On Tue, 5 Feb 2019 12:54:17 -0800
Sean Christopherson <sean.j.christopherson@xxxxxxxxx> wrote:
> kvm_arch_memslots_updated() is at this point in time an x86-specific
> hook for handling MMIO generation wraparound. x86 stashes 19 bits of
> the memslots generation number in its MMIO sptes in order to avoid
> full page fault walks for repeat faults on emulated MMIO addresses.
> Because only 19 bits are used, wrapping the MMIO generation number is
> possible, if unlikely. kvm_arch_memslots_updated() alerts x86 that
> the generation has changed so that it can invalidate all MMIO sptes in
> case the effective MMIO generation has wrapped so as to avoid using a
> stale spte, e.g. a (very) old spte that was created with generation==0.
>
> Given that the purpose of kvm_arch_memslots_updated() is to prevent
> consuming stale entries, it needs to be called before the new generation
> is propagated to memslots. Invalidating the MMIO sptes after updating
> memslots means that there is a window where a vCPU could dereference
> the new memslots generation, e.g. 0, and incorrectly reuse an old MMIO
> spte that was created with (pre-wrap) generation==0.
>
> Fixes: e59dbe09f8e6 ("KVM: Introduce kvm_arch_memslots_updated()")
> Cc: <stable@xxxxxxxxxxxxxxx>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
> ---
> arch/mips/include/asm/kvm_host.h | 2 +-
> arch/powerpc/include/asm/kvm_host.h | 2 +-
> arch/s390/include/asm/kvm_host.h | 2 +-
> arch/x86/include/asm/kvm_host.h | 2 +-
> arch/x86/kvm/mmu.c | 4 ++--
> arch/x86/kvm/x86.c | 4 ++--
> include/linux/kvm_host.h | 2 +-
> virt/kvm/arm/mmu.c | 2 +-
> virt/kvm/kvm_main.c | 7 +++++--
> 9 files changed, 15 insertions(+), 12 deletions(-)
Not an x86 person, but I think that makes sense.
Reviewed-by: Cornelia Huck <cohuck@xxxxxxxxxx>
