[PATCH v1] KVM: arm64: Fix page leak in user_mem_abort()
Oliver Upton
oliver.upton at linux.dev
Wed Sep 17 09:23:22 PDT 2025
On Wed, Sep 17, 2025 at 02:07:37PM +0100, Fuad Tabba wrote:
> The user_mem_abort() function acquires a page reference via
> __kvm_faultin_pfn() early in its execution. However, the subsequent
> checks for mismatched attributes between stage 1 and stage 2 mappings
> would return an error code directly, bypassing the corresponding page
> release.
>
> Fix this by storing the error and releasing the unused page before
> returning the error.
>
> Fixes: 6d674e28f642 ("KVM: arm/arm64: Properly handle faulting of device mappings")
> Fixes: 2a8dfab26677 ("KVM: arm64: Block cacheable PFNMAP mapping")
> Signed-off-by: Fuad Tabba <tabba at google.com>
Yikes, nice catch.
Reviewed-by: Oliver Upton <oliver.upton at linux.dev>
Thanks,
Oliver
More information about the linux-arm-kernel
mailing list