Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3459355imu; Fri, 30 Nov 2018 00:11:41 -0800 (PST) X-Google-Smtp-Source: AFSGD/WDqdFty3zLVWpB4jmlRNCSkbaLv2xmWTcLg8MVioPst49uqBSVza85pdk3cqRHMQ9tJhrD X-Received: by 2002:a17:902:7848:: with SMTP id e8mr4854767pln.100.1543565501397; Fri, 30 Nov 2018 00:11:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543565501; cv=none; d=google.com; s=arc-20160816; b=ZzFTZxGmeIq+xCVqBs9aKAqz+2pd3SNxKC7l6QVNCzPpVbRzF8CYjov77NJ1FSfCvj 7QUGXOfN9p1ccsz1LCgNkdYC4of4e167gRTsxUGsnDT0UStZNe916ntRtYVWC0tZEwWT otdOxKcyIpmpcKkMhWBhDIarmXfPxd0Dg3/cB7mAJrgAxp5qlC9+27HkqrsFOpE5fhfD 3XuRtJ5VMnG5j/MtApYQOIQJBn/XNPqXb6CkvAHaOCXJkaaOqmUSWHhXWbjbAM9yafxb jCftgmWMac/5KveQAO+y8wsWoU20z0O0jaE99DX5NHIRen9/TvUoFJGrd5FBhqTUeixn JJGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=WUgVVYKK/FhT5KdNUtGpiOL5mnyMvzhorStBzqkF+n0=; b=oYxeq0Q9n6CS3ycTy/Ot5uSx1GyEvGpewvPy97JZCAmxM9PHXwplHxj+r0nckTpSiI T0BcQ75FxvuOMAtSzNQI/nhPmz+m/v5za7bRMQCsHXdU508x9sEiwyW0HxKBqv7WWcIf sUfy3s8oGzEl1lbKiO2SVOa4xGSwbWRQRqDdNLeMvJDiJDlNGyCrG2XlTcZuAawBpuq8 BDf6OLEfc51fk7sJKFfJam0lmc/3062A2Tec6Q0ON+/q6ymWtNEEcKVLK3GxuBggC4qM RCqKr8P87hRXpOqdWwuUSGyCiJCtErD4zaPz2oliwx05VQzwIwwn3I3a74MGNnmaBdQ7 AelQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a17si4536248pfn.213.2018.11.30.00.11.27; Fri, 30 Nov 2018 00:11:41 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727290AbeK3TRe (ORCPT + 99 others); Fri, 30 Nov 2018 14:17:34 -0500 Received: from mga17.intel.com ([192.55.52.151]:5240 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726551AbeK3TRe (ORCPT ); Fri, 30 Nov 2018 14:17:34 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 30 Nov 2018 00:09:06 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,297,1539673200"; d="scan'208";a="96176535" Received: from linux.intel.com ([10.54.29.200]) by orsmga006.jf.intel.com with ESMTP; 30 Nov 2018 00:09:06 -0800 Received: from dazhang1-ssd.sh.intel.com (unknown [10.239.48.128]) by linux.intel.com (Postfix) with ESMTP id 0CA42580460; Fri, 30 Nov 2018 00:09:03 -0800 (PST) From: Zhang Yi To: pbonzini@redhat.com, mdontu@bitdefender.com, ncitu@bitdefender.com Cc: rkrcmar@redhat.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Zhang Yi Subject: [RFC PATCH V2 07/11] KVM: VMX: Added handle of SPP write protection fault. Date: Fri, 30 Nov 2018 16:08:48 +0800 Message-Id: X-Mailer: git-send-email 2.7.4 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org A control bit in EPT leaf paging-structure entries is defined as “Sub-Page Permission” (SPP bit). The bit position is 61 While hardware walking the SPP page table, If the sub-page region write permission bit is set, the write is allowed, else the write is disallowed and results in an EPT violation. we need peek this case in EPT violation handler, and trigger a user-space exit, return the write protected address(GPA) to user(qemu). Signed-off-by: Zhang Yi Signed-off-by: He Chen --- arch/x86/kvm/mmu.c | 19 +++++++++++++++++++ arch/x86/kvm/mmu.h | 1 + include/uapi/linux/kvm.h | 5 +++++ 3 files changed, 25 insertions(+) diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index d1f1fe1..d077693 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -3378,6 +3378,21 @@ static bool fast_page_fault(struct kvm_vcpu *vcpu, gva_t gva, int level, if ((error_code & PFERR_WRITE_MASK) && spte_can_locklessly_be_made_writable(spte)) { + /* + * Record write protect fault caused by + * Sub-page Protection + */ + if (spte & PT_SPP_MASK) { + fault_handled = true; + + vcpu->run->exit_reason = KVM_EXIT_SPP; + vcpu->run->spp.addr = gva; + kvm_skip_emulated_instruction(vcpu); + + /* Let QEMU decide how to handle this. */ + break; + } + new_spte |= PT_WRITABLE_MASK; /* @@ -5343,6 +5358,10 @@ int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u64 error_code, r = vcpu->arch.mmu->page_fault(vcpu, cr2, lower_32_bits(error_code), false); + + if (vcpu->run->exit_reason == KVM_EXIT_SPP) + return 0; + WARN_ON(r == RET_PF_INVALID); } diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index c7b3331..b41e9e9 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -26,6 +26,7 @@ #define PT_PAGE_SIZE_MASK (1ULL << PT_PAGE_SIZE_SHIFT) #define PT_PAT_MASK (1ULL << 7) #define PT_GLOBAL_MASK (1ULL << 8) +#define PT_SPP_MASK (1ULL << 61) #define PT64_NX_SHIFT 63 #define PT64_NX_MASK (1ULL << PT64_NX_SHIFT) diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 2b7a652..01174f8 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -235,6 +235,7 @@ struct kvm_hyperv_exit { #define KVM_EXIT_S390_STSI 25 #define KVM_EXIT_IOAPIC_EOI 26 #define KVM_EXIT_HYPERV 27 +#define KVM_EXIT_SPP 28 /* For KVM_EXIT_INTERNAL_ERROR */ /* Emulate instruction failed. */ @@ -390,6 +391,10 @@ struct kvm_run { struct { __u8 vector; } eoi; + /* KVM_EXIT_SPP */ + struct { + __u64 addr; + } spp; /* KVM_EXIT_HYPERV */ struct kvm_hyperv_exit hyperv; /* Fix the size of the union. */ -- 2.7.4