From: Paolo Bonzini <pbonzini@redhat.com>
To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Cc: vkuznets@redhat.com, Joerg Roedel <jroedel@suse.de>
Subject: [PATCH 21/24] KVM: x86: always update CR3 in VMCB
Date: Wed, 20 May 2020 13:21:42 -0400 [thread overview]
Message-ID: <20200520172145.23284-22-pbonzini@redhat.com> (raw)
In-Reply-To: <20200520172145.23284-1-pbonzini@redhat.com>
vmx_load_mmu_pgd is delaying the write of GUEST_CR3 to prepare_vmcs02 as
an optimization, but this is only correct before the nested vmentry.
If userspace is modifying CR3 with KVM_SET_SREGS after the VM has
already been put in guest mode, the value of CR3 will not be updated.
Remove the optimization, which almost never triggers anyway.
This also applies to SVM, where the code was added in commit 689f3bf21628
("KVM: x86: unify callbacks to load paging root", 2020-03-16) just to keep the
two vendor-specific modules closer.
Fixes: 04f11ef45810 ("KVM: nVMX: Always write vmcs02.GUEST_CR3 during nested VM-Enter")
Fixes: 689f3bf21628 ("KVM: x86: unify callbacks to load paging root")
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
arch/x86/kvm/svm/nested.c | 6 +-----
arch/x86/kvm/svm/svm.c | 16 +++++-----------
arch/x86/kvm/vmx/vmx.c | 5 +----
3 files changed, 7 insertions(+), 20 deletions(-)
diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index 19b6a7c954e8..087a04ae74e4 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -260,11 +260,7 @@ static void nested_prepare_vmcb_save(struct vcpu_svm *svm, struct vmcb *nested_v
svm_set_efer(&svm->vcpu, nested_vmcb->save.efer);
svm_set_cr0(&svm->vcpu, nested_vmcb->save.cr0);
svm_set_cr4(&svm->vcpu, nested_vmcb->save.cr4);
- if (npt_enabled) {
- svm->vmcb->save.cr3 = nested_vmcb->save.cr3;
- svm->vcpu.arch.cr3 = nested_vmcb->save.cr3;
- } else
- (void)kvm_set_cr3(&svm->vcpu, nested_vmcb->save.cr3);
+ (void)kvm_set_cr3(&svm->vcpu, nested_vmcb->save.cr3);
svm->vmcb->save.cr2 = svm->vcpu.arch.cr2 = nested_vmcb->save.cr2;
kvm_rax_write(&svm->vcpu, nested_vmcb->save.rax);
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index d8187d25fe04..56be704ffe95 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -3465,7 +3465,6 @@ static fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu)
static void svm_load_mmu_pgd(struct kvm_vcpu *vcpu, unsigned long root)
{
struct vcpu_svm *svm = to_svm(vcpu);
- bool update_guest_cr3 = true;
unsigned long cr3;
cr3 = __sme_set(root);
@@ -3474,18 +3473,13 @@ static void svm_load_mmu_pgd(struct kvm_vcpu *vcpu, unsigned long root)
mark_dirty(svm->vmcb, VMCB_NPT);
/* Loading L2's CR3 is handled by enter_svm_guest_mode. */
- if (is_guest_mode(vcpu))
- update_guest_cr3 = false;
- else if (test_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail))
- cr3 = vcpu->arch.cr3;
- else /* CR3 is already up-to-date. */
- update_guest_cr3 = false;
+ if (!test_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail))
+ return;
+ cr3 = vcpu->arch.cr3;
}
- if (update_guest_cr3) {
- svm->vmcb->save.cr3 = cr3;
- mark_dirty(svm->vmcb, VMCB_CR);
- }
+ svm->vmcb->save.cr3 = cr3;
+ mark_dirty(svm->vmcb, VMCB_CR);
}
static int is_disabled(void)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 55712dd86baf..7daf6a50e774 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -3085,10 +3085,7 @@ void vmx_load_mmu_pgd(struct kvm_vcpu *vcpu, unsigned long pgd)
spin_unlock(&to_kvm_vmx(kvm)->ept_pointer_lock);
}
- /* Loading vmcs02.GUEST_CR3 is handled by nested VM-Enter. */
- if (is_guest_mode(vcpu))
- update_guest_cr3 = false;
- else if (!enable_unrestricted_guest && !is_paging(vcpu))
+ if (!enable_unrestricted_guest && !is_paging(vcpu))
guest_cr3 = to_kvm_vmx(kvm)->ept_identity_map_addr;
else if (test_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail))
guest_cr3 = vcpu->arch.cr3;
--
2.18.2
next prev parent reply other threads:[~2020-05-20 17:22 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-20 17:21 [PATCH 00/24] KVM: nSVM: event fixes and migration support Paolo Bonzini
2020-05-20 17:21 ` [PATCH 01/24] KVM: nSVM: fix condition for filtering async PF Paolo Bonzini
2020-05-26 0:23 ` Sasha Levin
2020-05-20 17:21 ` [PATCH 02/24] KVM: nSVM: leave ASID aside in copy_vmcb_control_area Paolo Bonzini
2020-05-26 0:23 ` Sasha Levin
2020-05-20 17:21 ` [PATCH 03/24] KVM: nSVM: inject exceptions via svm_check_nested_events Paolo Bonzini
2020-05-20 17:21 ` [PATCH 04/24] KVM: nSVM: remove exit_required Paolo Bonzini
2020-05-20 17:21 ` [PATCH 05/24] KVM: nSVM: correctly inject INIT vmexits Paolo Bonzini
2020-05-20 17:21 ` [PATCH 06/24] KVM: nSVM: move map argument out of enter_svm_guest_mode Paolo Bonzini
2020-05-20 17:21 ` [PATCH 07/24] KVM: nSVM: extract load_nested_vmcb_control Paolo Bonzini
2020-05-20 17:21 ` [PATCH 08/24] KVM: nSVM: extract preparation of VMCB for nested run Paolo Bonzini
2020-05-20 17:21 ` [PATCH 09/24] KVM: nSVM: clean up tsc_offset update Paolo Bonzini
2020-05-20 17:21 ` [PATCH 10/24] KVM: nSVM: pass vmcb_control_area to copy_vmcb_control_area Paolo Bonzini
2020-05-20 17:21 ` [PATCH 11/24] KVM: nSVM: remove trailing padding for struct vmcb_control_area Paolo Bonzini
2020-05-20 17:21 ` [PATCH 12/24] KVM: nSVM: save all control fields in svm->nested Paolo Bonzini
2020-05-20 17:21 ` [PATCH 13/24] KVM: nSVM: do not reload pause filter fields from VMCB Paolo Bonzini
2020-05-20 17:21 ` [PATCH 14/24] KVM: nSVM: remove HF_VINTR_MASK Paolo Bonzini
2020-05-20 17:21 ` [PATCH 15/24] KVM: nSVM: remove HF_HIF_MASK Paolo Bonzini
2020-05-20 17:21 ` [PATCH 16/24] KVM: nSVM: split nested_vmcb_check_controls Paolo Bonzini
2020-05-20 17:21 ` [PATCH 17/24] KVM: nSVM: do all MMU switch work in init/uninit functions Paolo Bonzini
2020-05-20 17:21 ` [PATCH 18/24] KVM: nSVM: leave guest mode when clearing EFER.SVME Paolo Bonzini
2020-05-20 17:21 ` [PATCH 19/24] KVM: nSVM: extract svm_set_gif Paolo Bonzini
2020-05-20 17:21 ` [PATCH 20/24] KVM: MMU: pass arbitrary CR0/CR4/EFER to kvm_init_shadow_mmu Paolo Bonzini
2020-05-20 17:21 ` Paolo Bonzini [this message]
2020-05-20 18:22 ` [PATCH 21/24] KVM: x86: always update CR3 in VMCB Sean Christopherson
2020-05-20 20:14 ` Paolo Bonzini
2020-05-22 22:47 ` Sean Christopherson
2020-05-23 7:07 ` Paolo Bonzini
2020-05-20 18:24 ` Sean Christopherson
2020-05-20 17:21 ` [PATCH 22/24] uaccess: add memzero_user Paolo Bonzini
2020-05-20 20:40 ` Christoph Hellwig
2020-05-20 20:50 ` Al Viro
2020-05-20 21:13 ` Paolo Bonzini
2020-05-20 21:28 ` Al Viro
2020-05-20 21:33 ` Paolo Bonzini
2020-05-20 17:21 ` [PATCH 23/24] selftests: kvm: add a SVM version of state-test Paolo Bonzini
2020-05-20 17:21 ` [PATCH 24/24] KVM: nSVM: implement KVM_GET_NESTED_STATE and KVM_SET_NESTED_STATE Paolo Bonzini
2020-05-20 19:24 ` [PATCH 00/24] KVM: nSVM: event fixes and migration support Maxim Levitsky
2020-05-20 20:42 ` Paolo Bonzini
2020-05-20 21:08 ` Maxim Levitsky
2020-05-20 21:15 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200520172145.23284-22-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=jroedel@suse.de \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=vkuznets@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).