Re: KVM: x86: ignore access permissions for hypercall patching

Gleb Natapov <gleb@xxxxxxxxxx> · Fri, 12 Mar 2010 07:56:00 +0200

On Thu, Mar 11, 2010 at 06:16:05PM -0300, Marcelo Tosatti wrote:
> 
> Ignore access permissions while patching hypercall instructions. 
> Otherwise KVM injects a page fault when trying to patch vmcall 
> on read-only text regions:
> 
> Freeing initrd memory: 8843k freed
> Freeing unused kernel memory: 660k freed
> Write protecting the kernel text: 4780k
> Write protecting the kernel read-only data: 1912k
> BUG: unable to handle kernel paging request at c01292e3
> IP: [<c01292e3>] kvm_leave_lazy_mmu+0x43/0x70
> *pde = 00910067 *pte = 00129161
> Oops: 0003 [#1] SMP
> 
> CC: stable@xxxxxxxxxx
> Reported-by: Stefan Bader <stefan.bader@xxxxxxxxxxxxx>
> Signed-off-by: Marcelo Tosatti <mtosatti@xxxxxxxxxx>
> 
My emulator patch series introduce kvm_write_guest_virt_system(). May be
used it here (only compile tested).

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 3753c11..9833c25 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -3157,14 +3157,18 @@ static int kvm_read_guest_virt_system(gva_t addr, void *val, unsigned int bytes,
 	return kvm_read_guest_virt_helper(addr, val, bytes, vcpu, 0, error);
 }
 
-static int kvm_write_guest_virt(gva_t addr, void *val, unsigned int bytes,
-				struct kvm_vcpu *vcpu, u32 *error)
+static int kvm_write_guest_virt_helper(gva_t addr, void *val,
+				       unsigned int bytes,
+				       struct kvm_vcpu *vcpu, u32 access,
+				       u32 *error)
 {
 	void *data = val;
 	int r = X86EMUL_CONTINUE;
 
+	access |= PFERR_WRITE_MASK;
+
 	while (bytes) {
-		gpa_t gpa = kvm_mmu_gva_to_gpa_write(vcpu, addr, error);
+		gpa_t gpa =  vcpu->arch.mmu.gva_to_gpa(vcpu, addr, access, error);
 		unsigned offset = addr & (PAGE_SIZE-1);
 		unsigned towrite = min(bytes, (unsigned)PAGE_SIZE - offset);
 		int ret;
@@ -3187,6 +3191,19 @@ out:
 	return r;
 }
 
+static int kvm_write_guest_virt(gva_t addr, void *val, unsigned int bytes,
+				struct kvm_vcpu *vcpu, u32 *error)
+{
+	u32 access = (kvm_x86_ops->get_cpl(vcpu) == 3) ? PFERR_USER_MASK : 0;
+	return kvm_write_guest_virt_helper(addr, val, bytes, vcpu, access, error);
+}
+
+static int kvm_write_guest_virt_system(gva_t addr, void *val,
+				       unsigned int bytes,
+				       struct kvm_vcpu *vcpu, u32 *error)
+{
+	return kvm_write_guest_virt_helper(addr, val, bytes, vcpu, 0, error);
+}
 
 static int emulator_read_emulated(unsigned long addr,
 				  void *val,
@@ -3997,7 +4014,7 @@ int kvm_fix_hypercall(struct kvm_vcpu *vcpu)
 
 	kvm_x86_ops->patch_hypercall(vcpu, instruction);
 
-	return emulator_write_emulated(rip, instruction, 3, vcpu);
+	return kvm_write_guest_virt_system(rip, instruction, 3, vcpu, NULL);
 }
 
 static u64 mk_cr_64(u64 curr_cr, u32 new_val)
--
			Gleb.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




