1 files changed, 21 insertions, 4 deletions
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 388a2ef83911..65f2400b8268 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -4309,15 +4309,32 @@ void kvm_mmu_slot_remove_write_access(struct kvm *kvm, int slot)
                        if (*rmapp)
                                __rmap_write_protect(kvm, rmapp, false);
-                        if (need_resched() || spin_needbreak(&kvm->mmu_lock)) {
+                        if (need_resched() || spin_needbreak(&kvm->mmu_lock))
-                                kvm_flush_remote_tlbs(kvm);
                                cond_resched_lock(&kvm->mmu_lock);
-                        }
                }
        }
-        kvm_flush_remote_tlbs(kvm);
        spin_unlock(&kvm->mmu_lock);
+        /*
+         * kvm_mmu_slot_remove_write_access() and kvm_vm_ioctl_get_dirty_log()
+         * which do tlb flush out of mmu-lock should be serialized by
+         * kvm->slots_lock otherwise tlb flush would be missed.
+         */
+        lockdep_assert_held(&kvm->slots_lock);
+        /*
+         * We can flush all the TLBs out of the mmu lock without TLB
+         * corruption since we just change the spte from writable to
+         * readonly so that we only need to care the case of changing
+         * spte from present to present (changing the spte from present
+         * to nonpresent will flush all the TLBs immediately), in other
+         * words, the only case we care is mmu_spte_update() where we
+         * haved checked SPTE_HOST_WRITEABLE | SPTE_MMU_WRITEABLE
+         * instead of PT_WRITABLE_MASK, that means it does not depend
+         * on PT_WRITABLE_MASK anymore.
+         */
+        kvm_flush_remote_tlbs(kvm);
 }
 #define BATCH_ZAP_PAGES 10

diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index 388a2ef83911..65f2400b8268 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c
@@ -4309,15 +4309,32 @@ void kvm_mmu_slot_remove_write_access(struct kvm *kvm, int slot)
4309	if (*rmapp)	4309	if (*rmapp)
4310	__rmap_write_protect(kvm, rmapp, false);	4310	__rmap_write_protect(kvm, rmapp, false);
4311		4311
4312	if (need_resched() \|\| spin_needbreak(&kvm->mmu_lock)) {	4312	if (need_resched() \|\| spin_needbreak(&kvm->mmu_lock))
4313	kvm_flush_remote_tlbs(kvm);
4314	cond_resched_lock(&kvm->mmu_lock);	4313	cond_resched_lock(&kvm->mmu_lock);
4315	}
4316	}	4314	}
4317	}	4315	}
4318		4316
4319	kvm_flush_remote_tlbs(kvm);
4320	spin_unlock(&kvm->mmu_lock);	4317	spin_unlock(&kvm->mmu_lock);
		4318
		4319	/*
		4320	* kvm_mmu_slot_remove_write_access() and kvm_vm_ioctl_get_dirty_log()
		4321	* which do tlb flush out of mmu-lock should be serialized by
		4322	* kvm->slots_lock otherwise tlb flush would be missed.
		4323	*/
		4324	lockdep_assert_held(&kvm->slots_lock);
		4325
		4326	/*
		4327	* We can flush all the TLBs out of the mmu lock without TLB
		4328	* corruption since we just change the spte from writable to
		4329	* readonly so that we only need to care the case of changing
		4330	* spte from present to present (changing the spte from present
		4331	* to nonpresent will flush all the TLBs immediately), in other
		4332	* words, the only case we care is mmu_spte_update() where we
		4333	* haved checked SPTE_HOST_WRITEABLE \| SPTE_MMU_WRITEABLE
		4334	* instead of PT_WRITABLE_MASK, that means it does not depend
		4335	* on PT_WRITABLE_MASK anymore.
		4336	*/
		4337	kvm_flush_remote_tlbs(kvm);
4321	}	4338	}
4322		4339
4323	#define BATCH_ZAP_PAGES 10	4340	#define BATCH_ZAP_PAGES 10