KVM: MMU: Add validate_direct_spte() helper
Add a helper to verify that a direct shadow page is valid wrt the required access permissions; drop the page if it is not valid. Reviewed-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> Signed-off-by: Avi Kivity <avi@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
This commit is contained in:
Родитель
a3aa51cfaa
Коммит
a357bd229c
|
@ -1500,6 +1500,29 @@ static void drop_large_spte(struct kvm_vcpu *vcpu, u64 *sptep)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void validate_direct_spte(struct kvm_vcpu *vcpu, u64 *sptep,
|
||||||
|
unsigned direct_access)
|
||||||
|
{
|
||||||
|
if (is_shadow_present_pte(*sptep) && !is_large_pte(*sptep)) {
|
||||||
|
struct kvm_mmu_page *child;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* For the direct sp, if the guest pte's dirty bit
|
||||||
|
* changed form clean to dirty, it will corrupt the
|
||||||
|
* sp's access: allow writable in the read-only sp,
|
||||||
|
* so we should update the spte at this point to get
|
||||||
|
* a new sp with the correct access.
|
||||||
|
*/
|
||||||
|
child = page_header(*sptep & PT64_BASE_ADDR_MASK);
|
||||||
|
if (child->role.access == direct_access)
|
||||||
|
return;
|
||||||
|
|
||||||
|
mmu_page_remove_parent_pte(child, sptep);
|
||||||
|
__set_spte(sptep, shadow_trap_nonpresent_pte);
|
||||||
|
kvm_flush_remote_tlbs(vcpu->kvm);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
static void kvm_mmu_page_unlink_children(struct kvm *kvm,
|
static void kvm_mmu_page_unlink_children(struct kvm *kvm,
|
||||||
struct kvm_mmu_page *sp)
|
struct kvm_mmu_page *sp)
|
||||||
{
|
{
|
||||||
|
|
|
@ -338,30 +338,15 @@ static u64 *FNAME(fetch)(struct kvm_vcpu *vcpu, gva_t addr,
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (is_shadow_present_pte(*sptep) && !is_large_pte(*sptep)) {
|
if (is_shadow_present_pte(*sptep) && !is_large_pte(*sptep)
|
||||||
struct kvm_mmu_page *child;
|
&& level == gw->level)
|
||||||
|
validate_direct_spte(vcpu, sptep, direct_access);
|
||||||
if (level != gw->level)
|
|
||||||
continue;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* For the direct sp, if the guest pte's dirty bit
|
|
||||||
* changed form clean to dirty, it will corrupt the
|
|
||||||
* sp's access: allow writable in the read-only sp,
|
|
||||||
* so we should update the spte at this point to get
|
|
||||||
* a new sp with the correct access.
|
|
||||||
*/
|
|
||||||
child = page_header(*sptep & PT64_BASE_ADDR_MASK);
|
|
||||||
if (child->role.access == direct_access)
|
|
||||||
continue;
|
|
||||||
|
|
||||||
mmu_page_remove_parent_pte(child, sptep);
|
|
||||||
__set_spte(sptep, shadow_trap_nonpresent_pte);
|
|
||||||
kvm_flush_remote_tlbs(vcpu->kvm);
|
|
||||||
}
|
|
||||||
|
|
||||||
drop_large_spte(vcpu, sptep);
|
drop_large_spte(vcpu, sptep);
|
||||||
|
|
||||||
|
if (is_shadow_present_pte(*sptep))
|
||||||
|
continue;
|
||||||
|
|
||||||
if (level <= gw->level) {
|
if (level <= gw->level) {
|
||||||
direct = 1;
|
direct = 1;
|
||||||
access = direct_access;
|
access = direct_access;
|
||||||
|
|
Загрузка…
Ссылка в новой задаче