Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2000848imu; Fri, 14 Dec 2018 04:18:31 -0800 (PST) X-Google-Smtp-Source: AFSGD/Uc65YeZN6yM6ed5jt3dS15o6q49ZiszcxZ3zNkL3KdDHxht6ySOZ2fh5/z9h27yVz2bQxb X-Received: by 2002:a63:790e:: with SMTP id u14mr2522064pgc.452.1544789911576; Fri, 14 Dec 2018 04:18:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544789911; cv=none; d=google.com; s=arc-20160816; b=hrfu56SpV0gf42SA7z2k8PuUIm9yvMxSWOpvLtxZgi01n7DeFlaXeJV8rBrtWTXnlV yC1maowq6dxCQNtUWpniobmHA0ZDrBypuzr9gTPOec5Eeo//wprzhGc9L54VlL+btqRw QQhdoOk57dZFVMxhW+ws24/obLXLjNe0WIDLyuhh63L4pjjQg9Krx8g1qwMQgb3Vf9W2 VkBnVtaqFSOXXqpUNYNuURdSR7GkLKU00RLajUUZAK/mejY47qYS1Tmb2WY8Q5qa5Yyi IxGNOMtqxFsBSBkSaE7CG2yl0jRmKXYZDUFbDZyRAivFtGVBxph3+BOaz90Gdf7q2y5h mi1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=drf60v5t5ePvCQa1kPZG5ZVlAakH+AXTOhr3Y365Amw=; b=s3FNxHHH3aTsVTZdQhdDnmE+uO3KCPMZWGwVfn97se8IdgLwWMbcNhZqgp7ghVmCfI x5JMAnbeibLRLLILSbZYpfmKEOVU8z/xWSATNb4X+JuiVXuNNA+0wPi22ITbxG5tqUoO Eq90cZ5GYRU3vVoy6rcF+zMh2Gy94d/vi5+kGgg4N88fl/zAsa6czGiTmvREVMpv+7aL FJmRfYI+UU0f2ryO4ecA68rfholDXGiidhrELatfDhbXp9IIvq3ktIfGUi6ADrKFPkJF pYHpPVmxEI/w8K9duYQiM6Wp0lo4+8I5y9XTvLPac5TUp37ErvNA7SolRn+bQlQfInPL 08WA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="F1/AjQn2"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i13si4014890pgg.100.2018.12.14.04.18.17; Fri, 14 Dec 2018 04:18:31 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="F1/AjQn2"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732461AbeLNMPA (ORCPT + 99 others); Fri, 14 Dec 2018 07:15:00 -0500 Received: from mail.kernel.org ([198.145.29.99]:34750 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732453AbeLNMO6 (ORCPT ); Fri, 14 Dec 2018 07:14:58 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id C322E214F0; Fri, 14 Dec 2018 12:14:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1544789697; bh=beZfc+1Tm2hz0P5U69Sn5h/d4Zl0SVHsoSooQbJjLtg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=F1/AjQn2lavPOWK53dVd9TJ9x8E3DkmnB4TLDLnlg3yA6tyMIf8t/QhxVkOE0xs0g 8JPkTjVc3Yg6hC4RxYfbEcUqbSTTFeTWLPtFgrLjGH7zE7IqmlkoGsViRz+Glu3OYo Zm0+Fsh+ZEvGm66lJAXOur7z8qi6MI7cF6y/su/4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, David Matlack , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Ben Hutchings Subject: [PATCH 4.4 42/88] KVM: nVMX: mark vmcs12 pages dirty on L2 exit Date: Fri, 14 Dec 2018 13:00:16 +0100 Message-Id: <20181214115705.629056717@linuxfoundation.org> X-Mailer: git-send-email 2.20.0 In-Reply-To: <20181214115702.151309521@linuxfoundation.org> References: <20181214115702.151309521@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: David Matlack commit c9f04407f2e0b3fc9ff7913c65fcfcb0a4b61570 upstream. The host physical addresses of L1's Virtual APIC Page and Posted Interrupt descriptor are loaded into the VMCS02. The CPU may write to these pages via their host physical address while L2 is running, bypassing address-translation-based dirty tracking (e.g. EPT write protection). Mark them dirty on every exit from L2 to prevent them from getting out of sync with dirty tracking. Also mark the virtual APIC page and the posted interrupt descriptor dirty when KVM is virtualizing posted interrupt processing. Signed-off-by: David Matlack Reviewed-by: Paolo Bonzini Signed-off-by: Radim Krčmář Signed-off-by: Ben Hutchings Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/vmx.c | 53 +++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 43 insertions(+), 10 deletions(-) --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -4527,6 +4527,28 @@ static int vmx_cpu_uses_apicv(struct kvm return enable_apicv && lapic_in_kernel(vcpu); } +static void nested_mark_vmcs12_pages_dirty(struct kvm_vcpu *vcpu) +{ + struct vmcs12 *vmcs12 = get_vmcs12(vcpu); + gfn_t gfn; + + /* + * Don't need to mark the APIC access page dirty; it is never + * written to by the CPU during APIC virtualization. + */ + + if (nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW)) { + gfn = vmcs12->virtual_apic_page_addr >> PAGE_SHIFT; + kvm_vcpu_mark_page_dirty(vcpu, gfn); + } + + if (nested_cpu_has_posted_intr(vmcs12)) { + gfn = vmcs12->posted_intr_desc_addr >> PAGE_SHIFT; + kvm_vcpu_mark_page_dirty(vcpu, gfn); + } +} + + static void vmx_complete_nested_posted_interrupt(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx = to_vmx(vcpu); @@ -4534,18 +4556,15 @@ static void vmx_complete_nested_posted_i void *vapic_page; u16 status; - if (vmx->nested.pi_desc && - vmx->nested.pi_pending) { - vmx->nested.pi_pending = false; - if (!pi_test_and_clear_on(vmx->nested.pi_desc)) - return; - - max_irr = find_last_bit( - (unsigned long *)vmx->nested.pi_desc->pir, 256); + if (!vmx->nested.pi_desc || !vmx->nested.pi_pending) + return; - if (max_irr == 256) - return; + vmx->nested.pi_pending = false; + if (!pi_test_and_clear_on(vmx->nested.pi_desc)) + return; + max_irr = find_last_bit((unsigned long *)vmx->nested.pi_desc->pir, 256); + if (max_irr != 256) { vapic_page = kmap(vmx->nested.virtual_apic_page); __kvm_apic_update_irr(vmx->nested.pi_desc->pir, vapic_page); kunmap(vmx->nested.virtual_apic_page); @@ -4557,6 +4576,8 @@ static void vmx_complete_nested_posted_i vmcs_write16(GUEST_INTR_STATUS, status); } } + + nested_mark_vmcs12_pages_dirty(vcpu); } static inline bool kvm_vcpu_trigger_posted_interrupt(struct kvm_vcpu *vcpu) @@ -7761,6 +7782,18 @@ static bool nested_vmx_exit_handled(stru vmcs_read32(VM_EXIT_INTR_ERROR_CODE), KVM_ISA_VMX); + /* + * The host physical addresses of some pages of guest memory + * are loaded into VMCS02 (e.g. L1's Virtual APIC Page). The CPU + * may write to these pages via their host physical address while + * L2 is running, bypassing any address-translation-based dirty + * tracking (e.g. EPT write protection). + * + * Mark them dirty on every exit from L2 to prevent them from + * getting out of sync with dirty tracking. + */ + nested_mark_vmcs12_pages_dirty(vcpu); + if (vmx->nested.nested_run_pending) return false;