[PATCH v2 02/35] KVM: arm64: Don't leak stage-2 page-table if VM fails to... | linux-arm-kernel

[PATCH v2 00/35] KVM: arm64: Add support for protected guest memory with pKVM · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 02/35] KVM: arm64: Don't leak stage-2 page-table if VM fails to init under pKVM · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 01/35] KVM: arm64: Invert KVM_PGTABLE_WALK_HANDLE_FAULT to fix pKVM walkers · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 04/35] KVM: arm64: Rename __pkvm_pgtable_stage2_unmap() · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 05/35] KVM: arm64: Don't advertise unsupported features for protected guests · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 03/35] KVM: arm64: Move handle check into pkvm_pgtable_stage2_destroy_range() · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 06/35] KVM: arm64: Expose self-hosted debug regs as RAZ/WI for protected guests · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 07/35] KVM: arm64: Remove is_protected_kvm_enabled() checks from hypercalls · Will Deacon <will@kernel.org> · 2026-01-19
Re: [PATCH v2 07/35] KVM: arm64: Remove is_protected_kvm_enabled() checks from hypercalls · Alexandru Elisei <hidden> · 2026-02-10
Re: [PATCH v2 07/35] KVM: arm64: Remove is_protected_kvm_enabled() checks from hypercalls · Will Deacon <will@kernel.org> · 2026-03-03
Re: [PATCH v2 07/35] KVM: arm64: Remove is_protected_kvm_enabled() checks from hypercalls · Alexandru Elisei <hidden> · 2026-03-06
[PATCH v2 08/35] KVM: arm64: Ignore MMU notifier callbacks for protected VMs · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 10/35] KVM: arm64: Ignore -EAGAIN when mapping in pages for the pKVM host · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 09/35] KVM: arm64: Prevent unsupported memslot operations on protected VMs · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 11/35] KVM: arm64: Split teardown hypercall into two phases · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 12/35] KVM: arm64: Introduce __pkvm_host_donate_guest() · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 15/35] KVM: arm64: Introduce __pkvm_reclaim_dying_guest_page() · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 14/35] KVM: arm64: Handle aborts from protected VMs · Will Deacon <will@kernel.org> · 2026-01-19
Re: [PATCH v2 14/35] KVM: arm64: Handle aborts from protected VMs · Alexandru Elisei <hidden> · 2026-02-12
Re: [PATCH v2 14/35] KVM: arm64: Handle aborts from protected VMs · Will Deacon <will@kernel.org> · 2026-03-04
Re: [PATCH v2 14/35] KVM: arm64: Handle aborts from protected VMs · Alexandru Elisei <hidden> · 2026-03-06
Re: [PATCH v2 14/35] KVM: arm64: Handle aborts from protected VMs · Fuad Tabba <hidden> · 2026-03-11
[PATCH v2 13/35] KVM: arm64: Hook up donation hypercall to pkvm_pgtable_stage2_map() · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 17/35] KVM: arm64: Refactor enter_exception64() · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 16/35] KVM: arm64: Hook up reclaim hypercall to pkvm_pgtable_stage2_destroy() · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 18/35] KVM: arm64: Inject SIGSEGV on illegal accesses · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 19/35] KVM: arm64: Avoid pointless annotation when mapping host-owned pages · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 20/35] KVM: arm64: Generalise kvm_pgtable_stage2_set_owner() · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 23/35] KVM: arm64: Annotate guest donations with handle and gfn in host stage-2 · Will Deacon <will@kernel.org> · 2026-01-19
Re: [PATCH v2 23/35] KVM: arm64: Annotate guest donations with handle and gfn in host stage-2 · Fuad Tabba <hidden> · 2026-01-28
[PATCH v2 21/35] KVM: arm64: Introduce host_stage2_set_owner_metadata_locked() · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 22/35] KVM: arm64: Change 'pkvm_handle_t' to u16 · Will Deacon <will@kernel.org> · 2026-01-19
Re: [PATCH v2 22/35] KVM: arm64: Change 'pkvm_handle_t' to u16 · Fuad Tabba <hidden> · 2026-01-28
[PATCH v2 24/35] KVM: arm64: Introduce hypercall to force reclaim of a protected page · Will Deacon <will@kernel.org> · 2026-01-19
Re: [PATCH v2 24/35] KVM: arm64: Introduce hypercall to force reclaim of a protected page · Alexandru Elisei <hidden> · 2026-02-12
Re: [PATCH v2 24/35] KVM: arm64: Introduce hypercall to force reclaim of a protected page · Will Deacon <will@kernel.org> · 2026-03-04
[PATCH v2 26/35] KVM: arm64: Return -EFAULT from VCPU_RUN on access to a poisoned pte · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 25/35] KVM: arm64: Reclaim faulting page from pKVM in spurious fault handler · Will Deacon <will@kernel.org> · 2026-01-19
Re: [PATCH v2 25/35] KVM: arm64: Reclaim faulting page from pKVM in spurious fault handler · Alexandru Elisei <hidden> · 2026-02-12
Re: [PATCH v2 25/35] KVM: arm64: Reclaim faulting page from pKVM in spurious fault handler · Will Deacon <will@kernel.org> · 2026-03-04
[PATCH v2 28/35] KVM: arm64: Implement the MEM_SHARE hypercall for protected VMs · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 29/35] KVM: arm64: Implement the MEM_UNSHARE hypercall for protected VMs · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 30/35] KVM: arm64: Allow userspace to create protected VMs when pKVM is enabled · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 27/35] KVM: arm64: Add hvc handler at EL2 for hypercalls from protected VMs · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 34/35] KVM: arm64: Extend pKVM page ownership selftests to cover forced reclaim · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 33/35] KVM: arm64: Register 'selftest_vm' in the VM table · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 32/35] KVM: arm64: Extend pKVM page ownership selftests to cover guest donation · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 31/35] KVM: arm64: Add some initial documentation for pKVM · Will Deacon <will@kernel.org> · 2026-01-19
[PATCH v2 35/35] KVM: arm64: Extend pKVM page ownership selftests to cover guest hvcs · Will Deacon <will@kernel.org> · 2026-01-19
Re: [PATCH v2 00/35] KVM: arm64: Add support for protected guest memory with pKVM · Trilok Soni <hidden> · 2026-02-10
Re: [PATCH v2 00/35] KVM: arm64: Add support for protected guest memory with pKVM · Fuad Tabba <hidden> · 2026-02-10
Re: [PATCH v2 00/35] KVM: arm64: Add support for protected guest memory with pKVM · Venkata Rao Kakani <hidden> · 2026-02-16
Re: [PATCH v2 00/35] KVM: arm64: Add support for protected guest memory with pKVM · Fuad Tabba <hidden> · 2026-02-16
Re: [PATCH v2 00/35] KVM: arm64: Add support for protected guest memory with pKVM · Venkata Rao Kakani <hidden> · 2026-02-17

STALE108d

Revisions (5)

2026-01-05 v1 [diff vs current]
2026-01-19 v2 current
2026-03-05 v3 [diff vs current]
2026-03-27 v4 [diff vs current]
2026-03-30 v5 [diff vs current]

[PATCH v2 02/35] KVM: arm64: Don't leak stage-2 page-table if VM fails to init under pKVM

From: Will Deacon <will@kernel.org>
Date: 2026-01-19 12:47:10
Also in: kvmarm
Subsystem: arm64 port (aarch64 architecture), kernel virtual machine for arm64 (kvm/arm64), the rest · Maintainers: Catalin Marinas, Will Deacon, Marc Zyngier, Oliver Upton, Linus Torvalds

If pkvm_init_host_vm() fails, we should free the stage-2 page-table
previously allocated by kvm_init_stage2_mmu().

Cc: Fuad Tabba <redacted>
Fixes: 07aeb70707b1 ("KVM: arm64: Reserve pKVM handle during pkvm_init_host_vm()")
Signed-off-by: Will Deacon <will@kernel.org>
---
 arch/arm64/kvm/arm.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c
index 4f80da0c0d1d..6a218739621d 100644
--- a/arch/arm64/kvm/arm.c
+++ b/arch/arm64/kvm/arm.c

@@ -190,7 +190,7 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
 		 */
 		ret = pkvm_init_host_vm(kvm);
 		if (ret)
-			goto err_free_cpumask;
+			goto err_uninit_mmu;
 	}
 
 	kvm_vgic_early_init(kvm);

@@ -206,6 +206,8 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
 
 	return 0;
 
+err_uninit_mmu:
+	kvm_uninit_stage2_mmu(kvm);
 err_free_cpumask:
 	free_cpumask_var(kvm->arch.supported_cpus);
 err_unshare_kvm:

-- 
2.52.0.457.g6b5491de43-goog

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help