Fix an amusing number of minor bugs that can lead to KVM putting the guest into an infinite "retry #PF" loop, and cleanup and consolidate the unprotect+retry paths (there are four-ish). As a bonus, adding RET_PF_WRITE_PROTECTED obviates the need for kvm_lookup_pfn()[*]. [*] https://lore.kernel.org/all/63c41e25-2523-4397-96b4-557394281443@xxxxxxxxxx v2: - Gather reviews. - Rewrite the comment for the nested NPT "fast" unprotect path to explain what it actually handles. [Yuan] - Drop Cc: stable for the remaining patches, as it's extremely unlikely these fixes would actually prevent a guest from dying. [Paolo] - Move the patch to replace PFERR_NESTED_GUEST_PAGE much earlier. [Paolo] - Wrap indirect_shadow_pages with READ_ONCE(). [Paolo] - Massage a few changelogs to (hopefully) fix weird wordings. [Paolo] - Always refer directly to last_retry_{addr,eip} in comments, instead of indirectly referencing them as "infinite loop protection". [Paolo] - WARN if write-protection hits the MMIO cache. [Yuan] v1: https://lore.kernel.org/all/20240809190319.1710470-1-seanjc@xxxxxxxxxx Sean Christopherson (22): KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid KVM: x86/mmu: Replace PFERR_NESTED_GUEST_PAGE with a more descriptive helper KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected KVM: x86: Retry to-be-emulated insn in "slow" unprotect path iff sp is zapped KVM: x86: Get RIP from vCPU state when storing it to last_retry_eip KVM: x86: Store gpa as gpa_t, not unsigned long, when unprotecting for retry KVM: x86/mmu: Apply retry protection to "fast nTDP unprotect" path KVM: x86/mmu: Try "unprotect for retry" iff there are indirect SPs KVM: x86: Move EMULTYPE_ALLOW_RETRY_PF to x86_emulate_instruction() KVM: x86: Fold retry_instruction() into x86_emulate_instruction() KVM: x86/mmu: Don't try to unprotect an INVALID_GPA KVM: x86/mmu: Always walk guest PTEs with WRITE access when unprotecting KVM: x86/mmu: Move event re-injection unprotect+retry into common path KVM: x86: Remove manual pfn lookup when retrying #PF after failed emulation KVM: x86: Check EMULTYPE_WRITE_PF_TO_SP before unprotecting gfn KVM: x86: Apply retry protection to "unprotect on failure" path KVM: x86: Update retry protection fields when forcing retry on emulation failure KVM: x86: Rename reexecute_instruction()=>kvm_unprotect_and_retry_on_failure() KVM: x86/mmu: Subsume kvm_mmu_unprotect_page() into the and_retry() version KVM: x86/mmu: Detect if unprotect will do anything based on invalid_list KVM: x86/mmu: WARN on MMIO cache hit when emulating write-protected gfn arch/x86/include/asm/kvm_host.h | 14 ++- arch/x86/kvm/mmu/mmu.c | 200 +++++++++++++++++++++++--------- arch/x86/kvm/mmu/mmu_internal.h | 3 + arch/x86/kvm/mmu/mmutrace.h | 1 + arch/x86/kvm/mmu/paging_tmpl.h | 2 +- arch/x86/kvm/mmu/tdp_mmu.c | 6 +- arch/x86/kvm/vmx/vmx.c | 5 +- arch/x86/kvm/x86.c | 133 ++++++--------------- 8 files changed, 198 insertions(+), 166 deletions(-) base-commit: a1206bc992c3cd3f758a9b46117dfc7e59e8c10f -- 2.46.0.469.g59c65b2a67-goog
