leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4bbef7e8eb
linux/arch
History
Sean Christopherson 4bbef7e8eb KVM: SVM: Simplify and harden helper to flush SEV guest page(s) 
Rework sev_flush_guest_memory() to explicitly handle only a single page,
and harden it to fall back to WBINVD if VM_PAGE_FLUSH fails.  Per-page
flushing is currently used only to flush the VMSA, and in its current
form, the helper is completely broken with respect to flushing actual
guest memory, i.e. won't work correctly for an arbitrary memory range.

VM_PAGE_FLUSH takes a host virtual address, and is subject to normal page
walks, i.e. will fault if the address is not present in the host page
tables or does not have the correct permissions.  Current AMD CPUs also
do not honor SMAP overrides (undocumented in kernel versions of the APM),
so passing in a userspace address is completely out of the question.  In
other words, KVM would need to manually walk the host page tables to get
the pfn, ensure the pfn is stable, and then use the direct map to invoke
VM_PAGE_FLUSH.  And the latter might not even work, e.g. if userspace is
particularly evil/clever and backs the guest with Secret Memory (which
unmaps memory from the direct map).

Signed-off-by: Sean Christopherson <seanjc@google.com>

Fixes: add5e2f045 ("KVM: SVM: Add support for the SEV-ES VMSA")
Reported-by: Mingwei Zhang <mizhang@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: Mingwei Zhang <mizhang@google.com>
Message-Id: <20220421031407.2516575-2-mizhang@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-04-21 13:16:30 -04:00
..
alpha Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2022-04-01 19:57:03 -07:00
arc ptrace: Cleanups for v5.18 2022-03-28 17:29:53 -07:00
arm ARM: config: Update Gemini defconfig 2022-04-14 22:59:24 +02:00
arm64 ARM: SoC fixes for 5.18, part 2 2022-04-16 16:51:39 -07:00
csky ptrace: Cleanups for v5.18 2022-03-28 17:29:53 -07:00
h8300 Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2022-04-01 19:57:03 -07:00
hexagon ptrace: Cleanups for v5.18 2022-03-28 17:29:53 -07:00
ia64 Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2022-04-01 19:57:03 -07:00
m68k Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2022-04-01 19:57:03 -07:00
microblaze Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
mips - build fix for gpio 2022-04-02 12:14:38 -07:00
nios2 ptrace: Cleanups for v5.18 2022-03-28 17:29:53 -07:00
openrisc ptrace: Cleanups for v5.18 2022-03-28 17:29:53 -07:00
parisc Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
powerpc KVM: Add helpers to wrap vcpu->srcu_idx and yell if it's abused 2022-04-21 13:16:11 -04:00
riscv KVM: Add helpers to wrap vcpu->srcu_idx and yell if it's abused 2022-04-21 13:16:11 -04:00
s390 KVM: Add helpers to wrap vcpu->srcu_idx and yell if it's abused 2022-04-21 13:16:11 -04:00
sh Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2022-04-01 19:57:03 -07:00
sparc Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
um Kbuild fixes for v5.18 2022-04-02 12:33:31 -07:00
x86 KVM: SVM: Simplify and harden helper to flush SEV guest page(s) 2022-04-21 13:16:30 -04:00
xtensa Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
.gitignore
Kconfig Networking fixes for 5.18-rc1 and rethook patches. 2022-03-31 11:23:31 -07:00