From 9720e4d3745d7ced5a9fd2fc22f36a56e787368b Mon Sep 17 00:00:00 2001
From: Fuad Tabba <tabba@google.com>
Date: Wed, 9 Nov 2022 14:32:41 +0000
Subject: [PATCH] ANDROID: arm64: Check if pfn is valid for all ioremap loop
 iterations

The size could cover pfns that are valid.

Fixes:
arm64: Implement ioremap/iounmap hooks calling into KVM's MMIO guard

Bug: 251432016
Change-Id: Ie3b678d40d629ed610b0ee484b5007cb64437435
Signed-off-by: Fuad Tabba <tabba@google.com>
Signed-off-by: Quentin Perret <qperret@google.com>
---
 arch/arm64/mm/ioremap.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/arm64/mm/ioremap.c b/arch/arm64/mm/ioremap.c
index e91a79c5e3df..e0cc7b5bf4a3 100644
--- a/arch/arm64/mm/ioremap.c
+++ b/arch/arm64/mm/ioremap.c
@@ -114,9 +114,6 @@ void ioremap_phys_range_hook(phys_addr_t phys_addr, size_t size, pgprot_t prot)
 	if (!static_branch_unlikely(&ioremap_guard_key))
 		return;
 
-	if (pfn_valid(__phys_to_pfn(phys_addr)))
-		return;
-
 	mutex_lock(&ioremap_guard_lock);
 
 	while (size) {
@@ -124,6 +121,9 @@ void ioremap_phys_range_hook(phys_addr_t phys_addr, size_t size, pgprot_t prot)
 		struct ioremap_guard_ref *ref;
 		struct arm_smccc_res res;
 
+		if (pfn_valid(__phys_to_pfn(phys_addr)))
+			goto next;
+
 		ref = xa_load(&ioremap_guard_array, pfn);
 		if (ref) {
 			refcount_inc(&ref->count);