This is a note to let you know that I've just added the patch titled
KVM: arm64: Drop last page ref in kvm_pgtable_stage2_free_removed()
to the 6.3-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
kvm-arm64-drop-last-page-ref-in-kvm_pgtable_stage2_free_removed.patch
and it can be found in the queue-6.3 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From f6a27d6dc51b288106adaf053cff9c9b9cc12c4e Mon Sep 17 00:00:00 2001
From: Oliver Upton <oliver.upton@xxxxxxxxx>
Date: Tue, 30 May 2023 19:32:13 +0000
Subject: KVM: arm64: Drop last page ref in kvm_pgtable_stage2_free_removed()
From: Oliver Upton <oliver.upton@xxxxxxxxx>
commit f6a27d6dc51b288106adaf053cff9c9b9cc12c4e upstream.
The reference count on page table allocations is increased for every
'counted' PTE (valid or donated) in the table in addition to the initial
reference from ->zalloc_page(). kvm_pgtable_stage2_free_removed() fails
to drop the last reference on the root of the table walk, meaning we
leak memory.
Fix it by dropping the last reference after the free walker returns,
at which point all references for 'counted' PTEs have been released.
Cc: stable@xxxxxxxxxxxxxxx
Fixes: 5c359cca1faf ("KVM: arm64: Tear down unlinked stage-2 subtree after break-before-make")
Reported-by: Yu Zhao <yuzhao@xxxxxxxxxx>
Signed-off-by: Oliver Upton <oliver.upton@xxxxxxxxx>
Tested-by: Yu Zhao <yuzhao@xxxxxxxxxx>
Signed-off-by: Marc Zyngier <maz@xxxxxxxxxx>
Link: https://lore.kernel.org/r/20230530193213.1663411-1-oliver.upton@xxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
arch/arm64/kvm/hyp/pgtable.c | 3 +++
1 file changed, 3 insertions(+)
--- a/arch/arm64/kvm/hyp/pgtable.c
+++ b/arch/arm64/kvm/hyp/pgtable.c
@@ -1333,4 +1333,7 @@ void kvm_pgtable_stage2_free_removed(str
};
WARN_ON(__kvm_pgtable_walk(&data, mm_ops, ptep, level + 1));
+
+ WARN_ON(mm_ops->page_count(pgtable) != 1);
+ mm_ops->put_page(pgtable);
}
Patches currently in stable-queue which might be from oliver.upton@xxxxxxxxx are
queue-6.3/kvm-arm64-drop-last-page-ref-in-kvm_pgtable_stage2_free_removed.patch
queue-6.3/kvm-arm64-reload-pte-after-invoking-walker-callback-.patch
queue-6.3/kvm-arm64-vgic-fix-a-circular-locking-issue.patch
queue-6.3/kvm-arm64-vgic-wrap-vgic_its_create-with-config_lock.patch
queue-6.3/kvm-arm64-vgic-fix-locking-comment.patch
