diff options
| author | Quentin Perret <qperret@google.com> | 2025-02-07 17:54:38 +0300 |
|---|---|---|
| committer | Marc Zyngier <maz@kernel.org> | 2025-02-09 13:20:38 +0300 |
| commit | eabc7aaef7a553b64bf6e631ce04526af6c8d104 (patch) | |
| tree | 637daa09397c86007730005f95b96eb1565cbd13 /scripts/extract-fwblobs | |
| parent | c53fbdb60fb61fd6bda2bc0dc89837966625c5dc (diff) | |
| download | linux-eabc7aaef7a553b64bf6e631ce04526af6c8d104.tar.xz | |
KVM: arm64: Simplify np-guest hypercalls
When the handling of a guest stage-2 permission fault races with an MMU
notifier, the faulting page might be gone from the guest's stage-2 by
the point we attempt to call (p)kvm_pgtable_stage2_relax_perms(). In the
normal KVM case, this leads to returning -EAGAIN which user_mem_abort()
handles correctly by simply re-entering the guest. However, the pKVM
hypercall implementation has additional logic to check the page state
using __check_host_shared_guest() which gets confused with absence of a
page mapped at the requested IPA and returns -ENOENT, hence breaking
user_mem_abort() and hilarity ensues.
Luckily, several of the hypercalls for managing the stage-2 page-table
of NP guests have no effect on the pKVM ownership tracking (wrprotect,
test_clear_young, mkyoung, and crucially relax_perms), so the extra
state checking logic is in fact not strictly necessary. So, to fix the
discrepancy between standard KVM and pKVM, let's just drop the
superfluous __check_host_shared_guest() logic from those hypercalls and
make the extra state checking a debug assertion dependent on
CONFIG_NVHE_EL2_DEBUG as we already do for other transitions.
Signed-off-by: Quentin Perret <qperret@google.com>
Reviewed-by: Oliver Upton <oliver.upton@linux.dev>
Link: https://lore.kernel.org/r/20250207145438.1333475-3-qperret@google.com
Signed-off-by: Marc Zyngier <maz@kernel.org>
Diffstat (limited to 'scripts/extract-fwblobs')
0 files changed, 0 insertions, 0 deletions