KVM: x86/mmu: Always walk guest PTEs with WRITE access when unprotecting

When getting a gpa from a gva to unprotect the associated gfn when an
event is awating reinjection, walk the guest PTEs for WRITE as there's no
point in unprotecting the gfn if the guest is unable to write the page,
i.e. if write-protection can't trigger emulation.

Note, the entire flow should be guarded on the access being a write, and
even better should be conditioned on actually triggering a write-protect
fault.  This will be addressed in a future commit.

Reviewed-by: Yuan Yao <yuan.yao@intel.com>
Link: https://lore.kernel.org/r/20240831001538.336683-14-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index bafec04b07ea1b1b679a00e3f99bb563b36ea31b..937fa9a82a4393960a854505b4388ae3512b65d0 100644 (file)
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -2751,7 +2751,7 @@ static int kvm_mmu_unprotect_page_virt(struct kvm_vcpu *vcpu, gva_t gva)
        if (vcpu->arch.mmu->root_role.direct)
                return 0;
 
-       gpa = kvm_mmu_gva_to_gpa_read(vcpu, gva, NULL);
+       gpa = kvm_mmu_gva_to_gpa_write(vcpu, gva, NULL);
        if (gpa == INVALID_GPA)
                return 0;