From 00ec310ec8c68a35b99b2a61c2f71f41aa3a646b Mon Sep 17 00:00:00 2001
From: Fuad Tabba <tabba@google.com>
Date: Wed, 9 Nov 2022 14:32:41 +0000
Subject: [PATCH] ANDROID: arm64: Check if pfn is valid for all ioremap loop
 iterations

The size could cover pfns that are valid.

Fixes:
arm64: Implement ioremap/iounmap hooks calling into KVM's MMIO guard

Bug: 251432016
Change-Id: Ie3b678d40d629ed610b0ee484b5007cb64437435
Signed-off-by: Fuad Tabba <tabba@google.com>
---
 arch/arm64/mm/ioremap.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/arm64/mm/ioremap.c b/arch/arm64/mm/ioremap.c
index 224c7d7e7dc9..21957337a45e 100644
--- a/arch/arm64/mm/ioremap.c
+++ b/arch/arm64/mm/ioremap.c
@@ -125,9 +125,6 @@ void ioremap_phys_range_hook(phys_addr_t phys_addr, size_t size, pgprot_t prot)
 	if (!static_branch_unlikely(&ioremap_guard_key))
 		return;
 
-	if (pfn_valid(__phys_to_pfn(phys_addr)))
-		return;
-
 	mutex_lock(&ioremap_guard_lock);
 
 	while (size) {
@@ -135,6 +132,9 @@ void ioremap_phys_range_hook(phys_addr_t phys_addr, size_t size, pgprot_t prot)
 		struct ioremap_guard_ref *ref;
 		struct arm_smccc_res res;
 
+		if (pfn_valid(__phys_to_pfn(phys_addr)))
+			goto next;
+
 		ref = xa_load(&ioremap_guard_array, pfn);
 		if (ref) {
 			refcount_inc(&ref->count);