On Tue, May 30, 2023 at 1:32 PM Oliver Upton <oliver.upton@xxxxxxxxx> wrote:
>
> The reference count on page table allocations is increased for every
> 'counted' PTE (valid or donated) in the table in addition to the initial
> reference from ->zalloc_page(). kvm_pgtable_stage2_free_removed() fails
> to drop the last reference on the root of the table walk, meaning we
> leak memory.
>
> Fix it by dropping the last reference after the free walker returns,
> at which point all references for 'counted' PTEs have been released.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Fixes: 5c359cca1faf ("KVM: arm64: Tear down unlinked stage-2 subtree after break-before-make")
> Reported-by: Yu Zhao <yuzhao@xxxxxxxxxx>
> Signed-off-by: Oliver Upton <oliver.upton@xxxxxxxxx>
Tested-by: Yu Zhao <yuzhao@xxxxxxxxxx>
