git.baikalelectronics.ru Git - kernel.git/commit

author	Sean Christopherson <seanjc@google.com>
	Thu, 21 Apr 2022 03:14:05 +0000 (03:14 +0000)
committer	Paolo Bonzini <pbonzini@redhat.com>
	Thu, 21 Apr 2022 17:16:30 +0000 (13:16 -0400)
commit	99ffd282498404197902d0f1ac7966d211d0975a
tree	1d9374eff6425ada9a8357424f2e9577dbfdfe06	tree \| snapshot
parent	2ad884c483fc46048e3dd67801816a80fb86f50d	commit \| diff

KVM: SVM: Simplify and harden helper to flush SEV guest page(s)

Rework sev_flush_guest_memory() to explicitly handle only a single page,
and harden it to fall back to WBINVD if VM_PAGE_FLUSH fails.  Per-page
flushing is currently used only to flush the VMSA, and in its current
form, the helper is completely broken with respect to flushing actual
guest memory, i.e. won't work correctly for an arbitrary memory range.

VM_PAGE_FLUSH takes a host virtual address, and is subject to normal page
walks, i.e. will fault if the address is not present in the host page
tables or does not have the correct permissions.  Current AMD CPUs also
do not honor SMAP overrides (undocumented in kernel versions of the APM),
so passing in a userspace address is completely out of the question.  In
other words, KVM would need to manually walk the host page tables to get
the pfn, ensure the pfn is stable, and then use the direct map to invoke
VM_PAGE_FLUSH.  And the latter might not even work, e.g. if userspace is
particularly evil/clever and backs the guest with Secret Memory (which
unmaps memory from the direct map).

Signed-off-by: Sean Christopherson <seanjc@google.com>
Fixes: 02d085e11c00 ("KVM: SVM: Add support for the SEV-ES VMSA")
Reported-by: Mingwei Zhang <mizhang@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: Mingwei Zhang <mizhang@google.com>
Message-Id: <20220421031407.2516575-2-mizhang@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>