Received: by 2002:a05:6a10:6d25:0:0:0:0 with SMTP id gq37csp1875195pxb; Mon, 13 Sep 2021 07:21:14 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx50FLplON98jY+jySQ/V3K+BhFmzzIVcSKs3mTP5jjXLlx4tcEFcd4/FyiPqf+ahoouMsl X-Received: by 2002:a05:6e02:12a6:: with SMTP id f6mr5192196ilr.38.1631542874560; Mon, 13 Sep 2021 07:21:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631542874; cv=none; d=google.com; s=arc-20160816; b=ItS9oaY4n9cXX6Hk1oJZHB11wkJ7jxIdtOAt1DKcmupxkpnO+2/5JY4VWLC3scPKHV yNOBYmM5G1szqpBh/qRycMiYrzGUyaEvsvD2elOZ9idSV7dDgw33f2CHllwr/8GHULBt Qt8lf1jc1x2l0FpSh3xuK/AY8UaboLC97mJzaxiqv9WYEQe7nDaEcGl79108ZGw1AKG6 DXIR2JLIHnvUyD8phOPI+jLDLJj2HdYznuRONm99B2lUyCxzoZ+tDfQZS+3NlDF66RAY twk+GOrR+JLiPpfBMkOyidRCr7SszN9RZCn3b/D0eBxvU4/iNiY2oV+HUUXCnMAPdPUC fi7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=Q5qxDMF6YPD6V2Tk3ENgg9ukeauVOpi4wbkruGMkaVw=; b=p+0ZdBpngVpLYFAW99MkrCzEzpujC86GcQxapqetwe7QI4RV1xiGv7i+nKYRwNsTLF AwQK116pW8AmAYlxXmxbwAsZXE0xwet1f2dvqnNLdD7bTilEKG3Pt1TRXPT+EhwnTloT IO//sOSOXBlKoqXHgbbWpBYq2glXnG34kIrBQcwfLgUpzZbWmZwcrTZavQyyTygfG8a5 1dOVUDhFV3vGQ9sk/TtnpUn3wEF1xJyz2lMdtJboFVpFo0tNWBpWrGJe+X9WezHzAUjY PXIggricFg5n3u3dbX5KLtHwl+OfufGltBciV7sidP+vcDt7e7+Fyfp7yd8LMzqpny2c IlOg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=1dFy4QZ5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 13si6380346ily.171.2021.09.13.07.21.01; Mon, 13 Sep 2021 07:21:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=1dFy4QZ5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345665AbhIMOT6 (ORCPT + 99 others); Mon, 13 Sep 2021 10:19:58 -0400 Received: from mail.kernel.org ([198.145.29.99]:37132 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244385AbhIMOPM (ORCPT ); Mon, 13 Sep 2021 10:15:12 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 7B8C161056; Mon, 13 Sep 2021 13:44:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1631540656; bh=k9aAL/EcqvOCHcCK6W2bcASD/E1iQkEHcqKZVYFpIBs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=1dFy4QZ5qMecSvCqL9PoTlo6NaCmbs5Ozs5CVeLw80T1bagDjSHAoTKm0XRsmBt/5 PW4n9H77zj1tgbJgtfTuULCEQ+xB3dg7VJCLrLxV4vj+lkjDeM8AE1qLjWwaiigPYw ByrP3UXh022G6lc3T6E3qlUjlupn5lWADp/5uaHA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Paolo Bonzini Subject: [PATCH 5.13 283/300] KVM: x86: clamp host mapping level to max_level in kvm_mmu_max_mapping_level Date: Mon, 13 Sep 2021 15:15:44 +0200 Message-Id: <20210913131118.902060289@linuxfoundation.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210913131109.253835823@linuxfoundation.org> References: <20210913131109.253835823@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Paolo Bonzini commit ec607a564f70519b340f7eb4cfc0f4a6b55285ac upstream. This change started as a way to make kvm_mmu_hugepage_adjust a bit simpler, but it does fix two bugs as well. One bug is in zapping collapsible PTEs. If a large page size is disallowed but not all of them, kvm_mmu_max_mapping_level will return the host mapping level and the small PTEs will be zapped up to that level. However, if e.g. 1GB are prohibited, we can still zap 4KB mapping and preserve the 2MB ones. This can happen for example when NX huge pages are in use. The second would happen when userspace backs guest memory with a 1gb hugepage but only assign a subset of the page to the guest. 1gb pages would be disallowed by the memslot, but not 2mb. kvm_mmu_max_mapping_level() would fall through to the host_pfn_mapping_level() logic, see the 1gb hugepage, and map the whole thing into the guest. Fixes: 2f57b7051fe8 ("KVM: x86/mmu: Persist gfn_lpage_is_disallowed() to max_level") Cc: stable@vger.kernel.org Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/mmu/mmu.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -2754,6 +2754,7 @@ int kvm_mmu_max_mapping_level(struct kvm kvm_pfn_t pfn, int max_level) { struct kvm_lpage_info *linfo; + int host_level; max_level = min(max_level, max_huge_page_level); for ( ; max_level > PG_LEVEL_4K; max_level--) { @@ -2765,7 +2766,8 @@ int kvm_mmu_max_mapping_level(struct kvm if (max_level == PG_LEVEL_4K) return PG_LEVEL_4K; - return host_pfn_mapping_level(kvm, gfn, pfn, slot); + host_level = host_pfn_mapping_level(kvm, gfn, pfn, slot); + return min(host_level, max_level); } int kvm_mmu_hugepage_adjust(struct kvm_vcpu *vcpu, gfn_t gfn, @@ -2789,17 +2791,12 @@ int kvm_mmu_hugepage_adjust(struct kvm_v if (!slot) return PG_LEVEL_4K; - level = kvm_mmu_max_mapping_level(vcpu->kvm, slot, gfn, pfn, max_level); - if (level == PG_LEVEL_4K) - return level; - - *req_level = level = min(level, max_level); - /* * Enforce the iTLB multihit workaround after capturing the requested * level, which will be used to do precise, accurate accounting. */ - if (huge_page_disallowed) + *req_level = level = kvm_mmu_max_mapping_level(vcpu->kvm, slot, gfn, pfn, max_level); + if (level == PG_LEVEL_4K || huge_page_disallowed) return PG_LEVEL_4K; /*