From nobody Mon Jun 8 15:36:58 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 359453C3448; Thu, 28 May 2026 11:47:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968859; cv=none; b=Nnrpx7s6izWZW4cn0t0XtnNDbihC6RQ/BJ7+kjkB+YSMFI3RreE9MDytSTx0EEGwg0A7u/LQEzgclS7hMZRsYF0qWG0GSo3P9zFnO7axfvYRo4gcRzQhfa8YNGaihRaXYfGQTBP6i9Ld7XNY4TFFlHFLeU+TbnU534QGTIbto7E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968859; c=relaxed/simple; bh=4QbUygGBfPN/90jpuHlkX2BooX7/mhiF/z6oFBHL0iY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LxNIXlE33Gzbl/ZnI8s/8eaetDBt4aYouV90SGhFG647vB4s8VVc83dpzYl1RLzqmQpCM6B2ADcsmInOEs5Ycpng0Kc2iJaPyCqtuT4sMwo5l9rCbstqHrx3ydDCNBl1ZYmUt+SKjkxYz+lOkMAKhxuJnYWVyyj9+kPl8IQkxM4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=tcnufYVQ; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="tcnufYVQ" Received: from pps.filterd (m0353725.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 64RL7G4i035843; Thu, 28 May 2026 11:47:35 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=5M3i/CJFeusXdKzJ2 7DQX+/89Mnp+A7QQ2sAWnwLmKw=; b=tcnufYVQ6KRR+NSnHagll+Z6LRH6Gtxzh zsTHF4MI75hR9CiMrJR+ee+Eg4/A5Ms1PQVb//QMzqUUM8MGOfJCCtR8AhiYM+WU VKd5vNRRwW++btIJsXHDcokRrnUz/YZKNHPEzMbv8fZpIbrhVfZ+SlUdYAokeM2S fb7quozV3Pv+vK8C6q7cLln8TjscTbqW3ibuPW+j4N7x0cNB/wJr8wNjmgxVODQ5 FymdNrv1GZGET6r7Po1KxqdFDJ6gTYt4+NHNpORyW8OJjfAZ0xL6OEqhh/WV6sWf UAot4j7f292eHrNnf9rOBLNPzqoR49E5C08dP6fouiNK3raYxNWaQ== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4ee88bammk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:35 +0000 (GMT) Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 64SBdLwD007521; Thu, 28 May 2026 11:47:34 GMT Received: from smtprelay01.fra02v.mail.ibm.com ([9.218.2.227]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 4edjrb7w3k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:34 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (smtpav07.fra02v.mail.ibm.com [10.20.54.106]) by smtprelay01.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 64SBlSow43581886 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 28 May 2026 11:47:28 GMT Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 93B6820040; Thu, 28 May 2026 11:47:28 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 596E72004B; Thu, 28 May 2026 11:47:28 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav07.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 28 May 2026 11:47:28 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v1 1/7] KVM: s390: Fix _gmap_crstep_xchg_atomic() Date: Thu, 28 May 2026 13:47:21 +0200 Message-ID: <20260528114727.142178-2-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260528114727.142178-1-imbrenda@linux.ibm.com> References: <20260528114727.142178-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNTI4MDExNyBTYWx0ZWRfX6xzL7IeammGd IKSOg8zKqUDaPJpuUzn5aEzBa/SBf8LDyP/XVDnmOdb9iiWDw5UDJPzrZTd10UdFcFOOFbMY/RY pP/vLBab769Z2YHPBo5wRWbOvj5NIPvW+U6K7UgJKY5ZWVy252SWpTQLSkV8qy4zvMVZen7Fkpk 1Bk8KtjiwdvptL0wyaYlg7/4vxS8VT5YYtjm5e9AaPwuqiaAvj7wEMRCCPIq3NVklY+rILtkNbs bIHoo+syFP0m7ZCNYldeD7nQy2lLL3xj98dpxRIcwgN4t/yPiCxko7LGZO2thUzD9oscortt/0D qD0ngSH6gDCd2bixVH8InXJfcmrkCHMWeM9XaoEca+bh55F2luEqhp0EXF/K0XBiEmWOxbM/g3Z Ql3ELscqpbnPaCE+vZSccdw3psXkw1GBVQlRhFiaBWCMhUQqinc53jG1djfl1FKpdTm926hnHi/ FSgneRW0rumr5VzaiYg== X-Proofpoint-ORIG-GUID: LhLdN16e65mR9dvtr3cI98PfwQR3C8m3 X-Authority-Analysis: v=2.4 cv=IJEyzAvG c=1 sm=1 tr=0 ts=6a182b57 cx=c_pps a=bLidbwmWQ0KltjZqbj+ezA==:117 a=bLidbwmWQ0KltjZqbj+ezA==:17 a=NGcC8JguVDcA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=V8glGbnc2Ofi9Qvn3v5h:22 a=VnNF1IyMAAAA:8 a=8n31qW9GTWRDXsIo7y8A:9 X-Proofpoint-GUID: LhLdN16e65mR9dvtr3cI98PfwQR3C8m3 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-05-28_03,2026-05-28_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 phishscore=0 clxscore=1015 spamscore=0 bulkscore=0 adultscore=0 priorityscore=1501 malwarescore=0 lowpriorityscore=0 impostorscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2605280117 Content-Type: text/plain; charset="utf-8" Return false and do not perform the operation if an unshadow event has been triggered. The previous incorrect behaviour cleared the vsie_notif bit without returning false, which allowed shadow crstes to be installed without the vsie_notif bit. Signed-off-by: Claudio Imbrenda Fixes: b827ef02f409 ("KVM: s390: Remove non-atomic dat_crstep_xchg()") Fixes: a2c17f9270cc ("KVM: s390: New gmap code") --- arch/s390/kvm/gmap.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/s390/kvm/gmap.h b/arch/s390/kvm/gmap.h index 742e42a31744..122ed8566314 100644 --- a/arch/s390/kvm/gmap.h +++ b/arch/s390/kvm/gmap.h @@ -273,11 +273,11 @@ static inline bool __must_check _gmap_crstep_xchg_ato= mic(struct gmap *gmap, unio gmap_unmap_prefix(gmap, gfn, gfn + align); } if (crste_leaf(oldcrste) && crste_needs_unshadow(oldcrste, newcrste)) { - newcrste.s.fc1.vsie_notif =3D 0; if (needs_lock) gmap_handle_vsie_unshadow_event(gmap, gfn); else _gmap_handle_vsie_unshadow_event(gmap, gfn); + return false; } if (!oldcrste.s.fc1.d && newcrste.s.fc1.d && !newcrste.s.fc1.s) SetPageDirty(phys_to_page(crste_origin_large(newcrste))); --=20 2.54.0 From nobody Mon Jun 8 15:36:58 2026 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E28E73CE4A7; Thu, 28 May 2026 11:47:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968859; cv=none; b=ujPQu8CihcmjyVad5LG+EmtY/01qn347ujUYXP7pSxNuLub/hKvyNHJcPCt+X72E2bd+mLZmt74m9GH52HQ3hQgArtBq7caNujcKz85nW1Jiga/8vFyU4SLSqF/QwKmFDdUxhNcVgdGMTe2dZWvDjSzeH3fY1fVETajPWKpc65s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968859; c=relaxed/simple; bh=q/4VAZUDR9wKIqDbkUpA49JakPieFRHX1ZGX+F9Tlk8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=q4snp9Jd8KRWqqV1HvmOdASF+nuUgZMSG8kJAGlJG7DuIsMxQaLJqFrcAHAqP6Ir8BCLscRjNUxPYQbWN9YSy+X/T5x+GfiTqIur0jkVVFxefNLlWi3a78h9eMd5i/GMJhTibhXXUstY2aAW9p4GL3cEKhPoXzM/bUZ/TBQrQ8A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=qXoN0sIh; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="qXoN0sIh" Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 64RL6Rgi2692044; Thu, 28 May 2026 11:47:36 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=Q3ON+ZZRcqGRnrLY+ eHwQpEqFpiLy7qpH+dy3PWXk0Y=; b=qXoN0sIhNbq8/A+RSPTnx6egznwnMX/Z7 QiG6QkjHOyRBjW1rpbb/QojWyQq5sSl17n/+ra70mB9/JAceebgD7f7L5LJ5KM5V IFGbGR0HugOlP2R1hpdUiWaeOspPGUymB9HwxSzkCHiUYv3hrAo4611wr96rrvgH 3NhwNCz+17kbnaazpEruCff9ny+mdJzi7AIa93IjlIzX8ETG6R8uMkN+46dsUxUV 31rI1uCA+q2CxGobX6zFt4xn7QlD057mjYCtJxZlEDh8r0tvOq0UPkMcp8o3CSKT 7u4yrmPoWljHNYV3tuYIXS1tL5I7XRCARnZQnw6nYhA+f8HEv14FQ== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4ee884asvb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:36 +0000 (GMT) Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 64SBd7CO028896; Thu, 28 May 2026 11:47:34 GMT Received: from smtprelay01.fra02v.mail.ibm.com ([9.218.2.227]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4edjrbqw8f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:34 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (smtpav07.fra02v.mail.ibm.com [10.20.54.106]) by smtprelay01.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 64SBlSl243581888 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 28 May 2026 11:47:29 GMT Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CC53A20040; Thu, 28 May 2026 11:47:28 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9AAE820043; Thu, 28 May 2026 11:47:28 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav07.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 28 May 2026 11:47:28 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v1 2/7] KVM: s390: Fix guest / virtual address confusion in _essa_clear_cbrl() Date: Thu, 28 May 2026 13:47:22 +0200 Message-ID: <20260528114727.142178-3-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260528114727.142178-1-imbrenda@linux.ibm.com> References: <20260528114727.142178-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Authority-Analysis: v=2.4 cv=fIYJG5ae c=1 sm=1 tr=0 ts=6a182b58 cx=c_pps a=5BHTudwdYE3Te8bg5FgnPg==:117 a=5BHTudwdYE3Te8bg5FgnPg==:17 a=NGcC8JguVDcA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=uAbxVGIbfxUO_5tXvNgY:22 a=VnNF1IyMAAAA:8 a=DrbGolfmOjewO6_yJogA:9 X-Proofpoint-ORIG-GUID: T4V1krLK1xMTEw2Rp2OrGNmqw-_-3hhI X-Proofpoint-GUID: T4V1krLK1xMTEw2Rp2OrGNmqw-_-3hhI X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNTI4MDExNyBTYWx0ZWRfX1GPe0STKurPL 5WrZ7FrtIYUhBMmrxHbNMfxRRw3WV4MQ5V5KmKfrpWG/xVfIkf5o+rpTRSKPRC6c4JS97/uPZ+o jDFTVMAMd+BmkTLK8hEWMKifHmZdhTq31Ii5UEkqDcDHbgKPrcohwfxB63TfcK3lTzOFPVU22a5 KME4845ARYsEkdqEDn4wtJomEb/9oYWlHXN4wJw1NNXI3BV8SzK7ti/BqY63M6KhMjMDbsFw1uk YWclSycMijaPcvkWGJTU7ctig/wnbk0DVYOPSdq+OehUawdV8uR7hrnnan33Xi4i+N47BOnX8qr z4h6f2RveSrO1c0BMguhZKty7feiUSEb/E2wtnstdj8WTzPAYJGbKMUeIowmiRXvBLI7qZRdbmT 5xOQuCXJxa/XzZ8llG3LJyM4gFDXGSmgK4cbfpZ8VYD01hMFfBJJfDGEtT/Kj+puEmurZjbbyWY UMOmCvio+TYBIoeS8tg== X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-05-28_03,2026-05-28_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 lowpriorityscore=0 suspectscore=0 impostorscore=0 priorityscore=1501 malwarescore=0 clxscore=1015 adultscore=0 spamscore=0 bulkscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2605280117 Content-Type: text/plain; charset="utf-8" Until now, gmap_helper_zap_one_page() was being called with the guest absolute address, but it expects a userspace virtual address. This meant that in the best case the requested pages were not being discarded, and in the worst case that the wrong pages were being discarded. Fix this by converting the guest absolute address to host virtual before passing it to gmap_helper_zap_one_page(). Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") Signed-off-by: Claudio Imbrenda --- arch/s390/kvm/priv.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/s390/kvm/priv.c b/arch/s390/kvm/priv.c index cc0553da14cb..447ec7ed423d 100644 --- a/arch/s390/kvm/priv.c +++ b/arch/s390/kvm/priv.c @@ -1188,6 +1188,7 @@ static void _essa_clear_cbrl(struct kvm_vcpu *vcpu, u= nsigned long *cbrl, int len union crste *crstep; union pgste pgste; union pte *ptep; + hva_t hva; int i; =20 lockdep_assert_held(&vcpu->kvm->mmu_lock); @@ -1199,8 +1200,11 @@ static void _essa_clear_cbrl(struct kvm_vcpu *vcpu, = unsigned long *cbrl, int len if (!ptep || ptep->s.pr) continue; pgste =3D pgste_get_lock(ptep); - if (pgste.usage =3D=3D PGSTE_GPS_USAGE_UNUSED || pgste.zero) - gmap_helper_zap_one_page(vcpu->kvm->mm, cbrl[i]); + if (pgste.usage =3D=3D PGSTE_GPS_USAGE_UNUSED || pgste.zero) { + hva =3D gpa_to_hva(vcpu->kvm, cbrl[i]); + if (!kvm_is_error_hva(hva)) + gmap_helper_zap_one_page(vcpu->kvm->mm, hva); + } pgste_set_unlock(ptep, pgste); } } --=20 2.54.0 From nobody Mon Jun 8 15:36:58 2026 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6BBC53CF02B; Thu, 28 May 2026 11:47:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968859; cv=none; b=WzscG3+J/bYxDqcAH1c3w9VLiil+WXaYWK7WW0nq7bdgLToPLXgVJnsZ+Ovx4UerEnAHoHbzQ7ytOXR04Ft+ZIA5T6EYhXPkmkIQZl/ukyKSf8C/FVWhkGWCSCMP0dhkXWyrjy9EE/aKbd5u44b9SNhKcTaaQsQmgviIuZBW1Nw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968859; c=relaxed/simple; bh=rxEq+p7FKrkLf08DNMOVsPgtR8katGipcUDE50aUb6g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=cDbbg5TYq+SkB+LdEsmH69XRePZSgV+WECT7iUDc/0xD86eN3SU28FR/LoMkHRiAwJC3MBjRL6XkQq/lFF8c/ZC4TdbM3YNHWs8PJRrff6khAe9DGP46NBj0Zzi0aW+360tY+AuSwZtV4QbEEugQO6gN27CsYHL1vCVo+pnnb3A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=buyem44E; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="buyem44E" Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 64RL6Wcs2692459; Thu, 28 May 2026 11:47:36 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=f/WU64V7khT8NQeX/ zbiYQ9Mor4o7IeReycbOeZvsm0=; b=buyem44EnJ/nhOAzlKmFOqPrercNCVVus AsPUFkQL+DrVDXQ7NHjO9GJ26QgngqlfSs9HLSTd1jJAou0PBSSnBa4TBgxWwwdO jMZE0OLVeVsVTLusQJFlIRt/q+80cu/NYdc1+KDCn4e8goC/6Q5MC++CQwhM1KAG impJQdDjfqlYdPSevguWISXzAiuxVQNiAUwgDLDHU6CtZSgccbtMtMb1xHm8lulv DfbHmz4cnYWBXDcsAnZG0Jt0Hj0QezRliBzJ+wIYxwa9LwYQ2fJk20pdzeYPolIO 4Z1DpV0cf4P8UydpXV8ZoHsDb7cSuk29YsbdOqajI+f6UnSi3L9mw== Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4ee884asvd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:36 +0000 (GMT) Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 64SBdGeb004692; Thu, 28 May 2026 11:47:35 GMT Received: from smtprelay03.fra02v.mail.ibm.com ([9.218.2.224]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4edjrbyv69-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:34 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (smtpav07.fra02v.mail.ibm.com [10.20.54.106]) by smtprelay03.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 64SBlT3i51118568 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 28 May 2026 11:47:29 GMT Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 10D3820040; Thu, 28 May 2026 11:47:29 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D48362004B; Thu, 28 May 2026 11:47:28 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav07.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 28 May 2026 11:47:28 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v1 3/7] KVM: s390: vsie: Fix rmap handling in _do_shadow_crste() Date: Thu, 28 May 2026 13:47:23 +0200 Message-ID: <20260528114727.142178-4-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260528114727.142178-1-imbrenda@linux.ibm.com> References: <20260528114727.142178-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Authority-Analysis: v=2.4 cv=fIYJG5ae c=1 sm=1 tr=0 ts=6a182b58 cx=c_pps a=3Bg1Hr4SwmMryq2xdFQyZA==:117 a=3Bg1Hr4SwmMryq2xdFQyZA==:17 a=NGcC8JguVDcA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=uAbxVGIbfxUO_5tXvNgY:22 a=VnNF1IyMAAAA:8 a=sChW5zZnIGAfqb-v-YwA:9 X-Proofpoint-ORIG-GUID: yTRE5Hz6yYSb9-LuRjefkmDBKWiIusyM X-Proofpoint-GUID: yTRE5Hz6yYSb9-LuRjefkmDBKWiIusyM X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNTI4MDExNyBTYWx0ZWRfXx2/qG0SVRPaN JEf/zTeHQceFIk19vIeVYyZcmeqEK2nMNxDubOU2C7ZLkhi8ACF9/Fz3dDXDbNBynv4bWROKU2i BGyolW+Jlq3brvAsRBNkHtsoW2qQyExiAcLbt2yDWxIXBv7CFJhKCEzzhdlttcd0rnXJvF5lXjq xepMh43PMNnSxxvcc3zm/ILHDB1VpcWY3/rUig2wNUvdmQrYUwgsrv2x2COFDb1ENsS05XBo4zJ wzRwxlM7L4qhxXA3FoDN4qGVeoV1z9OcybkuQQoKwI77xIsWbTrgR4SVPnSHzNSk7rLCrPKB3JQ gUdrgmO4+35qOIircsxSA7GxIhdl1Rb1LO74UvP0JDc64h8jpZzY1Yzoa8fnM7BorPkVAxbxoPD wCPehh3fR9Dw9r0xOW+lTtl3k7Pi3LjAG4XyRzvxhLbWSRrcRcYW13c9laI7IebNpMiyTkig8Hk ocWANyq4EybelhJnHDA== X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-05-28_03,2026-05-28_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 lowpriorityscore=0 suspectscore=0 impostorscore=0 priorityscore=1501 malwarescore=0 clxscore=1015 adultscore=0 spamscore=0 bulkscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2605280117 Content-Type: text/plain; charset="utf-8" Fix _do_shadow_crste() to also apply a mask on the reverse address, to prevent spurious entries from being created, like already done in gmap_protect_rmap(). Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") --- arch/s390/kvm/gaccess.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/s390/kvm/gaccess.c b/arch/s390/kvm/gaccess.c index 4f8d5592c9a9..20e28b183c1a 100644 --- a/arch/s390/kvm/gaccess.c +++ b/arch/s390/kvm/gaccess.c @@ -1466,15 +1466,17 @@ static int _do_shadow_crste(struct gmap *sg, gpa_t = raddr, union crste *host, uni struct guest_fault *f, bool p) { union crste newcrste, oldcrste; - gfn_t gfn; + unsigned long mask; + gfn_t r_gfn; int rc; =20 lockdep_assert_held(&sg->kvm->mmu_lock); lockdep_assert_held(&sg->parent->children_lock); =20 - gfn =3D f->gfn & (is_pmd(*table) ? _SEGMENT_FR_MASK : _REGION3_FR_MASK); + mask =3D is_pmd(*table) ? _SEGMENT_FR_MASK : _REGION3_FR_MASK; + r_gfn =3D gpa_to_gfn(raddr) & mask; scoped_guard(spinlock, &sg->host_to_rmap_lock) - rc =3D gmap_insert_rmap(sg, gfn, gpa_to_gfn(raddr), host->h.tt); + rc =3D gmap_insert_rmap(sg, f->gfn & mask, r_gfn, host->h.tt); if (rc) return rc; =20 @@ -1497,8 +1499,7 @@ static int _do_shadow_crste(struct gmap *sg, gpa_t ra= ddr, union crste *host, uni return -EAGAIN; =20 newcrste =3D _crste_fc1(f->pfn, oldcrste.h.tt, 0, !p); - gfn =3D gpa_to_gfn(raddr); - while (!dat_crstep_xchg_atomic(table, READ_ONCE(*table), newcrste, gfn, s= g->asce)) + while (!dat_crstep_xchg_atomic(table, READ_ONCE(*table), newcrste, r_gfn,= sg->asce)) ; return 0; } --=20 2.54.0 From nobody Mon Jun 8 15:36:58 2026 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 777C32FE591; Thu, 28 May 2026 11:47:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968858; cv=none; b=PDqLgN3PWdVjMwIesPk7WA9Oud+avUDeUsnA17Ppr5qhcaPRZZDYzW4GkhVDkJmvK4rLDuDyMbxSiXql4wL+VkUf0Tb2NmAgLo6X/G7Qimu//bCd67o1HdzC65bqsvdircFc/29dI9ZuyxMJqNEKt1rpdGzRhoi2+16AezDVE/0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968858; c=relaxed/simple; bh=TA19f/y+xYkIMPOziRqykOvXcPvgaeEOtK5SLEvFYY4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=j2LLyEwrz6bcYS8CnDgdtqM7yKQWXwaIHjH4JptrgSJIDeeXobxK7jitlmcL8PjkskCdzFw3islsUvHYXr4weyhi/G4R1V24sm6mw54cbu0osfUx4MdtswB5UT0go0C58wyTCOuQFFGVqIRxyINqFIqq2lb31PNtOKo0f+CTjSE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=CApc8Sfv; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="CApc8Sfv" Received: from pps.filterd (m0360083.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 64RL7EpG3427730; Thu, 28 May 2026 11:47:35 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=9cZdFG36hpHKqsXo9 r26skXAs7oGLrh9lGr45S/uobs=; b=CApc8SfvVymPau0J5xtttNakIyoVslVPO FgR0qRnJsCYeSsF1myp0lI3kg/UfVIhNwASz1Qg6gjhpGXxo+cy5bbC3foUR+Vui r52z7jiNDmOTFOBYxLb6NhIKiG5xl4dh53B6KxJMvNBlfuXFGUnN5IsTfgMX5bHM 0X+PmQBH+8D4f8cnWKTH+JG+PPC5M3OcNRP2uiPplldL3I97F/zKQrrLdRWW2nAQ CKmSvm/hYjgZ4SdkXvg6+a/+Tw2M2ZLaCpj3cq/oZ3z0FeSUf6FV+R/0A5Vug+rc dwNRHhw/Hn9P56MdrVzuKPdb+fqHAy8QnkJPj4ndVgcWkCIYncQNw== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4ee884jsyk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:35 +0000 (GMT) Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 64SBd7d5030830; Thu, 28 May 2026 11:47:34 GMT Received: from smtprelay03.fra02v.mail.ibm.com ([9.218.2.224]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 4edjrb7wd8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:34 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (smtpav07.fra02v.mail.ibm.com [10.20.54.106]) by smtprelay03.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 64SBlTKb51118570 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 28 May 2026 11:47:29 GMT Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4707720040; Thu, 28 May 2026 11:47:29 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 17BEA20043; Thu, 28 May 2026 11:47:29 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav07.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 28 May 2026 11:47:29 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v1 4/7] KVM: s390: Fix fault-in code Date: Thu, 28 May 2026 13:47:24 +0200 Message-ID: <20260528114727.142178-5-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260528114727.142178-1-imbrenda@linux.ibm.com> References: <20260528114727.142178-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Authority-Analysis: v=2.4 cv=L4MtheT8 c=1 sm=1 tr=0 ts=6a182b57 cx=c_pps a=AfN7/Ok6k8XGzOShvHwTGQ==:117 a=AfN7/Ok6k8XGzOShvHwTGQ==:17 a=NGcC8JguVDcA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=iQ6ETzBq9ecOQQE5vZCe:22 a=VnNF1IyMAAAA:8 a=p5SjDoQbJD9XZwj20uYA:9 X-Proofpoint-ORIG-GUID: gOjCw9x0yXmXcl4XwywLXYDuH4fVJ3sh X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNTI4MDExNyBTYWx0ZWRfX2EMJmR6LWJef f3ptVy8XoXlwEtg/uuODKt+P9wd+bGWWv5znYeuuOT7lD0wRJVcS9RWFYPEgIOTh8rcKGdI+D+7 88MaylgRpEqj/uDgInW/pBIrd2LmdkNzAA31+ljaPqI/uPpKV3xHLGpZGs9rmNUcLjyPRpLyP9h 88MgrlFVl5pPh2Hocx4Z89ugq95/+O22zf3sNyrsN+cIiCTJt5UIbtWypCQjDjPNKAmkAM/1sG4 USbXtyQRGjJdrTR5EIhEpQodabdi/uhlDU/ZoGh1z0rSuwVyrGWQTISgFN7wENSPpkmr+JNd7xc TFye2vsQqxqAmv3bmN2nieRhRyCZuya+CID4WCO5FBQDnNrJQtGPVCApAyndb83/E530HlqdWiz QWFYC9LVZEMhzS1L1aLroUSB5/TMxZloPwIm9o2TQsa9DIQUt0ShnYYSxcAyeTI+UYilipjMngr pTGiHcwlMXYDHqx0QWg== X-Proofpoint-GUID: gOjCw9x0yXmXcl4XwywLXYDuH4fVJ3sh X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-05-28_03,2026-05-28_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 lowpriorityscore=0 suspectscore=0 clxscore=1015 malwarescore=0 bulkscore=0 impostorscore=0 adultscore=0 priorityscore=1501 spamscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2605280117 Content-Type: text/plain; charset="utf-8" Fix the fault-in code so that it does not return success if a concurrent unmap event invalidated the fault-in process between the best-effort lockless check and the proper check with lock. The new behaviour is to retry, like the best-effort lockless check already did. This prevents the fault-in handler from returning success without having actually faulted in the requested page. Fixes: e907ae530133 ("KVM: s390: Add helper functions for fault handling") Signed-off-by: Claudio Imbrenda Reviewed-by: Steffen Eiden --- arch/s390/kvm/faultin.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/arch/s390/kvm/faultin.c b/arch/s390/kvm/faultin.c index ddf0ca71f374..3047dfdc8be4 100644 --- a/arch/s390/kvm/faultin.c +++ b/arch/s390/kvm/faultin.c @@ -36,7 +36,7 @@ int kvm_s390_faultin_gfn(struct kvm_vcpu *vcpu, struct kv= m *kvm, struct guest_fa struct kvm_s390_mmu_cache *mc =3D NULL; struct kvm_memory_slot *slot; unsigned long inv_seq; - int foll, rc =3D 0; + int foll, rc =3D -EAGAIN; =20 foll =3D f->write_attempt ? FOLL_WRITE : 0; foll |=3D f->attempt_pfault ? FOLL_NOWAIT : 0; @@ -53,7 +53,7 @@ int kvm_s390_faultin_gfn(struct kvm_vcpu *vcpu, struct kv= m *kvm, struct guest_fa return 0; } =20 - while (1) { + while (rc =3D=3D -EAGAIN) { f->valid =3D false; inv_seq =3D kvm->mmu_invalidate_seq; /* Pairs with the smp_wmb() in kvm_mmu_invalidate_end(). */ @@ -110,20 +110,19 @@ int kvm_s390_faultin_gfn(struct kvm_vcpu *vcpu, struc= t kvm *kvm, struct guest_fa if (!mmu_invalidate_retry_gfn(kvm, inv_seq, f->gfn)) { f->valid =3D true; rc =3D gmap_link(mc, kvm->arch.gmap, f, slot); - kvm_release_faultin_page(kvm, f->page, !!rc, f->write_attempt); - f->page =3D NULL; } + kvm_release_faultin_page(kvm, f->page, !!rc, f->write_attempt); } - kvm_release_faultin_page(kvm, f->page, true, false); =20 if (rc =3D=3D -ENOMEM) { rc =3D kvm_s390_mmu_cache_topup(mc); if (rc) return rc; - } else if (rc !=3D -EAGAIN) { - return rc; + rc =3D -EAGAIN; } } + + return rc; } =20 int kvm_s390_get_guest_page(struct kvm *kvm, struct guest_fault *f, gfn_t = gfn, bool w) --=20 2.54.0 From nobody Mon Jun 8 15:36:58 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 18D9C3E51EB; Thu, 28 May 2026 11:47:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968860; cv=none; b=VXP9AnSo4v16mdMdvnEJaPsyvHTap9gKFBw+9B/aR8nEslncrM1TRnhDCEqp+/FGfdlpKt/eJpLlBwkY7OCVGJoJyVZSk0b0rbl1KTm4eo8Uu2kNX16578r6hRVF27ChTvsjwiRnCFtF+CzGpoNfQNDQkukcmopFn5xnWNa/hUM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968860; c=relaxed/simple; bh=KcWzFIJyeOz0CyW0ycOf9Nvhktx9m8X2twnvInSZdXc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=U0GhybHX8a2lt2Y4kTxX6E8pKRq0bx977MVWF7KGv9a4KeAt67kHFrrgvmVqgTakc75alJdLYKCpe176a8ETAmz51qw4wkz3p/J3qrSeqRFjhlGKqwCfggrxbzJne6gLvdObLYTsvRmJGG2B9klBIB0oYBZb5bm1VesjxJKLID0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=RhUK8ZRu; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="RhUK8ZRu" Received: from pps.filterd (m0353725.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 64RL737E035143; Thu, 28 May 2026 11:47:36 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=nJz2rRzMdSggIxrDR Oj8YVb/QSZNZw7wjHi+DpMSPCQ=; b=RhUK8ZRunnCIrDcnKpjEuPAMoFSFrhJq+ 5H8lutfaNk1F8Ocr5DOtYTSkHEyaYcOWK7E8FfAo8v/UdmGAIB+WU35u/ZRKW97B 2pjeHtxRZ9GToqpTS9zPSQ1MNyWoUq4L4VYzfq4tsv4Q6lfU240vAssKBTXV6Wn7 fkM7jtgrMLq8Q/udGL39dmpAQ+U2kfGUsqSEnzU5c72TO9hrt74Ak06JFqf0RsW1 zwwtofEU+hLEjUuW7PH4lvqP6BKN4V52uM0WGQnbPCLWhrSB6GbSOCFyl3I80YZ4 a03HPYV2b89cNEZU6730R4Tu4rZYKLY0SxJu4QK2GUZRT9JXr6KTQ== Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4ee88bammm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:35 +0000 (GMT) Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 64SBdGec004692; Thu, 28 May 2026 11:47:35 GMT Received: from smtprelay03.fra02v.mail.ibm.com ([9.218.2.224]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4edjrbyv6b-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:35 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (smtpav07.fra02v.mail.ibm.com [10.20.54.106]) by smtprelay03.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 64SBlT4U51118572 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 28 May 2026 11:47:29 GMT Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7E71420040; Thu, 28 May 2026 11:47:29 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4E2D02004B; Thu, 28 May 2026 11:47:29 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav07.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 28 May 2026 11:47:29 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v1 5/7] KVM: s390: Avoid potentially sleeping while atomic when zapping pages Date: Thu, 28 May 2026 13:47:25 +0200 Message-ID: <20260528114727.142178-6-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260528114727.142178-1-imbrenda@linux.ibm.com> References: <20260528114727.142178-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNTI4MDExNyBTYWx0ZWRfX1mzdcBhiOgFS UEuY9FQZ2pxeO3uEXqxblV6GJGhI6l/loF0h3Cx0Gd923pSKXIWXYNEhQ9rdfDcxXctWG50Czny C9T8RnIszYe0vnFdkAe+sUtCFgHtXPP5ujH10Kmfw2HgdFZr4QFzSa3ZSgRY+GzjUL5n4IlEwjc vfs0JwmtIjZtn51NuRTw3Os8InExG3eXe0Yv/F5ZOjdeWl5y4Gw1O6zS5d8oVfD1QfFzw12kBBm nN53uqUrJoawERVyMXSoi+yNI8Zbq9ISYASkUrnk69pHpuGVST+s/ho3Iew8ahLsfPngGKf81ab h7N6gQ6b9MbePX7pfkNYkOxC1yy9ejM4k4IZYYVCtdjO1MCg+hTHopl9I9G7OLeUzw6hqG7NeJL IXY6DHZab+yYJBMJ3ReUKjINNfOBnfLR0Sae+1EsnkdAqEmJS7vdeYZDKkrsLQ8p4S0dl9W8T2h orSVgiItPolke3Av8cg== X-Proofpoint-ORIG-GUID: pgUtLha__K8grtI5k34QSGpGkMkFeo1l X-Authority-Analysis: v=2.4 cv=IJEyzAvG c=1 sm=1 tr=0 ts=6a182b57 cx=c_pps a=3Bg1Hr4SwmMryq2xdFQyZA==:117 a=3Bg1Hr4SwmMryq2xdFQyZA==:17 a=NGcC8JguVDcA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=V8glGbnc2Ofi9Qvn3v5h:22 a=VnNF1IyMAAAA:8 a=nBeMyYop4p2-dv3G0y8A:9 X-Proofpoint-GUID: pgUtLha__K8grtI5k34QSGpGkMkFeo1l X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-05-28_03,2026-05-28_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 phishscore=0 clxscore=1015 spamscore=0 bulkscore=0 adultscore=0 priorityscore=1501 malwarescore=0 lowpriorityscore=0 impostorscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2605280117 Content-Type: text/plain; charset="utf-8" Factor out try_get_locked_pte(), which behaves similarly to get_locked_pte(), but does not attempt to allocate missing tables and performs a spin_trylock() instead of blocking. The new function is also exported, since it will be used in other patches. If intermediate entries are missing, there can be no pte swap entry to free, so it's safe to ignore them. This avoids potentially sleeping while atomic. Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") --- arch/s390/include/asm/gmap_helpers.h | 1 + arch/s390/mm/gmap_helpers.c | 111 ++++++++++++++++----------- 2 files changed, 68 insertions(+), 44 deletions(-) diff --git a/arch/s390/include/asm/gmap_helpers.h b/arch/s390/include/asm/g= map_helpers.h index 2d3ae421077e..d2b616604a46 100644 --- a/arch/s390/include/asm/gmap_helpers.h +++ b/arch/s390/include/asm/gmap_helpers.h @@ -12,5 +12,6 @@ void gmap_helper_zap_one_page(struct mm_struct *mm, unsig= ned long vmaddr); void gmap_helper_discard(struct mm_struct *mm, unsigned long vmaddr, unsig= ned long end); int gmap_helper_disable_cow_sharing(void); void gmap_helper_try_set_pte_unused(struct mm_struct *mm, unsigned long vm= addr); +pte_t *try_get_locked_pte(struct mm_struct *mm, unsigned long addr, spinlo= ck_t **ptl); =20 #endif /* _ASM_S390_GMAP_HELPERS_H */ diff --git a/arch/s390/mm/gmap_helpers.c b/arch/s390/mm/gmap_helpers.c index f8789ffcc05c..7ba15f307bb0 100644 --- a/arch/s390/mm/gmap_helpers.c +++ b/arch/s390/mm/gmap_helpers.c @@ -34,6 +34,66 @@ static void ptep_zap_softleaf_entry(struct mm_struct *mm= , softleaf_t entry) swap_put_entries_direct(entry, 1); } =20 +/** + * try_get_locked_pte() - like get_locked_pte(), but atomic and with trylo= ck + * @mm: the mm + * @vmaddr: the userspace virtual address whose pte is to be found + * @ptl: will be set to the pointer to the lock used to lock the pte in ca= se + * of success. + * + * This function returns the pointer to the pte corresponding to @addr in = @mm, + * similarly to get_locked_pte(). Unlike get_locked_pte(), no attempt is m= ade + * to allocate missing page tables. If a missing or large entry is found, = the + * function will return NULL. If the ptl lock is contended, NULL is return= ed. + * + * In case of success, *@ptl will point to the locked pte lock for the ret= urned + * pte, like get_locked_pte() does. + * + * Context: mmap_lock or vma lock for read or for write needs to be held. + * Return: the pointer to the pte corresponding to @addr in @mm, if possib= le, + * otherwise NULL. + */ +pte_t *try_get_locked_pte(struct mm_struct *mm, unsigned long vmaddr, spin= lock_t **ptl) +{ + pmd_t *pmdp, pmd, pmdval; + pud_t *pudp, pud; + p4d_t *p4dp, p4d; + pgd_t *pgdp, pgd; + pte_t *ptep; + + pgdp =3D pgd_offset(mm, vmaddr); + pgd =3D pgdp_get(pgdp); + if (pgd_none(pgd) || !pgd_present(pgd)) + return NULL; + p4dp =3D p4d_offset(pgdp, vmaddr); + p4d =3D p4dp_get(p4dp); + if (p4d_none(p4d) || !p4d_present(p4d)) + return NULL; + pudp =3D pud_offset(p4dp, vmaddr); + pud =3D pudp_get(pudp); + if (pud_none(pud) || pud_leaf(pud) || !pud_present(pud)) + return NULL; + pmdp =3D pmd_offset(pudp, vmaddr); + pmd =3D pmdp_get_lockless(pmdp); + if (pmd_none(pmd) || pmd_leaf(pmd) || !pmd_present(pmd)) + return NULL; + ptep =3D pte_offset_map_rw_nolock(mm, pmdp, vmaddr, &pmdval, ptl); + if (!ptep) + return NULL; + + if (spin_trylock(*ptl)) { + if (unlikely(!pmd_same(pmdval, pmdp_get_lockless(pmdp)))) { + pte_unmap_unlock(ptep, *ptl); + return NULL; + } + return ptep; + } + + pte_unmap(ptep); + return NULL; +} +EXPORT_SYMBOL_GPL(try_get_locked_pte); + /** * gmap_helper_zap_one_page() - discard a page if it was swapped. * @mm: the mm @@ -46,7 +106,7 @@ static void ptep_zap_softleaf_entry(struct mm_struct *mm= , softleaf_t entry) void gmap_helper_zap_one_page(struct mm_struct *mm, unsigned long vmaddr) { struct vm_area_struct *vma; - spinlock_t *ptl; + spinlock_t *ptl; /* Lock for the host (userspace) page table */ pte_t *ptep; =20 mmap_assert_locked(mm); @@ -57,7 +117,7 @@ void gmap_helper_zap_one_page(struct mm_struct *mm, unsi= gned long vmaddr) return; =20 /* Get pointer to the page table entry */ - ptep =3D get_locked_pte(mm, vmaddr, &ptl); + ptep =3D try_get_locked_pte(mm, vmaddr, &ptl); if (unlikely(!ptep)) return; if (pte_swap(*ptep)) { @@ -113,37 +173,9 @@ EXPORT_SYMBOL_GPL(gmap_helper_discard); */ void gmap_helper_try_set_pte_unused(struct mm_struct *mm, unsigned long vm= addr) { - pmd_t *pmdp, pmd, pmdval; - pud_t *pudp, pud; - p4d_t *p4dp, p4d; - pgd_t *pgdp, pgd; spinlock_t *ptl; /* Lock for the host (userspace) page table */ pte_t *ptep; =20 - pgdp =3D pgd_offset(mm, vmaddr); - pgd =3D pgdp_get(pgdp); - if (pgd_none(pgd) || !pgd_present(pgd)) - return; - - p4dp =3D p4d_offset(pgdp, vmaddr); - p4d =3D p4dp_get(p4dp); - if (p4d_none(p4d) || !p4d_present(p4d)) - return; - - pudp =3D pud_offset(p4dp, vmaddr); - pud =3D pudp_get(pudp); - if (pud_none(pud) || pud_leaf(pud) || !pud_present(pud)) - return; - - pmdp =3D pmd_offset(pudp, vmaddr); - pmd =3D pmdp_get_lockless(pmdp); - if (pmd_none(pmd) || pmd_leaf(pmd) || !pmd_present(pmd)) - return; - - ptep =3D pte_offset_map_rw_nolock(mm, pmdp, vmaddr, &pmdval, &ptl); - if (!ptep) - return; - /* * Several paths exists that takes the ptl lock and then call the * mmu_notifier, which takes the mmu_lock. The unmap path, instead, @@ -156,21 +188,12 @@ void gmap_helper_try_set_pte_unused(struct mm_struct = *mm, unsigned long vmaddr) * If the lock is contended the bit is not set and the deadlock is * avoided. */ - if (spin_trylock(ptl)) { - /* - * Make sure the pte we are touching is still the correct - * one. In theory this check should not be needed, but - * better safe than sorry. - * Disabling interrupts or holding the mmap lock is enough to - * guarantee that no concurrent updates to the page tables - * are possible. - */ - if (likely(pmd_same(pmdval, pmdp_get_lockless(pmdp)))) - __atomic64_or(_PAGE_UNUSED, (long *)ptep); - spin_unlock(ptl); - } + ptep =3D try_get_locked_pte(mm, vmaddr, &ptl); + if (!ptep) + return; =20 - pte_unmap(ptep); + __atomic64_or(_PAGE_UNUSED, (long *)ptep); + pte_unmap_unlock(ptep, ptl); } EXPORT_SYMBOL_GPL(gmap_helper_try_set_pte_unused); =20 --=20 2.54.0 From nobody Mon Jun 8 15:36:58 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D817A3E0C66; Thu, 28 May 2026 11:47:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968860; cv=none; b=exAvzCENvUzhyOyl0nuU3fkRnyk4GBpABkQSAx+lfMOORqKh9ZboeijIeBPLAJ5fsJYcrbPbYbC3mPy1/lXo5yRUDCy2AMIA4H7lOiodkVeqFrBiR8xaVhjrcgfSNGxJ2R0GCgwP7Zq2iUWonJJ4aOy65oXuBjuXo6O6UGs/61U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968860; c=relaxed/simple; bh=eNqVmeTfeJYH+iXdavogpx7EVs4tNZWFz1weDRzggoo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=MvEzpNGjjKiyfatwYNrRAADTi39mgg64wH7KjecYC/vtIo3gw+90+U3gCekGLkIwwj83zfCw80uau0RmnRuts8QJ5G0pBeaDPSUlIVflkG1+P3jEpOL49cuqpbFhcN0y6jbbiZz+p9k2hv+YDaZvkdaf/lWlUo7timW1n8aS15U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=JEVay4Ve; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="JEVay4Ve" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 64RL6fxH3139218; Thu, 28 May 2026 11:47:36 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=H3PLpwos1CiiWA3Bq XNRKIVsfLPTfE0kt7pA6Nfl+lI=; b=JEVay4VeP78gqFnuBCnJ2Y2LKE6MrEvxd kOa1f+ZPYEoCnPq/1p412RiUjWgVUuyawh4GjZw4Mmf/t/A6/XqrgFHOTOHTW0jM cOHI6Yaue7/vuh9GJ4IBZ/cX9xZWC7opJoDz5gpid/HLimPs+btjcyIQqb/JtLkc EH7XyqkdhIyXJGHbwTI+9D8QIwzbz1obHq0uqoxjooC+y+iXvYS3tEgVnctFNZj+ AvQxnD9e03TTCkW26UiKR/uT40rlgYZ0gesTLAGhINhuOMSSThx7IbxWNaQs3Ca0 Jh9WukHU4RgjOlTyUkxtjKCf6VuEebn7RT4jI280O+U9Y9aBl9atw== Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4ee887jmun-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:35 +0000 (GMT) Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 64SBd6US030811; Thu, 28 May 2026 11:47:35 GMT Received: from smtprelay03.fra02v.mail.ibm.com ([9.218.2.224]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 4edjrb7wda-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:35 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (smtpav07.fra02v.mail.ibm.com [10.20.54.106]) by smtprelay03.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 64SBlTJk51118574 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 28 May 2026 11:47:29 GMT Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B562720040; Thu, 28 May 2026 11:47:29 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 874DF20043; Thu, 28 May 2026 11:47:29 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav07.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 28 May 2026 11:47:29 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v1 6/7] KVM: s390: Lock pte when making page secure Date: Thu, 28 May 2026 13:47:26 +0200 Message-ID: <20260528114727.142178-7-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260528114727.142178-1-imbrenda@linux.ibm.com> References: <20260528114727.142178-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Authority-Analysis: v=2.4 cv=QLJYgALL c=1 sm=1 tr=0 ts=6a182b58 cx=c_pps a=AfN7/Ok6k8XGzOShvHwTGQ==:117 a=AfN7/Ok6k8XGzOShvHwTGQ==:17 a=NGcC8JguVDcA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=RzCfie-kr_QcCd8fBx8p:22 a=VnNF1IyMAAAA:8 a=KoT7INjNzoFCoOw_JEkA:9 X-Proofpoint-GUID: wb1R5Y70SUP4CEmfUgKeCL6DC2Kw1qLU X-Proofpoint-ORIG-GUID: wb1R5Y70SUP4CEmfUgKeCL6DC2Kw1qLU X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNTI4MDExNyBTYWx0ZWRfXzIq0dSNdvEXM zvtM16SANt/c8QVTg7/fD2yefKmFcP+74KCSER5FBdAD1kmnrAA7uD6ziEtI5mc3/SIR0qh9Ywk hYQQ24lmb8gFuyMT6BxGDzYMCH127BoNYCFRZ2jT29dZ+hKP0bptdHpxn1Z6+obmWeJHXUJ+tVp m/IvKLDKC65xIy25sRZgQm3+fkXuvE1MKeRNbivhkHrV02VCJIz8gvYO3DGEC0iPbKXnX5H1Ic9 MxDfcSrNoYRp8rgpISeCrr/cqPBkeATRdfKu1uRCC5pl2RAhIJCOhLcwvrojDMSN0AeMV5+VynC vet08FWnlntp8cz6a8is/ST7RpYchwYlx0OS8kgg5bEOUIbZXCDtff0vXwv/y4KZwuXSnZAslND domTqDBy35/aQ/LLM5hufvxgdJdN+YIaFlvpMIOBUxA2Ho4NE/hHkILTsbfQfl8kTh/XBTFSr0Y /3OnuRhyTSuRbhJLCcw== X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-05-28_03,2026-05-28_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 impostorscore=0 malwarescore=0 adultscore=0 lowpriorityscore=0 phishscore=0 clxscore=1015 priorityscore=1501 bulkscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2605280117 Content-Type: text/plain; charset="utf-8" Make sure _kvm_s390_pv_make_secure() takes the pte lock for the given address when attempting to make the page secure. One of the steps in making the page secure is freezing the folio using folio_ref_freeze(), which temporarily sets the reference count to 0. Any attempt to get such a folio while frozen will fail and cause a warning to be printed. Other users of folio_ref_freeze() make sure that the page is not mapped while it's being frozen, thus preventing gup functions from being able to access it. For _kvm_s390_pv_make_secure(), this is not possible, because the page needs to be mapped in order for the import to succeed. By taking the pte lock, gup functions will be blocked until the import operation is done, thus avoiding the race. Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") --- arch/s390/kvm/pv.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/arch/s390/kvm/pv.c b/arch/s390/kvm/pv.c index c2dafd812a3b..3a7410f6b609 100644 --- a/arch/s390/kvm/pv.c +++ b/arch/s390/kvm/pv.c @@ -17,6 +17,7 @@ #include #include #include +#include #include "kvm-s390.h" #include "dat.h" #include "gaccess.h" @@ -73,6 +74,7 @@ static bool should_export_before_import(struct uv_cb_head= er *uvcb, struct mm_str struct pv_make_secure { void *uvcb; struct folio *folio; + struct kvm *kvm; int rc; bool needs_export; }; @@ -103,17 +105,24 @@ static void _kvm_s390_pv_make_secure(struct guest_fau= lt *f) { struct pv_make_secure *priv =3D f->priv; struct folio *folio; + spinlock_t *ptl; /* pte lock from try_get_locked_pte() */ + pte_t *ptep; =20 folio =3D pfn_folio(f->pfn); priv->rc =3D -EAGAIN; - if (folio_trylock(folio)) { + if (!folio_trylock(folio)) + return; + + ptep =3D try_get_locked_pte(priv->kvm->mm, gfn_to_hva(priv->kvm, f->gfn),= &ptl); + if (ptep) { priv->rc =3D __kvm_s390_pv_make_secure(f, folio); if (priv->rc =3D=3D -E2BIG || priv->rc =3D=3D -EBUSY) { priv->folio =3D folio; folio_get(folio); } - folio_unlock(folio); + pte_unmap_unlock(ptep, ptl); } + folio_unlock(folio); } =20 /** @@ -127,7 +136,7 @@ static void _kvm_s390_pv_make_secure(struct guest_fault= *f) */ int kvm_s390_pv_make_secure(struct kvm *kvm, unsigned long gaddr, void *uv= cb) { - struct pv_make_secure priv =3D { .uvcb =3D uvcb }; + struct pv_make_secure priv =3D { .uvcb =3D uvcb, .kvm =3D kvm, }; struct guest_fault f =3D { .write_attempt =3D true, .gfn =3D gpa_to_gfn(gaddr), --=20 2.54.0 From nobody Mon Jun 8 15:36:58 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 18CFF3E3DAE; Thu, 28 May 2026 11:47:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968860; cv=none; b=T8smKVaz+XB0S8BIHZtkWV+ZVZBMAnaq6QoHy/uBAh6ojRVX27pq+ChKks1l9WCV2yrkRa9crJy7KhWdW66uDNQtIdLtkVim9Wic2A4DrP5vrxoSuTBI0Ufc2Doepoj12e7PzqeA8kxUpXEsHpoOFWrbVrytG18qq1S9B9V0sSs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779968860; c=relaxed/simple; bh=jQkL+k7zNOrxcSH8aNi+5vzg6LO442uG++zx38Ieiao=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=oAqNWKTeTBDf4jqqFhvRh6ezdaTP3moaCbAyv/CfasEY5CyoB/J5gJ/dcnQVPCmEo/DwVgdptZP3DlAE69aEthiiG4ujyyL8WEHsVoO7zIKXaKTCCPRHsJACiosr5t/nQpt0mwgQn151Ftb0x+KgNpEPjkhNepwj5gyURePBixs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=Pg/XInmb; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="Pg/XInmb" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 64RL71P33139627; Thu, 28 May 2026 11:47:36 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=GBRUOdcCvq/qh6rrt GAm+QqjsOLS3ZOavNHovPdiMAU=; b=Pg/XInmbx2x1T207z19d8DLhxcKNXnUle sp7QwopmFuvpgnRG3+QVvMhfAfOxvfsq7KimiL8nv83Y0BWqsn0gEgotY7w/1r10 A5UiOr2gfZDakK0kJsYa+AcRvoJP52ylsJxNlq/CzziqAMATI//nvOXopk140H47 ehcr0yJAh96ybLc5WSx3w4G+ILwXsYYuCCzkAl2TbQtTohDCbPFeXGlQDJtHy3Ub 4q3AvE8peyr2KSXDdjx6zWP/Dum50PRtbQtFy8VUw9Qu+2XwPMZGvB45EXJsBwYK n40klPI7i6YJeeQaBiE8GixoNmRX6ZxwA++vOsO7yjbuqfj2kb3Jg== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4ee887jmuq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:36 +0000 (GMT) Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 64SBOUrl025747; Thu, 28 May 2026 11:47:35 GMT Received: from smtprelay04.fra02v.mail.ibm.com ([9.218.2.228]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4edjrb7wcj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 May 2026 11:47:35 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (smtpav07.fra02v.mail.ibm.com [10.20.54.106]) by smtprelay04.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 64SBlUUN10813882 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 28 May 2026 11:47:30 GMT Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EA59A20040; Thu, 28 May 2026 11:47:29 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BC2E62004B; Thu, 28 May 2026 11:47:29 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav07.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 28 May 2026 11:47:29 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v1 7/7] KVM: s390: Prevent memslots outside the ASCE range Date: Thu, 28 May 2026 13:47:27 +0200 Message-ID: <20260528114727.142178-8-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260528114727.142178-1-imbrenda@linux.ibm.com> References: <20260528114727.142178-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Authority-Analysis: v=2.4 cv=QLJYgALL c=1 sm=1 tr=0 ts=6a182b58 cx=c_pps a=GFwsV6G8L6GxiO2Y/PsHdQ==:117 a=GFwsV6G8L6GxiO2Y/PsHdQ==:17 a=NGcC8JguVDcA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=RzCfie-kr_QcCd8fBx8p:22 a=VnNF1IyMAAAA:8 a=luRVYIaq7LDw4LXNCHgA:9 X-Proofpoint-GUID: q3_HyjhyF85ocYk2gIX7fwULMAmJERZR X-Proofpoint-ORIG-GUID: q3_HyjhyF85ocYk2gIX7fwULMAmJERZR X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNTI4MDExNyBTYWx0ZWRfXynznqF7zW8m5 PHCiX1QU2GYHhEvuFR6eR5gJYym9l696ZZIjiBf3p4lyAXBIbMwK3jFLRKtBLHHa+VYHTgsD222 QkO8y6P96qMXtkxq137fU756TaWtIv2suEw7vag31F5Y16KrhgXsNshDuSHfrVlZjQswIs7LR7h 2Zkhy+BU3NIXIclELpIhCoeaHH6p14hP1uG5/xBII8WanU3pPalbQEUpUQVv1hKYzqoQXogGZ3y NhUwksJCl0xtDtwuq8WVhvQ+S0YRQhk1NLn0dYzGZa0vu56JXjxRlMEFU7/jz+6skR074QyUzPx gWFBtP/mcbkae1tejy5dp8iIyDyyfMaUFSzTMWxGDVO7PLRURa6+nGJE7whGJWDYdyXa9d1Qb4V rTunCLW+nd1mHHJL3cv/QvFNG3lbW5pwCOZyWYxroBMK/GQEj+ZpQ8BzhTFXbNxNMW9xXhDmOvd 6jyOce4FhizCyfxZzPQ== X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-05-28_03,2026-05-28_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 impostorscore=0 malwarescore=0 adultscore=0 lowpriorityscore=0 phishscore=0 clxscore=1015 priorityscore=1501 bulkscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2605280117 Content-Type: text/plain; charset="utf-8" With KVM_S390_VM_MEM_LIMIT_SIZE, userspace can set the highest address allowed for the VM. Creating a memslot that lies over the maximum address does not make sense and is only a potential source of bugs. Prevent creation of memslots over the maximum address, and prevent the maximum address from being reduced below the end of existing memslots. Signed-off-by: Claudio Imbrenda --- arch/s390/kvm/kvm-s390.c | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c index e09960c2e6ed..875f6e2a4a52 100644 --- a/arch/s390/kvm/kvm-s390.c +++ b/arch/s390/kvm/kvm-s390.c @@ -1015,8 +1015,26 @@ static int kvm_s390_set_mem_control(struct kvm *kvm,= struct kvm_device_attr *att return -EINVAL; =20 ret =3D -EBUSY; - if (!kvm->created_vcpus) - ret =3D gmap_set_limit(kvm->arch.gmap, gpa_to_gfn(new_limit)); + if (!kvm->created_vcpus) { + struct kvm_memslots *slots; + struct kvm_memory_slot *ms; + int bkt; + + ret =3D 0; + mutex_lock(&kvm->slots_arch_lock); + slots =3D kvm_memslots(kvm); + if (slots && !kvm_memslots_empty(slots)) { + kvm_for_each_memslot(ms, bkt, slots) { + if (gpa_to_gfn(new_limit) < ms->base_gfn + ms->npages) { + ret =3D -EBUSY; + break; + } + } + } + if (!ret) + ret =3D gmap_set_limit(kvm->arch.gmap, gpa_to_gfn(new_limit)); + mutex_unlock(&kvm->slots_arch_lock); + } VM_EVENT(kvm, 3, "SET: max guest address: %lu", new_limit); VM_EVENT(kvm, 3, "New guest asce: 0x%p", (void *)kvm->arch.gmap->asce.val); @@ -5672,6 +5690,8 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, return -EINVAL; if ((new->base_gfn + new->npages) * PAGE_SIZE > kvm->arch.mem_limit) return -EINVAL; + if (!asce_contains_gfn(kvm->arch.gmap->asce, new->base_gfn + new->npages= - 1)) + return -EINVAL; } =20 if (!kvm->arch.migration_mode) --=20 2.54.0