[PATCH v2 2/5] KVM: s390: Fix unlikely race in try_get_locked_pte()

Next message: Claudio Imbrenda: "[PATCH v2 3/5] KVM: s390: vsie: Fix allocation of struct vsie_rmap"
Previous message: Claudio Imbrenda: "[PATCH v2 1/5] KVM: s390: Silence potential warnings in _gmap_crstep_xchg_atomic()"
In reply to: Claudio Imbrenda: "[PATCH v2 1/5] KVM: s390: Silence potential warnings in _gmap_crstep_xchg_atomic()"
Next in thread: Claudio Imbrenda: "[PATCH v2 3/5] KVM: s390: vsie: Fix allocation of struct vsie_rmap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Claudio Imbrenda

Date: Wed Jun 10 2026 - 13:00:19 EST

Fix an unlikely race in try_get_locked_pte(), which could have happened
if puds or pmds get unmapped between the p?dp_get() and p?d_offset()
functions.

Fixes: 89fa757931dc ("KVM: s390: Avoid potentially sleeping while atomic when zapping pages")
Signed-off-by: Claudio Imbrenda <imbrenda@xxxxxxxxxxxxx>
CC: stable@xxxxxxxxxxxxxxx # 7.1
---
arch/s390/mm/gmap_helpers.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/s390/mm/gmap_helpers.c b/arch/s390/mm/gmap_helpers.c
index 1cfe4724fbe2..ee3f37af8aee 100644
--- a/arch/s390/mm/gmap_helpers.c
+++ b/arch/s390/mm/gmap_helpers.c
@@ -51,15 +51,15 @@ pte_t *try_get_locked_pte(struct mm_struct *mm, unsigned long vmaddr, spinlock_t
pgd = pgdp_get(pgdp);
if (pgd_none(pgd) || !pgd_present(pgd))
return NULL;
- p4dp = p4d_offset(pgdp, vmaddr);
+ p4dp = p4d_offset_lockless(pgdp, pgd, vmaddr);
p4d = p4dp_get(p4dp);
if (p4d_none(p4d) || !p4d_present(p4d))
return NULL;
- pudp = pud_offset(p4dp, vmaddr);
+ pudp = pud_offset_lockless(p4dp, p4d, vmaddr);
pud = pudp_get(pudp);
if (pud_none(pud) || pud_leaf(pud) || !pud_present(pud))
return NULL;
- pmdp = pmd_offset(pudp, vmaddr);
+ pmdp = pmd_offset_lockless(pudp, pud, vmaddr);
pmd = pmdp_get_lockless(pmdp);
if (pmd_none(pmd) || pmd_leaf(pmd) || !pmd_present(pmd))
return NULL;
--
2.54.0