From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4B6D2381C4;
	Mon, 24 Nov 2025 12:54:41 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1763988882; cv=none; b=pKn7Vj8BcQexiAbQ+j498nN/wg51RaHEvlNNQ9/uOfPSVOi13mDM4i+tS6K6PKic2LLQlfjYdKAfU2iRdCXKy9vPYQ5U+Xn7h74tieiXE7ApWYmjIh7bfgUd1A+KjbokeljVElZvMTY6fEtwE9SVvP0vTcdTc47cKQN+d1Gdnlc=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1763988882; c=relaxed/simple;
	bh=BVX+0lqg+9IsvmNv+Eftv4V7s42mUPCpJ0PE8synrpU=;
	h=Date:Message-ID:From:To:Cc:Subject:In-Reply-To:References:
	 MIME-Version:Content-Type; b=X8K+GLchNlW0yQ+UryeI8fnYUr7CbHwJ8gPoZ567tyAX/CU5AIPoQhiHI7iYSD+l8D30wYZ644n0YEu+PVOYqDTpbcOg1I1ERgHXRjYgPEb1FUJiRwnL7Ed1+A+Xub92AMwgBUugy2g8V0pNEv8QDSX54ogan97cW4UuwZsd9yM=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=gIiXq+m6; arc=none smtp.client-ip=10.30.226.201
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="gIiXq+m6"
Received: by smtp.kernel.org (Postfix) with ESMTPSA id C9747C4CEF1;
	Mon, 24 Nov 2025 12:54:41 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1763988881;
	bh=BVX+0lqg+9IsvmNv+Eftv4V7s42mUPCpJ0PE8synrpU=;
	h=Date:From:To:Cc:Subject:In-Reply-To:References:From;
	b=gIiXq+m6h5hQqpxycXFOLH9UJvEqHMIiF84Y+h0dZUz+elmZLgFZlzGb2U/22BcqX
	 n7R5gni5H5oSANu8/QCrCtqj07B0IwpE++nv3pVNFlRbpH/mh72ZmQfUBcgoopysM8
	 sVDC32YKo4ovKJRBlKrYThowIdRiVhh/HeQn4evvfHdeZZssYTtYyuZPu32z7LdNQX
	 CsVXEQmXHg5iMmjUyfFiAu9CZrYyLh+070cFSEKttBLoktF3PlE9rkvybYLohk2z+9
	 209X+976hmSi1ukMgLTYv76jobon7dXqgRbKv4xisviSjl3ty1tmS9SK9SBMKiJs8q
	 gGhuNjfMt/Etw==
Received: from sofa.misterjones.org ([185.219.108.64] helo=goblin-girl.misterjones.org)
	by disco-boy.misterjones.org with esmtpsa  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.98.2)
	(envelope-from <maz@kernel.org>)
	id 1vNW5X-00000007qqJ-1bmx;
	Mon, 24 Nov 2025 12:54:39 +0000
Date: Mon, 24 Nov 2025 12:54:38 +0000
Message-ID: <86pl97r3ox.wl-maz@kernel.org>
From: Marc Zyngier <maz@kernel.org>
To: Jack Thomson <jackabt.amazon@gmail.com>
Cc: oliver.upton@linux.dev,
	pbonzini@redhat.com,
	joey.gouly@arm.com,
	suzuki.poulose@arm.com,
	yuzenghui@huawei.com,
	catalin.marinas@arm.com,
	will@kernel.org,
	shuah@kernel.org,
	linux-arm-kernel@lists.infradead.org,
	kvmarm@lists.linux.dev,
	linux-kernel@vger.kernel.org,
	linux-kselftest@vger.kernel.org,
	isaku.yamahata@intel.com,
	xmarcalx@amazon.co.uk,
	kalyazin@amazon.co.uk,
	jackabt@amazon.com
Subject: Re: [PATCH v3 1/3] KVM: arm64: Add pre_fault_memory implementation
In-Reply-To: <86see3r7e9.wl-maz@kernel.org>
References: <20251119154910.97716-1-jackabt.amazon@gmail.com>
	<20251119154910.97716-2-jackabt.amazon@gmail.com>
	<86see3r7e9.wl-maz@kernel.org>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue)
 FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/30.1
 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO)
Precedence: bulk
X-Mailing-List: linux-kselftest@vger.kernel.org
List-Id: <linux-kselftest.vger.kernel.org>
List-Subscribe: <mailto:linux-kselftest+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kselftest+unsubscribe@vger.kernel.org>
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
X-SA-Exim-Connect-IP: 185.219.108.64
X-SA-Exim-Rcpt-To: jackabt.amazon@gmail.com, oliver.upton@linux.dev, pbonzini@redhat.com, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, catalin.marinas@arm.com, will@kernel.org, shuah@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, isaku.yamahata@intel.com, xmarcalx@amazon.co.uk, kalyazin@amazon.co.uk, jackabt@amazon.com
X-SA-Exim-Mail-From: maz@kernel.org
X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false

On Mon, 24 Nov 2025 11:34:38 +0000,
Marc Zyngier <maz@kernel.org> wrote:
> 
> On Wed, 19 Nov 2025 15:49:08 +0000,
> Jack Thomson <jackabt.amazon@gmail.com> wrote:
> >

[...]

> > +	fault_info->hpfar_el2 = HPFAR_EL2_NS |
> > +		FIELD_PREP(HPFAR_EL2_FIPA, ipa >> 12);
> > +
> > +	if (kvm_slot_has_gmem(memslot)) {
> > +		ret = gmem_abort(vcpu, ipa, NULL, memslot, false);
> > +	} else {
> > +		hva = gfn_to_hva_memslot_prot(memslot, gfn, NULL);
> > +		if (kvm_is_error_hva(hva)) {
> > +			ret = -EFAULT;
> > +			goto out;
> > +		}
> > +		ret = user_mem_abort(vcpu, ipa, NULL, memslot, &page_size, hva,
> > +				     false);
> > +	}

And thinking of it a bit more, this is completely broken. What happens
if the vcpu is in a nested context? You just populate random pages in
an IPA space that is not relevant at all, corrupting the guest state.

You must correctly handle the context the vcpu is in, instead of
assuming that this is the canonical context. This means going via the
*guest's* S2 translation, just like handle_mem_abort() does.

	M.

-- 
Without deviation from the norm, progress is not possible.