KVM: MMU: fix SMAP virtualization KVM may turn a user page to a kernel page when kernel writes a readonly user page if CR0.WP = 1. This shadow page entry will be reused after SMAP is enabled so that kernel is allowed to access this user page Fix it by setting SMAP && !CR0.WP into shadow page's role and reset mmu once CR4.SMAP is updated Signed-off-by: Xiao Guangrong <guangrong.xiao@linux.intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

commit: edc90b7dc4ceef62ef0ad9cc6c3f5dc770e83ad2 [log] [tgz]
author: Xiao Guangrong <guangrong.xiao@linux.intel.com> Mon May 11 22:55:21 2015 +0800
committer: Paolo Bonzini <pbonzini@redhat.com> Tue May 19 20:52:36 2015 +0200
tree: 36a2ab127ab4f6a01fc33190abf3e06682f6ceba
parent: 428e3d08574b77876ea5e71f294f91bd8afa51b5 [diff] [blame]
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index cdccbe1..cde5d61 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c

@@ -702,8 +702,9 @@
 int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
 {
 	unsigned long old_cr4 = kvm_read_cr4(vcpu);
-	unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE |
-				   X86_CR4_PAE | X86_CR4_SMEP;
+	unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE | X86_CR4_PAE |
+				   X86_CR4_SMEP | X86_CR4_SMAP;
+
 	if (cr4 & CR4_RESERVED_BITS)
 		return 1;
 
@@ -744,9 +745,6 @@
 	    (!(cr4 & X86_CR4_PCIDE) && (old_cr4 & X86_CR4_PCIDE)))
 		kvm_mmu_reset_context(vcpu);
 
-	if ((cr4 ^ old_cr4) & X86_CR4_SMAP)
-		update_permission_bitmask(vcpu, vcpu->arch.walk_mmu, false);
-
 	if ((cr4 ^ old_cr4) & X86_CR4_OSXSAVE)
 		kvm_update_cpuid(vcpu);
commit	edc90b7dc4ceef62ef0ad9cc6c3f5dc770e83ad2	[log] [tgz]
author	Xiao Guangrong <guangrong.xiao@linux.intel.com>	Mon May 11 22:55:21 2015 +0800
committer	Paolo Bonzini <pbonzini@redhat.com>	Tue May 19 20:52:36 2015 +0200
tree	36a2ab127ab4f6a01fc33190abf3e06682f6ceba
parent	428e3d08574b77876ea5e71f294f91bd8afa51b5 [diff] [blame]