aboutsummaryrefslogtreecommitdiffstats
path: root/arch/x86/kvm/mmu_audit.c
diff options
context:
space:
mode:
Diffstat (limited to 'arch/x86/kvm/mmu_audit.c')
-rw-r--r--arch/x86/kvm/mmu_audit.c42
1 files changed, 18 insertions, 24 deletions
diff --git a/arch/x86/kvm/mmu_audit.c b/arch/x86/kvm/mmu_audit.c
index dcca3e7d7b4e..66219afcc91e 100644
--- a/arch/x86/kvm/mmu_audit.c
+++ b/arch/x86/kvm/mmu_audit.c
@@ -19,7 +19,11 @@
19 19
20#include <linux/ratelimit.h> 20#include <linux/ratelimit.h>
21 21
22static const char *audit_msg; 22static int audit_point;
23
24#define audit_printk(fmt, args...) \
25 printk(KERN_ERR "audit: (%s) error: " \
26 fmt, audit_point_name[audit_point], ##args)
23 27
24typedef void (*inspect_spte_fn) (struct kvm_vcpu *vcpu, u64 *sptep, int level); 28typedef void (*inspect_spte_fn) (struct kvm_vcpu *vcpu, u64 *sptep, int level);
25 29
@@ -93,21 +97,18 @@ static void audit_mappings(struct kvm_vcpu *vcpu, u64 *sptep, int level)
93 97
94 if (sp->unsync) { 98 if (sp->unsync) {
95 if (level != PT_PAGE_TABLE_LEVEL) { 99 if (level != PT_PAGE_TABLE_LEVEL) {
96 printk(KERN_ERR "audit: (%s) error: unsync sp: %p level = %d\n", 100 audit_printk("unsync sp: %p level = %d\n", sp, level);
97 audit_msg, sp, level);
98 return; 101 return;
99 } 102 }
100 103
101 if (*sptep == shadow_notrap_nonpresent_pte) { 104 if (*sptep == shadow_notrap_nonpresent_pte) {
102 printk(KERN_ERR "audit: (%s) error: notrap spte in unsync sp: %p\n", 105 audit_printk("notrap spte in unsync sp: %p\n", sp);
103 audit_msg, sp);
104 return; 106 return;
105 } 107 }
106 } 108 }
107 109
108 if (sp->role.direct && *sptep == shadow_notrap_nonpresent_pte) { 110 if (sp->role.direct && *sptep == shadow_notrap_nonpresent_pte) {
109 printk(KERN_ERR "audit: (%s) error: notrap spte in direct sp: %p\n", 111 audit_printk("notrap spte in direct sp: %p\n", sp);
110 audit_msg, sp);
111 return; 112 return;
112 } 113 }
113 114
@@ -124,10 +125,8 @@ static void audit_mappings(struct kvm_vcpu *vcpu, u64 *sptep, int level)
124 125
125 hpa = pfn << PAGE_SHIFT; 126 hpa = pfn << PAGE_SHIFT;
126 if ((*sptep & PT64_BASE_ADDR_MASK) != hpa) 127 if ((*sptep & PT64_BASE_ADDR_MASK) != hpa)
127 printk(KERN_ERR "xx audit error: (%s) levels %d" 128 audit_printk("levels %d pfn %llx hpa %llx ent %llxn",
128 "pfn %llx hpa %llx ent %llxn", 129 vcpu->arch.mmu.root_level, pfn, hpa, *sptep);
129 audit_msg, vcpu->arch.mmu.root_level,
130 pfn, hpa, *sptep);
131} 130}
132 131
133static void inspect_spte_has_rmap(struct kvm *kvm, u64 *sptep) 132static void inspect_spte_has_rmap(struct kvm *kvm, u64 *sptep)
@@ -143,11 +142,9 @@ static void inspect_spte_has_rmap(struct kvm *kvm, u64 *sptep)
143 if (!gfn_to_memslot(kvm, gfn)) { 142 if (!gfn_to_memslot(kvm, gfn)) {
144 if (!printk_ratelimit()) 143 if (!printk_ratelimit())
145 return; 144 return;
146 printk(KERN_ERR "%s: no memslot for gfn %llx\n", 145 audit_printk("no memslot for gfn %llx\n", gfn);
147 audit_msg, gfn); 146 audit_printk("index %ld of sp (gfn=%llx)\n",
148 printk(KERN_ERR "%s: index %ld of sp (gfn=%llx)\n", 147 (long int)(sptep - rev_sp->spt), rev_sp->gfn);
149 audit_msg, (long int)(sptep - rev_sp->spt),
150 rev_sp->gfn);
151 dump_stack(); 148 dump_stack();
152 return; 149 return;
153 } 150 }
@@ -156,8 +153,7 @@ static void inspect_spte_has_rmap(struct kvm *kvm, u64 *sptep)
156 if (!*rmapp) { 153 if (!*rmapp) {
157 if (!printk_ratelimit()) 154 if (!printk_ratelimit())
158 return; 155 return;
159 printk(KERN_ERR "%s: no rmap for writable spte %llx\n", 156 audit_printk("no rmap for writable spte %llx\n", *sptep);
160 audit_msg, *sptep);
161 dump_stack(); 157 dump_stack();
162 } 158 }
163} 159}
@@ -198,10 +194,8 @@ void audit_write_protection(struct kvm *kvm, struct kvm_mmu_page *sp)
198 spte = rmap_next(kvm, rmapp, NULL); 194 spte = rmap_next(kvm, rmapp, NULL);
199 while (spte) { 195 while (spte) {
200 if (is_writable_pte(*spte)) 196 if (is_writable_pte(*spte))
201 printk(KERN_ERR "%s: (%s) shadow page has " 197 audit_printk("shadow page has writable mappings: gfn "
202 "writable mappings: gfn %llx role %x\n", 198 "%llx role %x\n", sp->gfn, sp->role.word);
203 __func__, audit_msg, sp->gfn,
204 sp->role.word);
205 spte = rmap_next(kvm, rmapp, spte); 199 spte = rmap_next(kvm, rmapp, spte);
206 } 200 }
207} 201}
@@ -228,14 +222,14 @@ static void audit_vcpu_spte(struct kvm_vcpu *vcpu)
228 mmu_spte_walk(vcpu, audit_spte); 222 mmu_spte_walk(vcpu, audit_spte);
229} 223}
230 224
231static void kvm_mmu_audit(void *ignore, struct kvm_vcpu *vcpu, int audit_point) 225static void kvm_mmu_audit(void *ignore, struct kvm_vcpu *vcpu, int point)
232{ 226{
233 static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10); 227 static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10);
234 228
235 if (!__ratelimit(&ratelimit_state)) 229 if (!__ratelimit(&ratelimit_state))
236 return; 230 return;
237 231
238 audit_msg = audit_point_name[audit_point]; 232 audit_point = point;
239 audit_all_active_sps(vcpu->kvm); 233 audit_all_active_sps(vcpu->kvm);
240 audit_vcpu_spte(vcpu); 234 audit_vcpu_spte(vcpu);
241} 235}