NothingOSS/android_kernel_msm-6.1_nothing_sm7635
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_msm-6.1_noth.../arch
History
Sean Christopherson 1193a36f58 KVM: x86/mmu: Refresh CR0.WP prior to checking for emulated permission faults 
[ Upstream commit cf9f4c0eb1699d306e348b1fd0225af7b2c282d3 ]

Refresh the MMU's snapshot of the vCPU's CR0.WP prior to checking for
permission faults when emulating a guest memory access and CR0.WP may be
guest owned.  If the guest toggles only CR0.WP and triggers emulation of
a supervisor write, e.g. when KVM is emulating UMIP, KVM may consume a
stale CR0.WP, i.e. use stale protection bits metadata.

Note, KVM passes through CR0.WP if and only if EPT is enabled as CR0.WP
is part of the MMU role for legacy shadow paging, and SVM (NPT) doesn't
support per-bit interception controls for CR0.  Don't bother checking for
EPT vs. NPT as the "old == new" check will always be true under NPT, i.e.
the only cost is the read of vcpu->arch.cr4 (SVM unconditionally grabs CR0
from the VMCB on VM-Exit).

Reported-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lkml.kernel.org/r/677169b4-051f-fcae-756b-9a3e1bb9f8fe%40grsecurity.net
Fixes: fb509f76acc8 ("KVM: VMX: Make CR0.WP a guest owned bit")
Tested-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20230405002608.418442-1-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Mathias Krause <minipli@grsecurity.net>	# backport to v6.1.x
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-05-17 11:53:30 +02:00
..
alpha alpha: fix R_ALPHA_LITERAL reloc for large modules 2023-03-17 08:50:31 +01:00
arc ARC: mm: fix leakage of memory allocated for PTE 2022-10-17 16:32:12 -07:00
arm ARM: dts: stm32: fix spi1 pin assignment on stm32mp15 2023-05-11 23:03:11 +09:00
arm64 arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step 2023-05-11 23:03:16 +09:00
csky - hfs and hfsplus kmap API modernization from Fabio Francesco 2022-10-12 11:00:22 -07:00
hexagon - hfs and hfsplus kmap API modernization from Fabio Francesco 2022-10-12 11:00:22 -07:00
ia64 ia64: fix an addr to taddr in huge_pte_offset() 2023-05-11 23:03:40 +09:00
loongarch LoongArch: Mark 3 symbol exports as non-GPL 2023-04-26 14:28:38 +02:00
m68k m68k: Only force 030 bus error if PC not in exception table 2023-03-30 12:49:17 +02:00
microblaze kbuild: fix "cat: .version: No such file or directory" 2022-11-24 09:26:02 +09:00
mips MIPS: fw: Allow firmware to pass a empty env 2023-05-11 23:03:01 +09:00
nios2 nios2: add FORCE for vmlinuz.gz 2022-11-27 08:28:41 +09:00
openrisc openrisc: Properly store r31 to pt_regs on unhandled exceptions 2023-05-11 23:03:35 +09:00
parisc parisc: Ensure page alignment in flush functions 2023-05-11 23:03:38 +09:00
powerpc powerpc/rtas: use memmove for potentially overlapping buffer copy 2023-05-11 23:03:31 +09:00
riscv riscv: Fix ptdump when KASAN is enabled 2023-05-11 23:03:32 +09:00
s390 s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling 2023-04-26 14:28:36 +02:00
sh sh: sq: Fix incorrect element size for allocating bitmap buffer 2023-05-11 23:03:30 +09:00
sparc sparc: allow PM configs for sparc32 COMPILE_TEST 2023-03-10 09:33:27 +01:00
um UML: define RUNTIME_DISCARD_EXIT 2023-03-17 08:50:32 +01:00
x86 KVM: x86/mmu: Refresh CR0.WP prior to checking for emulated permission faults 2023-05-17 11:53:30 +02:00
xtensa xtensa: fix KASAN report for show_stack 2023-04-06 12:10:54 +02:00
.gitignore
Kconfig ftrace: Allow WITH_ARGS flavour of graph tracer with shadow call stack 2022-12-31 13:32:45 +01:00