Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp2832958pxv; Mon, 12 Jul 2021 03:04:32 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzrkkONlcF6dgZ0g6sHu624JQTlvVm3U5ExRgCkSel6v8XJ/LyaMIB29Eq5EYNsaNbfet/t X-Received: by 2002:a92:874f:: with SMTP id d15mr19908467ilm.294.1626084272766; Mon, 12 Jul 2021 03:04:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1626084272; cv=none; d=google.com; s=arc-20160816; b=u9uZ1I42jPAx7OZziA3lGkUlm/YtnYnQTkdJ4wEmkRpYrp1ejGrkhJ+Q7VRGw7LfFV 8RRTiaXZPL0QeKtGNb5XTrC7DdtiKbSSJYUMsOS56JyazFhOYjWSIKpa86PYc/atI8u0 jTwAcYuEUh+ApK3rrS00mohexxRiToiI5tQPa+0RFKe6o/PKKm/r4l7McVIw3QJY6L3F S/OUomWkET5gmfQ5rYihZiVQ2IECXIjJ3UC7dKU9WSYj5ihd1DIwO0ufseAdv4sfwoif G9lUK0GH+qfDe+3RR540E8litPiV507/Psee5sZ5hP3SN7OHmC0rFq8sJFnCeIi0Vrkr Q28g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=546VGmI6FDqn41OGnjlUHMChwVgG1lxDlNfaBqACpjE=; b=laZccNzVbIinPinKXI7LnYcCag5xUQrar0o9wnpGRPV1vGkSiA9G1L/Jn46Gfg4VYT yG0UZCdBn9LQx7paZD/HZjYidPHoBRN28jLPsl0ySL4ZBoEWNhKvsB3HZs2f0gIdOJao q6iOvVdILeTFdVc/KjgSAmx2XCboBmfHrElCvw8IXGV4cOOT9nNZBximLnb3B9zA7MVe tkGb3IQZ+Svqg3ZQxuZNSRgqkWQcYQogUCui0ZenXTH2oY9C4sNaJsRqGhmzPoKhabOU nnIcFp9ZBPwtC29FTxq60h1q3pF0WtDYNO70dfilMCa0dnfdb/ZjGbB6yg+3eaIknaLa aF7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=AV14hT7Z; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t16si13394371ilm.159.2021.07.12.03.04.20; Mon, 12 Jul 2021 03:04:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=AV14hT7Z; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345296AbhGLHZQ (ORCPT + 99 others); Mon, 12 Jul 2021 03:25:16 -0400 Received: from mail.kernel.org ([198.145.29.99]:33184 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239913AbhGLG6c (ORCPT ); Mon, 12 Jul 2021 02:58:32 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 50DEC61156; Mon, 12 Jul 2021 06:55:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1626072944; bh=ArcNppnFTpmo6YFXLOP+cvlzWMFdiDntTxV/feCOl3w=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=AV14hT7ZTOtxDGGK0M7/fTqDrwMcn+S2C83UhAcMyOATmvtYNNPgQkRbbJZzyuhFm FadTImylHE5McYCAOgqm7ZfLmBEknnMKref/ACkj28Nohgs8rdrG1T7rcWSmzo3hPf qM2Y+v2MXaRt4Qc7EyXojVsk922xXJ9YUBcLV+WQ= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sean Christopherson , Paolo Bonzini Subject: [PATCH 5.12 072/700] KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs Date: Mon, 12 Jul 2021 08:02:35 +0200 Message-Id: <20210712060934.879718606@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210712060924.797321836@linuxfoundation.org> References: <20210712060924.797321836@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sean Christopherson commit 112022bdb5bc372e00e6e43cb88ee38ea67b97bd upstream. Mark NX as being used for all non-nested shadow MMUs, as KVM will set the NX bit for huge SPTEs if the iTLB mutli-hit mitigation is enabled. Checking the mitigation itself is not sufficient as it can be toggled on at any time and KVM doesn't reset MMU contexts when that happens. KVM could reset the contexts, but that would require purging all SPTEs in all MMUs, for no real benefit. And, KVM already forces EFER.NX=1 when TDP is disabled (for WP=0, SMEP=1, NX=0), so technically NX is never reserved for shadow MMUs. Fixes: b8e8c8303ff2 ("kvm: mmu: ITLB_MULTIHIT mitigation") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Message-Id: <20210622175739.3610207-3-seanjc@google.com> Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/mmu/mmu.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4155,7 +4155,15 @@ static inline u64 reserved_hpa_bits(void void reset_shadow_zero_bits_mask(struct kvm_vcpu *vcpu, struct kvm_mmu *context) { - bool uses_nx = context->nx || + /* + * KVM uses NX when TDP is disabled to handle a variety of scenarios, + * notably for huge SPTEs if iTLB multi-hit mitigation is enabled and + * to generate correct permissions for CR0.WP=0/CR4.SMEP=1/EFER.NX=0. + * The iTLB multi-hit workaround can be toggled at any time, so assume + * NX can be used by any non-nested shadow MMU to avoid having to reset + * MMU contexts. Note, KVM forces EFER.NX=1 when TDP is disabled. + */ + bool uses_nx = context->nx || !tdp_enabled || context->mmu_role.base.smep_andnot_wp; struct rsvd_bits_validate *shadow_zero_check; int i;