| Message ID | 20210617101543.180792-1-namit@vmware.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [kvm-unit-tests] x86: Flush the TLB after setting user-bit | expand |
On 17/06/21 12:15, Nadav Amit wrote: > From: Nadav Amit <nadav.amit@gmail.com> > > According to Intel SDM 4.10.4.3 "Optional Invalidation": "If CR4.SMEP = > 0 and a paging-structure entry is modified to change the U/S flag from 0 > to 1, failure to perform an invalidation may result in a "spurious" > page-fault exception (e.g., in response to an attempted user-mode > access) but no other adverse behavior." > > The access test actually causes in certain environments a spurious > page-fault. So invalidate the relevant PTE after setting the user bit. > > Signed-off-by: Nadav Amit <nadav.amit@gmail.com> > --- > x86/access.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/x86/access.c b/x86/access.c > index 0ad677e..47807cc 100644 > --- a/x86/access.c > +++ b/x86/access.c > @@ -216,8 +216,12 @@ static unsigned set_cr4_smep(int smep) > if (smep) > ptl2[2] &= ~PT_USER_MASK; > r = write_cr4_checking(cr4); > - if (r || !smep) > + if (r || !smep) { > ptl2[2] |= PT_USER_MASK; > + > + /* Flush to avoid spurious #PF */ > + invlpg((void *)(2 << 21)); > + } > if (!r) > shadow_cr4 = cr4; > return r; > Queued, thanks. Paolo
diff --git a/x86/access.c b/x86/access.c index 0ad677e..47807cc 100644 --- a/x86/access.c +++ b/x86/access.c @@ -216,8 +216,12 @@ static unsigned set_cr4_smep(int smep) if (smep) ptl2[2] &= ~PT_USER_MASK; r = write_cr4_checking(cr4); - if (r || !smep) + if (r || !smep) { ptl2[2] |= PT_USER_MASK; + + /* Flush to avoid spurious #PF */ + invlpg((void *)(2 << 21)); + } if (!r) shadow_cr4 = cr4; return r;