4.9-stable patches

added patches:
	kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch

diff --git a/queue-4.9/kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch b/queue-4.9/kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch
new file mode 100644 (file)
index 0000000..8041f21
--- /dev/null
+++ b/queue-4.9/kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch
@@ -0,0 +1,50 @@
+From foo@baz Wed Sep  1 11:30:48 AM CEST 2021
+From: Sean Christopherson <seanjc@google.com>
+Date: Tue, 22 Jun 2021 10:56:47 -0700
+Subject: KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs
+
+From: Sean Christopherson <seanjc@google.com>
+
+commit 112022bdb5bc372e00e6e43cb88ee38ea67b97bd upstream
+
+Mark NX as being used for all non-nested shadow MMUs, as KVM will set the
+NX bit for huge SPTEs if the iTLB mutli-hit mitigation is enabled.
+Checking the mitigation itself is not sufficient as it can be toggled on
+at any time and KVM doesn't reset MMU contexts when that happens.  KVM
+could reset the contexts, but that would require purging all SPTEs in all
+MMUs, for no real benefit.  And, KVM already forces EFER.NX=1 when TDP is
+disabled (for WP=0, SMEP=1, NX=0), so technically NX is never reserved
+for shadow MMUs.
+
+Fixes: b8e8c8303ff2 ("kvm: mmu: ITLB_MULTIHIT mitigation")
+Cc: stable@vger.kernel.org
+Signed-off-by: Sean Christopherson <seanjc@google.com>
+Message-Id: <20210622175739.3610207-3-seanjc@google.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+[sudip: use old path and adjust context]
+Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kvm/mmu.c |   11 ++++++++++-
+ 1 file changed, 10 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/kvm/mmu.c
++++ b/arch/x86/kvm/mmu.c
+@@ -3927,7 +3927,16 @@ static void reset_rsvds_bits_mask_ept(st
+ void
+ reset_shadow_zero_bits_mask(struct kvm_vcpu *vcpu, struct kvm_mmu *context)
+ {
+-      bool uses_nx = context->nx || context->base_role.smep_andnot_wp;
++      /*
++       * KVM uses NX when TDP is disabled to handle a variety of scenarios,
++       * notably for huge SPTEs if iTLB multi-hit mitigation is enabled and
++       * to generate correct permissions for CR0.WP=0/CR4.SMEP=1/EFER.NX=0.
++       * The iTLB multi-hit workaround can be toggled at any time, so assume
++       * NX can be used by any non-nested shadow MMU to avoid having to reset
++       * MMU contexts.  Note, KVM forces EFER.NX=1 when TDP is disabled.
++       */
++      bool uses_nx = context->nx || !tdp_enabled ||
++              context->base_role.smep_andnot_wp;
+ 
+       /*
+        * Passing "true" to the last argument is okay; it adds a check

diff --git a/queue-4.9/series b/queue-4.9/series
index 9cb899ed66505d3b8fee35ed50b21b3b6ba2c62d..a77aa63ce416fb15250ae843854120ac43f7b495 100644 (file)
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -12,3 +12,4 @@ vringh-use-wiov-used-to-check-for-read-write-desc-or.patch
 net-rds-dma_map_sg-is-entitled-to-merge-entries.patch
 vt_kdsetmode-extend-console-locking.patch
 fbmem-add-margin-check-to-fb_check_caps.patch
+kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch