEBvYZ2ZrR Ze95XvOHZbT+/+7m7+47P4AySZoE5kO9ugjEHqMdl/Os1ClqmTIo5+k1iTEd+BYt CpBSXnVRJICi8xC856jkOMYZ4uk/iUIuNXX7kCYCPWYincBkvDBFzUKPZFh+C+4K 723HTQNBXFzElMag10d2f5V2Vo9KddAgI1yxmzd83zUO0kNtLK+WwlBw+yc87TmR 0KM0b/TgguYNq5ZFlkIDafgHdu13nlAHgnfYS1miCs3v0Ctl6VYCg== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1kumrs7k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:18 +0000 (GMT) Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PH1jbK004398; Wed, 25 Mar 2026 17:13:17 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 4d28c277eh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:17 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDDXb50004262 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:14 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D017320040; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 993DB2004B; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 07/10] KVM: s390: vsie: Fix refcount overflow for shadow gmaps Date: Wed, 25 Mar 2026 18:13:08 +0100 Message-ID: <20260325171311.182210-8-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: QZETVS9WpY0SnRo30DsNo3v7eM-3PfOr X-Proofpoint-ORIG-GUID: QZETVS9WpY0SnRo30DsNo3v7eM-3PfOr X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfXwlI8S6hzHYQ/ 4TyzPP2dG1VxXxuMWYdDV+BVHzQwfhWToIvbjOLYcWr1D28ZcYyA6vexWkBxRuGByt0ohpEBpKv 1aXjA03XGJ5fpHR32tEvR54WcWNwD5J2yorDaDVjx1WaFpJNaDwitzr1P0xyZ695RsFOJhoRv/k I65Iq66xEWnKbOD9bykwAreXziIq0gRG8I9ObKpIdYzJmqUEwSXq/niF7q+FyhoCGRF50WjOScL 7WZN8wPkon/aK0WQwu+4fNRQNQxiZF4to4ksky7RPUX5Vh0zX4S2oNpZwodYEpRKYB8tv3mLRXm UnOXISTx4XzCOEtr2ZSN8y9LcFixxBkDa41pEKbU15l+1lnotav3CGD7wtQZJ/a34rzMykol+xD erJ7mnG2w4WaTD8hCg79qJzD6kaSifBDDH2lQTJq28EDhb7dbi2/uZ45gtRTfrdhwXXubfa+8JM X7jDwidHhA/tM8neGTw== X-Authority-Analysis: v=2.4 cv=KbXfcAYD c=1 sm=1 tr=0 ts=69c417ae cx=c_pps a=aDMHemPKRhS1OARIsFnwRA==:117 a=aDMHemPKRhS1OARIsFnwRA==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=RzCfie-kr_QcCd8fBx8p:22 a=VnNF1IyMAAAA:8 a=h1h-QmE6hYAJ3QnyM7YA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 impostorscore=0 malwarescore=0 adultscore=0 clxscore=1015 priorityscore=1501 bulkscore=0 lowpriorityscore=0 phishscore=0 spamscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" In most cases gmap_put() was not called when it should have. Add the missing gmap_put() in vsie_run(). Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") Reviewed-by: Steffen Eiden Reviewed-by: Janosch Frank --- arch/s390/kvm/vsie.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/s390/kvm/vsie.c b/arch/s390/kvm/vsie.c index 0330829b4046..72895dddc39a 100644 --- a/arch/s390/kvm/vsie.c +++ b/arch/s390/kvm/vsie.c @@ -1328,7 +1328,7 @@ static void unregister_shadow_scb(struct kvm_vcpu *vc= pu) static int vsie_run(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page) { struct kvm_s390_sie_block *scb_s =3D &vsie_page->scb_s; - struct gmap *sg; + struct gmap *sg =3D NULL; int rc =3D 0; =20 while (1) { @@ -1368,6 +1368,8 @@ static int vsie_run(struct kvm_vcpu *vcpu, struct vsi= e_page *vsie_page) sg =3D gmap_put(sg); cond_resched(); } + if (sg) + sg =3D gmap_put(sg); =20 if (rc =3D=3D -EFAULT) { /* --=20 2.53.0 From nobody Thu Apr 2 23:54:51 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 172283FBEBF; Wed, 25 Mar 2026 17:13:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458803; cv=none; b=rRU3k7+qny7t366W9wDLvcOFaIGJ3yFiiwcVf+HUGBPfGDr09gl8iJQK4jnbY6GTKcaiCtEX6AhRxe3W2oOqvyoW7zcbSLRrDO62IqsuqO9MgqHa9vr6RsEpDQm2ynrglNL6UxtWskcsn/IjX0FFc3twMpPi28zaDtVRuti4lvY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458803; c=relaxed/simple; bh=fT8kuQUNTcFvgYxXyH7xCJKkML3OI/fwUx81PVutaXw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UHzKkc0b3oKjgnwerxmXQwb1VDHOmDSUKVyDdAF3h32XCicsu1iuzr2KxzLW8rPQaYSlAboqo09Jlxh8k+Cjwr/9MQBmGpHRujH8QcFF4iTVNh8Ya8KIbEKgRIp1MYx+J7C2Hv1Oskk9DxRGcH5F3y7zvBk1vwK2tsK5xK/DMEM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=G8yWlfNu; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="G8yWlfNu" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62PCNxEZ657656; Wed, 25 Mar 2026 17:13:19 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=uTY4JC4uePjsunCjP OFbLJv6BlIVgSM4Oskc+97kd7o=; b=G8yWlfNuaqwRdK7RmJ52p9prxdfkZnW8g DtuRtMA3e0ow4+askGQ/geitnil6SikkTGD6/vB3hDMoztl7ONCvh+RVKNLwIkjz ZZ50/RBUjIb8aWkB3FJmJuMSDIu4YKoRXdAw/ewvz+8RGk50E8VelIabdxmyKbIR e6vmWwRsWlyi4/zkcDgfHm7TGNm2J5a2Q44sivbMTE4lfr9t01JI8ysFhaJZlOgE cdAveSz1At0P5milx2yYjQYHbQBt4USsbvYfDfmaiqAl6WRMz7hH1Lf43EkIic02 u48uJZm5WczMEzt/Hf2qxAfl+k4Uqs8GTvpeRWWegxVgmSMdpuHCw== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1kumrs7n-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:18 +0000 (GMT) Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PF1ltj005964; Wed, 25 Mar 2026 17:13:18 GMT Received: from smtprelay01.fra02v.mail.ibm.com ([9.218.2.227]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4d261yqjwg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:18 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay01.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDEvA51839414 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:14 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0D6ED2004E; Wed, 25 Mar 2026 17:13:14 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D63EC20043; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:13 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 08/10] KVM: s390: vsie: Fix unshadowing while shadowing Date: Wed, 25 Mar 2026 18:13:09 +0100 Message-ID: <20260325171311.182210-9-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: Esu-TKNJiZE070vHugBytZPEi62e_Q0R X-Proofpoint-ORIG-GUID: Esu-TKNJiZE070vHugBytZPEi62e_Q0R X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfX411TuMWCRB3M GJgYKpempwFhCjXAwv5UwQde75lQJBK0loOKgKQjQzHCp7xneaaY4FcY2w+pIJdA5KR5g5Nqu/8 xngHvrjYBKerpZgccGvcfB4T3yHvxI7v+TxyFPkJT1FexalGkUX8x+VgkL1pIeKZCV5aSJU4gyE ME0soYKr0VR005wo4zTWN+Pam0Y4WThsY6fzRVQVOZaY1UFad3Ihyv/mgYNzeDY6rNxY7ErFg2b 2tW7Vj61ECCs3BpBJ979XhfNCqYfSDqvJrc92oj+YChnTxVvycnCBSFUsSQd6Rx4PAOosFZjLIv X6Clp33GmOZhJiRqMZuKMyfvwBKHkIGKIjUtPByQSvxMA2r8DEXv+0oQkIeqs3IQWtj/o3wM/+L cI8gncaZNHwRqfDwSdjLdV8EW0dFYGekS0QiYB3xOE/FL4yQvfz588OfrJInp5PgMR9juw3kZS8 vJrmyP+3EvmdcG+VJUA== X-Authority-Analysis: v=2.4 cv=KbXfcAYD c=1 sm=1 tr=0 ts=69c417ae cx=c_pps a=5BHTudwdYE3Te8bg5FgnPg==:117 a=5BHTudwdYE3Te8bg5FgnPg==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=RzCfie-kr_QcCd8fBx8p:22 a=VnNF1IyMAAAA:8 a=rP4LS0jab8kgWfQMVEcA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 impostorscore=0 malwarescore=0 adultscore=0 clxscore=1015 priorityscore=1501 bulkscore=0 lowpriorityscore=0 phishscore=0 spamscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" If shadowing causes the shadow gmap to get unshadowed, exit early to prevent an attempt to dereference the parent pointer, which at this point is NULL. Opportunistically add some more checks to prevent NULL parents. Signed-off-by: Claudio Imbrenda Fixes: a2c17f9270cc ("KVM: s390: New gmap code") Fixes: e5f98a6899bd ("KVM: s390: Add some helper functions needed for vSIE") Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") --- arch/s390/kvm/gaccess.c | 5 +++++ arch/s390/kvm/gmap.c | 11 ++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/arch/s390/kvm/gaccess.c b/arch/s390/kvm/gaccess.c index 6655c214f2d7..d14c2b40a5f6 100644 --- a/arch/s390/kvm/gaccess.c +++ b/arch/s390/kvm/gaccess.c @@ -1472,6 +1472,9 @@ static int _do_shadow_crste(struct gmap *sg, gpa_t ra= ddr, union crste *host, uni return rc; =20 do { + /* _gmap_crstep_xchg_atomic() could have unshadowed this shadow gmap */ + if (!sg->parent) + return -EAGAIN; oldcrste =3D READ_ONCE(*host); newcrste =3D _crste_fc1(f->pfn, oldcrste.h.tt, f->writable, !p); newcrste.s.fc1.d |=3D oldcrste.s.fc1.d; @@ -1527,6 +1530,8 @@ static int _gaccess_do_shadow(struct kvm_s390_mmu_cac= he *mc, struct gmap *sg, entries[i - 1].pfn, i, entries[i - 1].writable); if (rc) return rc; + if (!sg->parent) + return -EAGAIN; } =20 rc =3D dat_entry_walk(NULL, entries[LEVEL_MEM].gfn, sg->parent->asce, DAT= _WALK_LEAF, diff --git a/arch/s390/kvm/gmap.c b/arch/s390/kvm/gmap.c index e9fc471a5141..b19020470b13 100644 --- a/arch/s390/kvm/gmap.c +++ b/arch/s390/kvm/gmap.c @@ -1160,6 +1160,7 @@ struct gmap_protect_asce_top_level { static inline int __gmap_protect_asce_top_level(struct kvm_s390_mmu_cache = *mc, struct gmap *sg, struct gmap_protect_asce_top_level *context) { + struct gmap *parent; int rc, i; =20 guard(write_lock)(&sg->kvm->mmu_lock); @@ -1167,7 +1168,12 @@ static inline int __gmap_protect_asce_top_level(stru= ct kvm_s390_mmu_cache *mc, s if (kvm_s390_array_needs_retry_safe(sg->kvm, context->seq, context->f)) return -EAGAIN; =20 - scoped_guard(spinlock, &sg->parent->children_lock) { + parent =3D READ_ONCE(sg->parent); + if (!parent) + return -EAGAIN; + scoped_guard(spinlock, &parent->children_lock) { + if (READ_ONCE(sg->parent) !=3D parent) + return -EAGAIN; for (i =3D 0; i < CRST_TABLE_PAGES; i++) { if (!context->f[i].valid) continue; @@ -1250,6 +1256,9 @@ struct gmap *gmap_create_shadow(struct kvm_s390_mmu_c= ache *mc, struct gmap *pare struct gmap *sg, *new; int rc; =20 + if (WARN_ON(!parent)) + return ERR_PTR(-EINVAL); + scoped_guard(spinlock, &parent->children_lock) { sg =3D gmap_find_shadow(parent, asce, edat_level); if (sg) { --=20 2.53.0 From nobody Thu Apr 2 23:54:51 2026 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A1E2F3EAC6E; Wed, 25 Mar 2026 17:13:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458803; cv=none; b=cIRAzQA/Oznnsim7bl9y7UJUDQ7qWEriSPJHcTTT4StikRnuZ+wmuGgzx2QGX33xKLoc7BpucecfWnR9RVNLszskjXxVF1QHmLBeoXzRcWjvestT9hOOetYOpPf+rQ3edODSKyHfUYjdZ7SQqUhkjkK7L+FD4+1ouU/NIHZrlO8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458803; c=relaxed/simple; bh=BfFDQhRZDrv4l0o+P3Cy0EH03udwA6HONdyDCIFFhcc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=X244FXC5dHDosUBQBdrcrLvPxbRpAcqm7q2HJzgLTX8DPCYY/rNUO90+a+RQ2NcYk2ksw6Nd709hmLhx7ngVI/AzWLR8S5votRUZpZaSzz82kIsXJE4MwDCNNEgyd2230K42Fk/Myu3vxFmx4K1LGgYJyVHpy9+VhPp8cXIvcUk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=TwvxVy59; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="TwvxVy59" Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62P79cpr3658690; Wed, 25 Mar 2026 17:13:19 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=NdwMd3nY6aIO9OYui lud7peguS/0BsSYLd82BEoMteo=; b=TwvxVy59ZD7Dsfe8Oufhzq4P/QVEvjmvc X+X0CTjwdxvIGMJXZQjbOKaE/3Pw3594n2gjlTsPKHknIWxjEQx6L3ZuErVvKI6O 992IStT3PwHC61kZqSt5fDExmhGdxVFnPlCyRXE9ttPtwebvh35asOwJ1ox+ExOu +LqDsoJmFF8Z1zrzORlD2SxjZXATdx03gbInJ3kjkw1UoPfWM6xcslQZ1ajCPekl uw37CLO6MW+5L1zaE5LbeK3uDvleeld5qWvHeukWx4uaIqk4a5NQ73hX6HfaX4j/ fH0IzqblP+Y3SyQMqsSpHxEM9OVrD4X2JCmG19yXu+xriYGDNFtWw== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1kty1hkm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:18 +0000 (GMT) Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PGVb8K011778; Wed, 25 Mar 2026 17:13:18 GMT Received: from smtprelay01.fra02v.mail.ibm.com ([9.218.2.227]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 4d27vk79c3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:17 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay01.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDEkk50987414 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:14 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3F77320043; Wed, 25 Mar 2026 17:13:14 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 13B8720040; Wed, 25 Mar 2026 17:13:14 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:14 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 09/10] KVM: s390: vsie: Fix guest page tables protection Date: Wed, 25 Mar 2026 18:13:10 +0100 Message-ID: <20260325171311.182210-10-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Authority-Analysis: v=2.4 cv=IqITsb/g c=1 sm=1 tr=0 ts=69c417ae cx=c_pps a=AfN7/Ok6k8XGzOShvHwTGQ==:117 a=AfN7/Ok6k8XGzOShvHwTGQ==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=uAbxVGIbfxUO_5tXvNgY:22 a=VnNF1IyMAAAA:8 a=oWLg5jHnNaD6DMA7ueYA:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfX0YUk2ITb0ocv v8D+vaUFwkv45+Ri0xJTU6ylvpIRI2+wcnAgNb4F61DPTt1idv8ovh7+h7FYM2HdJGoLz4pTt8O XfnfgaLUlfj4p+8/NzP8R5C/4/U9pJwzJE4Yfzq3CH8Dh5s0rryfgO9TjJqOgmcPbD2zDvQabyq v2TfG+9JU3LCOG/pjFCZ8Po1B2lpQ/lQV00x/HAL928ghRJRekrkjmJs6RGdkpPqHUZkST6DHe4 JTNerUvdF+9pd6iFWFjt3kaSx6afAo/r0NVijV//CC/kJZRWO4UCAFC1RLGeBxkaGUlpaQfHjw8 tlWHxATKR77oWx925YEil4kvO12y2Cmrk/V0Qh0M1FGUzlAOzipUcytjCwL/gDtk+yN93h1Yzr+ 09GYPwqXv9KxtlWdrnYRhgEUw6jnxTUBPfX/Z+s9cxsnwj1W2RRXRbNSmxPXNe7utv4Bv0TyL7l rZkdGfdmUhKGNSwGizg== X-Proofpoint-GUID: iwooQRwca2NKRELhoSLK7ibiyv_Ssu7I X-Proofpoint-ORIG-GUID: iwooQRwca2NKRELhoSLK7ibiyv_Ssu7I X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 clxscore=1015 spamscore=0 impostorscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0 priorityscore=1501 lowpriorityscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" When shadowing, the guest page tables are write-protected, in order to trap changes and properly unshadow the shadow mapping for the nested guest. Already shadowed levels are skipped, so that only the needed levels are write protected. Currently the levels that get write protected are exactly one level too deep: the last level (nested guest memory) gets protected in the wrong way, and will be protected again correctly a few lines afterwards; most importantly, the highest non-shadowed level does *not* get write protected. Moreover, if the nested guest is running in a real address space, there are no DAT tables to shadow. Write protect the correct levels, so that all the levels that need to be protected are protected, and avoid double protecting the last level; skip attempting to shadow the DAT tables when the nested guest is running in a real address space. Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") Tested-by: Christian Borntraeger Reviewed-by: Janosch Frank --- arch/s390/kvm/gaccess.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/arch/s390/kvm/gaccess.c b/arch/s390/kvm/gaccess.c index d14c2b40a5f6..93d03e0fd704 100644 --- a/arch/s390/kvm/gaccess.c +++ b/arch/s390/kvm/gaccess.c @@ -1521,13 +1521,20 @@ static int _gaccess_do_shadow(struct kvm_s390_mmu_c= ache *mc, struct gmap *sg, =20 gl =3D get_level(table, ptep); =20 + /* In case of a real address space */ + if (w->level <=3D LEVEL_MEM) { + l =3D TABLE_TYPE_PAGE_TABLE; + hl =3D TABLE_TYPE_REGION1; + goto real_address_space; + } + /* * Skip levels that are already protected. For each level, protect * only the page containing the entry, not the whole table. */ for (i =3D gl ; i >=3D w->level; i--) { - rc =3D gmap_protect_rmap(mc, sg, entries[i - 1].gfn, gpa_to_gfn(saddr), - entries[i - 1].pfn, i, entries[i - 1].writable); + rc =3D gmap_protect_rmap(mc, sg, entries[i].gfn, gpa_to_gfn(saddr), + entries[i].pfn, i + 1, entries[i].writable); if (rc) return rc; if (!sg->parent) @@ -1543,6 +1550,7 @@ static int _gaccess_do_shadow(struct kvm_s390_mmu_cac= he *mc, struct gmap *sg, /* Get the smallest granularity */ l =3D min3(gl, hl, w->level); =20 +real_address_space: flags =3D DAT_WALK_SPLIT_ALLOC | (uses_skeys(sg->parent) ? DAT_WALK_USES_= SKEYS : 0); /* If necessary, create the shadow mapping */ if (l < gl) { --=20 2.53.0 From nobody Thu Apr 2 23:54:51 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 525E83FE66C; Wed, 25 Mar 2026 17:13:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458803; cv=none; b=pqhk6XwyTTkJM+Zau6uVcy7jj4+QlY6BhBnRi400bIsV5FHlh9aQk3+nZVIw9K70M6y6EUMARm86UdrgkfCZy74lVIcQsRur088lXYnqSV64In8aGlHVM56ZZzjzyw+HjS6hj/bSqSv06rfS+B5KY0xWYMcicdpCavUb1lXXnYE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774458803; c=relaxed/simple; bh=MF+Zuv+lsaPruI6piauc3ZYmB9fzDQCGBuH85He0KhY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=B//lNJ9kxDJ/MqQ06Xjoj5aHlG9iXvJYZNZURXS76MZwZy1BmEKvDpc5p2P/GE37p6FVGg6sYcIg1tDis0gCvsZtrAAI7Ry7uyYwCxuv93hhMZYBlC/WDyPgqIN37a4VgHZRL063HZsQLbx4rntZCqXljbhxElydvjVGItAo2Zk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=CXkoC4a+; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="CXkoC4a+" Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 62P8vMWq3893308; Wed, 25 Mar 2026 17:13:19 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=nOxwK00xduMxcZUaX ts66Eik8r+8wlNhFapP0KVtJco=; b=CXkoC4a+PBSMGfJ6DQamqEGckxDv63e7v a3EXiAZhQelsP81dGoMzEfQx9gzIkVWpwsnnVwm+oHpdGv5FceEDm7VWZfmLdxNl OC8tdy37Ac/ltU6u9l+qSbRe+ERtk10Ixl9cu9BjnU/MvG27j4IRm/I1kc2al0zQ t8+7qIHpoFfpo+yUdp2cNYjW5flGytsOxa3CjSWbBHx/MZ+DXKf0+sw+ibzxTJk5 4+tdufn+iKQ/wJKX/OE+CxVQc4FpdmhoZila3MpM657TR/S7wiR7WYa7YbkMJyG9 9wNtf2lIysH1ip04RuecK2wd00H/znO89q9C1Xfp+7Ex5VZBRvR9A== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4d1ktv0qx8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:19 +0000 (GMT) Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 62PEnsT9006009; Wed, 25 Mar 2026 17:13:18 GMT Received: from smtprelay01.fra02v.mail.ibm.com ([9.218.2.227]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4d261yqjwh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Mar 2026 17:13:18 +0000 Received: from smtpav03.fra02v.mail.ibm.com (smtpav03.fra02v.mail.ibm.com [10.20.54.102]) by smtprelay01.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 62PHDEcv50987416 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 25 Mar 2026 17:13:14 GMT Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7188C20040; Wed, 25 Mar 2026 17:13:14 +0000 (GMT) Received: from smtpav03.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 45FE32004B; Wed, 25 Mar 2026 17:13:14 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav03.fra02v.mail.ibm.com (Postfix) with ESMTP; Wed, 25 Mar 2026 17:13:14 +0000 (GMT) From: Claudio Imbrenda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, nrb@linux.ibm.com, seiden@linux.ibm.com, gra@linux.ibm.com, schlameuss@linux.ibm.com, hca@linux.ibm.com, david@kernel.org Subject: [PATCH v4 10/10] KVM: s390: Fix KVM_S390_VCPU_FAULT ioctl Date: Wed, 25 Mar 2026 18:13:11 +0100 Message-ID: <20260325171311.182210-11-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260325171311.182210-1-imbrenda@linux.ibm.com> References: <20260325171311.182210-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: n7gPk_wM1g3C1dSv6_0oIdlSsr7f7Iqg X-Authority-Analysis: v=2.4 cv=aMr9aL9m c=1 sm=1 tr=0 ts=69c417af cx=c_pps a=5BHTudwdYE3Te8bg5FgnPg==:117 a=5BHTudwdYE3Te8bg5FgnPg==:17 a=Yq5XynenixoA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=Y2IxJ9c9Rs8Kov3niI8_:22 a=VnNF1IyMAAAA:8 a=ikv_JcFPPU8SThzKSe0A:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMzI1MDEyMSBTYWx0ZWRfX92XLFJKhxc82 EQv9xTta2i2aTRFr96/Nzee94jGC3Nv1zq25Bc4fmzdfyVs9RTs/VxwgxjwZOchPAsN+RnXSRsC 8QRuYR+cmAfpjUt84zoa/OiF+LV4ppSNKX4DTrlXYdVi87Q0atm3YwjpzdrFo7Vx2+xnK0Xyqlc xE2q0ISnwGFZTeyvRBORYkODLOnn0Hipi3eKioAR35ED4wvzRrXre/mU/TynhsHOEOwxaxcSVjF Rqr8UMDQ1Y77w3eiqT3UUdNL6zZvRT+ag/HpEWGMxGfHn1PsEp1xIppx8/fzQFuj71vsVVLbHXp XQsV5huTqJRLs7/2xOmpuZaGYxRRjNP9ccy6CCt0FGMvfblW6ad+FgmlqKFb4Rel2Rn1bEweDYu IXT/P39Zqejt396r8e+u8/G5GvYFphKzOYPEAqh9jVbqas8CeVyJ9giTlxZgcn1xJo5cIcVUyJ9 B4atdJE5J0+kHmgvQsg== X-Proofpoint-GUID: n7gPk_wM1g3C1dSv6_0oIdlSsr7f7Iqg X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-03-25_05,2026-03-24_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 lowpriorityscore=0 adultscore=0 impostorscore=0 malwarescore=0 suspectscore=0 phishscore=0 priorityscore=1501 bulkscore=0 clxscore=1015 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2603250121 Content-Type: text/plain; charset="utf-8" A previous commit changed the behaviour of the KVM_S390_VCPU_FAULT ioctl. The current (wrong) implementation will trigger a guest addressing exception if the requested address lies outside of a memslot, unless the VM is UCONTROL. Restore the previous behaviour by open coding the fault-in logic. Fixes: 3762e905ec2e ("KVM: s390: use __kvm_faultin_pfn()") Signed-off-by: Claudio Imbrenda Acked-by: Christian Borntraeger Reviewed-by: Steffen Eiden --- arch/s390/kvm/kvm-s390.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c index ebcb0ef8835e..62f04931b54d 100644 --- a/arch/s390/kvm/kvm-s390.c +++ b/arch/s390/kvm/kvm-s390.c @@ -5520,9 +5520,21 @@ long kvm_arch_vcpu_ioctl(struct file *filp, } #endif case KVM_S390_VCPU_FAULT: { - idx =3D srcu_read_lock(&vcpu->kvm->srcu); - r =3D vcpu_dat_fault_handler(vcpu, arg, 0); - srcu_read_unlock(&vcpu->kvm->srcu, idx); + gpa_t gaddr =3D arg; + + scoped_guard(srcu, &vcpu->kvm->srcu) { + r =3D vcpu_ucontrol_translate(vcpu, &gaddr); + if (r) + break; + + r =3D kvm_s390_faultin_gfn_simple(vcpu, NULL, gpa_to_gfn(gaddr), false); + if (r =3D=3D PGM_ADDRESSING) + r =3D -EFAULT; + if (r <=3D 0) + break; + r =3D -EIO; + KVM_BUG_ON(r, vcpu->kvm); + } break; } case KVM_ENABLE_CAP: --=20 2.53.0