Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp4752015rwl; Mon, 10 Apr 2023 16:35:43 -0700 (PDT) X-Google-Smtp-Source: AKy350bTdoc3LzjJ2Hllc6jvbDisBH4CKWXsjOlSu88LBNG+9s/SNlLvKJ2Ae3c9sSBva4OwBgod X-Received: by 2002:a17:906:b893:b0:94e:be0:97 with SMTP id hb19-20020a170906b89300b0094e0be00097mr1151670ejb.26.1681169743143; Mon, 10 Apr 2023 16:35:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681169743; cv=none; d=google.com; s=arc-20160816; b=eFVce7vhFK33GE3+3DqImqkc2mvAYD9mZidH043nKWRLcN3BNY6IART0aZc/uD86/V CDcltKL+2+sOM2pI72qq94lq8aKkaVubM+WKbwitz62dRs/d/uFIlQuTpVHpNxoVpIvW Qk4PlV61nIQKeiqtIVIvTcaKsY8EvOlOQzCbXTQ8nsV3wJ6WBzZ7fppT81LHNZo3f/JF QJT1d/ssD1LxqjdGQ+93bcgULX97DIBc9bOOuy7kzz8toObULL0sUTOqjixmUpR7Af+A hsotblIhvwGUO5rB8NHsipfXwViKp1sG18HW81R2gXFkqNBc2bfHoL7zyyfJjlAu1eMF 6qlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=SGBGzrRdSuqlJo6fw6TeMWWpr6+5GjYFLHA4nEngttc=; b=EdwmG3cYTQyiNZYLlURTpahCvZsApsGtwl8L7650eN4MAzPWwEjqCj3dIcjbaRVbS7 tEuq+h+kbfIDNZUSaia4PnBkbGSBPVP45ll03sdpIGtPmPiU0/NPWpAxfqf8CpHgymd3 zIwkjJAWyNZGW9UpSRRMDRbJevbLbmhnZrzgAacSPoKu6Y1KEd8/ZWPagEXU5lcSXJ+y m+gKozpRUwKCW7su0/sc+yB6o174xaExA6o7QTqO4e9dx58yEdKT7LlyO8tXx0DOA6+Z RpWDf7gVE3qogQIFJq36oFIyn8n4mbXX4WdFWW9XYR1yfo515Hj7bZUs5Cn2cqPqKe3v mUCg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Ru65Pzc8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id lr25-20020a170906fb9900b0094a59243059si4484571ejb.759.2023.04.10.16.35.18; Mon, 10 Apr 2023 16:35:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Ru65Pzc8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230007AbjDJXaa (ORCPT + 99 others); Mon, 10 Apr 2023 19:30:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41224 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230024AbjDJXa3 (ORCPT ); Mon, 10 Apr 2023 19:30:29 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6D5B91BC7 for ; Mon, 10 Apr 2023 16:30:25 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id h64-20020a638343000000b0050760997f4dso2527905pge.6 for ; Mon, 10 Apr 2023 16:30:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1681169425; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=SGBGzrRdSuqlJo6fw6TeMWWpr6+5GjYFLHA4nEngttc=; b=Ru65Pzc879+xETx5Zledk/P9a+1eK7uKI2wtoXqJHpHY3WyYXQNNE5shzRZyhki3Mf 8YUyCYUGaA7gurpOfttr52Z24wD5ptZKcq9DAGihA3NyOpTqAaSQDQ9puozJOsK0yWaM RRUBIX3iLRuswYsvJ6xlNinwDh6au95ivzm5lTlQ91BVE6Bq9WMEZMS7ls+KSPdI8GzU rSpXSrPkgjPrRgViS0cF+vNCVZBcNOgbq4qDKfSZWfZPO98DOpXUSnysnbYPzOKJ4GjE 8H0ZdEBvw/5vPiNXCaOJRiXsXf4jBHa5GJc2VtaJbFGd9VP+9C3ae71m/kAPGjzD6UEI 2s+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1681169425; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=SGBGzrRdSuqlJo6fw6TeMWWpr6+5GjYFLHA4nEngttc=; b=bYBmI2fufaPONNeccM7+MjGpZ2qDhJrVuvoGlHJ4wOP2LqVMbFk99d4gO83lI0QJgB k9gm3DkQEzmBYCGOfgbeBRZCC6eNMaKAaqdwNrDAu2cIlZClv04D/bsJAMykkk5q1Dg/ 5d2o9OGVm76Y5fnKlQ6M1BVRSkCC3yeMK7MD/mNFbdW7l+yx62lZFg8g24ig13olOWzQ SgTtM/BsPooF1kaKG6thStUuC7+UcW3/svSD8uOvXUSu3ldZ8hkvjL9tXqCfgT1nmijN DKf49G1F90b5WWygA2aU86MufjijlgYJ13lOe/44XJ4iohanQ/x9zAmBVC7aNUylzS2P 6HsA== X-Gm-Message-State: AAQBX9d+MlVJqTYWZ30V2XS2kCQnhiKwAjT/k6SH1c/dbcYZpHEKQO0n AnCy1eIlp2UJc3Z7bCkPd/eY4DSvSf0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:cc01:b0:244:9909:6e60 with SMTP id b1-20020a17090acc0100b0024499096e60mr3334922pju.3.1681169424866; Mon, 10 Apr 2023 16:30:24 -0700 (PDT) Date: Mon, 10 Apr 2023 16:30:17 -0700 In-Reply-To: <20230405002608.418442-1-seanjc@google.com> Mime-Version: 1.0 References: <20230405002608.418442-1-seanjc@google.com> X-Mailer: git-send-email 2.40.0.577.gac1e443424-goog Message-ID: <168116555741.1037547.7553662106650689195.b4-ty@google.com> Subject: Re: [PATCH] KVM: x86/mmu: Refresh CR0.WP prior to checking for emulated permission faults From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Mathias Krause Content-Type: text/plain; charset="utf-8" X-Spam-Status: No, score=-7.7 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 04 Apr 2023 17:26:08 -0700, Sean Christopherson wrote: > If CR0.WP may be guest-owned, i.e. TDP is enabled, refresh the MMU's > snapshot of the guest's CR0.WP prior to checking for permission faults > when emulating a guest memory access. If the guest toggles only CR0.WP > and triggers emulation of a supervisor write, e.g. when KVM is emulating > UMIP, KVM may consume a stale CR0.WP, i.e. use stale protection bits > metadata. > > [...] Applied to kvm-x86 misc, with a reworked changelog. [1/1] KVM: x86/mmu: Refresh CR0.WP prior to checking for emulated permission faults https://github.com/kvm-x86/linux/commit/cf9f4c0eb169 -- https://github.com/kvm-x86/linux/tree/next https://github.com/kvm-x86/linux/tree/fixes