From: Sean Christopherson <seanjc@google.com>
To: Yuan Yao <yuan.yao@linux.intel.com>
Cc: Yan Zhao <yan.y.zhao@intel.com>,
Reima Ishii <ishiir@g.ecc.u-tokyo.ac.jp>,
shina@ecc.u-tokyo.ac.jp, Paolo Bonzini <pbonzini@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
yuan.yao@intel.com
Subject: Re: [PATCH] KVM: nVMX: Prevent vmlaunch with EPTP pointing outside assigned memory area
Date: Fri, 30 Jun 2023 08:37:06 -0700 [thread overview]
Message-ID: <ZJ72omPGZcdjjWbo@google.com> (raw)
In-Reply-To: <20230630050157.kurgzdcpjngs6w4k@yy-desk-7060>
On Fri, Jun 30, 2023, Yuan Yao wrote:
> On Thu, Jun 29, 2023 at 01:30:31PM -0700, Sean Christopherson wrote:
> > @@ -3834,8 +3822,8 @@ static int mmu_alloc_shadow_roots(struct kvm_vcpu *vcpu)
> > if (!(pdptrs[i] & PT_PRESENT_MASK))
> > continue;
> >
> > - if (mmu_check_root(vcpu, pdptrs[i] >> PAGE_SHIFT))
> > - return 1;
> > + if (kvm_vcpu_is_visible_gfn(vcpu, pdptrs[i] >> PAGE_SHIFT))
> > + pdptrs[i] = 0;
>
> Hi Sean,
>
> Should this be "!kvm_vcpu_is_visible_gfn(vcpu, pdptrs[i] >> PAGE_SHIFT)" and
Yep, typo that inverted the check. Thanks for saving me some debug time!
> turn the pae_root[i] to dummy root yet ?
No, zeroing the PDPTR is sufficient. Unlike CR3, which is always "present", PDPTRs
have a present bit and so KVM can communicate to hardware that the entry isn't
valid simply by clearing the PDPTPR.
next prev parent reply other threads:[~2023-06-30 15:37 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-28 7:12 [PATCH] KVM: nVMX: Prevent vmlaunch with EPTP pointing outside assigned memory area Reima Ishii
2023-06-28 15:37 ` Sean Christopherson
2023-06-29 7:21 ` Yan Zhao
2023-06-29 17:56 ` Sean Christopherson
2023-06-29 20:30 ` Sean Christopherson
2023-06-30 5:01 ` Yuan Yao
2023-06-30 15:37 ` Sean Christopherson [this message]
2023-07-03 2:20 ` Yuan Yao
2023-07-03 9:40 ` Yan Zhao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZJ72omPGZcdjjWbo@google.com \
--to=seanjc@google.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=ishiir@g.ecc.u-tokyo.ac.jp \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=shina@ecc.u-tokyo.ac.jp \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
--cc=yan.y.zhao@intel.com \
--cc=yuan.yao@intel.com \
--cc=yuan.yao@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.