From nobody Mon Jun 8 05:25:49 2026 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1530B3DB632; Mon, 1 Jun 2026 15:30:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327814; cv=none; b=LfQcLjjQ+fEhIZFKQtytaKF0KaAWGRBgg/a+bzPIbLAWiSNUVDYtl8hqZQ8bMH65OKmTpsKa+0eWeuNI/XAsaWuzy46CBOFc8g3H77TO1QwIg4kLBFdJmzxTFz/mStDyNNwjasvJ8/iihEWt9RKqsyn+ZlsJH1T5hGYNSOf7dKc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327814; c=relaxed/simple; bh=XiJXh/3Iiy/mpxpcoqsz7KBxeWf7PqfU1rlpDGcPggM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ciUEhdwASDzbV6eVb9BCLjIDusq/n8ZngOMh8CeZss7ThgrPh6SbM75ppaDjGM9qT0FDZ4c6fXOu8tnhXoC67bif59xi90krvU267EkZA79tLs1h8Bj+MwvIy072cS937i78Y8G1cXFXxkTmKcYzT7MnJkCcqOvtzD5924PRVZQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=UTn+r7Io; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="UTn+r7Io" Received: from pps.filterd (m0360083.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 6513RppY2915495; Mon, 1 Jun 2026 15:29:59 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=8YKzseVnpG5RIeHhW V3ErjTjlQyqbpe49wYU+4K4ONs=; b=UTn+r7IoUP7j7P3x6IkLNWGwpFA9H07dR Caq51zl1LadrLLobfeEbGSUtsUIybjSoNIn9nVGo3Es2qIsVBGMuWqUrM8CKczuc ERDGNGib3oEcJ+E8m1+HlDd8kGLUKxeOBADfkyhditcRzvpzVIb5hNELkW5h9yMt PccMPrR401ziXmKrdKf8D97ueeV3TFA6zjuQuLpxXfAaWydKgcSCOLTFVVnsPjUx 5JNsPruAWvsEIXfc/zpz5BSWr75z4V3cK/OLg9Y5ZzCp0jPNzQQCGEUUyF4puHt8 Sdx4FYv2h1ymIjwk/vhBsj8ZPzqF2M15BCmlBHf6gVN4/HcY+u4Vg== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4efqd41hfx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 651FOAVS031066; Mon, 1 Jun 2026 15:29:58 GMT Received: from smtprelay06.fra02v.mail.ibm.com ([9.218.2.230]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4egakvpvww-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:58 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (smtpav04.fra02v.mail.ibm.com [10.20.54.103]) by smtprelay06.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 651FTqTm30015756 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Jun 2026 15:29:52 GMT Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3B88120043; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 117EE2004B; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav04.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v2 1/8] KVM: s390: Fix _gmap_unmap_crste() Date: Mon, 1 Jun 2026 17:29:44 +0200 Message-ID: <20260601152951.196859-2-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260601152951.196859-1-imbrenda@linux.ibm.com> References: <20260601152951.196859-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNjAxMDE1MSBTYWx0ZWRfX3uA1x09ID2YI NTpYuGg8LWW022HSL/43Swcc+BEwfXy65AgBP1UGhAbT7RQoNJwo2IkmLL9E8hBtvT0dWlJcS6E crk5JM7IqrBj4+CwT2X3q+ulmlbNHNPzR99UchoJyKC/59ig+91IlSqfe4g/RONuvPtaxTlr0YJ CUbrHv08WsruOCxkAGCh99VohHOiSJWck++wAa2a++cvL/t7jV5cmpj7rKNo12A7t3Ki9FJywjJ frzlDM0lhRhEQCPyS7O5Glu4Oo8aGPtCO2bIK5G/VdJ6MGSKl9XxYIbkLb4Zbe+ZWcM5YktRiNe mziGkPBWXUZyWA+49BiwGyTLkBTSHSIYE+oTWLnAsY896wPhsqMCp+LmjQ5jxKZkzBXsyOkijjr FZu5drTjWkY9lJy7xhQD3ti9b9tCNTLng/h+w3KTEzU/hxJH3u91P04StYGHDOjfI/bGa6EjiuY kwBuPSSJMuMdN+Y88QQ== X-Proofpoint-GUID: fw3nFwjjX2512l7ve9uLgm2AEB2YE5bG X-Proofpoint-ORIG-GUID: fw3nFwjjX2512l7ve9uLgm2AEB2YE5bG X-Authority-Analysis: v=2.4 cv=DZknbPtW c=1 sm=1 tr=0 ts=6a1da577 cx=c_pps a=5BHTudwdYE3Te8bg5FgnPg==:117 a=5BHTudwdYE3Te8bg5FgnPg==:17 a=FelO9ux0wxsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=iQ6ETzBq9ecOQQE5vZCe:22 a=VnNF1IyMAAAA:8 a=KFDtdd5XBMBq3xqWTvkA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-06-01_04,2026-05-28_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 clxscore=1015 suspectscore=0 impostorscore=0 lowpriorityscore=0 phishscore=0 malwarescore=0 priorityscore=1501 bulkscore=0 adultscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2606010151 Content-Type: text/plain; charset="utf-8" In _gmap_unmap_crste(), the crste to be unmapped is zapped calling gmap_crstep_xchg_atomic() exactly once, and expecting it to succeed. This is a reasonable sanity check, since kvm->mmu_lock is being held in write mode, and thus no races should be possible. An upcoming patch will change the behaviour of gmap_crstep_xchg_atomic() to return false and clear the vsie_notif bit if the operation triggers an unshadow operation. With the new behaviour, an unmap operation that triggers an unshadow would cause the VM to be killed. Prepare for the change by checking if the vsie_notif bit was set in the old crste if gmap_crstep_xchg_atomic() fails the first time, and try a second time. The second time no failures are allowed. Signed-off-by: Claudio Imbrenda Fixes: b827ef02f409 ("KVM: s390: Remove non-atomic dat_crstep_xchg()") Fixes: a2c17f9270cc ("KVM: s390: New gmap code") --- arch/s390/kvm/gmap.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/arch/s390/kvm/gmap.c b/arch/s390/kvm/gmap.c index 957126ab991c..52d55ddea8d4 100644 --- a/arch/s390/kvm/gmap.c +++ b/arch/s390/kvm/gmap.c @@ -395,15 +395,28 @@ static long _gmap_unmap_crste(union crste *crstep, gf= n_t gfn, gfn_t next, struct struct gmap_unmap_priv *priv =3D walk->priv; struct folio *folio =3D NULL; union crste old =3D *crstep; + bool ok; =20 if (!old.h.fc) return 0; =20 if (old.s.fc1.pr && test_bit(GMAP_FLAG_EXPORT_ON_UNMAP, &priv->gmap->flag= s)) folio =3D phys_to_folio(crste_origin_large(old)); - /* No races should happen because kvm->mmu_lock is held in write mode */ - KVM_BUG_ON(!gmap_crstep_xchg_atomic(priv->gmap, crstep, old, _CRSTE_EMPTY= (old.h.tt), gfn), - priv->gmap->kvm); + /* + * No races should happen because kvm->mmu_lock is held in write mode, + * but the unmap operation could have triggered an unshadow, which + * causes gmap_crstep_xchg_atomic() to return false and clear the + * vsie_notif bit. Allow the operation to fail once, if the old crste + * had the vsie_notif bit set. A second failure is not allowed, for + * the reasons above. + */ + ok =3D gmap_crstep_xchg_atomic(priv->gmap, crstep, old, _CRSTE_EMPTY(old.= h.tt), gfn); + if (!ok) { + KVM_BUG_ON(!old.s.fc1.vsie_notif, priv->gmap->kvm); + old.s.fc1.vsie_notif =3D 0; + ok =3D gmap_crstep_xchg_atomic(priv->gmap, crstep, old, _CRSTE_EMPTY(old= .h.tt), gfn); + KVM_BUG_ON(!ok, priv->gmap->kvm); + } if (folio) uv_convert_from_secure_folio(folio); =20 --=20 2.54.0 From nobody Mon Jun 8 05:25:49 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B2123DA7ED; Mon, 1 Jun 2026 15:30:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327815; cv=none; b=sEqiBr7uBmh3oRCfawO8U/mGxp/2ToNhOwfyV3Lrh5IoLqo0vrIi07/2DgHD3UVUM2oAlYP/o1pIl24KCymEr+tgGaIxE2DVbOY/41I44pnY8B3Sf+aln4Epmv42M7BgS6f/io7+ZkmiMrKJGi97X0wYfrzEtHqEkYAHl4U3Usk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327815; c=relaxed/simple; bh=PFeMKJR8nR7wr+MoY/+dZNvE3wZJ8jFHROaaMChHhQo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=owlBg58wuaAj1puk7/BaFUtgDGv9aKxMbShMREUIdyJEiD5ngu68cgVchurhBNQIcOFQ+z6Jsgp/WDMY0IEv61tPiUIOFQrwOiWAdNqgyFs+tiLmWpACUCRRy21q2+n1cmfRIEMKlKcmXpyA1hbO9niZe9Vidfe13zlxb/4SDGA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=o+Me9nhI; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="o+Me9nhI" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 651F7VeL1065217; Mon, 1 Jun 2026 15:29:59 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=lmk3DeMg100OdUmml UuLjTKMHcFnlbhpGWHXgUhCo4U=; b=o+Me9nhI6VNtnoOVc5SvWHRLLOKrY5cKS lNBfP9Ged6CozfkZtgg29IpN3CgL3vEd6b/yD4ckI4TJRQRc8P7bwhMoBDPCqSaK 3ukU+ASTolsDPbh+11KU0sX18k20gWnZYj/KafnoLYHXQMpxzNCky0L0CohM+fti 8Y5vstppeZckooGuXdlQC1et+zX4jTtE6ZGpzNUTWq0gvVsdkpTzRtzv0bfOXUcQ 50lBdovWvYQIO2HhlSnu7z05/k0gd0cVYrKKLcSdJPDkCTjkGa3iSAVBD3HkhmvZ LjRwYAO15dp9daYJiOIoy46s5vDcY5S6jrJ8AuY3TkYyBTIl09d6Q== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4efqht12ye-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:58 +0000 (GMT) Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 651FO9bY022901; Mon, 1 Jun 2026 15:29:58 GMT Received: from smtprelay06.fra02v.mail.ibm.com ([9.218.2.230]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4egb7jxs6v-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:58 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (smtpav04.fra02v.mail.ibm.com [10.20.54.103]) by smtprelay06.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 651FTqje30015758 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Jun 2026 15:29:52 GMT Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6AD9A2004B; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 418B72004D; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav04.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v2 2/8] KVM: s390: Fix _gmap_crstep_xchg_atomic() Date: Mon, 1 Jun 2026 17:29:45 +0200 Message-ID: <20260601152951.196859-3-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260601152951.196859-1-imbrenda@linux.ibm.com> References: <20260601152951.196859-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: bWKJrV7Wf4pl2BhTxhAoVR_ouD9DTprF X-Authority-Analysis: v=2.4 cv=fv/sol4f c=1 sm=1 tr=0 ts=6a1da576 cx=c_pps a=GFwsV6G8L6GxiO2Y/PsHdQ==:117 a=GFwsV6G8L6GxiO2Y/PsHdQ==:17 a=FelO9ux0wxsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=RzCfie-kr_QcCd8fBx8p:22 a=VnNF1IyMAAAA:8 a=SMUcQ3FjFaoWpPRfvsEA:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNjAxMDE1MSBTYWx0ZWRfX+lHE2yo+67+r J1uLBCokbqs7FeCU4cSbbqvwqJNXG9SkDSWkz95nV+7M3lEZWjW/cTRR9HC6xotEVPdW4zgRrCM GMoZ0NKn2qF4b+juZiOiKmBV8vw+LPu7hPC1vBmTrQRvJBoee6TqBxim++GkXPVYmMxQvs3g0s1 hM4oFNx0KYVkt86SaGLuSSX0bVHxEP5KrK2mWtJDiM7X3fxRxoKH7Lhq7C6PFtui4Ls3vx7TfiD NLOV9Bhd4n0TF4bcEVsOEDE5kerHsKlTCOV8BxrWB/nyINb9WOKyeHpfvlI/fEm69EAmI4TGn5A bbV0LbuX5DZDIsklh3o8gJzSFKM/+QBfXHiZ9oOmZZV9sjE9z5POZE6X8ZT5FgItSYULcvVbBpT i54pUncJoole1K6VpV37ATfVHZdfjV3WQe8zMu8KOMGFVaRAQo4ulMWdqPKnLh8tzGdQPAR1Zws rTyWTlPTNxFZH+ABLvQ== X-Proofpoint-ORIG-GUID: bWKJrV7Wf4pl2BhTxhAoVR_ouD9DTprF X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-06-01_04,2026-05-28_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 priorityscore=1501 spamscore=0 phishscore=0 clxscore=1015 impostorscore=0 suspectscore=0 bulkscore=0 lowpriorityscore=0 malwarescore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2606010151 Content-Type: text/plain; charset="utf-8" The previous incorrect behaviour cleared the vsie_notif bit without returning false, which allowed shadow crstes to be installed without the vsie_notif bit. Return false and do not perform the operation if an unshadow event has been triggered, but still attempt to clear the vsie_notif bit from the existing crste. This will prevent the installation of shadow crstes without vsie_notif bit and will also prevent the caller from looping forever if it was not checking for the sg->invalidated flag. Signed-off-by: Claudio Imbrenda Fixes: b827ef02f409 ("KVM: s390: Remove non-atomic dat_crstep_xchg()") Fixes: a2c17f9270cc ("KVM: s390: New gmap code") --- arch/s390/kvm/gmap.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/s390/kvm/gmap.h b/arch/s390/kvm/gmap.h index 742e42a31744..5374f21aaf8d 100644 --- a/arch/s390/kvm/gmap.h +++ b/arch/s390/kvm/gmap.h @@ -273,11 +273,14 @@ static inline bool __must_check _gmap_crstep_xchg_ato= mic(struct gmap *gmap, unio gmap_unmap_prefix(gmap, gfn, gfn + align); } if (crste_leaf(oldcrste) && crste_needs_unshadow(oldcrste, newcrste)) { + newcrste =3D oldcrste; newcrste.s.fc1.vsie_notif =3D 0; if (needs_lock) gmap_handle_vsie_unshadow_event(gmap, gfn); else _gmap_handle_vsie_unshadow_event(gmap, gfn); + dat_crstep_xchg_atomic(crstep, oldcrste, newcrste, gfn, gmap->asce); + return false; } if (!oldcrste.s.fc1.d && newcrste.s.fc1.d && !newcrste.s.fc1.s) SetPageDirty(phys_to_page(crste_origin_large(newcrste))); --=20 2.54.0 From nobody Mon Jun 8 05:25:49 2026 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EDC083D7A07; Mon, 1 Jun 2026 15:30:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327816; cv=none; b=k1aR+2aqTZgQU5fvlHp2zdLIad5x0teoB+98Zae1lCegBBTnS+zrPJOC9Q4TTqLAE7Y8wMcAiX2+Bv/yy4ep8Hhf+wG1S0YqIdj46+gDFLUE3oFWElKgeNIitFTPgRrTXFmMMIXVjKSy9hYmGh9nkEIBq1ZebB87dSSn5XRwP1o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327816; c=relaxed/simple; bh=MhMyYUX/dAPiS9ylnes7JBSojO9LvZkIyLpEvxV4vi8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=KNlYqACbNLorkp48Z68gDm70hz3ZeePQGTBNwWdLPvikZF55W+jtnP2XzRp7KbgANaHlrFkIhdB9kRmtwu8v5DTS2fod8yXk31ZwrEs0Q3ufogpc6wdGjXt2Cc+70wbHVGuhsECkocvmPA7O23YCe6gNrqejlXczjESDI/VwOfQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=pIRi5w+M; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="pIRi5w+M" Received: from pps.filterd (m0356517.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 6518XBZP3018752; Mon, 1 Jun 2026 15:30:00 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=TKV6SSaQ4WCADJcuV 4DZvER+9KJ0fj1zCgEl0eKkIqM=; b=pIRi5w+MWxvclJnpvR1ytYt+iZqGJjrJ4 5s0/SxZ4F3HHEol6CMbbyyebuSqyZ/IwuLlwVIgJ1InsTC5tY9P2V3h8DJWzLm5w tfsNBqisR0T8qbsgEykKbC1EWNnhLQZq6DP94+R/J0jB7mEtuejqxtyBXdDIarLo qb0p5EOYkj6g0BFxHV+WketGLOzjkerb7VAV7CdO7mHnbu+3rqKryszgASTlGs7h cxd8+HTnPxPb68XhdP6zh0DTzdXGRbQGqbxQwqSCwjburxLmoYlNQrmvIDhSKR4i 63rP4queNx+ALev+uF5OKq8uQTOp72XjEwGJNBmtI99YWFzKGMESQ== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4efqm4sfj9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 651FO6IP031045; Mon, 1 Jun 2026 15:29:58 GMT Received: from smtprelay06.fra02v.mail.ibm.com ([9.218.2.230]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4egakvpvwy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:58 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (smtpav04.fra02v.mail.ibm.com [10.20.54.103]) by smtprelay06.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 651FTqcO30015760 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Jun 2026 15:29:52 GMT Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9A43C2004B; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 710DC20043; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav04.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v2 3/8] KVM: s390: Avoid potentially sleeping while atomic when zapping pages Date: Mon, 1 Jun 2026 17:29:46 +0200 Message-ID: <20260601152951.196859-4-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260601152951.196859-1-imbrenda@linux.ibm.com> References: <20260601152951.196859-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 7yZipRBVld2W-o34keTPhYGhkkXYNhuq X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNjAxMDE1MSBTYWx0ZWRfX2yOucRj/dl3F 3eaYMmDVZYOnlTa0glzm44hsUUiSSCJfOx7Gw0uQ8VZEBLzNBo4T1O79r6SUyfm/K4q0krgf0xA T2FT25XcDtX9tFmaxlVdY5z4gB3r1Nh/xiCfjHJ7QiEAuua21uWs43ZLAV1XR/uBzKa4SP4+WtO SM+XKDqyzpSyEJ+9rbeMQTRLLK7yvhDfOC6M1QYmQRYc+4XTE8SxSpPF+GiUP6I7Vhxj+T8oHHP 2qhdLHiwlPgyg0/per09mHCIogCFNZI5yGfR4QAUDzxxu8eQWSaX7pLYkCnDuVaVa4Xa55Ki4+j DqQ46KCpWyt5ekLgJeMIlL+nJBcTnNAEOE7QW8+8YvJrPz7TeNh8TDb8XJOxsaPKzkPplEIpnhD 2t/e8wBvg0HjtDT7NCPKq/hXzHr55x/eYa9fJ1Cm5DrpE+dKtEJsuhFXO1CeUaaXr+/ZuP97Snp X1Ppfy+Ewuhu9pBmHZw== X-Proofpoint-ORIG-GUID: 7yZipRBVld2W-o34keTPhYGhkkXYNhuq X-Authority-Analysis: v=2.4 cv=Vf3H+lp9 c=1 sm=1 tr=0 ts=6a1da577 cx=c_pps a=5BHTudwdYE3Te8bg5FgnPg==:117 a=5BHTudwdYE3Te8bg5FgnPg==:17 a=FelO9ux0wxsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=U7nrCbtTmkRpXpFmAIza:22 a=VnNF1IyMAAAA:8 a=nBeMyYop4p2-dv3G0y8A:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-06-01_04,2026-05-28_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 suspectscore=0 adultscore=0 bulkscore=0 impostorscore=0 phishscore=0 lowpriorityscore=0 malwarescore=0 clxscore=1015 spamscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2606010151 Content-Type: text/plain; charset="utf-8" Factor out try_get_locked_pte(), which behaves similarly to get_locked_pte(), but does not attempt to allocate missing tables and performs a spin_trylock() instead of blocking. The new function is also exported, since it will be used in other patches. If intermediate entries are missing, there can be no pte swap entry to free, so it's safe to ignore them. This avoids potentially sleeping while atomic. Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") --- arch/s390/include/asm/gmap_helpers.h | 1 + arch/s390/mm/gmap_helpers.c | 117 ++++++++++++++++----------- 2 files changed, 73 insertions(+), 45 deletions(-) diff --git a/arch/s390/include/asm/gmap_helpers.h b/arch/s390/include/asm/g= map_helpers.h index 2d3ae421077e..d2b616604a46 100644 --- a/arch/s390/include/asm/gmap_helpers.h +++ b/arch/s390/include/asm/gmap_helpers.h @@ -12,5 +12,6 @@ void gmap_helper_zap_one_page(struct mm_struct *mm, unsig= ned long vmaddr); void gmap_helper_discard(struct mm_struct *mm, unsigned long vmaddr, unsig= ned long end); int gmap_helper_disable_cow_sharing(void); void gmap_helper_try_set_pte_unused(struct mm_struct *mm, unsigned long vm= addr); +pte_t *try_get_locked_pte(struct mm_struct *mm, unsigned long addr, spinlo= ck_t **ptl); =20 #endif /* _ASM_S390_GMAP_HELPERS_H */ diff --git a/arch/s390/mm/gmap_helpers.c b/arch/s390/mm/gmap_helpers.c index f8789ffcc05c..396207163ca6 100644 --- a/arch/s390/mm/gmap_helpers.c +++ b/arch/s390/mm/gmap_helpers.c @@ -34,6 +34,70 @@ static void ptep_zap_softleaf_entry(struct mm_struct *mm= , softleaf_t entry) swap_put_entries_direct(entry, 1); } =20 +/** + * try_get_locked_pte() - like get_locked_pte(), but atomic and with trylo= ck + * @mm: the mm + * @vmaddr: the userspace virtual address whose pte is to be found + * @ptl: will be set to the pointer to the lock used to lock the pte in ca= se + * of success. + * + * This function returns the pointer to the pte corresponding to @addr in = @mm, + * similarly to get_locked_pte(). Unlike get_locked_pte(), no attempt is m= ade + * to allocate missing page tables. If a missing or large entry is found, = the + * function will return NULL. If the ptl lock is contended, %-EAGAIN is + * returned. + * + * In case of success, *@ptl will point to the locked pte lock for the ret= urned + * pte, like get_locked_pte() does. + * + * Context: mmap_lock or vma lock for read or for write needs to be held. + * Return: + * * %NULL if the pte cannot be reached. + * * %-EAGAIN if the pte can be reached, but cannot be locked. + * * the pointer to the pte corresponding to @addr in @mm, if it can be re= ached + * and locked. + */ +pte_t *try_get_locked_pte(struct mm_struct *mm, unsigned long vmaddr, spin= lock_t **ptl) +{ + pmd_t *pmdp, pmd, pmdval; + pud_t *pudp, pud; + p4d_t *p4dp, p4d; + pgd_t *pgdp, pgd; + pte_t *ptep; + + pgdp =3D pgd_offset(mm, vmaddr); + pgd =3D pgdp_get(pgdp); + if (pgd_none(pgd) || !pgd_present(pgd)) + return NULL; + p4dp =3D p4d_offset(pgdp, vmaddr); + p4d =3D p4dp_get(p4dp); + if (p4d_none(p4d) || !p4d_present(p4d)) + return NULL; + pudp =3D pud_offset(p4dp, vmaddr); + pud =3D pudp_get(pudp); + if (pud_none(pud) || pud_leaf(pud) || !pud_present(pud)) + return NULL; + pmdp =3D pmd_offset(pudp, vmaddr); + pmd =3D pmdp_get_lockless(pmdp); + if (pmd_none(pmd) || pmd_leaf(pmd) || !pmd_present(pmd)) + return NULL; + ptep =3D pte_offset_map_rw_nolock(mm, pmdp, vmaddr, &pmdval, ptl); + if (!ptep) + return NULL; + + if (spin_trylock(*ptl)) { + if (unlikely(!pmd_same(pmdval, pmdp_get_lockless(pmdp)))) { + pte_unmap_unlock(ptep, *ptl); + return ERR_PTR(-EAGAIN); + } + return ptep; + } + + pte_unmap(ptep); + return ERR_PTR(-EAGAIN); +} +EXPORT_SYMBOL_GPL(try_get_locked_pte); + /** * gmap_helper_zap_one_page() - discard a page if it was swapped. * @mm: the mm @@ -46,7 +110,7 @@ static void ptep_zap_softleaf_entry(struct mm_struct *mm= , softleaf_t entry) void gmap_helper_zap_one_page(struct mm_struct *mm, unsigned long vmaddr) { struct vm_area_struct *vma; - spinlock_t *ptl; + spinlock_t *ptl; /* Lock for the host (userspace) page table */ pte_t *ptep; =20 mmap_assert_locked(mm); @@ -57,8 +121,8 @@ void gmap_helper_zap_one_page(struct mm_struct *mm, unsi= gned long vmaddr) return; =20 /* Get pointer to the page table entry */ - ptep =3D get_locked_pte(mm, vmaddr, &ptl); - if (unlikely(!ptep)) + ptep =3D try_get_locked_pte(mm, vmaddr, &ptl); + if (IS_ERR_OR_NULL(ptep)) return; if (pte_swap(*ptep)) { ptep_zap_softleaf_entry(mm, softleaf_from_pte(*ptep)); @@ -113,37 +177,9 @@ EXPORT_SYMBOL_GPL(gmap_helper_discard); */ void gmap_helper_try_set_pte_unused(struct mm_struct *mm, unsigned long vm= addr) { - pmd_t *pmdp, pmd, pmdval; - pud_t *pudp, pud; - p4d_t *p4dp, p4d; - pgd_t *pgdp, pgd; spinlock_t *ptl; /* Lock for the host (userspace) page table */ pte_t *ptep; =20 - pgdp =3D pgd_offset(mm, vmaddr); - pgd =3D pgdp_get(pgdp); - if (pgd_none(pgd) || !pgd_present(pgd)) - return; - - p4dp =3D p4d_offset(pgdp, vmaddr); - p4d =3D p4dp_get(p4dp); - if (p4d_none(p4d) || !p4d_present(p4d)) - return; - - pudp =3D pud_offset(p4dp, vmaddr); - pud =3D pudp_get(pudp); - if (pud_none(pud) || pud_leaf(pud) || !pud_present(pud)) - return; - - pmdp =3D pmd_offset(pudp, vmaddr); - pmd =3D pmdp_get_lockless(pmdp); - if (pmd_none(pmd) || pmd_leaf(pmd) || !pmd_present(pmd)) - return; - - ptep =3D pte_offset_map_rw_nolock(mm, pmdp, vmaddr, &pmdval, &ptl); - if (!ptep) - return; - /* * Several paths exists that takes the ptl lock and then call the * mmu_notifier, which takes the mmu_lock. The unmap path, instead, @@ -156,21 +192,12 @@ void gmap_helper_try_set_pte_unused(struct mm_struct = *mm, unsigned long vmaddr) * If the lock is contended the bit is not set and the deadlock is * avoided. */ - if (spin_trylock(ptl)) { - /* - * Make sure the pte we are touching is still the correct - * one. In theory this check should not be needed, but - * better safe than sorry. - * Disabling interrupts or holding the mmap lock is enough to - * guarantee that no concurrent updates to the page tables - * are possible. - */ - if (likely(pmd_same(pmdval, pmdp_get_lockless(pmdp)))) - __atomic64_or(_PAGE_UNUSED, (long *)ptep); - spin_unlock(ptl); - } + ptep =3D try_get_locked_pte(mm, vmaddr, &ptl); + if (IS_ERR_OR_NULL(ptep)) + return; =20 - pte_unmap(ptep); + __atomic64_or(_PAGE_UNUSED, (long *)ptep); + pte_unmap_unlock(ptep, ptl); } EXPORT_SYMBOL_GPL(gmap_helper_try_set_pte_unused); =20 --=20 2.54.0 From nobody Mon Jun 8 05:25:49 2026 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A1DB23DB33D; Mon, 1 Jun 2026 15:30:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327814; cv=none; b=YBMNC/R6bhYnZuS8hBLbTCNL3Go0pL2xbJ10N9w4X08OMtgu+peXceuJqUiX3GBe5V/WLxJ73GmovtZLQDOVHLUDCCm8gJlNYRNiNt92o6HwtA+3/zljB4bA3cwKS0aVKptgK9AJ99mmgq4OtfKG+VFD2T8X5pnLU132wlFoCx4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327814; c=relaxed/simple; bh=q/4VAZUDR9wKIqDbkUpA49JakPieFRHX1ZGX+F9Tlk8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=fLzAjQMBsGWiTko4ahMtB2CQWv8c8gfYNiYuQGiEJjBqEhKHWZnyupk0zacppMv6i4KG0wGBAU7Lubjev+OJKRDFNKw9+4hYujDGgJCSS6XxCkrximt36JYDTK6eKCgDjDpUQyhte2w0U6RHsWpgj4Stf7oVKqcj8lP6+FBFoN8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=AifDKMTf; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="AifDKMTf" Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 651D3AMP096369; Mon, 1 Jun 2026 15:30:00 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=Q3ON+ZZRcqGRnrLY+ eHwQpEqFpiLy7qpH+dy3PWXk0Y=; b=AifDKMTf1Zn+RyxITr38MFOunxmCR/ghU nMd5PTmteoEtcsgaCHtB29okeG0E21uj5YJ5sIptpEWZwWyYs9qlzbpLT9e+cmsj Szccn3PO2Z5bw+oGVp+Y3olLahU47ZD+hRBgd9WJzAqUdDnkZKBGxE75n1gCyjIv cB3y/3qJUAvb6m7LncRWJ5dxKB+Y9e5hM6tGVIl/f9dsgHSc25WM0QKdHpR2tee8 4RLecXAgRyIUEExKu5wYRSvSslpX4/jABYtqeY4uW5qg8RwjI+uQVcgoqPM0JwEJ R0p/2LLik7T0VAbK0R4veLqiDC/CQwetXYHHXT1agvKERU82zkeOA== Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4efqjq1fdu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 651FOCnG027078; Mon, 1 Jun 2026 15:29:58 GMT Received: from smtprelay06.fra02v.mail.ibm.com ([9.218.2.230]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4egbqh6p3d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:58 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (smtpav04.fra02v.mail.ibm.com [10.20.54.103]) by smtprelay06.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 651FTqxw30015762 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Jun 2026 15:29:53 GMT Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C85BE2004E; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9F75D2004D; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav04.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v2 4/8] KVM: s390: Fix guest / virtual address confusion in _essa_clear_cbrl() Date: Mon, 1 Jun 2026 17:29:47 +0200 Message-ID: <20260601152951.196859-5-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260601152951.196859-1-imbrenda@linux.ibm.com> References: <20260601152951.196859-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: _0jLKG4U4pnVAhN9NKzGeqqBnBu54tD0 X-Proofpoint-GUID: _0jLKG4U4pnVAhN9NKzGeqqBnBu54tD0 X-Authority-Analysis: v=2.4 cv=bcVbluPB c=1 sm=1 tr=0 ts=6a1da577 cx=c_pps a=3Bg1Hr4SwmMryq2xdFQyZA==:117 a=3Bg1Hr4SwmMryq2xdFQyZA==:17 a=FelO9ux0wxsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=uAbxVGIbfxUO_5tXvNgY:22 a=VnNF1IyMAAAA:8 a=DrbGolfmOjewO6_yJogA:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNjAxMDE1MSBTYWx0ZWRfXx/oRPQxpWadO CifJefbzaadNXoSMu6MmP+LvqsW+s6fTBXdJXYlViY+KqcAGJxd9ZjFWQOqy2w8/Kl/H3VsppCr wo6RkgD+0+C85Trlz+rc8WkvyLNcaUj1CLof3toa5+7uhcvJNp5JyUDUndlVBHIpRsAewAM96pJ JB5c8Two/kvzglEjAMDVJ9Uyg34EvtQ86aFe4wMNxbxK0CF+cZMN8HMDKpF19ySqK4cwL0/jIyG BGdELdYLQYAxWRjks1cs4NHd83D6H9z9ieS8ZeA4OcM7+G9/PxahMcKncS9NPJxAWVQWlDSfCof whQAC3fo+x8IJ+ar1MSTWiXZkYHYoaiT1eDXgmwvASVWksRZpLFlkv8yfyMdPDT7O5lhXMCEfiR GcnpnsJPA0ybUrKatwK5UOHFP/6JAhSyacgJ+G7KQkgn01Qw3EjCbjmMy1zgPkR0waw7pyZgdwc +ghtIJkaFabypQQRtzw== X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-06-01_04,2026-05-28_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 clxscore=1015 adultscore=0 priorityscore=1501 phishscore=0 lowpriorityscore=0 bulkscore=0 malwarescore=0 spamscore=0 suspectscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2606010151 Content-Type: text/plain; charset="utf-8" Until now, gmap_helper_zap_one_page() was being called with the guest absolute address, but it expects a userspace virtual address. This meant that in the best case the requested pages were not being discarded, and in the worst case that the wrong pages were being discarded. Fix this by converting the guest absolute address to host virtual before passing it to gmap_helper_zap_one_page(). Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") Signed-off-by: Claudio Imbrenda --- arch/s390/kvm/priv.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/s390/kvm/priv.c b/arch/s390/kvm/priv.c index cc0553da14cb..447ec7ed423d 100644 --- a/arch/s390/kvm/priv.c +++ b/arch/s390/kvm/priv.c @@ -1188,6 +1188,7 @@ static void _essa_clear_cbrl(struct kvm_vcpu *vcpu, u= nsigned long *cbrl, int len union crste *crstep; union pgste pgste; union pte *ptep; + hva_t hva; int i; =20 lockdep_assert_held(&vcpu->kvm->mmu_lock); @@ -1199,8 +1200,11 @@ static void _essa_clear_cbrl(struct kvm_vcpu *vcpu, = unsigned long *cbrl, int len if (!ptep || ptep->s.pr) continue; pgste =3D pgste_get_lock(ptep); - if (pgste.usage =3D=3D PGSTE_GPS_USAGE_UNUSED || pgste.zero) - gmap_helper_zap_one_page(vcpu->kvm->mm, cbrl[i]); + if (pgste.usage =3D=3D PGSTE_GPS_USAGE_UNUSED || pgste.zero) { + hva =3D gpa_to_hva(vcpu->kvm, cbrl[i]); + if (!kvm_is_error_hva(hva)) + gmap_helper_zap_one_page(vcpu->kvm->mm, hva); + } pgste_set_unlock(ptep, pgste); } } --=20 2.54.0 From nobody Mon Jun 8 05:25:49 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B76F43DB322; Mon, 1 Jun 2026 15:30:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327817; cv=none; b=rEVhzhCoovKlLgLKq/lgBD+NXF35yLF4n/2sIkuTi2ifiRQAA9fYh+YUYasedxl2lbacpOyYCqGGA+cXuInrPr8motrdErySmoLLgFa6jh8wRIsS5O1WAN4DxmFGm1n6MHrD5ItBtvlXldn9IMOu0XSZEb82/Omgj3mxo04QRYM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327817; c=relaxed/simple; bh=rxEq+p7FKrkLf08DNMOVsPgtR8katGipcUDE50aUb6g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=BBt4LlgZw8ZtvkIkjDL5br4LsRw+o9H2XpAmai6AvrM8MM8XvIDcAkpgJ2oRIFdVCPQGirUesEHb/TtcBTt5cqT/n2PgvF2UOonQ6QDqFOPdRHd4hNqMbOZIaoZKG4UiigyamPOz8FogSPEGrOP3rSO1g0jxKpVVFgiLtcVImJs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=O3bJCtF0; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="O3bJCtF0" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 651FAHAi2665699; Mon, 1 Jun 2026 15:30:00 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=f/WU64V7khT8NQeX/ zbiYQ9Mor4o7IeReycbOeZvsm0=; b=O3bJCtF0EKupOP4LAMbZpr9M0jK03I19D 7w+n3ZbINfDfXBkEa90QuaMZPnGHZ6FNVt88OHDrlsMqp8sKNXlIbz9zd6VredSO M2VHrksOMVy5YE4Zk4A5RrW05CQDYfWg34J4q3dOmRjAZ11i+3KnrkzwzLdMmt7l t4Ps/agPranPEvoHSnRqBwt8FctUxP2Xg31iNWM+HQkI5AUwX8ekzfdjSJZ/7gk8 tYrBccK/+1mV97DKuaYb79hf0mW9J8JOXz5EoOUano8Lp3NOygbrvSgBRVqBXqWD /1VQoZceRdYl6+7da3xa60nISgfF+Ds8O0gagsszrd3ePIinz09yA== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4efqht12yh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 651FOAb3022904; Mon, 1 Jun 2026 15:29:59 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4egb7jxs6x-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (smtpav04.fra02v.mail.ibm.com [10.20.54.103]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 651FTrU351511672 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Jun 2026 15:29:53 GMT Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0358820040; Mon, 1 Jun 2026 15:29:53 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CE8BF2004F; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav04.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v2 5/8] KVM: s390: vsie: Fix rmap handling in _do_shadow_crste() Date: Mon, 1 Jun 2026 17:29:48 +0200 Message-ID: <20260601152951.196859-6-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260601152951.196859-1-imbrenda@linux.ibm.com> References: <20260601152951.196859-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: wn4psKQsEhtDDOZFslUo-5QDdbVgJyY_ X-Authority-Analysis: v=2.4 cv=fv/sol4f c=1 sm=1 tr=0 ts=6a1da577 cx=c_pps a=GFwsV6G8L6GxiO2Y/PsHdQ==:117 a=GFwsV6G8L6GxiO2Y/PsHdQ==:17 a=FelO9ux0wxsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=RzCfie-kr_QcCd8fBx8p:22 a=VnNF1IyMAAAA:8 a=sChW5zZnIGAfqb-v-YwA:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNjAxMDE1MSBTYWx0ZWRfX7J+zis+A/ZYJ S09rgoByHzShqTL5eZqyIc9oO+PKGx659Zq/o+vy757lQpfGKfgI1/wfQf0w6JrYu7cO207aR6m EEPGcR6SqGhyl4ckeypVEoWapzDrWFeoL/esQElF9JDgesF8lZXzsDCi2ndoufuamJApMpDP1Qf qShTeNkvklYBFLvoUWjP6XSx89Ar0+vloFa4EhyMfekKCcPFDlQoQlQGv1iYQJmS8bmd04COygO CuukZ++sBfUHRBGMR5QY5H5AJ0KsABghHd+Ur/vyg39mjR2w8QgxTbVRild+obBKYPzy7yLUjMa O2Zcr+VVubyuMv73iJUVJmMY5SXukRqd6gmyeRyGYOu0BG0O5kZ1Ha0bpK+WO9FcUy17LPPyc1l tzD9ZdoB4GBXNPr2bc4ruCRpBGxHSJIpcvj21V5rzgl2Mxc2nrwNz0/ffzsL52hI7hxTdUxA/lq Cu1VQshMlX7rPV1iQ0A== X-Proofpoint-ORIG-GUID: wn4psKQsEhtDDOZFslUo-5QDdbVgJyY_ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-06-01_04,2026-05-28_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 priorityscore=1501 spamscore=0 phishscore=0 clxscore=1015 impostorscore=0 suspectscore=0 bulkscore=0 lowpriorityscore=0 malwarescore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2606010151 Content-Type: text/plain; charset="utf-8" Fix _do_shadow_crste() to also apply a mask on the reverse address, to prevent spurious entries from being created, like already done in gmap_protect_rmap(). Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") --- arch/s390/kvm/gaccess.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/s390/kvm/gaccess.c b/arch/s390/kvm/gaccess.c index 4f8d5592c9a9..20e28b183c1a 100644 --- a/arch/s390/kvm/gaccess.c +++ b/arch/s390/kvm/gaccess.c @@ -1466,15 +1466,17 @@ static int _do_shadow_crste(struct gmap *sg, gpa_t = raddr, union crste *host, uni struct guest_fault *f, bool p) { union crste newcrste, oldcrste; - gfn_t gfn; + unsigned long mask; + gfn_t r_gfn; int rc; =20 lockdep_assert_held(&sg->kvm->mmu_lock); lockdep_assert_held(&sg->parent->children_lock); =20 - gfn =3D f->gfn & (is_pmd(*table) ? _SEGMENT_FR_MASK : _REGION3_FR_MASK); + mask =3D is_pmd(*table) ? _SEGMENT_FR_MASK : _REGION3_FR_MASK; + r_gfn =3D gpa_to_gfn(raddr) & mask; scoped_guard(spinlock, &sg->host_to_rmap_lock) - rc =3D gmap_insert_rmap(sg, gfn, gpa_to_gfn(raddr), host->h.tt); + rc =3D gmap_insert_rmap(sg, f->gfn & mask, r_gfn, host->h.tt); if (rc) return rc; =20 @@ -1497,8 +1499,7 @@ static int _do_shadow_crste(struct gmap *sg, gpa_t ra= ddr, union crste *host, uni return -EAGAIN; =20 newcrste =3D _crste_fc1(f->pfn, oldcrste.h.tt, 0, !p); - gfn =3D gpa_to_gfn(raddr); - while (!dat_crstep_xchg_atomic(table, READ_ONCE(*table), newcrste, gfn, s= g->asce)) + while (!dat_crstep_xchg_atomic(table, READ_ONCE(*table), newcrste, r_gfn,= sg->asce)) ; return 0; } --=20 2.54.0 From nobody Mon Jun 8 05:25:49 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F0CD83DC4B8; Mon, 1 Jun 2026 15:30:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327818; cv=none; b=s08ylFVYjDoT2Pf7SAnb4DQ+vlB5p+vwk7pkImq0fBrDVuGj33+FX23BO1cnZB1a6c2CVVIYHcD58CkEA0R6Y2UOSMpXN4VCj94TxWth+4yHyZeUySPyT6oXcZRxvmCE9FgxU5ObZzIJ++9ZPzBRDD76YXlHKGRRoV4TURTK6Eo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327818; c=relaxed/simple; bh=qluj3bUF8QXR+D6ZflcYNjuSjTryJaNLsOy7TGOlz40=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ee3Pc5/KnZsr744ytP2Sy8q8xHaLE8o9I+wXNZ2GlMT6nNymHNlqrB5l56mNCyLrKQI1XWjJuxUgANpWBiaXkQ4+xb3ZLAl+yt1lPJdjzH9jCs+slimus/VvYgx2tFGV7ywAwQ9VJ/mXcWGl9I7wRGGfNUD6OJlrlb2btnaVfYQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=En5VlD/F; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="En5VlD/F" Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 6517bBOm2606065; Mon, 1 Jun 2026 15:29:59 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=IE7I1BsQ0hsaDh9I2 YwFkyN3gn6mJlOwx0AUHKHfLSY=; b=En5VlD/FI6ZGftzOCkZ5B49XXf+kTXIfN i5cmxFZK8rkJhcm18sQfUE3XQeQri+gZYxuvjFTRN/abcEfXGi+9/W24PITOSwTe UPjF6TBohK7M1Ri8MP0xpvdE1fUGscAJp45OPeWwiz60O8d9L6p1zf1f3Vx+e+p4 vbfRGI9daPRQS21fBqqDsgl/QjdWwLYIpWdNwuy+hxayXHGmB1MhUV7UqY7yCBv1 obL2SHtszpVtbOK+YrRBQzPRu3/tXH7opQMgdef/xdQJ2251P5JY6IRRyX8cXvxl aqvK8Z5e/o7ehsfUi5aBaKx7Yp81OtGdX6i9i0VFk0AEb9k82qCSw== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4efnahhchy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 651FOAv4013187; Mon, 1 Jun 2026 15:29:58 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 4egcwy6fmj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:58 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (smtpav04.fra02v.mail.ibm.com [10.20.54.103]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 651FTrYd51511674 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Jun 2026 15:29:53 GMT Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 33AF620043; Mon, 1 Jun 2026 15:29:53 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0A2BE2004B; Mon, 1 Jun 2026 15:29:53 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav04.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 1 Jun 2026 15:29:52 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v2 6/8] KVM: s390: Fix fault-in code Date: Mon, 1 Jun 2026 17:29:49 +0200 Message-ID: <20260601152951.196859-7-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260601152951.196859-1-imbrenda@linux.ibm.com> References: <20260601152951.196859-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNjAxMDE1MSBTYWx0ZWRfX3UCwfnCzWTZi rKjwqGAc0stNW4TdP2vNeP4UkxgvQRSupWpfVBd3hyxkz4qJ2YaMzw3nSPDLjwuCvZv7vgxQ7mV 8mQlDzYsc8ORT8YKuc8b7r9GLy1CM7D9Wvc0EysqRlODVmoN5EK16MtlkUyTGEqIjpLkpJh67Sk em+J962dBkMwP8TKLt0prbH3fy5f8JGPLahY4Zoq3D+O/yOgTvmExfvOcRmWCtOHUdJxDY2J+xG JOrZP5nWZcwQMkln0n4Ju0y5zuX2tj6hsnFf3Yx1pjhaee+fKq7yDZIqA/ypGSCHY7md+g7LPAj igs8ojC1/gC2aTwFIP8/O+P9oKHbbnumUzo09N0YNTz1Gi9nqMZkUuS6B1mRNdfzE1x27bNGluI 6NMjpivO8iO9iG9fRdXkN0I8MCeP9FYlRDlrFjn+Dsq76lfIeW9RN6BdrHYujCRk2i9kYetpFB5 IkFDQNzQXTY2ytcWx3w== X-Proofpoint-ORIG-GUID: _-yHB9lMN7gXjGxtowL3fBOnPRDBeKVR X-Authority-Analysis: v=2.4 cv=cOzQdFeN c=1 sm=1 tr=0 ts=6a1da577 cx=c_pps a=aDMHemPKRhS1OARIsFnwRA==:117 a=aDMHemPKRhS1OARIsFnwRA==:17 a=FelO9ux0wxsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=Y2IxJ9c9Rs8Kov3niI8_:22 a=VnNF1IyMAAAA:8 a=p5SjDoQbJD9XZwj20uYA:9 X-Proofpoint-GUID: _-yHB9lMN7gXjGxtowL3fBOnPRDBeKVR X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-06-01_04,2026-05-28_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 impostorscore=0 lowpriorityscore=0 spamscore=0 bulkscore=0 malwarescore=0 phishscore=0 suspectscore=0 priorityscore=1501 adultscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2606010151 Content-Type: text/plain; charset="utf-8" Fix the fault-in code so that it does not return success if a concurrent unmap event invalidated the fault-in process between the best-effort lockless check and the proper check with lock. The new behaviour is to retry, like the best-effort lockless check already did. This prevents the fault-in handler from returning success without having actually faulted in the requested page. Fixes: e907ae530133 ("KVM: s390: Add helper functions for fault handling") Signed-off-by: Claudio Imbrenda Reviewed-by: Steffen Eiden --- arch/s390/kvm/faultin.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/arch/s390/kvm/faultin.c b/arch/s390/kvm/faultin.c index ddf0ca71f374..cf542b0a7e8e 100644 --- a/arch/s390/kvm/faultin.c +++ b/arch/s390/kvm/faultin.c @@ -36,7 +36,8 @@ int kvm_s390_faultin_gfn(struct kvm_vcpu *vcpu, struct kv= m *kvm, struct guest_fa struct kvm_s390_mmu_cache *mc =3D NULL; struct kvm_memory_slot *slot; unsigned long inv_seq; - int foll, rc =3D 0; + int rc =3D -EAGAIN; + int foll; =20 foll =3D f->write_attempt ? FOLL_WRITE : 0; foll |=3D f->attempt_pfault ? FOLL_NOWAIT : 0; @@ -53,7 +54,7 @@ int kvm_s390_faultin_gfn(struct kvm_vcpu *vcpu, struct kv= m *kvm, struct guest_fa return 0; } =20 - while (1) { + while (rc =3D=3D -EAGAIN) { f->valid =3D false; inv_seq =3D kvm->mmu_invalidate_seq; /* Pairs with the smp_wmb() in kvm_mmu_invalidate_end(). */ @@ -110,20 +111,19 @@ int kvm_s390_faultin_gfn(struct kvm_vcpu *vcpu, struc= t kvm *kvm, struct guest_fa if (!mmu_invalidate_retry_gfn(kvm, inv_seq, f->gfn)) { f->valid =3D true; rc =3D gmap_link(mc, kvm->arch.gmap, f, slot); - kvm_release_faultin_page(kvm, f->page, !!rc, f->write_attempt); - f->page =3D NULL; } + kvm_release_faultin_page(kvm, f->page, !!rc, f->write_attempt); } - kvm_release_faultin_page(kvm, f->page, true, false); =20 if (rc =3D=3D -ENOMEM) { rc =3D kvm_s390_mmu_cache_topup(mc); if (rc) return rc; - } else if (rc !=3D -EAGAIN) { - return rc; + rc =3D -EAGAIN; } } + + return rc; } =20 int kvm_s390_get_guest_page(struct kvm *kvm, struct guest_fault *f, gfn_t = gfn, bool w) --=20 2.54.0 From nobody Mon Jun 8 05:25:49 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BA0433DC4C9; Mon, 1 Jun 2026 15:30:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327816; cv=none; b=fbHUCf14kIHCqApoRlfgmxpfFBLnoQmev+XiWVXhX6gYtFca5Y2mXIX/zr3PJpVq8JnIF12DnuU2nqgu2R76jab5eAhoKVF0QMvhGA/LZHbro42dOUaLKY6jODWfPlvx8r4k7Qki927JBSXryCsx1PCfbksS/3b6Z9QKf/mdLE8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327816; c=relaxed/simple; bh=SRo5IBgPJeMhBd66Qkgvhd2/r+7I6kqyIzsB+7f9zvM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=SQaeYo6YNUbIwhjU+tjQYGgBF6KWJValyUmSPDnd7kCXDb9nNRJzv0pmeLiuajTkL/3WG59LaPZAh5cZ4bDnUBwx8V4hQBc+odJHarsdSSIJi84g4r3kej38rbAEdgTMwQ9sz/+YSP+8UWuXXdPgIMXe7N9SMTSdzB+PndiDka4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=gXT7EJDa; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="gXT7EJDa" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 651CxD8G432511; Mon, 1 Jun 2026 15:30:00 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=FWfLyhJ6GGIDHWn6o RZIqvW5vDDYDL2zoOflL5hy3jM=; b=gXT7EJDa40kJUxfjLegNQJUwAcCdyIIzU AazUrsW2YS3dQJg7YUTq7MC2V/ea9yqBXRXAz8Buv3KQSuxGNj9Q83TrEE8io5UT KUwDzd98EUUuM2S+9kN6qvwqnWgULfZZdsFoqSuYfwJHD4QyvOylk1gfemfP57hr lusqZpspolfVsfSsr6TxVZl5AwLA4DyvEwNDnWXtryf6LJTXYVX7AKDw6eWAN3+f ehvTuu0ugtttuEEbYtdwcoyc5Ruxbf7XqIO8vl9qsZmVdnOnR/HzPjTOmN1C/S2s eVmI/lKZ0gQindzMfm2k1k6dcyisk/fb1GhiFvdvpC0+y3SM90XZw== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4efqht12yj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 651FO5rg022873; Mon, 1 Jun 2026 15:29:59 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4egb7jxs6y-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (smtpav04.fra02v.mail.ibm.com [10.20.54.103]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 651FTrdG51511678 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Jun 2026 15:29:53 GMT Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 629A020043; Mon, 1 Jun 2026 15:29:53 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 39A4720040; Mon, 1 Jun 2026 15:29:53 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav04.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 1 Jun 2026 15:29:53 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v2 7/8] KVM: s390: Lock pte when making page secure Date: Mon, 1 Jun 2026 17:29:50 +0200 Message-ID: <20260601152951.196859-8-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260601152951.196859-1-imbrenda@linux.ibm.com> References: <20260601152951.196859-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: ypF_omuVHZLZoiMCS4MfrC0gKKg-4-nV X-Authority-Analysis: v=2.4 cv=fv/sol4f c=1 sm=1 tr=0 ts=6a1da577 cx=c_pps a=GFwsV6G8L6GxiO2Y/PsHdQ==:117 a=GFwsV6G8L6GxiO2Y/PsHdQ==:17 a=FelO9ux0wxsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=RzCfie-kr_QcCd8fBx8p:22 a=VnNF1IyMAAAA:8 a=MmVNaJ3caS2uU_XaQsUA:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNjAxMDE1MSBTYWx0ZWRfX88l8x/YSQVqM 1rht6nNANIzNs6on/jN71AgWwNcqx4WXVOcU4fmaeij3gCksl3A2NzSLRUHYKGNQ4CbTsOjaEiX MhhQGKC75SC1UzUxWOVE+MmlMz29K/1cu9BId/GZ4cxVwcxZ3WmdM2w/XnsUKZV8WuQvcLA2gLA FNoovLws4+P18lzoT518JO4Ia75BDBVWLS0eM2GOHkIgS/W5Zvp+9NdFVAP0aL1BDjh98gpKYft yQDbiidJrhrMQ+D4KVBOZgqsdAuj+x8Jdv8J/S14qOD0ECTBE7UYl5bUPmgO/U+QH7X3Rkte0i9 o0LizGNcDkSRDjwmdWFZ0UqnU/Fa+heKscp2zI/GYtHxtoPc/LSH1eILnd1T+7z+xH81vl9EWGy OFJpRS4iSa55vO+CyyrL6Kn21dGkxlrrv9+UuxIdLlkduT0plROpLf/Lyfu+fn4jFv1uDXleKS2 +zeO+rpPYPK5CDnJm+Q== X-Proofpoint-ORIG-GUID: ypF_omuVHZLZoiMCS4MfrC0gKKg-4-nV X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-06-01_04,2026-05-28_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 priorityscore=1501 spamscore=0 phishscore=0 clxscore=1015 impostorscore=0 suspectscore=0 bulkscore=0 lowpriorityscore=0 malwarescore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2606010151 Content-Type: text/plain; charset="utf-8" Make sure _kvm_s390_pv_make_secure() takes the pte lock for the given address when attempting to make the page secure. One of the steps in making the page secure is freezing the folio using folio_ref_freeze(), which temporarily sets the reference count to 0. Any attempt to get such a folio while frozen will fail and cause a warning to be printed. Other users of folio_ref_freeze() make sure that the page is not mapped while it's being frozen, thus preventing gup functions from being able to access it. For _kvm_s390_pv_make_secure(), this is not possible, because the page needs to be mapped in order for the import to succeed. By taking the pte lock, gup functions will be blocked until the import operation is done, thus avoiding the race. In theory this does not completely solve the issue: if a page is mapped through multiple mappings, locking one pte does not protect from calling gup on it through the other mapping. In practice this does not happen and it is a decent stopgap solution until a more correct solution is available. Signed-off-by: Claudio Imbrenda Fixes: e38c884df921 ("KVM: s390: Switch to new gmap") --- arch/s390/kvm/pv.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/arch/s390/kvm/pv.c b/arch/s390/kvm/pv.c index c2dafd812a3b..4b865e75351c 100644 --- a/arch/s390/kvm/pv.c +++ b/arch/s390/kvm/pv.c @@ -17,6 +17,7 @@ #include #include #include +#include #include "kvm-s390.h" #include "dat.h" #include "gaccess.h" @@ -73,6 +74,7 @@ static bool should_export_before_import(struct uv_cb_head= er *uvcb, struct mm_str struct pv_make_secure { void *uvcb; struct folio *folio; + struct kvm *kvm; int rc; bool needs_export; }; @@ -103,9 +105,21 @@ static void _kvm_s390_pv_make_secure(struct guest_faul= t *f) { struct pv_make_secure *priv =3D f->priv; struct folio *folio; + spinlock_t *ptl; /* pte lock from try_get_locked_pte() */ + pte_t *ptep; =20 folio =3D pfn_folio(f->pfn); priv->rc =3D -EAGAIN; + + if (!mmap_read_trylock(priv->kvm->mm)) + return; + + ptep =3D try_get_locked_pte(priv->kvm->mm, gfn_to_hva(priv->kvm, f->gfn),= &ptl); + if (IS_ERR_VALUE(ptep)) { + priv->rc =3D PTR_ERR(ptep); + goto out; + } + if (folio_trylock(folio)) { priv->rc =3D __kvm_s390_pv_make_secure(f, folio); if (priv->rc =3D=3D -E2BIG || priv->rc =3D=3D -EBUSY) { @@ -114,6 +128,11 @@ static void _kvm_s390_pv_make_secure(struct guest_faul= t *f) } folio_unlock(folio); } + + if (ptep) + pte_unmap_unlock(ptep, ptl); +out: + mmap_read_unlock(priv->kvm->mm); } =20 /** @@ -127,7 +146,7 @@ static void _kvm_s390_pv_make_secure(struct guest_fault= *f) */ int kvm_s390_pv_make_secure(struct kvm *kvm, unsigned long gaddr, void *uv= cb) { - struct pv_make_secure priv =3D { .uvcb =3D uvcb }; + struct pv_make_secure priv =3D { .uvcb =3D uvcb, .kvm =3D kvm, }; struct guest_fault f =3D { .write_attempt =3D true, .gfn =3D gpa_to_gfn(gaddr), --=20 2.54.0 From nobody Mon Jun 8 05:25:49 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F3E083D9DAD; Mon, 1 Jun 2026 15:30:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327819; cv=none; b=SQM+aF5y2KKacaVEgeDVerybTarT8cRDiMsTfcHCa6t5AeB/Iy4CmV/cNONKAPZIXpBIWebtkUPNKLRUywdVyey0tci0p4PbbpCHRChoeFd3wj9HblVxVHWJU7QPnN4dYzOW5kN4sKZTeNBB/h81LJGVHp3dZOL0WUoGbRx0YZc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780327819; c=relaxed/simple; bh=zx6TNjrr5sxF/JXLwJ0ARC1L8V6fY9iLaJ2DLC5EdXg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=BBaqB5bxC8jD79ZQ2nm0bP6FgxkRyQpoHStKsGc9xCxuBYC1pKJEaH8bAVNif5/eltmAwiwLWJYgU2LXVUUJrLPD3arAqUmqKSVGUzkAFxfKDF3WW8htT5cR8LRAMU7pz39ZX/HtCcm5GNHGjPNRu2YMuW2OxyhjRwMvHuV5SAo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=pbsrcwqJ; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="pbsrcwqJ" Received: from pps.filterd (m0360072.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 651Cl02w3195132; Mon, 1 Jun 2026 15:30:00 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=OP2M1HsEe+DgddDeh HcZonXB7ZpUy8+gPxxm8UoJYtA=; b=pbsrcwqJK+bCZPxNZJZ4WEV71gQ6qCwJt XUvlMlHY2LTHCrF5oAJvN58QJlGy2a13e0DHqiN4+opRWH23Lkci6tiyhzKFxGFo nlLda8LiG6XoVBNrlEZyFv8iQrZXxYdqH7XidZ7ovse+p58ADSanrutK9H0Abtm6 FlMUxW1O8J48HXZkqKwAgUE7yq1D8W/Y1vDG2Q3mQenT7qmI+fE9Tk437L0ZmCSY jvXb19zyTRJCRyeHLA3sPUVNBuoVAqLPju+7XmsLG1cGSQTkxZIqA6bLoIFw42HF DQ2rOyZOFQuPBWM71ZJqZwA0xFS1zHBHj1xs3CNLMjliyVJp8h8Fw== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4efqht12yk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 651FO7RD031048; Mon, 1 Jun 2026 15:29:59 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4egakvpvx2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Jun 2026 15:29:59 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (smtpav04.fra02v.mail.ibm.com [10.20.54.103]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 651FTr4m50725128 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Jun 2026 15:29:53 GMT Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9178520040; Mon, 1 Jun 2026 15:29:53 +0000 (GMT) Received: from smtpav04.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 68C932004B; Mon, 1 Jun 2026 15:29:53 +0000 (GMT) Received: from p-imbrenda.aag-de.ibm.com (unknown [9.52.223.175]) by smtpav04.fra02v.mail.ibm.com (Postfix) with ESMTP; Mon, 1 Jun 2026 15:29:53 +0000 (GMT) From: Claudio Imbrenda To: linux-kernel@vger.kernel.org Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, borntraeger@de.ibm.com, frankja@linux.ibm.com, david@kernel.org, seiden@linux.ibm.com, nrb@linux.ibm.com, schlameuss@linux.ibm.com, gra@linux.ibm.com Subject: [PATCH v2 8/8] KVM: s390: Prevent memslots outside the ASCE range Date: Mon, 1 Jun 2026 17:29:51 +0200 Message-ID: <20260601152951.196859-9-imbrenda@linux.ibm.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: <20260601152951.196859-1-imbrenda@linux.ibm.com> References: <20260601152951.196859-1-imbrenda@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 5dZ_XfCxKcOQB-2GlXFSF-um3BPe80yf X-Authority-Analysis: v=2.4 cv=fv/sol4f c=1 sm=1 tr=0 ts=6a1da578 cx=c_pps a=5BHTudwdYE3Te8bg5FgnPg==:117 a=5BHTudwdYE3Te8bg5FgnPg==:17 a=FelO9ux0wxsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=RzCfie-kr_QcCd8fBx8p:22 a=VnNF1IyMAAAA:8 a=1rJwsmJvMo9JdAIlmdgA:9 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNjAxMDE1MSBTYWx0ZWRfX8peYSN6aQfEE gToq0kzKYgwEkPCaHomjufsX8nCQSTa0AOQK6bJKPcH+8c3nv+a+JzcstdSQL4a7kne6h5dL7h+ h3cn1cp1mkoqY4JlqGUCwI4w+cGfVMfIzvOrHoJs1lKvGHDCmr9zRsjbHbRkJ8aFA5d1g+iScwW 2QwxJYJVod8g21PIm6ip3TXEbzSgS0qNxHKYM3DqsOfpMwfyQSvFoN8VLKE6Fd7rjH0YFEtjHwU SRFg6xrI1YNNKPra+I6rSnqmjmnB53DaNVE9UMgUVuVRgZtHpRpiRm4xxKxool2QW8npw19DOnt nF4ZK0ThY09ACJUE22dZEXv+3sFdA5EXSRrAPFc+w5rbOXNZ9Jr582FknlIGdQ/Po+lRQimj06k dJeQ9wGTnClHmqoxtmTC22UMdwvGDvBv21ucy1+CZ/VUu3SeJp24B9feArboWMMAERUXqFWTx2f qjqoDFVX5rbnsG2QiYA== X-Proofpoint-ORIG-GUID: 5dZ_XfCxKcOQB-2GlXFSF-um3BPe80yf X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-06-01_04,2026-05-28_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 priorityscore=1501 spamscore=0 phishscore=0 clxscore=1015 impostorscore=0 suspectscore=0 bulkscore=0 lowpriorityscore=0 malwarescore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2605210000 definitions=main-2606010151 Content-Type: text/plain; charset="utf-8" With KVM_S390_VM_MEM_LIMIT_SIZE, userspace can set the highest address allowed for the VM. Creating a memslot that lies over the maximum address does not make sense and is only a potential source of bugs. Prevent creation of memslots over the maximum address, and prevent the maximum address from being reduced below the end of existing memslots. Signed-off-by: Claudio Imbrenda --- arch/s390/kvm/kvm-s390.c | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c index e09960c2e6ed..1796a7c645a9 100644 --- a/arch/s390/kvm/kvm-s390.c +++ b/arch/s390/kvm/kvm-s390.c @@ -999,7 +999,10 @@ static int kvm_s390_set_mem_control(struct kvm *kvm, s= truct kvm_device_attr *att break; } case KVM_S390_VM_MEM_LIMIT_SIZE: { + struct kvm_memslots *slots; + struct kvm_memory_slot *ms; unsigned long new_limit; + int bkt; =20 if (kvm_is_ucontrol(kvm)) return -EINVAL; @@ -1007,6 +1010,8 @@ static int kvm_s390_set_mem_control(struct kvm *kvm, = struct kvm_device_attr *att if (get_user(new_limit, (u64 __user *)attr->addr)) return -EFAULT; =20 + guard(mutex)(&kvm->lock); + if (kvm->arch.mem_limit !=3D KVM_S390_NO_MEM_LIMIT && new_limit > kvm->arch.mem_limit) return -E2BIG; @@ -1014,12 +1019,27 @@ static int kvm_s390_set_mem_control(struct kvm *kvm= , struct kvm_device_attr *att if (!new_limit) return -EINVAL; =20 - ret =3D -EBUSY; - if (!kvm->created_vcpus) + if (kvm->created_vcpus) + return -EBUSY; + + ret =3D 0; + scoped_guard(mutex, &kvm->slots_lock) { + slots =3D kvm_memslots(kvm); + if (slots && !kvm_memslots_empty(slots)) { + kvm_for_each_memslot(ms, bkt, slots) { + if (gpa_to_gfn(new_limit) < ms->base_gfn + ms->npages) { + ret =3D -EBUSY; + break; + } + } + } + } + if (!ret) ret =3D gmap_set_limit(kvm->arch.gmap, gpa_to_gfn(new_limit)); + if (ret) + break; VM_EVENT(kvm, 3, "SET: max guest address: %lu", new_limit); - VM_EVENT(kvm, 3, "New guest asce: 0x%p", - (void *)kvm->arch.gmap->asce.val); + VM_EVENT(kvm, 3, "New guest asce: 0x%p", (void *)kvm->arch.gmap->asce.va= l); break; } default: @@ -5672,6 +5692,8 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, return -EINVAL; if ((new->base_gfn + new->npages) * PAGE_SIZE > kvm->arch.mem_limit) return -EINVAL; + if (!asce_contains_gfn(kvm->arch.gmap->asce, new->base_gfn + new->npages= - 1)) + return -EINVAL; } =20 if (!kvm->arch.migration_mode) --=20 2.54.0