From fcc5012315370e1567e3600f05b824482d73c903 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Wed, 1 Sep 2021 11:49:31 +0200 Subject: [PATCH] 4.9-stable patches added patches: kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch --- ...not-reserved-for-all-tdp-shadow-mmus.patch | 50 +++++++++++++++++++ queue-4.9/series | 1 + 2 files changed, 51 insertions(+) create mode 100644 queue-4.9/kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch diff --git a/queue-4.9/kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch b/queue-4.9/kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch new file mode 100644 index 00000000000..8041f21df64 --- /dev/null +++ b/queue-4.9/kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch @@ -0,0 +1,50 @@ +From foo@baz Wed Sep 1 11:30:48 AM CEST 2021 +From: Sean Christopherson +Date: Tue, 22 Jun 2021 10:56:47 -0700 +Subject: KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs + +From: Sean Christopherson + +commit 112022bdb5bc372e00e6e43cb88ee38ea67b97bd upstream + +Mark NX as being used for all non-nested shadow MMUs, as KVM will set the +NX bit for huge SPTEs if the iTLB mutli-hit mitigation is enabled. +Checking the mitigation itself is not sufficient as it can be toggled on +at any time and KVM doesn't reset MMU contexts when that happens. KVM +could reset the contexts, but that would require purging all SPTEs in all +MMUs, for no real benefit. And, KVM already forces EFER.NX=1 when TDP is +disabled (for WP=0, SMEP=1, NX=0), so technically NX is never reserved +for shadow MMUs. + +Fixes: b8e8c8303ff2 ("kvm: mmu: ITLB_MULTIHIT mitigation") +Cc: stable@vger.kernel.org +Signed-off-by: Sean Christopherson +Message-Id: <20210622175739.3610207-3-seanjc@google.com> +Signed-off-by: Paolo Bonzini +[sudip: use old path and adjust context] +Signed-off-by: Sudip Mukherjee +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/kvm/mmu.c | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +--- a/arch/x86/kvm/mmu.c ++++ b/arch/x86/kvm/mmu.c +@@ -3927,7 +3927,16 @@ static void reset_rsvds_bits_mask_ept(st + void + reset_shadow_zero_bits_mask(struct kvm_vcpu *vcpu, struct kvm_mmu *context) + { +- bool uses_nx = context->nx || context->base_role.smep_andnot_wp; ++ /* ++ * KVM uses NX when TDP is disabled to handle a variety of scenarios, ++ * notably for huge SPTEs if iTLB multi-hit mitigation is enabled and ++ * to generate correct permissions for CR0.WP=0/CR4.SMEP=1/EFER.NX=0. ++ * The iTLB multi-hit workaround can be toggled at any time, so assume ++ * NX can be used by any non-nested shadow MMU to avoid having to reset ++ * MMU contexts. Note, KVM forces EFER.NX=1 when TDP is disabled. ++ */ ++ bool uses_nx = context->nx || !tdp_enabled || ++ context->base_role.smep_andnot_wp; + + /* + * Passing "true" to the last argument is okay; it adds a check diff --git a/queue-4.9/series b/queue-4.9/series index 9cb899ed665..a77aa63ce41 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -12,3 +12,4 @@ vringh-use-wiov-used-to-check-for-read-write-desc-or.patch net-rds-dma_map_sg-is-entitled-to-merge-entries.patch vt_kdsetmode-extend-console-locking.patch fbmem-add-margin-check-to-fb_check_caps.patch +kvm-x86-mmu-treat-nx-as-used-not-reserved-for-all-tdp-shadow-mmus.patch -- 2.47.3