Commit 0496acc4 authored Mar 17, 2026 by Zenghui Yu (Huawei) Committed by Marc Zyngier Mar 17, 2026

KVM: arm64: Fix the descriptor address in __kvm_at_swap_desc()



Using "(u64 __user *)hva + offset" to get the virtual addresses of S1/S2
descriptors looks really wrong, if offset is not zero. What we want to get
for swapping is hva + offset, not hva + offset*8. ;-)

Fix it.

Fixes: f6927b41 ("KVM: arm64: Add helper for swapping guest descriptor")
Signed-off-by: Zenghui Yu (Huawei) <zenghui.yu@linux.dev>
Link: https://patch.msgid.link/20260317115748.47332-1-zenghui.yu@linux.dev


Signed-off-by: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org

parent 1744a6ef

arch/arm64/kvm/at.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1753,7 +1753,7 @@ int __kvm_at_swap_desc(struct kvm *kvm, gpa_t ipa, u64 old, u64 new)
		if (!writable)
		return -EPERM;

		ptep = (u64 __user *)hva + offset;
		ptep = (void __user *)hva + offset;
		if (cpus_have_final_cap(ARM64_HAS_LSE_ATOMICS))
		r = __lse_swap_desc(ptep, old, new);
		else