@@ -5856,6 +5856,7 @@ static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt,
{
struct kvm_host_map map;
struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
+ u64 page_line_mask = PAGE_MASK;
gpa_t gpa;
char *kaddr;
bool exchanged;
@@ -5870,7 +5871,11 @@ static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt,
(gpa & PAGE_MASK) == APIC_DEFAULT_PHYS_BASE)
goto emul_write;
- if (((gpa + bytes - 1) & PAGE_MASK) != (gpa & PAGE_MASK))
+ if (split_lock_detect_enabled())
+ page_line_mask = ~(cache_line_size() - 1);
+
+ /* when write spans page or spans cache when SLD enabled */
+ if (((gpa + bytes - 1) & page_line_mask) != (gpa & page_line_mask))
goto emul_write;
if (kvm_vcpu_map(vcpu, gpa_to_gfn(gpa), &map))
If split lock detect is enabled (warn/fatal), #AC handler calls die() when split lock happens in kernel. A sane guest should never tigger emulation on a split-lock access, but it cannot prevent malicous guest from doing this. So just emulating the access as a write if it's a split-lock access (the same as access spans page) to avoid malicous guest polluting the kernel log. More detail analysis can be found: https://lkml.kernel.org/r/20200131200134.GD18946@linux.intel.com Suggested-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com> --- v3: - intergrate cache split case into page split case to reuse the logic; --- arch/x86/kvm/x86.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)