Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp647023pxb; Tue, 2 Feb 2021 14:16:09 -0800 (PST) X-Google-Smtp-Source: ABdhPJz2s+seEJjenJelx1sQbihoP2TdVvoKpvSJA8+td8neVUFzSDXUmjeUeGHgzK8cAVZ/rKwM X-Received: by 2002:a05:6402:50ce:: with SMTP id h14mr193922edb.283.1612304168997; Tue, 02 Feb 2021 14:16:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1612304168; cv=none; d=google.com; s=arc-20160816; b=eyrTTrKMpw9yk0PfKBTv3k9YWPUpbK4h0VXZCxEoqjdP0tQkeWbKYoDJdYWOppCl2z d2SA4DJXyNKCusbRzZYR7mZ+fIGeDjEH1cmlQUNqM/B16XgrX0om1OFr6goHB+PEtZqI fIcHKU/kNEUQrpj7JOrXl0oRjUYmhIzeFg37YQ/M/NXeZZMQw/oMUTMwdEGC8vISBfPI H4Uy3hCpxslLRFH7S4XhANF9YkmC2lIg3ftpTbesYn6NELG4XTV/Hd42cPZVh6o9Bf88 sjVjb5U2d8wz0BXjOJ1BWNlDBFAKUwFX/6QuitTsCqsU+hjaWBHMuucyizfWM+My5f6g tq7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ckQk9HXWfGyzzw7LKwsZtYVqWuSKG7Csq8mrBzU9/Nk=; b=K4Li4RSFTfxggfW1sP7TZqYLCEgbhUmzixOXQyf1hhWPkVVKOSfbTov7It7vSrtAKP Y9FPWXx8b10MRclMtJuAMk4oFon/9HOhHLhYLgQgQ3WK/EQZL5Pd4D4ggvr/lMJS4MiI v0SSc7mFMhbCCNC85MyWrejom9rUsm2ltKH0xFfNzRJVHNntfzIOa3RhsnMvl58WhiI7 LhIM6hx+ztmEDUe41ISVFLY04IDFTCOJTc9dWeY4+525GVwN4Llxty616OR51+diWY/h yMECXOzw9aQyFuRAjZgYuBlGTfcJFYxY7gK695Fgmwc4uxdDSuQypQB8rJXhvD7ZCMnR a5cg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=nFu0dvun; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h20si104723eja.372.2021.02.02.14.15.44; Tue, 02 Feb 2021 14:16:08 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=nFu0dvun; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233380AbhBBN5B (ORCPT + 99 others); Tue, 2 Feb 2021 08:57:01 -0500 Received: from mail.kernel.org ([198.145.29.99]:41120 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232944AbhBBNuC (ORCPT ); Tue, 2 Feb 2021 08:50:02 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id E8D3C64FAA; Tue, 2 Feb 2021 13:42:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1612273359; bh=gUgc0r8bk0KNca2XaqGTfkET84c0c5MGJDlemNb8X/Q=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=nFu0dvun52MZRdSsuWom1+pTXDgaR0TJbTcodczDbeVuEoY8q5x50sUmkbhPS9ogX eJJ62K0V8TLXU0/NlGAPgsm+hHR2Sbvx6A398OM27zCDsKOxMQxO8HmHzVxWp012hD t7ZNRUDnrGO0touxTinYOTxSc/zVr4fl4uehrf5U= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Rick Edgecombe , Catalin Marinas , Marc Zyngier Subject: [PATCH 5.10 046/142] KVM: Forbid the use of tagged userspace addresses for memslots Date: Tue, 2 Feb 2021 14:36:49 +0100 Message-Id: <20210202132959.627719612@linuxfoundation.org> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20210202132957.692094111@linuxfoundation.org> References: <20210202132957.692094111@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Marc Zyngier commit 139bc8a6146d92822c866cf2fd410159c56b3648 upstream. The use of a tagged address could be pretty confusing for the whole memslot infrastructure as well as the MMU notifiers. Forbid it altogether, as it never quite worked the first place. Cc: stable@vger.kernel.org Reported-by: Rick Edgecombe Reviewed-by: Catalin Marinas Signed-off-by: Marc Zyngier Signed-off-by: Greg Kroah-Hartman --- Documentation/virt/kvm/api.rst | 3 +++ virt/kvm/kvm_main.c | 1 + 2 files changed, 4 insertions(+) --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -1264,6 +1264,9 @@ field userspace_addr, which must point a the entire memory slot size. Any object may back this memory, including anonymous memory, ordinary files, and hugetlbfs. +On architectures that support a form of address tagging, userspace_addr must +be an untagged address. + It is recommended that the lower 21 bits of guest_phys_addr and userspace_addr be identical. This allows large pages in the guest to be backed by large pages in the host. --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -1289,6 +1289,7 @@ int __kvm_set_memory_region(struct kvm * return -EINVAL; /* We can read the guest memory with __xxx_user() later on. */ if ((mem->userspace_addr & (PAGE_SIZE - 1)) || + (mem->userspace_addr != untagged_addr(mem->userspace_addr)) || !access_ok((void __user *)(unsigned long)mem->userspace_addr, mem->memory_size)) return -EINVAL;