Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4581901pxj; Wed, 12 May 2021 08:38:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyjcNMCKknQg7vXZ6l+xK7YRkfLCI/zZ+pMS8NnbEBEdgXaEYoYznn0OTmaPpY+bKbKNxuV X-Received: by 2002:a4a:c316:: with SMTP id c22mr28482690ooq.65.1620833887311; Wed, 12 May 2021 08:38:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620833887; cv=none; d=google.com; s=arc-20160816; b=VpQ03Au57ecHIaRC5ibpTyjvEwRFGGk0m882qQwVCFzuOHontra4+Ln5kmujeAjnvh wBK5k4dEGj1sNYR9kgMXGtyc8mk33cJ8XCCr7g6FA3BM2k+cxpvKjU91KTZciopx80d1 ZvXKTOY6UF/iPD3Jcpc8RYHuOK+T18kyxjgGjoG6V8E1zWM1FK7gF9S08dQuIrkuVzyW uZNf+uurC5GUFFqywX9tGbulyQOd1yra7mZi7UwX8OBVkEDzMWNlCL4VcJTpPayuqSvU k0uKXs4nKBAJjHrHez1vFZa0nuEVwfOfe4RJJOaEJnLoWIOUT7Dj3S19Heur/2T0vI+b LSRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=kqxk3Ml21mGGgqAQMwZI6/3jNiz7LTqmd2A9AT3HHEY=; b=eOYhcYe6GHA2DTZ2SLbgskN9ILIUxAH9H6Nxd08eqwE3NMM2Pu/Tcf4yZP/HSh3FFT m1qmPZFDRE1iTlpopRY1453zg6tJz6lh4RIb7klEo9nW9Rpbtn8U4prl+Mz1BTNIA7w7 afLevQiChuOxMCVg6/1MPAX2l7wVbnNanRfsVpYEY7i/0CLg68UANv6gkKh8ms00Nmf8 9IKpATq5uPriaxBHuRbaWjcJyBmvQkeP94nTvR/Am9oPRnTGALT8O8Xe93Bc9Psvzg0g nz18x4Lu5WawClP8QfmMbhvk5SzfevNO1tHeV3kjoCQbcnWEJRys7JXNt8ZHE2oRLUeU xfXA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=Dkwf+8db; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d22si236982otl.112.2021.05.12.08.37.52; Wed, 12 May 2021 08:38:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=Dkwf+8db; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236277AbhELPh3 (ORCPT + 99 others); Wed, 12 May 2021 11:37:29 -0400 Received: from mail.kernel.org ([198.145.29.99]:50142 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234376AbhELPQn (ORCPT ); Wed, 12 May 2021 11:16:43 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 13BD86197C; Wed, 12 May 2021 15:06:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1620831994; bh=oeTUwzz341SxyilS99VEr7Sl9oSPvJ0BeLINBxPSQws=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Dkwf+8dbFyvKGt5TWIOcHsmlRCZCn/sZPy3CH7quyrs/MxGicoGtqxOzepmfU5uxe RcbGNdO/CwKQSXmPWU9fCiEdJzLUztlTIUnntUD1IxNOpmGVCaF0mTfqtHByt2yM/D 3SqGzVJMyDKdyYNnKlk3Fx3OoYJLnW+J8ixSeHAs= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sean Christopherson , Paolo Bonzini Subject: [PATCH 5.10 097/530] KVM: nVMX: Defer the MMU reload to the normal path on an EPTP switch Date: Wed, 12 May 2021 16:43:27 +0200 Message-Id: <20210512144822.990167052@linuxfoundation.org> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210512144819.664462530@linuxfoundation.org> References: <20210512144819.664462530@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sean Christopherson commit c805f5d5585ab5e0cdac6b1ccf7086eb120fb7db upstream. Defer reloading the MMU after a EPTP successful EPTP switch. The VMFUNC instruction itself is executed in the previous EPTP context, any side effects, e.g. updating RIP, should occur in the old context. Practically speaking, this bug is benign as VMX doesn't touch the MMU when skipping an emulated instruction, nor does queuing a single-step #DB. No other post-switch side effects exist. Fixes: 41ab93727467 ("KVM: nVMX: Emulate EPTP switching for the L1 hypervisor") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Message-Id: <20210305011101.3597423-14-seanjc@google.com> Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/vmx/nested.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -5491,16 +5491,11 @@ static int nested_vmx_eptp_switching(str if (!nested_vmx_check_eptp(vcpu, new_eptp)) return 1; - kvm_mmu_unload(vcpu); mmu->ept_ad = accessed_dirty; mmu->mmu_role.base.ad_disabled = !accessed_dirty; vmcs12->ept_pointer = new_eptp; - /* - * TODO: Check what's the correct approach in case - * mmu reload fails. Currently, we just let the next - * reload potentially fail - */ - kvm_mmu_reload(vcpu); + + kvm_make_request(KVM_REQ_MMU_RELOAD, vcpu); } return 0;