KVM: SEV: Unmap local kmaps in LIFO order, per highmem requirements

Per highmem.h, local kernel mappings must be unmapped in the reserve order
they were acquired, following a LIFO (last-in, first-out) stack-based
approach, and that failure to do so "is invalid and causes malfunction".

Swap the kunmap_local() calls in SNP post-populate flow to ensure the
mappings are released in the correct order.

Note, because SNP is 64-bit only, the bugs are benign as there are no
highmem mappings to unwind.

Fixes: 2a62345b3052 ("KVM: guest_memfd: GUP source pages prior to populating guest memory")
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Link: https://patch.msgid.link/20260522-fix-sev-gmem-post-populate-v2-4-3f196bfad5a1@google.com
[sean: call out that the bug is benign]
Signed-off-by: Sean Christopherson <seanjc@google.com>

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index c73c028d72c1002777644471ef3dbe29d8b93855..0e7f8b5cd4cb4b73493e01fc004b3986cb671355 100644 (file)
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2347,8 +2347,8 @@ static int sev_gmem_post_populate(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn,
 
                memcpy(dst_vaddr, src_vaddr, PAGE_SIZE);
 
-               kunmap_local(src_vaddr);
                kunmap_local(dst_vaddr);
+               kunmap_local(src_vaddr);
        }
 
        ret = rmp_make_private(pfn, gfn << PAGE_SHIFT, PG_LEVEL_4K,
@@ -2383,8 +2383,8 @@ static int sev_gmem_post_populate(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn,
 
                memcpy(src_vaddr, dst_vaddr, PAGE_SIZE);
 
-               kunmap_local(src_vaddr);
                kunmap_local(dst_vaddr);
+               kunmap_local(src_vaddr);
        }
 
 out: