On Thu, 2023-09-21 at 08:15 +0100, Marc Zyngier wrote:
On Wed, 20 Sep 2023 20:27:29 +0100, Suraj Jitindar Singh surajjs@amazon.com wrote:
From: Will Deacon will@kernel.org
commit 09cce60bddd6461a93a5bf434265a47827d1bc6f upstream.
Since host stage-2 mappings are created lazily, we cannot rely solely on the pte in order to recover the target physical address when checking a host-initiated memory transition as this permits donation of unmapped regions corresponding to MMIO or "no-map" memory.
Instead of inspecting the pte, move the addr_is_allowed_memory() check into the host callback function where it is passed the physical address directly from the walker.
Cc: Quentin Perret qperret@google.com Fixes: e82edcc75c4e ("KVM: arm64: Implement do_share() helper for sharing memory") Signed-off-by: Will Deacon will@kernel.org Signed-off-by: Marc Zyngier maz@kernel.org Link: https://lore.kernel.org/r/20230518095844.1178-1-will@kernel.org [ bp: s/ctx->addr/addr in __check_page_state_visitor due to missing commit "KVM: arm64: Combine visitor arguments into a context structure" in stable. ]
Same question.
Noting what changes were made to the patch from the upstream mainline version when it was applied to the stable tree.
Signed-off-by: Suraj Jitindar Singh surajjs@amazon.com
Again, I find this backport pretty pointless. What is the rationale for it?
The 2 patches were backported to address CVE-2023-21264. This one addresses the CVE.
Thanks
M.