| Message ID | 20220113233020.3986005-3-dmatlack@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KVM: x86/mmu: Fix write-protection bug in the TDP MMU | expand |
On Thu, Jan 13, 2022, David Matlack wrote: > When handling the changed_pte notifier and the new PTE is read-only, > clear both the Host-writable and MMU-writable bits in the SPTE. This > preserves the invariant that MMU-writable is set if-and-only-if > Host-writable is set. > > No functional change intended. Nothing currently relies on the > afformentioned invariant and technically the changed_pte notifier is > dead code. > > Signed-off-by: David Matlack <dmatlack@google.com> > --- Reviewed-by: Sean Christopherson <seanjc@google.com>
diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index 8a7b03207762..f8677404c93c 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -215,6 +215,7 @@ u64 kvm_mmu_changed_pte_notifier_make_spte(u64 old_spte, kvm_pfn_t new_pfn) new_spte &= ~PT_WRITABLE_MASK; new_spte &= ~shadow_host_writable_mask; + new_spte &= ~shadow_mmu_writable_mask; new_spte = mark_spte_for_access_track(new_spte);
When handling the changed_pte notifier and the new PTE is read-only, clear both the Host-writable and MMU-writable bits in the SPTE. This preserves the invariant that MMU-writable is set if-and-only-if Host-writable is set. No functional change intended. Nothing currently relies on the afformentioned invariant and technically the changed_pte notifier is dead code. Signed-off-by: David Matlack <dmatlack@google.com> --- arch/x86/kvm/mmu/spte.c | 1 + 1 file changed, 1 insertion(+)