Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'kvm-x86-mmu-7.1' of https://github.com/kvm-x86/linux into HEAD
KVM x86 MMU changes for 7.1
- Fix an undefined behavior warning where a crafty userspace can read kvm.ko's
nx_huge_pages before it's fully initialized.
- Don't zero-allocate page tables that are used for splitting hugepages in the
TDP MMU, as KVM is guaranteed to set all SPTEs in the page table and thus
write all bytes.
- Bail early when trying to unsync 4KiB mappings if the target gfn can be
mapped with a 2MiB hugepage, to avoid the gfn hash lookup.
+15
-1
+14
arch/x86/kvm/mmu/mmu.c
+14
arch/x86/kvm/mmu/mmu.c
···
2941
2941
return -EPERM;
2942
2942
2943
2943
/*
2944
+
* Only 4KiB mappings can become unsync, and KVM disallows hugepages
2945
+
* when accounting 4KiB shadow pages. Upper-level gPTEs are always
2946
+
* write-protected (see above), thus if the gfn can be mapped with a
2947
+
* hugepage and isn't write-tracked, it can't have a shadow page.
2948
+
*/
2949
+
if (!lpage_info_slot(gfn, slot, PG_LEVEL_2M)->disallow_lpage)
2950
+
return 0;
2951
+
2952
+
/*
2944
2953
* The page is not write-tracked, mark existing shadow pages unsync
2945
2954
* unless KVM is synchronizing an unsync SP. In that case, KVM must
2946
2955
* complete emulation of the guest TLB flush before allowing shadow
···
7499
7490
7500
7491
static int get_nx_huge_pages(char *buffer, const struct kernel_param *kp)
7501
7492
{
7493
+
int val = *(int *)kp->arg;
7494
+
7502
7495
if (nx_hugepage_mitigation_hard_disabled)
7503
7496
return sysfs_emit(buffer, "never\n");
7497
+
7498
+
if (val == -1)
7499
+
return sysfs_emit(buffer, "auto\n");
7504
7500
7505
7501
return param_get_bool(buffer, kp);
7506
7502
}
+1
-1
arch/x86/kvm/mmu/tdp_mmu.c
+1
-1
arch/x86/kvm/mmu/tdp_mmu.c