Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp4535705imm; Mon, 17 Sep 2018 16:03:42 -0700 (PDT) X-Google-Smtp-Source: ANB0VdYQ/7Kl4FfpAJj3B7ru6pAbJ2AC7Mo8AUIYLXBYCq+5ZBgR3rlMcwYyq3ucrMK52eUjCt5f X-Received: by 2002:a17:902:6808:: with SMTP id h8-v6mr27010149plk.27.1537225422797; Mon, 17 Sep 2018 16:03:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1537225422; cv=none; d=google.com; s=arc-20160816; b=SkmbrkJTE1G4vB5BB0KtIiRUHTniCSi605glQ5VlDpVcmlSzm0NFEMPkaDqgQL8wP+ baAHDhgo0yz0lzk9b1A2KVPib2G9YWj0uhAjYnoWopS9gZ0n14fcZ+zK1TVaJKa7W+i4 yNfNsEHbedRZpgs89Tv0iEiFIhPga9gCM3KFFpeXFEQEh5FroGMPiKR8k3Qxtf59E501 7qNFq1gEDiyyBq8KYA+E23C/CrMi5yUFyoa/S/aksE8EvTmxWu/YnZf1SZucuQXRn0sc lCavbJU5x+SbnxuJpTW3v0iXqKBujXZhsahelkYErgW71uE/m368F39WQvoxLs1/lT0U n7dQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from; bh=I1+kuue6ifBbv1LK+fEhbILdkKg370cstklElnovPWQ=; b=wagM6gra4uIYRcOwfK6YpBehUsJGuvMcO2FKDwOKUGjQdzLi7RX+cQ0vdyan5ap0cj f1gNs3DMG4W6fO+yT++wgfXZiJpVhL2XOYoBE+ZfsZRBB8xV5cnEhawUgDr1fK0eMfhw AFM4CLlKXHMt793wskISWzx++SB9a/+xGdvBn51klgkuLp+MmmsJT03P5fEGYmRDe1o8 JwbrzjLcE8CV9vLUTjEOxC4amSRaN1pAkKKK6fyz2fgh0FLzBbacYCH5B8b5Z0Ti3wJu BFdWjU5g4GlhZzle3NXu5TQRWpHspsrEQ+ZahydtWlb+iU5uR8+XYm2Uwvt0A5qAVuWZ SwhQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s24-v6si16929937plq.358.2018.09.17.16.03.27; Mon, 17 Sep 2018 16:03:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730321AbeIREb3 (ORCPT + 99 others); Tue, 18 Sep 2018 00:31:29 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:48368 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727088AbeIREb3 (ORCPT ); Tue, 18 Sep 2018 00:31:29 -0400 Received: from localhost (li1825-44.members.linode.com [172.104.248.44]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id AC8FBC03; Mon, 17 Sep 2018 23:02:00 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Vitaly Kuznetsov , Sean Christopherson , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= Subject: [PATCH 4.14 012/126] KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr Date: Tue, 18 Sep 2018 00:41:00 +0200 Message-Id: <20180917211705.388847469@linuxfoundation.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20180917211703.481236999@linuxfoundation.org> References: <20180917211703.481236999@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: Sean Christopherson commit c4409905cd6eb42cfd06126e9226b0150e05a715 upstream. Re-execution after an emulation decode failure is only intended to handle a case where two or vCPUs race to write a shadowed page, i.e. we should never re-execute an instruction as part of MMIO emulation. As handle_ept_misconfig() is only used for MMIO emulation, it should pass EMULTYPE_NO_REEXECUTE when using the emulator to skip an instr in the fast-MMIO case where VM_EXIT_INSTRUCTION_LEN is invalid. And because the cr2 value passed to x86_emulate_instruction() is only destined for use when retrying or reexecuting, we can simply call emulate_instruction(). Fixes: d391f1207067 ("x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when running nested") Cc: Vitaly Kuznetsov Signed-off-by: Sean Christopherson Cc: stable@vger.kernel.org Signed-off-by: Radim Krčmář Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/vmx.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -6965,8 +6965,8 @@ static int handle_ept_misconfig(struct k if (!static_cpu_has(X86_FEATURE_HYPERVISOR)) return kvm_skip_emulated_instruction(vcpu); else - return x86_emulate_instruction(vcpu, gpa, EMULTYPE_SKIP, - NULL, 0) == EMULATE_DONE; + return emulate_instruction(vcpu, EMULTYPE_SKIP) == + EMULATE_DONE; } ret = kvm_mmu_page_fault(vcpu, gpa, PFERR_RSVD_MASK, NULL, 0);