Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull kvm fixes from Paolo Bonzini: "Fixes for 3.12-rc5: two old PPC bugs and one new (3.12-rc2) x86 bug" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: kvm: ppc: booke: check range page invalidation progress on page setup KVM: PPC: Book3S HV: Fix typo in saving DSCR KVM: nVMX: fix shadow on EPT

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull kvm fixes from Paolo Bonzini: "Fixes for 3.12-rc5: two old PPC bugs and one new (3.12-rc2) x86 bug" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: kvm: ppc: booke: check range page invalidation progress on page setup KVM: PPC: Book3S HV: Fix typo in saving DSCR KVM: nVMX: fix shadow on EPT
Linus Torvalds
2 parents bd7df5ad05 40fde70d0d
Showing 3 changed files Side-by-side Diff
arch/powerpc/kvm/book3s_hv_rmhandlers.S
arch/powerpc/kvm/e500_mmu_host.c
arch/x86/kvm/vmx.c
@@ -1066,7 +1066,7 @@
 BEGIN_FTR_SECTION
 	mfspr	r8, SPRN_DSCR
 	ld	r7, HSTATE_DSCR(r13)
-	std	r8, VCPU_DSCR(r7)
+	std	r8, VCPU_DSCR(r9)
 	mtspr	SPRN_DSCR, r7
 END_FTR_SECTION_IFSET(CPU_FTR_ARCH_206)
  
@@ -332,7 +332,14 @@
 	unsigned long hva;
 	int pfnmap = 0;
 	int tsize = BOOK3E_PAGESZ_4K;
+	int ret = 0;
+	unsigned long mmu_seq;
+	struct kvm *kvm = vcpu_e500->vcpu.kvm;
  
+	/* used to check for invalidations in progress */
+	mmu_seq = kvm->mmu_notifier_seq;
+	smp_rmb();
+
 	/*
 	 * Translate guest physical to true physical, acquiring
 	 * a page reference if it is normal, non-reserved memory.
@@ -449,6 +456,12 @@
 		gvaddr &= ~((tsize_pages << PAGE_SHIFT) - 1);
 	}
  
+	spin_lock(&kvm->mmu_lock);
+	if (mmu_notifier_retry(kvm, mmu_seq)) {
+		ret = -EAGAIN;
+		goto out;
+	}
+
 	kvmppc_e500_ref_setup(ref, gtlbe, pfn);
  
 	kvmppc_e500_setup_stlbe(&vcpu_e500->vcpu, gtlbe, tsize,
  
@@ -457,10 +470,13 @@
 	/* Clear i-cache for new pages */
 	kvmppc_mmu_flush_icache(pfn);
  
+out:
+	spin_unlock(&kvm->mmu_lock);
+
 	/* Drop refcount on page, so that mmu notifiers can clear it */
 	kvm_release_pfn_clean(pfn);
  
-	return 0;
+	return ret;
 }
  
 /* XXX only map the one-one case, for now use TLB0 */
@@ -3255,25 +3255,29 @@
  
 static void ept_load_pdptrs(struct kvm_vcpu *vcpu)
 {
+	struct kvm_mmu *mmu = vcpu->arch.walk_mmu;
+
 	if (!test_bit(VCPU_EXREG_PDPTR,
 		      (unsigned long *)&vcpu->arch.regs_dirty))
 		return;
  
 	if (is_paging(vcpu) && is_pae(vcpu) && !is_long_mode(vcpu)) {
-		vmcs_write64(GUEST_PDPTR0, vcpu->arch.mmu.pdptrs[0]);
-		vmcs_write64(GUEST_PDPTR1, vcpu->arch.mmu.pdptrs[1]);
-		vmcs_write64(GUEST_PDPTR2, vcpu->arch.mmu.pdptrs[2]);
-		vmcs_write64(GUEST_PDPTR3, vcpu->arch.mmu.pdptrs[3]);
+		vmcs_write64(GUEST_PDPTR0, mmu->pdptrs[0]);
+		vmcs_write64(GUEST_PDPTR1, mmu->pdptrs[1]);
+		vmcs_write64(GUEST_PDPTR2, mmu->pdptrs[2]);
+		vmcs_write64(GUEST_PDPTR3, mmu->pdptrs[3]);
 	}
 }
  
 static void ept_save_pdptrs(struct kvm_vcpu *vcpu)
 {
+	struct kvm_mmu *mmu = vcpu->arch.walk_mmu;
+
 	if (is_paging(vcpu) && is_pae(vcpu) && !is_long_mode(vcpu)) {
-		vcpu->arch.mmu.pdptrs[0] = vmcs_read64(GUEST_PDPTR0);
-		vcpu->arch.mmu.pdptrs[1] = vmcs_read64(GUEST_PDPTR1);
-		vcpu->arch.mmu.pdptrs[2] = vmcs_read64(GUEST_PDPTR2);
-		vcpu->arch.mmu.pdptrs[3] = vmcs_read64(GUEST_PDPTR3);
+		mmu->pdptrs[0] = vmcs_read64(GUEST_PDPTR0);
+		mmu->pdptrs[1] = vmcs_read64(GUEST_PDPTR1);
+		mmu->pdptrs[2] = vmcs_read64(GUEST_PDPTR2);
+		mmu->pdptrs[3] = vmcs_read64(GUEST_PDPTR3);
 	}
  
 	__set_bit(VCPU_EXREG_PDPTR,
@@ -7777,10 +7781,6 @@
 		vmcs_write64(GUEST_PDPTR1, vmcs12->guest_pdptr1);
 		vmcs_write64(GUEST_PDPTR2, vmcs12->guest_pdptr2);
 		vmcs_write64(GUEST_PDPTR3, vmcs12->guest_pdptr3);
-		__clear_bit(VCPU_EXREG_PDPTR,
-				(unsigned long *)&vcpu->arch.regs_avail);
-		__clear_bit(VCPU_EXREG_PDPTR,
-				(unsigned long *)&vcpu->arch.regs_dirty);
 	}
  
 	kvm_register_write(vcpu, VCPU_REGS_RSP, vmcs12->guest_rsp);
...	...	@@ -1066,7 +1066,7 @@
1066	1066	BEGIN_FTR_SECTION
1067	1067	mfspr r8, SPRN_DSCR
1068	1068	ld r7, HSTATE_DSCR(r13)
1069		- std r8, VCPU_DSCR(r7)
	1069	+ std r8, VCPU_DSCR(r9)
1070	1070	mtspr SPRN_DSCR, r7
1071	1071	END_FTR_SECTION_IFSET(CPU_FTR_ARCH_206)
1072	1072
...	...	@@ -332,7 +332,14 @@
332	332	unsigned long hva;
333	333	int pfnmap = 0;
334	334	int tsize = BOOK3E_PAGESZ_4K;
	335	+ int ret = 0;
	336	+ unsigned long mmu_seq;
	337	+ struct kvm *kvm = vcpu_e500->vcpu.kvm;
335	338
	339	+ /* used to check for invalidations in progress */
	340	+ mmu_seq = kvm->mmu_notifier_seq;
	341	+ smp_rmb();
	342	+
336	343	/*
337	344	* Translate guest physical to true physical, acquiring
338	345	* a page reference if it is normal, non-reserved memory.
...	...	@@ -449,6 +456,12 @@
449	456	gvaddr &= ~((tsize_pages << PAGE_SHIFT) - 1);
450	457	}
451	458
	459	+ spin_lock(&kvm->mmu_lock);
	460	+ if (mmu_notifier_retry(kvm, mmu_seq)) {
	461	+ ret = -EAGAIN;
	462	+ goto out;
	463	+ }
	464	+
452	465	kvmppc_e500_ref_setup(ref, gtlbe, pfn);
453	466
454	467	kvmppc_e500_setup_stlbe(&vcpu_e500->vcpu, gtlbe, tsize,
455	468
...	...	@@ -457,10 +470,13 @@
457	470	/* Clear i-cache for new pages */
458	471	kvmppc_mmu_flush_icache(pfn);
459	472
	473	+out:
	474	+ spin_unlock(&kvm->mmu_lock);
	475	+
460	476	/* Drop refcount on page, so that mmu notifiers can clear it */
461	477	kvm_release_pfn_clean(pfn);
462	478
463		- return 0;
	479	+ return ret;
464	480	}
465	481
466	482	/* XXX only map the one-one case, for now use TLB0 */
...	...	@@ -3255,25 +3255,29 @@
3255	3255
3256	3256	static void ept_load_pdptrs(struct kvm_vcpu *vcpu)
3257	3257	{
	3258	+ struct kvm_mmu *mmu = vcpu->arch.walk_mmu;
	3259	+
3258	3260	if (!test_bit(VCPU_EXREG_PDPTR,
3259	3261	(unsigned long *)&vcpu->arch.regs_dirty))
3260	3262	return;
3261	3263
3262	3264	if (is_paging(vcpu) && is_pae(vcpu) && !is_long_mode(vcpu)) {
3263		- vmcs_write64(GUEST_PDPTR0, vcpu->arch.mmu.pdptrs[0]);
3264		- vmcs_write64(GUEST_PDPTR1, vcpu->arch.mmu.pdptrs[1]);
3265		- vmcs_write64(GUEST_PDPTR2, vcpu->arch.mmu.pdptrs[2]);
3266		- vmcs_write64(GUEST_PDPTR3, vcpu->arch.mmu.pdptrs[3]);
	3265	+ vmcs_write64(GUEST_PDPTR0, mmu->pdptrs[0]);
	3266	+ vmcs_write64(GUEST_PDPTR1, mmu->pdptrs[1]);
	3267	+ vmcs_write64(GUEST_PDPTR2, mmu->pdptrs[2]);
	3268	+ vmcs_write64(GUEST_PDPTR3, mmu->pdptrs[3]);
3267	3269	}
3268	3270	}
3269	3271
3270	3272	static void ept_save_pdptrs(struct kvm_vcpu *vcpu)
3271	3273	{
	3274	+ struct kvm_mmu *mmu = vcpu->arch.walk_mmu;
	3275	+
3272	3276	if (is_paging(vcpu) && is_pae(vcpu) && !is_long_mode(vcpu)) {
3273		- vcpu->arch.mmu.pdptrs[0] = vmcs_read64(GUEST_PDPTR0);
3274		- vcpu->arch.mmu.pdptrs[1] = vmcs_read64(GUEST_PDPTR1);
3275		- vcpu->arch.mmu.pdptrs[2] = vmcs_read64(GUEST_PDPTR2);
3276		- vcpu->arch.mmu.pdptrs[3] = vmcs_read64(GUEST_PDPTR3);
	3277	+ mmu->pdptrs[0] = vmcs_read64(GUEST_PDPTR0);
	3278	+ mmu->pdptrs[1] = vmcs_read64(GUEST_PDPTR1);
	3279	+ mmu->pdptrs[2] = vmcs_read64(GUEST_PDPTR2);
	3280	+ mmu->pdptrs[3] = vmcs_read64(GUEST_PDPTR3);
3277	3281	}
3278	3282
3279	3283	__set_bit(VCPU_EXREG_PDPTR,
...	...	@@ -7777,10 +7781,6 @@
7777	7781	vmcs_write64(GUEST_PDPTR1, vmcs12->guest_pdptr1);
7778	7782	vmcs_write64(GUEST_PDPTR2, vmcs12->guest_pdptr2);
7779	7783	vmcs_write64(GUEST_PDPTR3, vmcs12->guest_pdptr3);
7780		- __clear_bit(VCPU_EXREG_PDPTR,
7781		- (unsigned long *)&vcpu->arch.regs_avail);
7782		- __clear_bit(VCPU_EXREG_PDPTR,
7783		- (unsigned long *)&vcpu->arch.regs_dirty);
7784	7784	}
7785	7785
7786	7786	kvm_register_write(vcpu, VCPU_REGS_RSP, vmcs12->guest_rsp);