LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Avi Kivity <avi@qumranet.com>
To: kvm-devel@lists.sourceforge.net
Cc: linux-kernel@vger.kernel.org, Avi Kivity <avi@qumranet.com>
Subject: [PATCH 31/41] KVM: MMU: Fix hugepage pdes mapping same physical address with different access
Date: Sun,  1 Apr 2007 17:35:28 +0300	[thread overview]
Message-ID: <11754381392527-git-send-email-avi@qumranet.com> (raw)
In-Reply-To: <1175438139312-git-send-email-avi@qumranet.com>

The kvm mmu keeps a shadow page for hugepage pdes; if several such pdes map
the same physical address, they share the same shadow page.  This is a fairly
common case (kernel mappings on i386 nonpae Linux, for example).

However, if the two pdes map the same memory but with different permissions, kvm
will happily use the cached shadow page.  If the access through the more
permissive pde will occur after the access to the strict pde, an endless pagefault
loop will be generated and the guest will make no progress.

Fix by making the access permissions part of the cache lookup key.

The fix allows Xen pae to boot on kvm and run guest domains.

Thanks to Jeremy Fitzhardinge for reporting the bug and testing the fix.

Signed-off-by: Avi Kivity <avi@qumranet.com>
---
 drivers/kvm/kvm.h         |    2 ++
 drivers/kvm/mmu.c         |    8 +++++---
 drivers/kvm/paging_tmpl.h |    7 ++++++-
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/drivers/kvm/kvm.h b/drivers/kvm/kvm.h
index 7361c45..f5e343c 100644
--- a/drivers/kvm/kvm.h
+++ b/drivers/kvm/kvm.h
@@ -109,6 +109,7 @@ struct kvm_pte_chain {
  *   bits 4:7 - page table level for this shadow (1-4)
  *   bits 8:9 - page table quadrant for 2-level guests
  *   bit   16 - "metaphysical" - gfn is not a real page (huge page/real mode)
+ *   bits 17:18 - "access" - the user and writable bits of a huge page pde
  */
 union kvm_mmu_page_role {
 	unsigned word;
@@ -118,6 +119,7 @@ union kvm_mmu_page_role {
 		unsigned quadrant : 2;
 		unsigned pad_for_nice_hex_output : 6;
 		unsigned metaphysical : 1;
+		unsigned hugepage_access : 2;
 	};
 };
 
diff --git a/drivers/kvm/mmu.c b/drivers/kvm/mmu.c
index b181106..0216b77 100644
--- a/drivers/kvm/mmu.c
+++ b/drivers/kvm/mmu.c
@@ -568,6 +568,7 @@ static struct kvm_mmu_page *kvm_mmu_get_page(struct kvm_vcpu *vcpu,
 					     gva_t gaddr,
 					     unsigned level,
 					     int metaphysical,
+					     unsigned hugepage_access,
 					     u64 *parent_pte)
 {
 	union kvm_mmu_page_role role;
@@ -581,6 +582,7 @@ static struct kvm_mmu_page *kvm_mmu_get_page(struct kvm_vcpu *vcpu,
 	role.glevels = vcpu->mmu.root_level;
 	role.level = level;
 	role.metaphysical = metaphysical;
+	role.hugepage_access = hugepage_access;
 	if (vcpu->mmu.root_level <= PT32_ROOT_LEVEL) {
 		quadrant = gaddr >> (PAGE_SHIFT + (PT64_PT_BITS * level));
 		quadrant &= (1 << ((PT32_PT_BITS - PT64_PT_BITS) * level)) - 1;
@@ -780,7 +782,7 @@ static int nonpaging_map(struct kvm_vcpu *vcpu, gva_t v, hpa_t p)
 				>> PAGE_SHIFT;
 			new_table = kvm_mmu_get_page(vcpu, pseudo_gfn,
 						     v, level - 1,
-						     1, &table[index]);
+						     1, 0, &table[index]);
 			if (!new_table) {
 				pgprintk("nonpaging_map: ENOMEM\n");
 				return -ENOMEM;
@@ -835,7 +837,7 @@ static void mmu_alloc_roots(struct kvm_vcpu *vcpu)
 
 		ASSERT(!VALID_PAGE(root));
 		page = kvm_mmu_get_page(vcpu, root_gfn, 0,
-					PT64_ROOT_LEVEL, 0, NULL);
+					PT64_ROOT_LEVEL, 0, 0, NULL);
 		root = page->page_hpa;
 		++page->root_count;
 		vcpu->mmu.root_hpa = root;
@@ -852,7 +854,7 @@ static void mmu_alloc_roots(struct kvm_vcpu *vcpu)
 			root_gfn = 0;
 		page = kvm_mmu_get_page(vcpu, root_gfn, i << 30,
 					PT32_ROOT_LEVEL, !is_paging(vcpu),
-					NULL);
+					0, NULL);
 		root = page->page_hpa;
 		++page->root_count;
 		vcpu->mmu.pae_root[i] = root | PT_PRESENT_MASK;
diff --git a/drivers/kvm/paging_tmpl.h b/drivers/kvm/paging_tmpl.h
index 17bd440..b94010d 100644
--- a/drivers/kvm/paging_tmpl.h
+++ b/drivers/kvm/paging_tmpl.h
@@ -247,6 +247,7 @@ static u64 *FNAME(fetch)(struct kvm_vcpu *vcpu, gva_t addr,
 		u64 shadow_pte;
 		int metaphysical;
 		gfn_t table_gfn;
+		unsigned hugepage_access = 0;
 
 		if (is_present_pte(*shadow_ent) || is_io_pte(*shadow_ent)) {
 			if (level == PT_PAGE_TABLE_LEVEL)
@@ -276,6 +277,9 @@ static u64 *FNAME(fetch)(struct kvm_vcpu *vcpu, gva_t addr,
 		if (level - 1 == PT_PAGE_TABLE_LEVEL
 		    && walker->level == PT_DIRECTORY_LEVEL) {
 			metaphysical = 1;
+			hugepage_access = *guest_ent;
+			hugepage_access &= PT_USER_MASK | PT_WRITABLE_MASK;
+			hugepage_access >>= PT_WRITABLE_SHIFT;
 			table_gfn = (*guest_ent & PT_BASE_ADDR_MASK)
 				>> PAGE_SHIFT;
 		} else {
@@ -283,7 +287,8 @@ static u64 *FNAME(fetch)(struct kvm_vcpu *vcpu, gva_t addr,
 			table_gfn = walker->table_gfn[level - 2];
 		}
 		shadow_page = kvm_mmu_get_page(vcpu, table_gfn, addr, level-1,
-					       metaphysical, shadow_ent);
+					       metaphysical, hugepage_access,
+					       shadow_ent);
 		shadow_addr = shadow_page->page_hpa;
 		shadow_pte = shadow_addr | PT_PRESENT_MASK | PT_ACCESSED_MASK
 			| PT_WRITABLE_MASK | PT_USER_MASK;
-- 
1.5.0.5


  reply	other threads:[~2007-04-01 14:40 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-04-01 14:34 [PATCH 00/41] kvm updates for 2.6.22 Avi Kivity
2007-04-01 14:34 ` [PATCH 01/41] KVM: Fix guest register corruption on paravirt hypercall Avi Kivity
2007-04-01 14:34   ` [PATCH 02/41] KVM: Use the generic skip_emulated_instruction() in hypercall code Avi Kivity
2007-04-01 14:35     ` [PATCH 03/41] KVM: Use own minor number Avi Kivity
2007-04-01 14:35       ` [PATCH 04/41] KVM: Export <linux/kvm.h> Avi Kivity
2007-04-01 14:35         ` [PATCH 05/41] KVM: Fix bogus sign extension in mmu mapping audit Avi Kivity
2007-04-01 14:35           ` [PATCH 06/41] KVM: Use a shared page for kernel/user communication when runing a vcpu Avi Kivity
2007-04-01 14:35             ` [PATCH 07/41] KVM: Do not communicate to userspace through cpu registers during PIO Avi Kivity
2007-04-01 14:35               ` [PATCH 08/41] KVM: Handle cpuid in the kernel instead of punting to userspace Avi Kivity
2007-04-01 14:35                 ` [PATCH 09/41] KVM: Remove the 'emulated' field from the userspace interface Avi Kivity
2007-04-01 14:35                   ` [PATCH 10/41] KVM: Remove minor wart from KVM_CREATE_VCPU ioctl Avi Kivity
2007-04-01 14:35                     ` [PATCH 11/41] KVM: Renumber ioctls Avi Kivity
2007-04-01 14:35                       ` [PATCH 12/41] KVM: Add method to check for backwards-compatible API extensions Avi Kivity
2007-04-01 14:35                         ` [PATCH 13/41] KVM: Allow userspace to process hypercalls which have no kernel handler Avi Kivity
2007-04-01 14:35                           ` [PATCH 14/41] KVM: Fold kvm_run::exit_type into kvm_run::exit_reason Avi Kivity
2007-04-01 14:35                             ` [PATCH 15/41] KVM: Add a special exit reason when exiting due to an interrupt Avi Kivity
2007-04-01 14:35                               ` [PATCH 16/41] KVM: Initialize the apic_base msr on svm too Avi Kivity
2007-04-01 14:35                                 ` [PATCH 17/41] KVM: Add guest mode signal mask Avi Kivity
2007-04-01 14:35                                   ` [PATCH 18/41] KVM: Allow kernel to select size of mmap() buffer Avi Kivity
2007-04-01 14:35                                     ` [PATCH 19/41] KVM: Future-proof argument-less ioctls Avi Kivity
2007-04-01 14:35                                       ` [PATCH 20/41] KVM: Avoid guest virtual addresses in string pio userspace interface Avi Kivity
2007-04-01 14:35                                         ` [PATCH 21/41] KVM: MMU: Remove unnecessary check for pdptr access Avi Kivity
2007-04-01 14:35                                           ` [PATCH 22/41] KVM: MMU: Remove global pte tracking Avi Kivity
2007-04-01 14:35                                             ` [PATCH 23/41] KVM: Workaround vmx inability to virtualize the reset state Avi Kivity
2007-04-01 14:35                                               ` [PATCH 24/41] KVM: Remove set_cr0_no_modeswitch() arch op Avi Kivity
2007-04-01 14:35                                                 ` [PATCH 25/41] KVM: Modify guest segments after potentially switching modes Avi Kivity
2007-04-01 14:35                                                   ` [PATCH 26/41] KVM: Hack real-mode segments on vmx from KVM_SET_SREGS Avi Kivity
2007-04-01 14:35                                                     ` [PATCH 27/41] KVM: Don't allow the guest to turn off the cpu cache Avi Kivity
2007-04-01 14:35                                                       ` [PATCH 28/41] KVM: Remove unused and write-only variables Avi Kivity
2007-04-01 14:35                                                         ` [PATCH 29/41] KVM: Handle writes to MCG_STATUS msr Avi Kivity
2007-04-01 14:35                                                           ` [PATCH 30/41] KVM: SVM: forbid guest to execute monitor/mwait Avi Kivity
2007-04-01 14:35                                                             ` Avi Kivity [this message]
2007-04-01 14:35                                                               ` [PATCH 32/41] KVM: SVM: Ensure timestamp counter monotonicity Avi Kivity
2007-04-01 14:35                                                                 ` [PATCH 33/41] KVM: Remove unused function Avi Kivity
2007-04-01 14:35                                                                   ` [PATCH 34/41] KVM: Use list_move() Avi Kivity
2007-04-01 14:35                                                                     ` [PATCH 35/41] KVM: Remove debug message Avi Kivity
2007-04-01 14:35                                                                       ` [PATCH 36/41] KVM: x86 emulator: fix bit string operations operand size Avi Kivity
2007-04-01 14:35                                                                         ` [PATCH 37/41] KVM: Add mmu cache clear function Avi Kivity
2007-04-01 14:35                                                                           ` [PATCH 38/41] KVM: Simply gfn_to_page() Avi Kivity
2007-04-01 14:35                                                                             ` [PATCH 39/41] KVM: Add physical memory aliasing feature Avi Kivity
2007-04-01 14:35                                                                               ` [PATCH 40/41] KVM: Add fpu get/set operations Avi Kivity
2007-04-01 14:35                                                                                 ` [PATCH 41/41] KVM: SVM: enable LBRV virtualization if available Avi Kivity

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=11754381392527-git-send-email-avi@qumranet.com \
    --to=avi@qumranet.com \
    --cc=kvm-devel@lists.sourceforge.net \
    --cc=linux-kernel@vger.kernel.org \
    --subject='Re: [PATCH 31/41] KVM: MMU: Fix hugepage pdes mapping same physical address with different access' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).