Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp711787pxb; Thu, 25 Feb 2021 13:06:51 -0800 (PST) X-Google-Smtp-Source: ABdhPJxJzyRe/uih1KkGUXqn1NzGa/at/Fq094lfLmClxzObxNqoP3CdhIKdMfT6vD6W0ZtHiwOI X-Received: by 2002:a05:6402:30b7:: with SMTP id df23mr5154257edb.282.1614287211388; Thu, 25 Feb 2021 13:06:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1614287211; cv=none; d=google.com; s=arc-20160816; b=Fx93lF0rTGRbnfmd0HXq43Po87GLMaUzomOIv1ZxedYQFm18nhefe0fiPdwufLi2yC HqKt9phwWmVEmj4Y8BENg6Kj7oH2o7xZx/kpnJu1sNJXssSP3PAyXRXa7cgpgr6EvoY7 8nYJBy1KqNEUTm0Uc03au/+ocBfgsMWr4CqXEYv3hb+wkuU0RRojgTmVGXNikaBmzkUY xTXcqEYk6mSJhhmVeVz0fVfFVFJV2ExHL70D3qb0ejIFXYOwL8KvgUp6Bo0lsy3BulWP glns7eQgLe5qgo0R0wz7hsXEqiWwVoKhfERRxaV5IOX9MOuc/sHxmTtJNrhv+6whytG5 cxlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:reply-to:sender:dkim-signature; bh=pSgzcPeZf7CkEyKNT+UwT5BWJSvRnduOvKwxLFb/Sls=; b=R3OY4INAmSxrZfCSIunjntjaQ+gTCq6RHXDumj/YxAj/7ZouTFMzY5viSA85Q1G1t3 EIfOzmpZuvnunuSxZwrK65GFJ+drjfiPfcdw6U2ICULazxt5rAUVLV4PHly0tP98VddR 2H46McLCR81ENhLwMU9U4UVZ6JA9QYqeR2R9MbOl8iFYy5f7h5/22r0criJ2F/SqO8tf WKppPSnu9a/H37YoUb72lq9KZisEvbfTslfS9RYCUF3Rvh772v2P+xl5hU6ffC0uKeuB F3Jt5OQkIZTBl7BsnLxixD7IG/jU5tZJLkiKF4ENeMmnkluSONJA+472im4431s79c+B /uFQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=TBmuXSjK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v13si5042917edl.282.2021.02.25.13.06.28; Thu, 25 Feb 2021 13:06:51 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=TBmuXSjK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234717AbhBYVCz (ORCPT + 99 others); Thu, 25 Feb 2021 16:02:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50574 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234634AbhBYUw1 (ORCPT ); Thu, 25 Feb 2021 15:52:27 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E9E3CC061A2D for ; Thu, 25 Feb 2021 12:48:55 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id d8so7630019ybs.11 for ; Thu, 25 Feb 2021 12:48:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=pSgzcPeZf7CkEyKNT+UwT5BWJSvRnduOvKwxLFb/Sls=; b=TBmuXSjKcURclFdq9gj6ZPJwNEOkGFuZvmeiwtuR2iDyfiEmsbnL8B5qNH/rXy1JR+ VHjplhHdfNYXbHEM6d0jXneCHW194c8TZWVoNojdTEP37fblNS8FL9jCmab23FWu45Ns nwKvDJn+4RqTWofvtjmhRtLSmEtc0G0f5c8qCesLctd5jL7cMDlquUyyXEAPEpm0yUMf u/Nu3R2Kv7jsMqzskDLe48jDtCgVS9dZk4jZigwRa0qh1/8OcjN8lFxWoMqrR2ruE50n qTVYV363Yjhh9nEmBgKGyQvvECRNe87Va7VU60vD6OZjtrdq0JteJ/3XOe3FUIIzsjRc HsOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=pSgzcPeZf7CkEyKNT+UwT5BWJSvRnduOvKwxLFb/Sls=; b=IRY5Tnek8mL1RemQ3AUfaD9zOi6XfNPCXx1iTdMQtxe25wFiT92NGtxxMrSu2ykhuU e8nB1M+NbhvEqxSzfPW8XctV0Rwh9P2XZ20yA88Dvnmi7IHJL3pVyx6PrTyerUsIdsHc 6QUXTvacnWnBhMRm7x8+6AUD+P9QGeOi20w2O3ongKxgCi6tnTSWWsJ8/7QyZ+qVPnBW t6GKh3uOR+1x5JkxSYJ7Ak0VhEV4ieKsKed8y0A6WnAPTGNB13oalXg3duZBNu4WfOVB UE0281D+OyX1asTfIcNKtQ+J0MC/H11SH454/X5UsAgmfHTy33fShUtpMVmzkLcccfbM XIgQ== X-Gm-Message-State: AOAM53358cx6Hh+oa9WBveQPoiZKk852VhJCnmVyZpjOlmdWVxItCT5J hkuUb+8oaiosVEhIvqjuv4hREtUT+ow= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:34c4:7c1d:f9ba:4576]) (user=seanjc job=sendgmr) by 2002:a25:af52:: with SMTP id c18mr7183399ybj.196.1614286135191; Thu, 25 Feb 2021 12:48:55 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 25 Feb 2021 12:47:46 -0800 In-Reply-To: <20210225204749.1512652-1-seanjc@google.com> Message-Id: <20210225204749.1512652-22-seanjc@google.com> Mime-Version: 1.0 References: <20210225204749.1512652-1-seanjc@google.com> X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH 21/24] KVM: x86/mmu: Tweak auditing WARN for A/D bits to !PRESENT (was MMIO) From: Sean Christopherson To: Paolo Bonzini Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Ben Gardon Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Tweak the MMU_WARN that guards against weirdness when querying A/D status to fire on a !MMU_PRESENT SPTE, as opposed to a MMIO SPTE. Attempting to query A/D status on any kind of !MMU_PRESENT SPTE, MMIO or otherwise, indicates a KVM bug. Case in point, several now-fixed bugs were identified by enabling this new WARN. Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/spte.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 645e9bc2d4a2..2fad4ccd3679 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -209,6 +209,11 @@ static inline bool is_mmio_spte(u64 spte) likely(shadow_mmio_value); } +static inline bool is_shadow_present_pte(u64 pte) +{ + return !!(pte & SPTE_MMU_PRESENT_MASK); +} + static inline bool sp_ad_disabled(struct kvm_mmu_page *sp) { return sp->role.ad_disabled; @@ -216,13 +221,13 @@ static inline bool sp_ad_disabled(struct kvm_mmu_page *sp) static inline bool spte_ad_enabled(u64 spte) { - MMU_WARN_ON(is_mmio_spte(spte)); + MMU_WARN_ON(!is_shadow_present_pte(spte)); return (spte & SPTE_TDP_AD_MASK) != SPTE_TDP_AD_DISABLED_MASK; } static inline bool spte_ad_need_write_protect(u64 spte) { - MMU_WARN_ON(is_mmio_spte(spte)); + MMU_WARN_ON(!is_shadow_present_pte(spte)); /* * This is benign for non-TDP SPTEs as SPTE_TDP_AD_ENABLED_MASK is '0', * and non-TDP SPTEs will never set these bits. Optimize for 64-bit @@ -233,13 +238,13 @@ static inline bool spte_ad_need_write_protect(u64 spte) static inline u64 spte_shadow_accessed_mask(u64 spte) { - MMU_WARN_ON(is_mmio_spte(spte)); + MMU_WARN_ON(!is_shadow_present_pte(spte)); return spte_ad_enabled(spte) ? shadow_accessed_mask : 0; } static inline u64 spte_shadow_dirty_mask(u64 spte) { - MMU_WARN_ON(is_mmio_spte(spte)); + MMU_WARN_ON(!is_shadow_present_pte(spte)); return spte_ad_enabled(spte) ? shadow_dirty_mask : 0; } @@ -248,11 +253,6 @@ static inline bool is_access_track_spte(u64 spte) return !spte_ad_enabled(spte) && (spte & shadow_acc_track_mask) == 0; } -static inline bool is_shadow_present_pte(u64 pte) -{ - return !!(pte & SPTE_MMU_PRESENT_MASK); -} - static inline bool is_large_pte(u64 pte) { return pte & PT_PAGE_SIZE_MASK; -- 2.30.1.766.gb4fecdf3b7-goog