| From f66c53b3b94f658590e1012bf6d922f8b7e01bda Mon Sep 17 00:00:00 2001 |
| From: Sean Christopherson <seanjc@google.com> |
| Date: Thu, 4 Mar 2021 17:10:58 -0800 |
| Subject: KVM: x86: Defer the MMU unload to the normal path on an global INVPCID |
| |
| From: Sean Christopherson <seanjc@google.com> |
| |
| commit f66c53b3b94f658590e1012bf6d922f8b7e01bda upstream. |
| |
| Defer unloading the MMU after a INVPCID until the instruction emulation |
| has completed, i.e. until after RIP has been updated. |
| |
| On VMX, this is a benign bug as VMX doesn't touch the MMU when skipping |
| an emulated instruction. However, on SVM, if nrip is disabled, the |
| emulator is used to skip an instruction, which would lead to fireworks |
| if the emulator were invoked without a valid MMU. |
| |
| Fixes: eb4b248e152d ("kvm: vmx: Support INVPCID in shadow paging mode") |
| Cc: stable@vger.kernel.org |
| Signed-off-by: Sean Christopherson <seanjc@google.com> |
| Message-Id: <20210305011101.3597423-15-seanjc@google.com> |
| Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| arch/x86/kvm/x86.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/arch/x86/kvm/x86.c |
| +++ b/arch/x86/kvm/x86.c |
| @@ -11407,7 +11407,7 @@ int kvm_handle_invpcid(struct kvm_vcpu * |
| |
| fallthrough; |
| case INVPCID_TYPE_ALL_INCL_GLOBAL: |
| - kvm_mmu_unload(vcpu); |
| + kvm_make_request(KVM_REQ_MMU_RELOAD, vcpu); |
| return kvm_skip_emulated_instruction(vcpu); |
| |
| default: |
