[xen staging] x86/altp2m: altp2m_get_effective_entry() should honor ap2m->default_access

[patchbot@xxxxxxx]

commit 38a5bfc7f278470309d2424b83873ebf71d4a9aa
Author:     Petr Beneš <w1benny@xxxxxxxxx>
AuthorDate: Tue Jan 13 12:42:04 2026 +0100
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Jan 13 12:42:04 2026 +0100

    x86/altp2m: altp2m_get_effective_entry() should honor ap2m->default_access
    
    Commit 7e5b662 fixed p2m_altp2m_get_or_propagate() to use the altp2m's
    default_access when propagating entries from the host p2m. However, the same
    fix was not applied to altp2m_get_effective_entry(), which has the same 
issue.
    
    When altp2m_get_effective_entry() prepopulates a superpage from the host
    p2m, it incorrectly uses the host p2m's access permissions instead of
    the altp2m's default_access. This causes problems when the superpage is
    later split (e.g., when setting mem_access on a specific 4K page): all
    512 entries inherit the host p2m's access rights instead of the altp2m's
    default_access.
    
    This issue became apparent after commit 50baf2d, which causes the host p2m
    to use superpages more frequently. Before that commit, the host p2m
    typically had 4K entries after VM restore, so the prepopulate branch was
    rarely taken.
    
    Symptoms include memory-access events firing for unexpected pages when
    using VMI tools with altp2m, particularly after VM resume.
    The issue can be worked around by booting with "hap_1gb=0 hap_2mb=0".
    
    Amends: 7e5b662b289a ("x86/altp2m: p2m_altp2m_get_or_propagate() should 
honor ap2m->default_access")
    Signed-off-by: Petr Beneš <w1benny@xxxxxxxxx>
    Acked-by: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
---
 xen/arch/x86/mm/altp2m.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/xen/arch/x86/mm/altp2m.c b/xen/arch/x86/mm/altp2m.c
index 0261360aae..0bc9b9ad2f 100644
--- a/xen/arch/x86/mm/altp2m.c
+++ b/xen/arch/x86/mm/altp2m.c
@@ -194,6 +194,9 @@ int altp2m_get_effective_entry(struct p2m_domain *ap2m, 
gfn_t gfn, mfn_t *mfn,
             gfn_t gfn_aligned = _gfn(gfn_x(gfn) & mask);
             mfn_t mfn_aligned = _mfn(mfn_x(*mfn) & mask);
 
+            /* Override the altp2m entry with its default access. */
+            *a = ap2m->default_access;
+
             rc = ap2m->set_entry(ap2m, gfn_aligned, mfn_aligned, page_order, 
*t, *a, 1);
             if ( rc )
                 return rc;
--
generated by git-patchbot for /home/xen/git/xen.git#staging