KVM: x86/mmu: Reject direct bits in gpa passed to KVM_PRE_FAULT_MEMORY

JIRA: https://issues.redhat.com/browse/RHEL-47242

commit 8046d29
Author: Paolo Bonzini <pbonzini@redhat.com>
Date:   Thu Jun 12 00:47:44 2025 -0400

    KVM: x86/mmu: Reject direct bits in gpa passed to KVM_PRE_FAULT_MEMORY

    Only let userspace pass the same addresses that were used in KVM_SET_USER_MEMORY_REGION
    (or KVM_SET_USER_MEMORY_REGION2); gpas in the the upper half of the address space
    are an implementation detail of TDX and KVM.

    Extracted from a patch by Sean Christopherson <seanjc@google.com>.

    Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>

Author: Maxim Levitsky

arch/x86/kvm/mmu/mmu.c

@@ -4902,6 +4902,9 @@ long kvm_arch_vcpu_pre_fault_memory(struct kvm_vcpu *vcpu,
 	if (!vcpu->kvm->arch.pre_fault_allowed)
 		return -EOPNOTSUPP;
 
+	if (kvm_is_gfn_alias(vcpu->kvm, gpa_to_gfn(range->gpa)))
+		return -EINVAL;
+
 	/*
 	 * reload is efficient when called repeatedly, so we can do it on
 	 * every iteration.