From: Ștefan Șicleru <ssicleru@xxxxxxxxxxxxxxx>
The introspection tool uses this command to set distinct access rights
on different EPT views.
Signed-off-by: Ștefan Șicleru <ssicleru@xxxxxxxxxxxxxxx>
Signed-off-by: Adalbert Lazăr <alazar@xxxxxxxxxxxxxxx>
---
Documentation/virt/kvm/kvmi.rst | 8 +++++---
include/uapi/linux/kvmi.h | 4 ++--
virt/kvm/introspection/kvmi.c | 10 ++++++++--
3 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/Documentation/virt/kvm/kvmi.rst b/Documentation/virt/kvm/kvmi.rst
index f4c60aba9b53..658c9df01469 100644
--- a/Documentation/virt/kvm/kvmi.rst
+++ b/Documentation/virt/kvm/kvmi.rst
@@ -1003,8 +1003,8 @@ to control events for any other register will fail with -KVM_EINVAL::
struct kvmi_vm_set_page_access {
__u16 count;
- __u16 padding1;
- __u32 padding2;
+ __u16 view;
+ __u32 padding;
struct kvmi_page_access_entry entries[0];
};
@@ -1026,7 +1026,7 @@ where::
struct kvmi_error_code
Sets the access bits (rwx) for an array of ``count`` guest physical
-addresses.
+addresses, for the selected view.
The valid access bits are::
@@ -1048,7 +1048,9 @@ In order to 'forget' an address, all three bits ('rwx') must be set.
* -KVM_EINVAL - the specified access bits combination is invalid
* -KVM_EINVAL - the padding is not zero
+* -KVM_EINVAL - the selected EPT view is invalid
* -KVM_EINVAL - the message size is invalid
+* -KVM_EOPNOTSUPP - an EPT view was selected but the hardware doesn't support it
* -KVM_EAGAIN - the selected vCPU can't be introspected yet
* -KVM_ENOMEM - there is not enough memory to add the page tracking structures
diff --git a/include/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h
index a72c536a2c80..505a865cd115 100644
--- a/include/uapi/linux/kvmi.h
+++ b/include/uapi/linux/kvmi.h
@@ -191,8 +191,8 @@ struct kvmi_page_access_entry {
struct kvmi_vm_set_page_access {
__u16 count;
- __u16 padding1;
- __u32 padding2;
+ __u16 view;
+ __u32 padding;
struct kvmi_page_access_entry entries[0];
};
diff --git a/virt/kvm/introspection/kvmi.c b/virt/kvm/introspection/kvmi.c
index 737fe3c7a956..44b0092e304f 100644
--- a/virt/kvm/introspection/kvmi.c
+++ b/virt/kvm/introspection/kvmi.c
@@ -1187,14 +1187,20 @@ int kvmi_cmd_set_page_access(struct kvm_introspection *kvmi,
const struct kvmi_page_access_entry *end = req->entries + req->count;
int ec = 0;
- if (req->padding1 || req->padding2)
+ if (req->padding)
return -KVM_EINVAL;
if (msg->size < struct_size(req, entries, req->count))
return -KVM_EINVAL;
+ if (!is_valid_view(req->view))
+ return -KVM_EINVAL;
+
+ if (req->view != 0 && !kvm_eptp_switching_supported)
+ return -KVM_EOPNOTSUPP;
+
for (; entry < end; entry++) {
- int r = set_page_access_entry(kvmi, 0, entry);
+ int r = set_page_access_entry(kvmi, req->view, entry);
if (r && !ec)
ec = r;
