Patch "KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE" has been added to the 4.19-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Mon, 28 Sep 2020 00:19:34 -0400

This is a note to let you know that I've just added the patch titled

    KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE

to the 4.19-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     kvm-x86-reset-mmu-context-if-guest-toggles-cr4.smap-.patch
and it can be found in the queue-4.19 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 8f73fcfafc95d272efd839fbbb4c9dd7ca82b6b5
Author: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
Date:   Wed Sep 23 14:53:52 2020 -0700

    KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE
    
    [ Upstream commit 8d214c481611b29458a57913bd786f0ac06f0605 ]
    
    Reset the MMU context during kvm_set_cr4() if SMAP or PKE is toggled.
    Recent commits to (correctly) not reload PDPTRs when SMAP/PKE are
    toggled inadvertantly skipped the MMU context reset due to the mask
    of bits that triggers PDPTR loads also being used to trigger MMU context
    resets.
    
    Fixes: 427890aff855 ("kvm: x86: Toggling CR4.SMAP does not load PDPTEs in PAE mode")
    Fixes: cb957adb4ea4 ("kvm: x86: Toggling CR4.PKE does not load PDPTEs in PAE mode")
    Cc: Jim Mattson <jmattson@xxxxxxxxxx>
    Cc: Peter Shier <pshier@xxxxxxxxxx>
    Cc: Oliver Upton <oupton@xxxxxxxxxx>
    Signed-off-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
    Message-Id: <20200923215352.17756-1-sean.j.christopherson@xxxxxxxxx>
    Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 620ed1fa35119..dd182228be714 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -858,6 +858,7 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
 	unsigned long old_cr4 = kvm_read_cr4(vcpu);
 	unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE | X86_CR4_PAE |
 				   X86_CR4_SMEP;
+	unsigned long mmu_role_bits = pdptr_bits | X86_CR4_SMAP | X86_CR4_PKE;
 
 	if (kvm_valid_cr4(vcpu, cr4))
 		return 1;
@@ -885,7 +886,7 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
 	if (kvm_x86_ops->set_cr4(vcpu, cr4))
 		return 1;
 
-	if (((cr4 ^ old_cr4) & pdptr_bits) ||
+	if (((cr4 ^ old_cr4) & mmu_role_bits) ||
 	    (!(cr4 & X86_CR4_PCIDE) && (old_cr4 & X86_CR4_PCIDE)))
 		kvm_mmu_reset_context(vcpu);
 






