Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp1092005rwl; Wed, 5 Apr 2023 11:39:00 -0700 (PDT) X-Google-Smtp-Source: AKy350ap5fRC7HBOZCoPUzguLwrBGv/YOYL2NYoLxPy1BkryxynvFanzZZvqzZNKj27DKYMQpG4J X-Received: by 2002:aa7:da0d:0:b0:4fd:236f:7d4d with SMTP id r13-20020aa7da0d000000b004fd236f7d4dmr2515400eds.18.1680719939822; Wed, 05 Apr 2023 11:38:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680719939; cv=none; d=google.com; s=arc-20160816; b=IFrMu+3NZcFEr3AZwoOiXc6O1SoFOFWnADtP4x0I96u+kxX5VRezyT9C4/L711ga44 9FvuJsBZBysmSiPJo1zhKRnVzcswRJwSGeBEcWfAK97bPPqTKxJushQZqhm5WQ2X44B7 IfxvxcRvX5Md4pQlyqIKqxpTENpmrWUiCwxPuYRD1SnyCoot4EjDBGotmIoubb0rQE4/ JyljfSaJMscFmytCwe0RMuVax73ZscbObTF4MV2W/g0cs2pQjrEepLb/HB68GbTvQPVV nI/oVSpq9gaR1YpMLKdoUrDxE2Qilrg/W8phBYa+1UN90TdWzNN4fBdLNUB16BfQU7Zw sLXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=D09SiNz8EY5of0RZSstwD4wzGlOaSY6p10qkdeMqURE=; b=JhH8pnDI2jrRkMETR0ztpzfnYPUFNFu9WOTwx3rD1F3NsYjr7cOmK4GC7gtxqQQHSu po7a++BFTOlY6z3A/SbbR/GgHGkCRdTc6ttc1DVUQtdoGiwuWH2ZHhxLAy4mmaRaR3YJ WdxWt0imL20Iugx0P9u+DcuvrEV97RQLJOtBejRsZNysnaLniRFG4FavmSDJsO77tJE1 9hMq6+gF8pdLANcdnlrSG2Qh4+tp7qVZiYp7bQWTMcF7ix+THi1WRdJSJkFHWjUcB6QP uPS3U0cikaFj9dXs7uA7ZTmlf4i2xJFHzT7ADry2AfmoBSzfcGGeG1XQUPnXW9l0vtKR MhQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@grsecurity.net header.s=grsec header.b=AMBAzG0Q; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=grsecurity.net Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v9-20020aa7d649000000b004af6a815065si3659404edr.592.2023.04.05.11.38.33; Wed, 05 Apr 2023 11:38:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@grsecurity.net header.s=grsec header.b=AMBAzG0Q; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=grsecurity.net Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232850AbjDESb5 (ORCPT + 99 others); Wed, 5 Apr 2023 14:31:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59546 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229756AbjDESbz (ORCPT ); Wed, 5 Apr 2023 14:31:55 -0400 Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 11DED268B for ; Wed, 5 Apr 2023 11:31:54 -0700 (PDT) Received: by mail-ed1-x52d.google.com with SMTP id 4fb4d7f45d1cf-501d3943f8eso770092a12.1 for ; Wed, 05 Apr 2023 11:31:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=grsecurity.net; s=grsec; t=1680719512; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=D09SiNz8EY5of0RZSstwD4wzGlOaSY6p10qkdeMqURE=; b=AMBAzG0QgqCb9iX9PLCffb23CmT4TJoNWb874LZlB3sAmSDRZUC0NWAWQXtO0OgVcB 11liVShStMKFI8j9WcoUWP3fvgWBz8I8+uJU4Z7v6lSWIJ6TvWajA589bDt8NtnIH+71 fJTQse113+euLE9CX1j98ByGAdEkK20MNX9dnEBv9HX/yynW2wgxb2Ab7lwIVE70l0IO aIqbAIrH3BrH4ltYrEymyS3A9mOdpxmjGLzGWcl0+DXnl/jcKfvTjcmUFKdm26bsdpAI R472xnO+IGBZegMc4dgdeVo3PNuczu8OYvRKyW3NiE+sUCgh0fFRTgU2dP1v1wBERoKg 30rw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680719512; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=D09SiNz8EY5of0RZSstwD4wzGlOaSY6p10qkdeMqURE=; b=yfaZJ52roPoguxgJl2E5mIiMpfBkksXHKA+uUb7wQBhyC3Dxxjiaffr7FW4Lh8B6Tq JvXL2TUOwAhxVm7r5W90wq5AxVp/sswTzw6wfjzwmdBne8GVOnbbz4oSqQ6M9VW99GsJ QFP/tAnhl3VH64wsITe1Zwp/4eViw8Wjusraw0T+Ux8P98hRhz0vqvaI8qRbYIpVoEBM XqQUHR+bD+74VuBBbiIiYxYm3gdeCbIR2nknmwriY10Lsyb1xRGbSU9tTluEUwqE7DAt jnXvaMaQiMOnOMWDQ7MF8J62rkI9vNKiMKtqKy54ViQRHXHbMnF+Au88Lgm/woE+9t9f JSfg== X-Gm-Message-State: AAQBX9egsKxkL0pm6PoW/i8c+rXdukDnmw0DtmWK6Fi5AN/XroV8ffGQ AHDSEp6F6U25tb9Gi19Q45y9gA== X-Received: by 2002:aa7:d851:0:b0:4fb:999:e052 with SMTP id f17-20020aa7d851000000b004fb0999e052mr2633884eds.33.1680719512559; Wed, 05 Apr 2023 11:31:52 -0700 (PDT) Received: from ?IPV6:2003:f6:af39:8900:5941:dee7:da1a:b514? (p200300f6af3989005941dee7da1ab514.dip0.t-ipconnect.de. [2003:f6:af39:8900:5941:dee7:da1a:b514]) by smtp.gmail.com with ESMTPSA id v6-20020a50d086000000b005023dc49bdasm7606189edd.83.2023.04.05.11.31.51 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 05 Apr 2023 11:31:52 -0700 (PDT) Message-ID: <58a9410a-62f2-5a35-2ce3-f5203912465e@grsecurity.net> Date: Wed, 5 Apr 2023 20:31:50 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.0 Subject: Re: [PATCH] KVM: x86/mmu: Refresh CR0.WP prior to checking for emulated permission faults Content-Language: en-US, de-DE To: Sean Christopherson Cc: Paolo Bonzini , kvm@vger.kernel.org, linux-kernel@vger.kernel.org References: <20230405002608.418442-1-seanjc@google.com> From: Mathias Krause In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 05.04.23 16:36, Sean Christopherson wrote: > On Wed, Apr 05, 2023, Mathias Krause wrote: >> On 05.04.23 02:26, Sean Christopherson wrote: >>> +void __kvm_mmu_refresh_passthrough_bits(struct kvm_vcpu *vcpu, >>> + struct kvm_mmu *mmu) >>> +{ >>> + const bool cr0_wp = kvm_is_cr0_bit_set(vcpu, X86_CR0_WP); >>> + >>> + BUILD_BUG_ON((KVM_MMU_CR0_ROLE_BITS & KVM_POSSIBLE_CR0_GUEST_BITS) != X86_CR0_WP); >> >>> + BUILD_BUG_ON((KVM_MMU_CR4_ROLE_BITS & KVM_POSSIBLE_CR4_GUEST_BITS)); >> >> Just curious, this should assert that we don't run into similar issues >> if we make more bits of CR4 guest owned? > > Yes? I'm not sure what you're asking. BUILD_BUG_ON() is a just more flexible > version of stiatic_assert(); it only requires that the inputs be compile-time > constants, not purely "static> > he above throws an error at compile-time if there is new overlap between the > CR{0,4} MMU role bits and the possible guest-owned bits. E.g. adding SMEP to the > possible guest-owned CR4 bits yields: Yes, I was just asking about the reasoning behind it as it, obviously, isn't a problem with the current code. But I ran into it while doing backports, so thanks for adding it :D > > [...]