From patchwork Fri Jul 26 23:51:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13743515 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 59312C3DA4A for ; Sat, 27 Jul 2024 00:16:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Reply-To:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type:Cc:To: From:Subject:Message-ID:References:Mime-Version:In-Reply-To:Date: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ABkrzr1cGSxzpfOXTkcnfxpngM7W7Byv3yxUL9/Xpog=; b=ES3RmTegjfag0bl761qw8Ts3f/ TiLFL0hHRAbmIpz83DHL2k6iNmzWbn6ehPfm9wbo1Iw7UGbHmIDI7CYjCHyTtTDG8SOny8PE3tWDn sDJFTfNNG9gqSokGhoJ3FHZzRFaZ7Di81qaKgq1qrX8RP40wW5kjTKBV0HXGX8rGuscP0fEUG/Q6/ yklwU33kgUBkMuDsbj4THeY5O3QeVDnsuQiL8HtYPnyGqtt/0WdaxCNe4ouxEHG6IwAlBIF3538n9 1/4XAX0Avp1b4HQmlwMdxKGEzCpJbLhZ/j+FOQuU5YUweMEdJix5FtQKX1rho9EUeJEqXwDHKqKt1 21e9UUEA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sXV6u-00000005bwf-2gpd; Sat, 27 Jul 2024 00:16:32 +0000 Received: from mail-yb1-xb4a.google.com ([2607:f8b0:4864:20::b4a]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sXUkn-00000005PxX-2rKm for linux-arm-kernel@lists.infradead.org; Fri, 26 Jul 2024 23:53:45 +0000 Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-e03b3f48c65so446177276.0 for ; Fri, 26 Jul 2024 16:53:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722038020; x=1722642820; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=ABkrzr1cGSxzpfOXTkcnfxpngM7W7Byv3yxUL9/Xpog=; b=wyE64ImBNbMdo6E0DTERUJzgCvzHeAYGZGutnCKneiUwLYcNVm53aTqAu7fHClgsrS GtYbnE6jxLpB+a/yDh6y5oY+X5TSAzRqVlJUTyiNv/lWcm0l7qaxCSXq2X9F+EgLiLlu ymJ5mjfnqQHj8ayV1r2PTJfm4bei+VYut6COJDF562CwznPkhFGDqv/ah+CCoMhanb4k 4nyOP483zqSHkGR4fo5wvw2mCH8w4e5/VKc96KEMIWmZQhmnQ2M3/xRANkQHkyBfnUnH 38yBsU4Jukdz30a18ZEChMd2XZKmuK2egQvA7AJ/3glgbd8jdBEs5Os9wZk3M2MqTG91 8S8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722038020; x=1722642820; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ABkrzr1cGSxzpfOXTkcnfxpngM7W7Byv3yxUL9/Xpog=; b=kFvukiaQCYjL4VF7Yo8PPwm7gCl/bLrZ4186XVyERP9fTOov7XKEqzurFnTWi3CbbO chvuvRIvRsT/HlRRWFPIk+7UwkgUOYWi3nr3bjGpPiosBu0VAzMokgLR+4KSGf+8L0vd WDbn9Yrri19we3EiMdzGos6HVUpHVk03p7zWNWSJRW4Oh2oN+QkUJxSEQEwscgfEzdKM 4sf7zsDDMBf2ZVGctDHuuNZjgUwzjZC5ncT8LBq1qVPUjKle6bchr7xMwiYZQbXxRbRw iN4+OaSBUUFpKU4B8cf6rBR4qhqsxBVgonBoJBXM1yUPrxl/D+unWX2aQAGHgeBeoTwz VFqA== X-Forwarded-Encrypted: i=1; AJvYcCXqTYEqJH/bsUDop9j1xHIOga/mpGCBByOEiYivFvCqy7K11bijfgMdYB1lzkv+NwwfTKxKmjQlH+JqOg7lozdSD9zh8Sjsxrhn6rIEFjYca7GLM6g= X-Gm-Message-State: AOJu0YzP7TAgrS/xxrrGCZOFJri+yB0+r1ghx6uqm5azG4TXQCT3MM2K OPhuykp0OG9M6I2Krl5lH0gQIGK0/kO/YvbMmYmpCA3UXUAQXKZ8TFoZXgInAVlAUTb2hHTkpwf UkA== X-Google-Smtp-Source: AGHT+IF9e10ucuu5PEDYEm2t1VHH57SvniduNcr3PDVCEbnd2uQ/527xnsEGixiu/Fx7KhH32OKutuDbjT0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:9004:0:b0:e03:b9df:aa13 with SMTP id 3f1490d57ef6-e0b5455eafcmr36206276.8.1722038019655; Fri, 26 Jul 2024 16:53:39 -0700 (PDT) Date: Fri, 26 Jul 2024 16:51:39 -0700 In-Reply-To: <20240726235234.228822-1-seanjc@google.com> Mime-Version: 1.0 References: <20240726235234.228822-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc1.232.g9752f9e123-goog Message-ID: <20240726235234.228822-31-seanjc@google.com> Subject: [PATCH v12 30/84] KVM: nVMX: Mark vmcs12's APIC access page dirty when unmapping From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Tianrui Zhao , Bibo Mao , Huacai Chen , Michael Ellerman , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, loongarch@lists.linux.dev, linux-mips@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, David Matlack , David Stevens X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240726_165341_909731_022DAFC3 X-CRM114-Status: GOOD ( 13.08 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Mark the APIC access page as dirty when unmapping it from KVM. The fact that the page _shouldn't_ be written doesn't guarantee the page _won't_ be written. And while the contents are likely irrelevant, the values _are_ visible to the guest, i.e. dropping writes would be visible to the guest (though obviously highly unlikely to be problematic in practice). Marking the map dirty will allow specifying the write vs. read-only when *mapping* the memory, which in turn will allow creating read-only maps. Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 8d05d1d9f544..3096f6f5ecdb 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -318,12 +318,7 @@ static void nested_put_vmcs12_pages(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx = to_vmx(vcpu); - /* - * Unpin physical memory we referred to in the vmcs02. The APIC access - * page's backing page (yeah, confusing) shouldn't actually be accessed, - * and if it is written, the contents are irrelevant. - */ - kvm_vcpu_unmap(vcpu, &vmx->nested.apic_access_page_map, false); + kvm_vcpu_unmap(vcpu, &vmx->nested.apic_access_page_map, true); kvm_vcpu_unmap(vcpu, &vmx->nested.virtual_apic_map, true); kvm_vcpu_unmap(vcpu, &vmx->nested.pi_desc_map, true); vmx->nested.pi_desc = NULL;