Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4925663pxj;
        Tue, 22 Jun 2021 10:59:05 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxNkl/rkAwDMDTmrSB29mxC9c5mGj4rrbQSwbLJh1bqJnWkLJbGW8x5rJ8d8A5GgAZzVlFd
X-Received: by 2002:a05:6638:1446:: with SMTP id l6mr4663397jad.14.1624384745713;
        Tue, 22 Jun 2021 10:59:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1624384745; cv=none;
        d=google.com; s=arc-20160816;
        b=zumHdS2EykizsatrKPp3W+j+iIpFn6OI+05zWlKh71Zj2cw18XbscsWsexzaMwTBFf
         5A5z+XRWuUk1BAYcm5FqAYNEeL8HcYGSJ11xJaG/VEVAng+R7y77hHERyX8+a96GxiVl
         LxI5E4Uu0Yr7uL+5Ox9YCTyhO44gLc4WgoM/bT+dG0cZvy0eRMIzToaicZzbeWutuJJw
         6Ld6nBeHDdZ5vspwA5Xz7+RicItu8hbrxNBfwOaB5Ar9U4yFrNX9TU5xQAsy8K0MOss7
         eK0vDweTuHhJtQy2ef/y4t46lFjwvjNyV3SS2ealICtzubN6HGyCcCjRMXqHTzesKN77
         PjUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:from:subject:references:mime-version
         :message-id:in-reply-to:date:reply-to:dkim-signature;
        bh=b8Wsppq/GlcuesoRfm0KDojivDbmhCEZ9n9fv6tGG5k=;
        b=xXKBmtlWeRFZqPszFoF2ix//3H1XIwix4Y2IXGrfCQiAYyncV/54+pcd7xfugwC4vn
         onRmqOqQimfnqPZOCs7pkHr/r/W3U36Zpx1trglJ8HjFNjivvHtjvSxl8Mxhs+GaGzbB
         ZcTZAxm410EnmynPaNMo0hQ1TqM5/wQu04biLtcvUEumUkBG4CIfzua33e5bptHfNeKV
         03139JaiOrtcaIn7cy7yYlcdvSSRu5RW9wDAki9+gsOjnX8iPZoiB7I7/PxgzbfvSqXr
         kji82f1druFg3vGjJKb7rWBYr2Jq4Fu8pJdyiiNf2GKps6S6/SMpHZ0R79zkqSaLRiGu
         5VTw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=AWYu9f26;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id s11si12120728ioo.1.2021.06.22.10.58.53;
        Tue, 22 Jun 2021 10:59:05 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=AWYu9f26;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232493AbhFVSAW (ORCPT <rfc822;maciejromanfijalkowski@gmail.com>
        + 99 others); Tue, 22 Jun 2021 14:00:22 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37582 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232480AbhFVSAR (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 22 Jun 2021 14:00:17 -0400
Received: from mail-qv1-xf4a.google.com (mail-qv1-xf4a.google.com [IPv6:2607:f8b0:4864:20::f4a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D6E7C06175F
        for <linux-kernel@vger.kernel.org>; Tue, 22 Jun 2021 10:58:01 -0700 (PDT)
Received: by mail-qv1-xf4a.google.com with SMTP id ea18-20020ad458b20000b0290215c367b5d3so219582qvb.3
        for <linux-kernel@vger.kernel.org>; Tue, 22 Jun 2021 10:58:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=reply-to:date:in-reply-to:message-id:mime-version:references
         :subject:from:to:cc;
        bh=b8Wsppq/GlcuesoRfm0KDojivDbmhCEZ9n9fv6tGG5k=;
        b=AWYu9f26z3jKRqUE7jiaFlhFDSjABP4CPw3I3Vzhe+qwtHtjccPXgq8r8NmgoqAu7m
         OqHWPQKBUtkaepQAkat0UJXKQTO20t8/6H84ef+60CgVRMRra8M/rpPf3rArZRcRYPqD
         8QwPeGIb7zKHiO0yNOG4PLo4Bq/5NRpKHPjqe6WfoVXV0zMHcGIYEavgVq8vKya0IuuZ
         hBaSENEPjArSrATfe7GuFq86FYXPaoBbZaDvZuHVigF+zdH/K3l5FMVNe8NAy1yNAjK1
         nrykdz3nbzOZ2lGYWmUNrmm7uwJTl0mqVkm7d1pXhPjOnBdTceEd8XkW3IeUD7tm7044
         UyxQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:reply-to:date:in-reply-to:message-id
         :mime-version:references:subject:from:to:cc;
        bh=b8Wsppq/GlcuesoRfm0KDojivDbmhCEZ9n9fv6tGG5k=;
        b=Y5IRrDz9W+Om/yCCCatWYkbI1UDuFglcIQhAwzSWuNypsFDxgxTINzBj9X+GRskv1H
         C83BwPgt1IKd5XN+O/8cqDVflygYICtCH6HMYHJLei0aRFy0vtAWfGVh//sdfCRIrSop
         jhaRVUjzHz3oJWo81z48WvF5IqezYwfo7MpWP7xTrIWdYW5b6aDaEJcmi1Gk+wM4PN5w
         za+QmtkTmOUEHZQDsmERCrbkyueTv0EvH9+Sg7WaNBbSLd3UnxaemJY4lshlPXiE7G5B
         MxUn64sKji8HIAewnN53Eco0K6GCXg+WsSZ95Wq56Vlm27ArIYSnaDKLW3tdGgNOnX8s
         52tA==
X-Gm-Message-State: AOAM533Tq7rj3jDu1l6USlQHVOuo8Qy7IGrLBlm1Cs5UZRCXFRQJiXoa
        OGJ85nzmebCN+GAkgbLJRFbLEaNGVss=
X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:5722:92ce:361f:3832])
 (user=seanjc job=sendgmr) by 2002:a25:cac4:: with SMTP id a187mr6161796ybg.423.1624384680514;
 Tue, 22 Jun 2021 10:58:00 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date:   Tue, 22 Jun 2021 10:56:47 -0700
In-Reply-To: <20210622175739.3610207-1-seanjc@google.com>
Message-Id: <20210622175739.3610207-3-seanjc@google.com>
Mime-Version: 1.0
References: <20210622175739.3610207-1-seanjc@google.com>
X-Mailer: git-send-email 2.32.0.288.g62a8d224e6-goog
Subject: [PATCH 02/54] KVM: x86/mmu: Treat NX as used (not reserved) for all
 !TDP shadow MMUs
From:   Sean Christopherson <seanjc@google.com>
To:     Paolo Bonzini <pbonzini@redhat.com>
Cc:     Sean Christopherson <seanjc@google.com>,
        Vitaly Kuznetsov <vkuznets@redhat.com>,
        Wanpeng Li <wanpengli@tencent.com>,
        Jim Mattson <jmattson@google.com>,
        Joerg Roedel <joro@8bytes.org>, kvm@vger.kernel.org,
        linux-kernel@vger.kernel.org,
        Yu Zhang <yu.c.zhang@linux.intel.com>,
        Maxim Levitsky <mlevitsk@redhat.com>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Mark NX as being used for all non-nested shadow MMUs, as KVM will set the
NX bit for huge SPTEs if the iTLB mutli-hit mitigation is enabled.
Checking the mitigation itself is not sufficient as it can be toggled on
at any time and KVM doesn't reset MMU contexts when that happens.  KVM
could reset the contexts, but that would require purging all SPTEs in all
MMUs, for no real benefit.  And, KVM already forces EFER.NX=1 when TDP is
disabled (for WP=0, SMEP=1, NX=0), so technically NX is never reserved
for shadow MMUs.

Fixes: b8e8c8303ff2 ("kvm: mmu: ITLB_MULTIHIT mitigation")
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/mmu/mmu.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index 84d48a33e38b..0db12f461c9d 100644
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -4221,7 +4221,15 @@ static inline u64 reserved_hpa_bits(void)
 void
 reset_shadow_zero_bits_mask(struct kvm_vcpu *vcpu, struct kvm_mmu *context)
 {
-	bool uses_nx = context->nx ||
+	/*
+	 * KVM uses NX when TDP is disabled to handle a variety of scenarios,
+	 * notably for huge SPTEs if iTLB multi-hit mitigation is enabled and
+	 * to generate correct permissions for CR0.WP=0/CR4.SMEP=1/EFER.NX=0.
+	 * The iTLB multi-hit workaround can be toggled at any time, so assume
+	 * NX can be used by any non-nested shadow MMU to avoid having to reset
+	 * MMU contexts.  Note, KVM forces EFER.NX=1 when TDP is disabled.
+	 */
+	bool uses_nx = context->nx || !tdp_enabled ||
 		context->mmu_role.base.smep_andnot_wp;
 	struct rsvd_bits_validate *shadow_zero_check;
 	int i;
-- 
2.32.0.288.g62a8d224e6-goog