Merge tag 'kvm-x86-generic-6.9' of https://github.com/kvm-x86/linux into HEAD

KVM common MMU changes for 6.9:

  - Harden KVM against underflowing the active mmu_notifier invalidation
    count, so that "bad" invalidations (usually due to bugs elsehwere in the
    kernel) are detected earlier and are less likely to hang the kernel.

  - Fix a benign bug in __kvm_mmu_topup_memory_cache() where the object size
    and number of objects parameters to kvmalloc_array() were swapped.

Author: bonzini

virt/kvm/kvm_main.c

@@ -421,7 +421,7 @@ int __kvm_mmu_topup_memory_cache(struct kvm_mmu_memory_cache *mc, int capacity,
 		if (WARN_ON_ONCE(!capacity))
 			return -EIO;
 
-		mc->objects = kvmalloc_array(sizeof(void *), capacity, gfp);
+		mc->objects = kvmalloc_array(capacity, sizeof(void *), gfp);
 		if (!mc->objects)
 			return -ENOMEM;
 
@@ -890,7 +890,9 @@ static void kvm_mmu_notifier_invalidate_range_end(struct mmu_notifier *mn,
 
 	/* Pairs with the increment in range_start(). */
 	spin_lock(&kvm->mn_invalidate_lock);
-	wake = (--kvm->mn_active_invalidate_count == 0);
+	if (!WARN_ON_ONCE(!kvm->mn_active_invalidate_count))
+		--kvm->mn_active_invalidate_count;
+	wake = !kvm->mn_active_invalidate_count;
 	spin_unlock(&kvm->mn_invalidate_lock);
 
 	/*