From patchwork Wed May 9 21:02:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Krish Sadhukhan X-Patchwork-Id: 10390863 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 7231C60353 for ; Wed, 9 May 2018 21:23:49 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5FDCB28520 for ; Wed, 9 May 2018 21:23:49 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 546B228553; Wed, 9 May 2018 21:23:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C96EE2875F for ; Wed, 9 May 2018 21:23:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965540AbeEIVXW (ORCPT ); Wed, 9 May 2018 17:23:22 -0400 Received: from userp2130.oracle.com ([156.151.31.86]:42502 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965478AbeEIVXT (ORCPT ); Wed, 9 May 2018 17:23:19 -0400 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w49LKkWh099126; Wed, 9 May 2018 21:22:55 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references; s=corp-2017-10-26; bh=dBPSVV9AfAnK3SjBqpAHYaV2asjkfns+ovdy43fRLh4=; b=V0Un4QiDei2rVT3pl55VNTk+4lt8Q2x6gs1fkgKr0sHzdD+FR9nfD1vmKEk7ov5KtyIq vjs+JG7txFny5GHcei7EoP7WJGUqqUMec+h8rvueT1HCrpyb87UyiywG25rpC5xtdbcz Qg1XquhT9w0kwsbGEwB4WMJLDFJJAFL4Ow+telkywUtLtLkchGL9ReThVoBqFwJHi3ZL 7ARawYy7LDcj79ioxSqEXwqNcXHkbEZvhkw5T7NKQl21SAg0JepPotfB9HY38AHjpa/W gfZr/a6wfdTEmKBlMe5BzuNFbGGfMnMw/oXPikJLq0NHPDZP5stIvWqCH6Fy+GNlkJ46 Sg== Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234]) by userp2130.oracle.com with ESMTP id 2hv6kp8q4b-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 09 May 2018 21:22:55 +0000 Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w49LMsbD024442 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 9 May 2018 21:22:54 GMT Received: from abhmp0019.oracle.com (abhmp0019.oracle.com [141.146.116.25]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w49LMr9F030071; Wed, 9 May 2018 21:22:53 GMT Received: from ban25x6uut29.us.oracle.com (/10.153.73.29) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 09 May 2018 14:22:53 -0700 From: Krish Sadhukhan To: kvm@vger.kernel.org Cc: pbonzini@redhat.com, rkrcmar@redhat.com, jmattson@google.com Subject: [PATCH 3/3] kvm: mmu: Don't expose private memslots to L2 Date: Wed, 9 May 2018 17:02:05 -0400 Message-Id: <20180509210205.3585-4-krish.sadhukhan@oracle.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20180509210205.3585-1-krish.sadhukhan@oracle.com> References: <20180509210205.3585-1-krish.sadhukhan@oracle.com> X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8888 signatures=668698 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=13 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=532 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1805090199 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Jim Mattson These private pages have special purposes in the virtualization of L1, but not in the virtualization of L2. In particular, L1's APIC access page should never be entered into L2's page tables, because this causes a great deal of confusion when the APIC virtualization hardware is being used to accelerate L2's accesses to its own APIC. Signed-off-by: Jim Mattson Signed-off-by: Krish Sadhukhan --- arch/x86/kvm/mmu.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index 395a6dd..6d3cf3d 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -3811,6 +3811,14 @@ static bool try_async_pf(struct kvm_vcpu *vcpu, bool prefault, gfn_t gfn, struct kvm_memory_slot *slot; bool async; + /* + * Don't expose private memslots to L2. + */ + if (is_guest_mode(vcpu) && !kvm_is_visible_gfn(vcpu->kvm, gfn)) { + *pfn = KVM_PFN_NOSLOT; + return false; + } + slot = kvm_vcpu_gfn_to_memslot(vcpu, gfn); async = false; *pfn = __gfn_to_pfn_memslot(slot, gfn, false, &async, write, writable);