On 05/29/2017 06:32 PM, David Hildenbrand wrote:
> new = old = pgste_get_lock(ptep);
> pgste_val(new) &= ~(PGSTE_GR_BIT | PGSTE_GC_BIT |
> @@ -748,6 +764,11 @@ int reset_guest_reference_bit(struct mm_struct *mm, unsigned long addr)
> ptep = get_locked_pte(mm, addr, &ptl);
> if (unlikely(!ptep))
> return -EFAULT;
> + if (!pgtable_has_pgste(mm, __pa(ptep))) {
> + pte_unmap_unlock(ptep, ptl);
> + WARN_ONCE(true, "Guest address on page table without pgste");
All these WARN_ONCE. Is there a way how a malicious user can trigger this or is this checked
everywhere and triggered would be indeed a bug?
