Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp673701pxb; Tue, 5 Apr 2022 18:13:38 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwFYxqJHWn6OcGMmthsog7+t2/i0iVLJ2VAAVRqC3adE/gnu30XMKqQ9mESxPgL0ViYi69B X-Received: by 2002:a17:90a:f011:b0:1c7:1800:a86d with SMTP id bt17-20020a17090af01100b001c71800a86dmr7094912pjb.175.1649207618445; Tue, 05 Apr 2022 18:13:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649207618; cv=none; d=google.com; s=arc-20160816; b=H6MTQ9Khp++Blc4K3XffwbwK2RGPc0gcBajoys4jwMPI5+pWPMtma4c1ARS6SI0uaS rEiZCI9WEpHpWOHwPAG42K3ETuPGAWfqmgY2inwU0lXkrzXx2zWsWKk+Tjfc6pUkRpUE MXLAlXbipjEz8io0chqV1BT96F9YBsYz32u1p3hmWXXoVx3muYHTjEutkcUslCCfFMd7 kof2a8gjQgP4C8EExrCRpfxkiB4ub2O1yWb7VI5WJg5AZL7UXYiPb+K4Ft6h97176wWh g6ihQTZn+hx5HY1dFS12v9+0pf21YHikQIM+7QQD2gGddVDgzS/EGkHn/jmYUa5rP3Nh pRVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=/KikekSmp4nS99m4XFeCTLJYnhbrcytbuAq2pFLAoAA=; b=JSEcK2rBR6HhVIzDA1R7Wvo5vmyG2Ma31fosCkO5ams0FqcYefOfW/94gUCYofG78z Fpk6W9eAomJ7CyU+nkaXhNd/mzle1Kaoy1/Tzc298egHIHBV7kKI5YXZn2sXYE4v5Gjn 4Ta9F/FCxZSslWn76pl4dKDCPD3UmklfjjqwxxZP3JcgpVM5RThJ7BDFSXK1yiho/GsT Jej+YBfR3g/HStWAGAEyePjhaqXALOtEZ4QduZvMDiCBr0v4GSiW8P3Fh7Nw6hIOfNde NO/XNzc84yKaZrfAxmGxCV2MzygMkifHZfX0o8prSsT5mL3uRosMGI8SQItKgRYZHsJl i4kQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=zZo2WCKK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j4-20020a056a00174400b004fdbf2d9b58si15530241pfc.34.2022.04.05.18.13.24; Tue, 05 Apr 2022 18:13:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=zZo2WCKK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1390588AbiDENmh (ORCPT + 99 others); Tue, 5 Apr 2022 09:42:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59912 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345323AbiDEJW0 (ORCPT ); Tue, 5 Apr 2022 05:22:26 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8B69F443C6; Tue, 5 Apr 2022 02:10:33 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id EE5BD61576; Tue, 5 Apr 2022 09:10:32 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 05BE0C385A0; Tue, 5 Apr 2022 09:10:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1649149832; bh=H/g05GSqYLVNe7009eSkpVEVcdTs0rLY9M5I/WTcBDs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=zZo2WCKK6YexZBxkd6aceRG4LT5N3NIsrRZuzgbKO72rgJ4XlwuHXKA/SQTt60GVr xo0G2h1qt0PIxWuF/6+9yEBWhI/lPCFbV/KHeJCJzF7b6MWoP8PXM94NdgXC/ecPjI a0Of1IrkOTD6Kg9x1ah2735yQu5jl87m/aSHIsUA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sean Christopherson , Paolo Bonzini Subject: [PATCH 5.16 0857/1017] KVM: x86: Reinitialize context if host userspace toggles EFER.LME Date: Tue, 5 Apr 2022 09:29:30 +0200 Message-Id: <20220405070419.674290454@linuxfoundation.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220405070354.155796697@linuxfoundation.org> References: <20220405070354.155796697@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Paolo Bonzini commit d6174299365ddbbf491620c0b8c5ca1a6ef2eea5 upstream. While the guest runs, EFER.LME cannot change unless CR0.PG is clear, and therefore EFER.NX is the only bit that can affect the MMU role. However, set_efer accepts a host-initiated change to EFER.LME even with CR0.PG=1. In that case, the MMU has to be reset. Fixes: 11988499e62b ("KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes") Cc: stable@vger.kernel.org Reviewed-by: Sean Christopherson Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/mmu.h | 1 + arch/x86/kvm/x86.c | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -48,6 +48,7 @@ X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_PKE) #define KVM_MMU_CR0_ROLE_BITS (X86_CR0_PG | X86_CR0_WP) +#define KVM_MMU_EFER_ROLE_BITS (EFER_LME | EFER_NX) static __always_inline u64 rsvd_bits(int s, int e) { --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1614,8 +1614,7 @@ static int set_efer(struct kvm_vcpu *vcp return r; } - /* Update reserved bits */ - if ((efer ^ old_efer) & EFER_NX) + if ((efer ^ old_efer) & KVM_MMU_EFER_ROLE_BITS) kvm_mmu_reset_context(vcpu); return 0;