From eef3b6e529377f391e375ad2782fbb645bf17828 Mon Sep 17 00:00:00 2001 From: Will Deacon Date: Mon, 25 Mar 2024 15:32:08 +0000 Subject: [PATCH] ANDROID: KVM: arm64: Fix TLB invalidation when coalescing into a block Wnen coalescing a table into a block, the break-before-make sequence must invalidate the whole range of addresses translated by the entry in order to avoid the possibility of a TLB conflict. Fix the coalescing post-table walker so that the whole range of the old table is invalidated, rather than just the first address, since a refcount of 1 on the child page is not sufficient to ensure the absence of any valid mappings. Cc: Sebastian Ene Reported-by: Mostafa Saleh Fixes: 9e7e5db52c3a ("ANDROID: KVM: arm64: Coalesce host stage2 entries on ownership reclaim") Bug: 331232642 Signed-off-by: Will Deacon Change-Id: I4c94f552e4385599ad88b1be50b69ffbafa64a9b --- arch/arm64/kvm/hyp/pgtable.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/arm64/kvm/hyp/pgtable.c b/arch/arm64/kvm/hyp/pgtable.c index 64387388584c..ea51f04be78f 100644 --- a/arch/arm64/kvm/hyp/pgtable.c +++ b/arch/arm64/kvm/hyp/pgtable.c @@ -887,7 +887,9 @@ static void stage2_coalesce_walk_table_post(u64 addr, u64 end, u32 level, * of the page table page. */ if (mm_ops->page_count(childp) == 1) { - stage2_put_pte(ptep, data->mmu, addr, level, mm_ops); + kvm_clear_pte(ptep); + kvm_call_hyp(__kvm_tlb_flush_vmid, data->mmu); + mm_ops->put_page(ptep); mm_ops->put_page(childp); } }