• Sean Christopherson's avatar
    KVM: Call kvm_arch_memslots_updated() before updating memslots · 15248258
    Sean Christopherson authored
    kvm_arch_memslots_updated() is at this point in time an x86-specific
    hook for handling MMIO generation wraparound.  x86 stashes 19 bits of
    the memslots generation number in its MMIO sptes in order to avoid
    full page fault walks for repeat faults on emulated MMIO addresses.
    Because only 19 bits are used, wrapping the MMIO generation number is
    possible, if unlikely.  kvm_arch_memslots_updated() alerts x86 that
    the generation has changed so that it can invalidate all MMIO sptes in
    case the effective MMIO generation has wrapped so as to avoid using a
    stale spte, e.g. a (very) old spte that was created with generation==0.
    
    Given that the purpose of kvm_arch_memslots_updated() is to prevent
    consuming stale entries, it needs to be called before the new generation
    is propagated to memslots.  Invalidating the MMIO sptes after updating
    memslots means that there is a window where a vCPU could dereference
    the new memslots generation, e.g. 0, and incorrectly reuse an old MMIO
    spte that was created with (pre-wrap) generation==0.
    
    Fixes: e59dbe09 ("KVM: Introduce kvm_arch_memslots_updated()")
    Cc: <stable@vger.kernel.org>
    Signed-off-by: default avatarSean Christopherson <sean.j.christopherson@intel.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    15248258
kvm_main.c 99.3 KB