KVM: arm64: Unconditionally cross check hyp state

Now that the hypervisor's state is stored in the hyp_vmemmap, we no
longer need an expensive page-table walk to read it. This means we can
now afford to cross check the hyp-state during all memory ownership
transitions where the hyp is involved unconditionally, hence avoiding
problems such as [1].

[1] https://lore.kernel.org/kvmarm/20241128154406.602875-1-qperret@google.com/

Reviewed-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Quentin Perret <qperret@google.com>
Link: https://lore.kernel.org/r/20250416152648.2982950-8-qperret@google.com
Signed-off-by: Marc Zyngier <maz@kernel.org>

diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
index 91b757e..709d286 100644 (file)
--- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
+++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
@@ -702,11 +702,9 @@ int __pkvm_host_share_hyp(u64 pfn)
        ret = __host_check_page_state_range(phys, size, PKVM_PAGE_OWNED);
        if (ret)
                goto unlock;
-       if (IS_ENABLED(CONFIG_NVHE_EL2_DEBUG)) {
-               ret = __hyp_check_page_state_range(phys, size, PKVM_NOPAGE);
-               if (ret)
-                       goto unlock;
-       }
+       ret = __hyp_check_page_state_range(phys, size, PKVM_NOPAGE);
+       if (ret)
+               goto unlock;
 
        __hyp_set_page_state_range(phys, size, PKVM_PAGE_SHARED_BORROWED);
        WARN_ON(__host_set_page_state_range(phys, size, PKVM_PAGE_SHARED_OWNED));
@@ -762,11 +760,9 @@ int __pkvm_host_donate_hyp(u64 pfn, u64 nr_pages)
        ret = __host_check_page_state_range(phys, size, PKVM_PAGE_OWNED);
        if (ret)
                goto unlock;
-       if (IS_ENABLED(CONFIG_NVHE_EL2_DEBUG)) {
-               ret = __hyp_check_page_state_range(phys, size, PKVM_NOPAGE);
-               if (ret)
-                       goto unlock;
-       }
+       ret = __hyp_check_page_state_range(phys, size, PKVM_NOPAGE);
+       if (ret)
+               goto unlock;
 
        __hyp_set_page_state_range(phys, size, PKVM_PAGE_OWNED);
        WARN_ON(pkvm_create_mappings_locked(virt, virt + size, PAGE_HYP));
@@ -792,11 +788,9 @@ int __pkvm_hyp_donate_host(u64 pfn, u64 nr_pages)
        ret = __hyp_check_page_state_range(phys, size, PKVM_PAGE_OWNED);
        if (ret)
                goto unlock;
-       if (IS_ENABLED(CONFIG_NVHE_EL2_DEBUG)) {
-               ret = __host_check_page_state_range(phys, size, PKVM_NOPAGE);
-               if (ret)
-                       goto unlock;
-       }
+       ret = __host_check_page_state_range(phys, size, PKVM_NOPAGE);
+       if (ret)
+               goto unlock;
 
        __hyp_set_page_state_range(phys, size, PKVM_NOPAGE);
        WARN_ON(kvm_pgtable_hyp_unmap(&pkvm_pgtable, virt, size) != size);