KVM: s390: Fix fault-in code

Fix the fault-in code so that it does not return success if a
concurrent unmap event invalidated the fault-in process between the
best-effort lockless check and the proper check with lock.

The new behaviour is to retry, like the best-effort lockless check
already did.

This prevents the fault-in handler from returning success without
having actually faulted in the requested page.

Fixes: e907ae530133 ("KVM: s390: Add helper functions for fault handling")
Reviewed-by: Steffen Eiden <seiden@linux.ibm.com>
Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
Message-ID: <20260602142356.169458-7-imbrenda@linux.ibm.com>

diff --git a/arch/s390/kvm/faultin.c b/arch/s390/kvm/faultin.c
index ddf0ca71f3741ada540253714cf1e5cda885306a..cf542b0a7e8e308258b17b07316babf753b5e04d 100644 (file)
--- a/arch/s390/kvm/faultin.c
+++ b/arch/s390/kvm/faultin.c
@@ -36,7 +36,8 @@ int kvm_s390_faultin_gfn(struct kvm_vcpu *vcpu, struct kvm *kvm, struct guest_fa
        struct kvm_s390_mmu_cache *mc = NULL;
        struct kvm_memory_slot *slot;
        unsigned long inv_seq;
-       int foll, rc = 0;
+       int rc = -EAGAIN;
+       int foll;
 
        foll = f->write_attempt ? FOLL_WRITE : 0;
        foll |= f->attempt_pfault ? FOLL_NOWAIT : 0;
@@ -53,7 +54,7 @@ int kvm_s390_faultin_gfn(struct kvm_vcpu *vcpu, struct kvm *kvm, struct guest_fa
                        return 0;
        }
 
-       while (1) {
+       while (rc == -EAGAIN) {
                f->valid = false;
                inv_seq = kvm->mmu_invalidate_seq;
                /* Pairs with the smp_wmb() in kvm_mmu_invalidate_end(). */
@@ -110,20 +111,19 @@ int kvm_s390_faultin_gfn(struct kvm_vcpu *vcpu, struct kvm *kvm, struct guest_fa
                        if (!mmu_invalidate_retry_gfn(kvm, inv_seq, f->gfn)) {
                                f->valid = true;
                                rc = gmap_link(mc, kvm->arch.gmap, f, slot);
-                               kvm_release_faultin_page(kvm, f->page, !!rc, f->write_attempt);
-                               f->page = NULL;
                        }
+                       kvm_release_faultin_page(kvm, f->page, !!rc, f->write_attempt);
                }
-               kvm_release_faultin_page(kvm, f->page, true, false);
 
                if (rc == -ENOMEM) {
                        rc = kvm_s390_mmu_cache_topup(mc);
                        if (rc)
                                return rc;
-               } else if (rc != -EAGAIN) {
-                       return rc;
+                       rc = -EAGAIN;
                }
        }
+
+       return rc;
 }
 
 int kvm_s390_get_guest_page(struct kvm *kvm, struct guest_fault *f, gfn_t gfn, bool w)