linux-stable/arch/x86
Sean Christopherson 4bbef7e8eb KVM: SVM: Simplify and harden helper to flush SEV guest page(s)
Rework sev_flush_guest_memory() to explicitly handle only a single page,
and harden it to fall back to WBINVD if VM_PAGE_FLUSH fails.  Per-page
flushing is currently used only to flush the VMSA, and in its current
form, the helper is completely broken with respect to flushing actual
guest memory, i.e. won't work correctly for an arbitrary memory range.

VM_PAGE_FLUSH takes a host virtual address, and is subject to normal page
walks, i.e. will fault if the address is not present in the host page
tables or does not have the correct permissions.  Current AMD CPUs also
do not honor SMAP overrides (undocumented in kernel versions of the APM),
so passing in a userspace address is completely out of the question.  In
other words, KVM would need to manually walk the host page tables to get
the pfn, ensure the pfn is stable, and then use the direct map to invoke
VM_PAGE_FLUSH.  And the latter might not even work, e.g. if userspace is
particularly evil/clever and backs the guest with Secret Memory (which
unmaps memory from the direct map).

Signed-off-by: Sean Christopherson <seanjc@google.com>

Fixes: add5e2f045 ("KVM: SVM: Add support for the SEV-ES VMSA")
Reported-by: Mingwei Zhang <mizhang@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: Mingwei Zhang <mizhang@google.com>
Message-Id: <20220421031407.2516575-2-mizhang@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-04-21 13:16:30 -04:00
..
boot memcpy updates for v5.18-rc1 2022-03-26 12:19:04 -07:00
coco x86/coco: Add API to handle encryption mask 2022-02-23 19:14:29 +01:00
configs x86/config: Make the x86 defconfigs a bit more usable 2022-03-27 20:58:35 +02:00
crypto This push fixes the following issues: 2022-03-31 11:17:39 -07:00
entry Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
events perf/x86/intel: Update the FRONTEND MSR mask on Sapphire Rapids 2022-04-05 09:59:44 +02:00
hyperv hyperv-next for 5.17 2022-01-16 15:53:00 +02:00
ia32 audit/stable-5.16 PR 20211101 2021-11-01 21:17:39 -07:00
include Two x86 fixes related to TSX: 2022-04-17 09:55:59 -07:00
kernel x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume 2022-04-21 13:16:14 -04:00
kvm KVM: SVM: Simplify and harden helper to flush SEV guest page(s) 2022-04-21 13:16:30 -04:00
lib A set of x86 fixes and updates: 2022-04-03 12:15:47 -07:00
math-emu x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
mm x86/mm/tlb: Revert retpoline avoidance approach 2022-04-04 19:41:36 +02:00
net x86,bpf: Avoid IBT objtool warning 2022-04-07 11:27:02 +02:00
pci PCI/sysfs: Find shadow ROM before static attribute initialization 2022-01-26 10:41:21 -06:00
platform objtool,efi: Update __efi64_thunk annotation 2022-03-15 10:32:32 +01:00
power x86/speculation: Restore speculation related MSRs during S3 resume 2022-04-05 10:18:31 -07:00
purgatory x86/purgatory: Remove -nostdlib compiler flag 2021-12-30 14:13:06 +01:00
ras
realmode - Flush *all* mappings from the TLB after switching to the trampoline 2022-01-10 09:51:38 -08:00
tools x86/build: Use the proper name CONFIG_FW_LOADER 2021-12-29 22:20:38 +01:00
um Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2022-04-01 19:57:03 -07:00
video
xen xen: branch for v5.18-rc1 2022-03-28 14:32:39 -07:00
.gitignore
Kbuild x86/cc: Move arch/x86/{kernel/cc_platform.c => coco/core.c} 2022-02-23 18:25:58 +01:00
Kconfig Revert the RT related signal changes. They need to be reworked and 2022-04-03 12:08:26 -07:00
Kconfig.assembler
Kconfig.cpu x86/mmx_32: Remove X86_USE_3DNOW 2021-12-11 09:09:45 +01:00
Kconfig.debug
Makefile x86: Remove toolchain check for X32 ABI capability 2022-03-15 10:32:48 +01:00
Makefile.um
Makefile_32.cpu