From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
stable@vger.kernel.org
Cc: Sasha Levin <sashal@kernel.org>,
Sean Christopherson <seanjc@google.com>,
David Matlack <dmatlack@google.com>,
James Houghton <jthoughton@google.com>,
Alexander Bulekov <bkov@amazon.com>,
Fred Griffoul <fgriffo@amazon.co.uk>,
Alexander Graf <graf@amazon.de>,
David Woodhouse <dwmw@amazon.co.uk>,
Filippo Sironi <sironi@amazon.de>,
Ivan Orlov <iorlov@amazon.co.uk>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH 5.15.y 8/8] KVM: x86/mmu: Ensure hugepage is in by slot before checking max mapping level
Date: Fri, 26 Jun 2026 13:54:32 -0400 [thread overview]
Message-ID: <stable-reply-item008-kvm-515-respfn-20260626@kernel.org> (raw)
In-Reply-To: <20260626112606.1778248-9-pbonzini@redhat.com>
> - if (sp->role.direct && !kvm_is_reserved_pfn(pfn) &&
> + if (sp->role.direct && is_gfn_in_memslot(slot, sp->gfn) &&
This drops the !kvm_is_reserved_pfn(pfn) guard instead of adding
is_gfn_in_memslot() alongside it. I think upstream could drop it only because
a8ac499bb6ab ("KVM: x86/mmu: Don't require refcounted "struct page" to create
huge SPTEs") rewrote host_pfn_mapping_level() to stop touching the struct page
but that commit isn't in 5.15. Does it make sense?
--
Thanks,
Sasha
next prev parent reply other threads:[~2026-06-26 17:55 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-26 11:25 [PATCH 5.15.y 0/8] KVM: fixes for CVE-2026-46113 and related issues Paolo Bonzini
2026-06-26 11:25 ` [PATCH 5.15.y 1/8] KVM: x86/mmu: Use a bool for direct Paolo Bonzini
2026-06-26 11:26 ` [PATCH 5.15.y 2/8] KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() Paolo Bonzini
2026-06-26 11:26 ` [PATCH 5.15.y 3/8] KVM: x86/mmu: Derive shadow MMU page role from parent Paolo Bonzini
2026-06-26 12:01 ` sashiko-bot
2026-06-26 11:26 ` [PATCH 5.15.y 4/8] KVM: x86/mmu: Always pass 0 for @quadrant when gptes are 8 bytes Paolo Bonzini
2026-06-26 12:13 ` sashiko-bot
2026-06-26 11:26 ` [PATCH 5.15.y 5/8] KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() Paolo Bonzini
2026-06-26 12:28 ` sashiko-bot
2026-06-26 11:26 ` [PATCH 5.15.y 6/8] KVM: x86: Fix shadow paging use-after-free due to unexpected GFN Paolo Bonzini
2026-06-26 11:26 ` [PATCH 5.15.y 7/8] KVM: x86: Fix shadow paging use-after-free due to unexpected role Paolo Bonzini
2026-06-26 11:26 ` [PATCH 5.15.y 8/8] KVM: x86/mmu: Ensure hugepage is in by slot before checking max mapping level Paolo Bonzini
2026-06-26 12:57 ` sashiko-bot
2026-06-26 17:54 ` Sasha Levin [this message]
2026-06-26 19:11 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=stable-reply-item008-kvm-515-respfn-20260626@kernel.org \
--to=sashal@kernel.org \
--cc=bkov@amazon.com \
--cc=dmatlack@google.com \
--cc=dwmw@amazon.co.uk \
--cc=fgriffo@amazon.co.uk \
--cc=graf@amazon.de \
--cc=iorlov@amazon.co.uk \
--cc=jthoughton@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=sironi@amazon.de \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.