FROMLIST: KVM: arm64: Fix alignment of kvm_hyp_memcache allocations
When allocating guest stage-2 page-table pages at EL2, pKVM can consume pages from the host-provided kvm_hyp_memcache. As pgtable.c expects zeroed pages, guest_s2_zalloc_page() actively implements this zeroing with a PAGE_SIZE memset. Unfortunately, we don't check the page alignment of the host-provided address before doing so, which could lead to the memset overrunning the page if the host was malicious. Fix this by simply force-aligning all kvm_hyp_memcache allocations to page boundaries. Bug: 396116221 Fixes: 60dfe093 ("KVM: arm64: Instantiate guest stage-2 page-tables at EL2") Reported-by:Ben Simner <ben.simner@cl.cam.ac.uk> Link: https://lore.kernel.org/r/20250213153615.3642515-1-qperret@google.com Change-Id: Icd8c79495a28c014aa3b320ca44a03ee46ede2ce Signed-off-by:
Quentin Perret <qperret@google.com>
Loading
Please sign in to comment