linux-stable/arch/x86/kvm
Sean Christopherson 4bbef7e8eb KVM: SVM: Simplify and harden helper to flush SEV guest page(s)
Rework sev_flush_guest_memory() to explicitly handle only a single page,
and harden it to fall back to WBINVD if VM_PAGE_FLUSH fails.  Per-page
flushing is currently used only to flush the VMSA, and in its current
form, the helper is completely broken with respect to flushing actual
guest memory, i.e. won't work correctly for an arbitrary memory range.

VM_PAGE_FLUSH takes a host virtual address, and is subject to normal page
walks, i.e. will fault if the address is not present in the host page
tables or does not have the correct permissions.  Current AMD CPUs also
do not honor SMAP overrides (undocumented in kernel versions of the APM),
so passing in a userspace address is completely out of the question.  In
other words, KVM would need to manually walk the host page tables to get
the pfn, ensure the pfn is stable, and then use the direct map to invoke
VM_PAGE_FLUSH.  And the latter might not even work, e.g. if userspace is
particularly evil/clever and backs the guest with Secret Memory (which
unmaps memory from the direct map).

Signed-off-by: Sean Christopherson <seanjc@google.com>

Fixes: add5e2f045 ("KVM: SVM: Add support for the SEV-ES VMSA")
Reported-by: Mingwei Zhang <mizhang@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: Mingwei Zhang <mizhang@google.com>
Message-Id: <20220421031407.2516575-2-mizhang@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-04-21 13:16:30 -04:00
..
mmu KVM: x86/mmu: remove unnecessary flush_workqueue() 2022-04-05 08:11:12 -04:00
svm KVM: SVM: Simplify and harden helper to flush SEV guest page(s) 2022-04-21 13:16:30 -04:00
vmx KVM: x86/pmu: Update AMD PMC sample period to fix guest NMI-watchdog 2022-04-21 13:16:14 -04:00
cpuid.c * Only do MSR filtering for MSRs accessed by rdmsr/wrmsr 2022-04-02 12:09:02 -07:00
cpuid.h kvm: x86: Add support for getting/setting expanded xstate buffer 2022-01-14 13:44:41 -05:00
debugfs.c Merge branch 'kvm-pi-raw-spinlock' into HEAD 2022-01-19 12:14:02 -05:00
emulate.c * Only do MSR filtering for MSRs accessed by rdmsr/wrmsr 2022-04-02 12:09:02 -07:00
fpu.h KVM: x86: Move FPU register accessors into fpu.h 2021-06-17 13:09:24 -04:00
hyperv.c KVM: x86: hyper-v: Avoid writing to TSC page without an active vCPU 2022-04-11 13:29:51 -04:00
hyperv.h KVM: x86: hyper-v: Avoid writing to TSC page without an active vCPU 2022-04-11 13:29:51 -04:00
i8254.c KVM: x86: Add wrappers for setting/clearing APICv inhibits 2022-04-02 05:34:44 -04:00
i8254.h
i8259.c KVM: x86/i8259: Remove unused "addr" of elcr_ioport_{read,write}() 2022-02-10 13:47:12 -05:00
ioapic.c KVM: x86/ioapic: Remove unused "addr" and "length" of ioapic_read_indirect() 2022-02-10 13:47:13 -05:00
ioapic.h x86/kvm: remove unused ack_notifier callbacks 2021-11-18 07:05:57 -05:00
irq.c
irq.h x86/kvm: remove unused ack_notifier callbacks 2021-11-18 07:05:57 -05:00
irq_comm.c KVM: x86/xen: Add KVM_IRQ_ROUTING_XEN_EVTCHN and event channel delivery 2022-01-07 10:44:45 -05:00
Kconfig KVM: x86/mmu: Remove MMU auditing 2022-02-18 13:46:23 -05:00
kvm_cache_regs.h KVM: X86: Remove kvm_register_clear_available() 2021-12-08 04:25:03 -05:00
kvm_emulate.h * Only do MSR filtering for MSRs accessed by rdmsr/wrmsr 2022-04-02 12:09:02 -07:00
kvm_onhyperv.c KVM: x86: Uninline and export hv_track_root_tdp() 2022-02-10 13:47:19 -05:00
kvm_onhyperv.h KVM: x86: Uninline and export hv_track_root_tdp() 2022-02-10 13:47:19 -05:00
lapic.c KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() 2022-03-29 13:22:01 -04:00
lapic.h KVM: x86: Make kvm_lapic_set_reg() a "private" xAPIC helper 2022-03-01 08:50:48 -05:00
Makefile KVM: Add Makefile.kvm for common files, use it for x86 2021-12-09 12:56:02 -05:00
mmu.h KVM: X86: Handle implicit supervisor access with SMAP 2022-04-02 05:34:43 -04:00
mtrr.c
pmu.c KVM: x86/pmu: Fix and isolate TSX-specific performance event logic 2022-04-02 05:34:46 -04:00
pmu.h KVM: x86/pmu: Update AMD PMC sample period to fix guest NMI-watchdog 2022-04-21 13:16:14 -04:00
reverse_cpuid.h
trace.h KVM: x86: Trace all APICv inhibit changes and capture overall status 2022-04-02 05:34:45 -04:00
tss.h
x86.c KVM: x86: Skip KVM_GUESTDBG_BLOCKIRQ APICv update if APICv is disabled 2022-04-21 13:16:13 -04:00
x86.h ARM: 2022-03-24 11:58:57 -07:00
xen.c KVM: Remove dirty handling from gfn_to_pfn_cache completely 2022-04-02 05:34:41 -04:00
xen.h KVM: x86/xen: Add KVM_IRQ_ROUTING_XEN_EVTCHN and event channel delivery 2022-01-07 10:44:45 -05:00