From patchwork Fri Jun 29 16:32:01 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Herton Ronaldo Krzesinski X-Patchwork-Id: 168176 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from chlorine.canonical.com (chlorine.canonical.com [91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id 463A01007D4 for ; Sat, 30 Jun 2012 02:32:24 +1000 (EST) Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1Ske7D-0006fi-98; Fri, 29 Jun 2012 16:32:15 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1Ske79-0006fX-Nl for kernel-team@lists.ubuntu.com; Fri, 29 Jun 2012 16:32:11 +0000 Received: from 201.47.27.107.dynamic.adsl.gvt.net.br ([201.47.27.107] helo=canonical.com) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1Ske78-0001Lo-RA for kernel-team@lists.ubuntu.com; Fri, 29 Jun 2012 16:32:11 +0000 From: Herton Ronaldo Krzesinski To: kernel-team@lists.ubuntu.com Subject: [PATCH 1/4] KVM: MMU: nuke shadowed pgtable pages and ptes on memslot destruction Date: Fri, 29 Jun 2012 13:32:01 -0300 Message-Id: <1340987524-22261-2-git-send-email-herton.krzesinski@canonical.com> X-Mailer: git-send-email 1.7.9.5 In-Reply-To: <1340987524-22261-1-git-send-email-herton.krzesinski@canonical.com> References: <1340987524-22261-1-git-send-email-herton.krzesinski@canonical.com> X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.13 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: kernel-team-bounces@lists.ubuntu.com Errors-To: kernel-team-bounces@lists.ubuntu.com From: Marcelo Tosatti CVE-2012-1601 BugLink: http://bugs.launchpad.net/bugs/971685 Flush the shadow mmu before removing regions to avoid stale entries. Signed-off-by: Marcelo Tosatti Signed-off-by: Avi Kivity (backported from commit 34d4cb8fca1f2a31be152b74797e6cd160ec9de6 upstream) [ herton: rediffed and dropped powerpc/ia64/s390 changes, since kvm for these architectures aren't available on hardy/2.6.24 ] Signed-off-by: Herton Ronaldo Krzesinski --- arch/x86/kvm/x86.c | 5 +++++ .../binary-custom.d/openvz/src/arch/x86/kvm/x86.c | 5 +++++ .../openvz/src/include/linux/kvm_host.h | 1 + .../binary-custom.d/openvz/src/virt/kvm/kvm_main.c | 3 +++ debian/binary-custom.d/xen/src/arch/x86/kvm/x86.c | 5 +++++ .../xen/src/include/linux/kvm_host.h | 1 + debian/binary-custom.d/xen/src/virt/kvm/kvm_main.c | 3 +++ include/linux/kvm_host.h | 1 + virt/kvm/kvm_main.c | 3 +++ 9 files changed, 27 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 2085040..9331b67 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3496,6 +3496,11 @@ int kvm_arch_set_memory_region(struct kvm *kvm, return 0; } +void kvm_arch_flush_shadow(struct kvm *kvm) +{ + kvm_mmu_zap_all(kvm); +} + int kvm_arch_vcpu_runnable(struct kvm_vcpu *vcpu) { return vcpu->arch.mp_state == VCPU_MP_STATE_RUNNABLE diff --git a/debian/binary-custom.d/openvz/src/arch/x86/kvm/x86.c b/debian/binary-custom.d/openvz/src/arch/x86/kvm/x86.c index 2085040..9331b67 100644 --- a/debian/binary-custom.d/openvz/src/arch/x86/kvm/x86.c +++ b/debian/binary-custom.d/openvz/src/arch/x86/kvm/x86.c @@ -3496,6 +3496,11 @@ int kvm_arch_set_memory_region(struct kvm *kvm, return 0; } +void kvm_arch_flush_shadow(struct kvm *kvm) +{ + kvm_mmu_zap_all(kvm); +} + int kvm_arch_vcpu_runnable(struct kvm_vcpu *vcpu) { return vcpu->arch.mp_state == VCPU_MP_STATE_RUNNABLE diff --git a/debian/binary-custom.d/openvz/src/include/linux/kvm_host.h b/debian/binary-custom.d/openvz/src/include/linux/kvm_host.h index 958e003..588e4f9 100644 --- a/debian/binary-custom.d/openvz/src/include/linux/kvm_host.h +++ b/debian/binary-custom.d/openvz/src/include/linux/kvm_host.h @@ -172,6 +172,7 @@ int kvm_arch_set_memory_region(struct kvm *kvm, struct kvm_userspace_memory_region *mem, struct kvm_memory_slot old, int user_alloc); +void kvm_arch_flush_shadow(struct kvm *kvm); gfn_t unalias_gfn(struct kvm *kvm, gfn_t gfn); struct page *gfn_to_page(struct kvm *kvm, gfn_t gfn); unsigned long gfn_to_hva(struct kvm *kvm, gfn_t gfn); diff --git a/debian/binary-custom.d/openvz/src/virt/kvm/kvm_main.c b/debian/binary-custom.d/openvz/src/virt/kvm/kvm_main.c index 240156e..2a4bdbd 100644 --- a/debian/binary-custom.d/openvz/src/virt/kvm/kvm_main.c +++ b/debian/binary-custom.d/openvz/src/virt/kvm/kvm_main.c @@ -358,6 +358,9 @@ int __kvm_set_memory_region(struct kvm *kvm, if (mem->slot >= kvm->nmemslots) kvm->nmemslots = mem->slot + 1; + if (!npages) + kvm_arch_flush_shadow(kvm); + *memslot = new; r = kvm_arch_set_memory_region(kvm, mem, old, user_alloc); diff --git a/debian/binary-custom.d/xen/src/arch/x86/kvm/x86.c b/debian/binary-custom.d/xen/src/arch/x86/kvm/x86.c index 2085040..9331b67 100644 --- a/debian/binary-custom.d/xen/src/arch/x86/kvm/x86.c +++ b/debian/binary-custom.d/xen/src/arch/x86/kvm/x86.c @@ -3496,6 +3496,11 @@ int kvm_arch_set_memory_region(struct kvm *kvm, return 0; } +void kvm_arch_flush_shadow(struct kvm *kvm) +{ + kvm_mmu_zap_all(kvm); +} + int kvm_arch_vcpu_runnable(struct kvm_vcpu *vcpu) { return vcpu->arch.mp_state == VCPU_MP_STATE_RUNNABLE diff --git a/debian/binary-custom.d/xen/src/include/linux/kvm_host.h b/debian/binary-custom.d/xen/src/include/linux/kvm_host.h index 958e003..588e4f9 100644 --- a/debian/binary-custom.d/xen/src/include/linux/kvm_host.h +++ b/debian/binary-custom.d/xen/src/include/linux/kvm_host.h @@ -172,6 +172,7 @@ int kvm_arch_set_memory_region(struct kvm *kvm, struct kvm_userspace_memory_region *mem, struct kvm_memory_slot old, int user_alloc); +void kvm_arch_flush_shadow(struct kvm *kvm); gfn_t unalias_gfn(struct kvm *kvm, gfn_t gfn); struct page *gfn_to_page(struct kvm *kvm, gfn_t gfn); unsigned long gfn_to_hva(struct kvm *kvm, gfn_t gfn); diff --git a/debian/binary-custom.d/xen/src/virt/kvm/kvm_main.c b/debian/binary-custom.d/xen/src/virt/kvm/kvm_main.c index 240156e..2a4bdbd 100644 --- a/debian/binary-custom.d/xen/src/virt/kvm/kvm_main.c +++ b/debian/binary-custom.d/xen/src/virt/kvm/kvm_main.c @@ -358,6 +358,9 @@ int __kvm_set_memory_region(struct kvm *kvm, if (mem->slot >= kvm->nmemslots) kvm->nmemslots = mem->slot + 1; + if (!npages) + kvm_arch_flush_shadow(kvm); + *memslot = new; r = kvm_arch_set_memory_region(kvm, mem, old, user_alloc); diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 958e003..588e4f9 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -172,6 +172,7 @@ int kvm_arch_set_memory_region(struct kvm *kvm, struct kvm_userspace_memory_region *mem, struct kvm_memory_slot old, int user_alloc); +void kvm_arch_flush_shadow(struct kvm *kvm); gfn_t unalias_gfn(struct kvm *kvm, gfn_t gfn); struct page *gfn_to_page(struct kvm *kvm, gfn_t gfn); unsigned long gfn_to_hva(struct kvm *kvm, gfn_t gfn); diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 240156e..2a4bdbd 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -358,6 +358,9 @@ int __kvm_set_memory_region(struct kvm *kvm, if (mem->slot >= kvm->nmemslots) kvm->nmemslots = mem->slot + 1; + if (!npages) + kvm_arch_flush_shadow(kvm); + *memslot = new; r = kvm_arch_set_memory_region(kvm, mem, old, user_alloc);