From patchwork Tue Jun 21 03:12:25 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bandan Das X-Patchwork-Id: 9189211 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id DF3F060756 for ; Tue, 21 Jun 2016 03:15:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D120227F10 for ; Tue, 21 Jun 2016 03:15:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C5ED427F89; Tue, 21 Jun 2016 03:15:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7899527F10 for ; Tue, 21 Jun 2016 03:15:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932568AbcFUDPR (ORCPT ); Mon, 20 Jun 2016 23:15:17 -0400 Received: from mx1.redhat.com ([209.132.183.28]:44464 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753413AbcFUDPL (ORCPT ); Mon, 20 Jun 2016 23:15:11 -0400 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A45357F088; Tue, 21 Jun 2016 03:13:23 +0000 (UTC) Received: from gigantic.usersys.redhat.com (dhcp-17-169.bos.redhat.com [10.18.17.169]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u5L3DGwq019720; Mon, 20 Jun 2016 23:13:23 -0400 From: Bandan Das To: kvm@vger.kernel.org Cc: pbonzini@redhat.com, guangrong.xiao@linux.intel.com Subject: [RFC PATCH 3/4] mmu: don't set the present bit unconditionally Date: Mon, 20 Jun 2016 23:12:25 -0400 Message-Id: <1466478746-14153-4-git-send-email-bsd@redhat.com> In-Reply-To: <1466478746-14153-1-git-send-email-bsd@redhat.com> References: <1466478746-14153-1-git-send-email-bsd@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 21 Jun 2016 03:13:23 +0000 (UTC) Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP To support execute only mappings on behalf of L1 hypervisors, we teach set_spte to honor L1's valid XWR bits. This is only if host supports EPT execute only. Use ACC_USER_MASK to signify if the L1 hypervisor has the present bit set. Signed-off-by: Bandan Das --- arch/x86/kvm/mmu.c | 11 ++++++++--- arch/x86/kvm/paging_tmpl.h | 2 +- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index 57d8696..3ca1a99 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -2528,7 +2528,8 @@ static int set_spte(struct kvm_vcpu *vcpu, u64 *sptep, if (set_mmio_spte(vcpu, sptep, gfn, pfn, pte_access)) return 0; - spte = PT_PRESENT_MASK; + if (!shadow_xonly_valid) + spte = PT_PRESENT_MASK; if (!speculative) spte |= shadow_accessed_mask; @@ -2537,8 +2538,12 @@ static int set_spte(struct kvm_vcpu *vcpu, u64 *sptep, else spte |= shadow_nx_mask; - if (pte_access & ACC_USER_MASK) - spte |= shadow_user_mask; + if (pte_access & ACC_USER_MASK) { + if (shadow_xonly_valid) + spte |= PT_PRESENT_MASK; + else + spte |= shadow_user_mask; + } if (level > PT_PAGE_TABLE_LEVEL) spte |= PT_PAGE_SIZE_MASK; diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h index 9f5bd06..5366a55 100644 --- a/arch/x86/kvm/paging_tmpl.h +++ b/arch/x86/kvm/paging_tmpl.h @@ -192,7 +192,7 @@ static inline unsigned FNAME(gpte_access)(struct kvm_vcpu *vcpu, u64 gpte) #if PTTYPE == PTTYPE_EPT access = ((gpte & VMX_EPT_WRITABLE_MASK) ? ACC_WRITE_MASK : 0) | ((gpte & VMX_EPT_EXECUTABLE_MASK) ? ACC_EXEC_MASK : 0) | - ACC_USER_MASK; + ((gpte & VMX_EPT_READABLE_MASK) ? ACC_USER_MASK : 0); #else BUILD_BUG_ON(ACC_EXEC_MASK != PT_PRESENT_MASK); BUILD_BUG_ON(ACC_EXEC_MASK != 1);