diff options
| -rw-r--r-- | arch/x86/include/asm/kvm_host.h | 7 | ||||
| -rw-r--r-- | arch/x86/include/asm/vmx.h | 9 | ||||
| -rw-r--r-- | arch/x86/kvm/vmx.c | 6 |
3 files changed, 17 insertions, 5 deletions
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 7e594a325158..3272a5e4aaad 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h | |||
| @@ -208,6 +208,13 @@ enum { | |||
| 208 | PFERR_WRITE_MASK | \ | 208 | PFERR_WRITE_MASK | \ |
| 209 | PFERR_PRESENT_MASK) | 209 | PFERR_PRESENT_MASK) |
| 210 | 210 | ||
| 211 | /* | ||
| 212 | * The mask used to denote special SPTEs, which can be either MMIO SPTEs or | ||
| 213 | * Access Tracking SPTEs. We use bit 62 instead of bit 63 to avoid conflicting | ||
| 214 | * with the SVE bit in EPT PTEs. | ||
| 215 | */ | ||
| 216 | #define SPTE_SPECIAL_MASK (1ULL << 62) | ||
| 217 | |||
| 211 | /* apic attention bits */ | 218 | /* apic attention bits */ |
| 212 | #define KVM_APIC_CHECK_VAPIC 0 | 219 | #define KVM_APIC_CHECK_VAPIC 0 |
| 213 | /* | 220 | /* |
diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index 25a482fb5241..fc061cbb46e0 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h | |||
| @@ -467,8 +467,13 @@ enum vmcs_field { | |||
| 467 | #define VMX_EPT_WRITABLE_MASK 0x2ull | 467 | #define VMX_EPT_WRITABLE_MASK 0x2ull |
| 468 | #define VMX_EPT_EXECUTABLE_MASK 0x4ull | 468 | #define VMX_EPT_EXECUTABLE_MASK 0x4ull |
| 469 | #define VMX_EPT_IPAT_BIT (1ull << 6) | 469 | #define VMX_EPT_IPAT_BIT (1ull << 6) |
| 470 | #define VMX_EPT_ACCESS_BIT (1ull << 8) | 470 | #define VMX_EPT_ACCESS_BIT (1ull << 8) |
| 471 | #define VMX_EPT_DIRTY_BIT (1ull << 9) | 471 | #define VMX_EPT_DIRTY_BIT (1ull << 9) |
| 472 | |||
| 473 | /* The mask to use to trigger an EPT Misconfiguration in order to track MMIO */ | ||
| 474 | #define VMX_EPT_MISCONFIG_WX_VALUE (VMX_EPT_WRITABLE_MASK | \ | ||
| 475 | VMX_EPT_EXECUTABLE_MASK) | ||
| 476 | |||
| 472 | 477 | ||
| 473 | #define VMX_EPT_IDENTITY_PAGETABLE_ADDR 0xfffbc000ul | 478 | #define VMX_EPT_IDENTITY_PAGETABLE_ADDR 0xfffbc000ul |
| 474 | 479 | ||
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 81159a3878f4..6f53dedd9b96 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c | |||
| @@ -5236,10 +5236,10 @@ static void ept_set_mmio_spte_mask(void) | |||
| 5236 | /* | 5236 | /* |
| 5237 | * EPT Misconfigurations can be generated if the value of bits 2:0 | 5237 | * EPT Misconfigurations can be generated if the value of bits 2:0 |
| 5238 | * of an EPT paging-structure entry is 110b (write/execute). | 5238 | * of an EPT paging-structure entry is 110b (write/execute). |
| 5239 | * Also, magic bits (0x3ull << 62) is set to quickly identify mmio | 5239 | * Also, special bit (62) is set to quickly identify mmio spte. |
| 5240 | * spte. | ||
| 5241 | */ | 5240 | */ |
| 5242 | kvm_mmu_set_mmio_spte_mask((0x3ull << 62) | 0x6ull); | 5241 | kvm_mmu_set_mmio_spte_mask(SPTE_SPECIAL_MASK | |
| 5242 | VMX_EPT_MISCONFIG_WX_VALUE); | ||
| 5243 | } | 5243 | } |
| 5244 | 5244 | ||
| 5245 | #define VMX_XSS_EXIT_BITMAP 0 | 5245 | #define VMX_XSS_EXIT_BITMAP 0 |