git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Jinyu Tang <tjytimi@163.com>
	Thu, 4 Jun 2026 14:26:01 +0000 (22:26 +0800)
committer	Anup Patel <anup@brainfault.org>
	Sun, 7 Jun 2026 05:24:40 +0000 (10:54 +0530)
commit	49476d58f2171afc2e899da8040710d2c37760af
tree	4dcca1c3f5745acec8eb4c9890328dcff86d0d58	tree \| snapshot
parent	64e50ab0ed84383eec398ced43b8ea40b249804b	commit \| diff

KVM: riscv: Check hugetlb block mappings against memslot bounds

RISC-V KVM has used the hugetlb VMA size directly as the G-stage
mapping size since stage-2 page table support was added. That is safe
only if the block covered by the fault is fully contained in the
memslot and the userspace address has the same offset as the GPA
within that block.

The THP path already checks those constraints before installing a PMD
block mapping. The hugetlb path did not, so an unaligned memslot could
make KVM install a PMD or PUD sized G-stage block that covers memory
outside the slot or maps the wrong host pages.

Pass the target mapping size into fault_supports_gstage_huge_mapping().
The same helper can be used for both THP PMD mappings and hugetlb
PMD/PUD mappings.

Select hugetlb mapping sizes through the same memslot-boundary check,
falling back from PUD to PMD to PAGE_SIZE. When a smaller hugetlb
mapping size is selected, fault the GFN aligned to that selected size
instead of the original VMA size.

Also keep hugetlb mappings out of transparent_hugepage_adjust(). Once
the hugetlb path has chosen PAGE_SIZE, promoting it again through the
THP helper would miss the hugetlb fallback decision.

Fixes: 9d05c1fee837 ("RISC-V: KVM: Implement stage2 page table programming")
Signed-off-by: Jinyu Tang <tjytimi@163.com>
Reviewed-by: Nutty Liu <nutty.liu@hotmail.com>
Reviewed-by: Anup Patel <anup@brainfault.org>
Link: https://lore.kernel.org/r/20260604142602.3582602-2-tjytimi@163.com
Signed-off-by: Anup Patel <anup@brainfault.org>