From nobody Sun Feb 8 00:03:44 2026 Received: from mx0b-002c1b01.pphosted.com (mx0b-002c1b01.pphosted.com [148.163.155.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C2E292F1FCF; Tue, 23 Dec 2025 05:05:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=148.163.155.12 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466302; cv=fail; b=kS2aSQpNoq10H6WVS7M1Ik+UogwSpQjNiRlMXKQNue2JvPovwFE3RAp4Af7BPBiEmZj2LtiJ52hptJ+IxOBsq3UIFkZiHNT1zWQyEWW2sm22AfSuVtAnq8oE5Pq82g8Ff7sVDigax5Y5RVJ4s5KnQ8x3VxvmlsZwt4yNWXfUHEA= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466302; c=relaxed/simple; bh=O+TJauhmiDvBb/AdskaIKsaUGXcBDHHrTPVl2iwtngA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=ic/az3gKgaYzjseB51xh9asohst1rnkydxfiyDPZC0RqlSczmT2T48Ax1xyrnh+kx5FPPC3608WUV1oWePzDJhEelLbXtm8BPYsTiJFRj7+l6rWlkH32jTWSzxlidpdQSV2pBcJ3P+Ck6J8Q1Iu14oXLBIEIflD4N0GXNKFtyx0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com; spf=pass smtp.mailfrom=nutanix.com; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=LQIGunz8; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=j5lQ+etX; arc=fail smtp.client-ip=148.163.155.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nutanix.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="LQIGunz8"; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="j5lQ+etX" Received: from pps.filterd (m0127841.ppops.net [127.0.0.1]) by mx0b-002c1b01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 5BML6cWZ337983; Mon, 22 Dec 2025 21:04:26 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= proofpoint20171006; bh=dkmdxlJeuUsM5Mtq3lgtmZun3n9ayAcH5IqpIh773 L8=; b=LQIGunz8XUVC+lT3aUHy6d1e9ShKgE+O11U7te8MeSmq5tckoWbnmCHmC VY/8T+mbIa80CbMb9qEQ/OAKCtAFzNzmi3fpNhjQX8MiRjrBPezz2macahKjTPj3 oygEs4E5Es68JA9nNKpY2oQ2Co/BDQy8mVORGkAW+5MSGaSIk4SrOw+y+68x4YiO I6JVljMJgZ79tNgnnefOQstO52CYdXnMhPpemYwtzOUYQNvFgD2NQhSoTpiAL5kt BOq8UGpppZ1M5A5AzxEHV5xiQhEaiGFtrg+fVuhST3DIxws8MFHHH4+mjXNm9xRn ymNul06Ts3xf6dbGVii5LcBS9Cadw== Received: from dm1pr04cu001.outbound.protection.outlook.com (mail-centralusazon11020103.outbound.protection.outlook.com [52.101.61.103]) by mx0b-002c1b01.pphosted.com (PPS) with ESMTPS id 4b5t77cxph-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 22 Dec 2025 21:04:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=dohIJW5H2QVEOO0I6I1EWWtDYqi8CKl2762CttgFcLHWC3hCfBtCjSPROlwvdt/mBpKRFZhIvqlEBgREnq7hGbA/kk+KNJqatnhLZWAF/aDF53QS666NDAm+XLTQqNLyJGvV8tsQ29fnuVcHLlE6X7lly08TrvBmgRxuoP66NjocLvCL7gxdCmem98Q/u8jQEsSUxDCik5wOZ71+9qWN2wsaDtsgAcGBtEV0y7pSfsh39AHqwmV6pXHPuOkQLCiuWW0tk8CrEhJ0vBJTJTWYIoCo8Oz6SPU3zLrfn3Ehb7mLRM2kOsSRfoNMwHmHtb36xiG1Fbo4SC6mHdHAeYnNBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dkmdxlJeuUsM5Mtq3lgtmZun3n9ayAcH5IqpIh773L8=; b=h3707/LwqpRZ9seOiLo+jIOkuYAJ5o2Y6jIz0d+l4Sba39meuXfvWbIglsz9kFA2H1pWq3hEDdvNSbDuQIOUA2ifKXWvcFYrJ5ystmvB0aO5l2l55B0l8knFYRnyfLytU4SFviBXK3o/hY9vB67B6j0Eu/wuqH1ccQDm/2fRR9McSUB0uJSxrVisK6tATjSpzhzbhm0Dfd8xwwF2nLLYVhaM5a3FvsNuuV8Q2TY1Psmw5etLuLin4Yt+pNHRSQNSJkKULYAw61V9juTn0ZdqSqxizifqfbCgJW9nmxupHF5P0Osdc8aP+Awv6z4jKsbFLN4uKqDXJfr1IM9S9roFig== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dkmdxlJeuUsM5Mtq3lgtmZun3n9ayAcH5IqpIh773L8=; b=j5lQ+etXYh4NzmqM8rjJNZLjufXYzS47fg3Si12YFY4fKBTRegmf3pgzvD+qCYz8XIkgoLlYgov/RblLtwWrP5PQcfIAez+uIH3wKwCIpz2pEt00QeZX3fppsIwPafWxVnOKTQpy5i+xy69CfDCzKVe0VpoQ6iMMhDuZmOKbhIedfGprd2f8GCwB/g1iB0uziRhSF5B+YeAzaHTmYt2I8qHcDFv2cwQDPVlWgZoGEKbU5XZTMrQtwxkrVn7O8bZ316Ev7IH5IV1ikx7K4EBr71QrdmSpJCSYxzO/xrCohy+bmLUt0anGVKB7GtARpHHdMzRuMk0siGaPeUoirSfoRQ== Received: from LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) by SA1PR02MB8560.namprd02.prod.outlook.com (2603:10b6:806:1fb::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Tue, 23 Dec 2025 05:04:24 +0000 Received: from LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc]) by LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc%4]) with mapi id 15.20.9434.009; Tue, 23 Dec 2025 05:04:24 +0000 From: Jon Kohler To: seanjc@google.com, pbonzini@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Kiryl Shutsemau , Rick Edgecombe , linux-coco@lists.linux.dev (open list:X86 TRUST DOMAIN EXTENSIONS (TDX)) Cc: ken@codelabs.ch, Alexander.Grest@microsoft.com, chao.gao@intel.com, madvenka@linux.microsoft.com, mic@digikod.net, nsaenz@amazon.es, tao1.su@linux.intel.com, xiaoyao.li@intel.com, zhao1.liu@intel.com, Jon Kohler Subject: [PATCH 1/8] KVM: TDX/VMX: rework EPT_VIOLATION_EXEC_FOR_RING3_LIN into PROT_MASK Date: Mon, 22 Dec 2025 22:47:54 -0700 Message-ID: <20251223054806.1611168-2-jon@nutanix.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251223054806.1611168-1-jon@nutanix.com> References: <20251223054806.1611168-1-jon@nutanix.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH0P220CA0016.NAMP220.PROD.OUTLOOK.COM (2603:10b6:510:d3::19) To LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: LV0PR02MB11133:EE_|SA1PR02MB8560:EE_ X-MS-Office365-Filtering-Correlation-Id: 863e5641-9079-4401-8a68-08de41e0bd5c x-proofpoint-crosstenant: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|52116014|1800799024|376014|7416014|366016|7053199007|921020|38350700014; X-Microsoft-Antispam-Message-Info: =?utf-8?B?NVpUcmMwZ3BJa3lpQi9sWFpOM1VZbTRDSCt6aVZFb3k1MGNjWU55R0M1VTdW?= =?utf-8?B?U0hYWXRhQlc0ekhUNDc1bzhaS1o5VkVuL053ZDNVanBEUnRUdkc4QXlSNUR0?= =?utf-8?B?WURlRjNaRVdTbHJFTVVMNnViaTNMdkpGZURHbVRQZkVOV2I0M3Fvay9oeHhy?= =?utf-8?B?bks2ZkZRWXNUOFN3L05zaHZlM3plck8xL3V4dmloQ2FsQy81R3pUc2ticDJa?= =?utf-8?B?M0xGTVRBbTZ1eDRLVTBSejFJSzM2Q2ZWbW51NExNQlRaY0hINW53ejRLMFRr?= =?utf-8?B?ZnpxcjFnbW52ODJtdytZRmRRcURXM2xQbllsZ1lmTC9RY1YwZnJ2ampJdVNj?= =?utf-8?B?QTZIR2VuaVdhVWJXQ2JxRGtFbTV2ZnZ3Q2FQcmw4VEpDeUpOR1p6dTNxRXRB?= =?utf-8?B?SVpTQlhnUy9rVXNKWUlVOEZld0JGT3lBZ2dNZm9pOXdBelh3S0hiN3pGc0dW?= =?utf-8?B?WVVtYVloVHoyS093b1QvUzZBa0JOQk9JWmkrWm4vWWZjSWJpT0ZxbThZY0dX?= =?utf-8?B?RnFsNDU3ckloVU1wZ2pHOGEyWFJDcERGdkxJYVBTajRkWkNBWWFZRUU5M0tx?= =?utf-8?B?V0l3dEpsbFNhSFhjdkpKTEJhRGwyMk9sNzUrVXZpckdlNWpZRGhrUXNaSHA3?= =?utf-8?B?bWpvSzhXTkwxbmVNdHZmeER5aEZnVzNHY1hiNklaWlNIN3hzNlQ4azlYZkRo?= =?utf-8?B?OU1qcFdrd0VhQUt5RnRkazhjdEtFa24wbThDRVdBVkFqZmxYbitCNG1EVktW?= =?utf-8?B?K25kUnJ1bFBuQW9TOUVqQnhSQ2lSbzVqRVZsd29yYnRrN0VpeHF2N25CRjI5?= =?utf-8?B?Zy95M2dLU1lpMGZOSXVZbndiSkdmR2F6YmRxTUp1OTdmajZ4UlJnSVA1c3RU?= =?utf-8?B?NVZRcWFtSytGUTc5TFcyQ2JuVHFYWWpGelZMNDVjNURlWXRJVXkvYlcwVDl3?= =?utf-8?B?cGZILzBXMEtKTnZFcjROOUxKU0FBbWVRWVhqU3lPampja2llVktBZnRGSDFY?= =?utf-8?B?NzQ3S0tsL1N1c2s2WkFqeUptZ0twaGQ5bjZWN0xEbVl3bGxOK3JaeHdVK2xh?= =?utf-8?B?UXZQb2JubEczK0lCRmRDbitCQmQwa2szUEZPd3Fhb1dlNjJkWFZVeXRtUTg2?= =?utf-8?B?bVBNN2NxLzdGdlVUM3lvTE52WUZEVVN6cG9QVkN0YnJSNmw3S3RRdjdmQ1hE?= =?utf-8?B?eWIxaDdSd0ZFUWd2MlFkVHFhSHh2cGpwcC9jNFVKOHJBSHpUQzRYeGFhTzNw?= =?utf-8?B?WllEYXBPbmJyVk1neWg4cmxLUGQ0ZjFEUjZLOCtYQzNWcmNvMTZkUm1naEEv?= =?utf-8?B?QWdPVkVDMERPNng1dnZiWU1ZdEM2cmhya256ZWZSNXY2azl3bXMwOFBFc0h4?= =?utf-8?B?cUJtK1lWa0UvU2E5T0UwdUd5WXhnUGxIdWhLQzlFUmw2eTl4dytVZWV0YXcz?= =?utf-8?B?OTNIR2J6bkRaY29vYTYzR3FJeFR4RU8rV1J4QnhzL3RXYUNaVnV3QmRsck5a?= =?utf-8?B?cHZWalVGSjY0NW43VGM5L28zY0hPWS8rVEN1VTQ1QTE2Tmc4c3ZYaDI1VDg1?= =?utf-8?B?R1Q5dGthcWhJbjFONThHNG93TU43RXJ5VTF3TkxNd2s1S01qaDdPQzFtbWRV?= =?utf-8?B?a3JXWEdSM2VBS25zOHUwVUN5NVhrdHVHemhwUkw1dW9xWW80QXUrYzRVK1hI?= =?utf-8?B?N1Q3V0YxM2lRdE51NWhWamdheFY0WXRUQytRcldNZFpJaFVUUWlpQzVrRFk3?= =?utf-8?B?RDdpZ3NaOGRMTEJRR1ZyWTVyc1NkTHg1anpXQlJiVEdLY3o2VTM2bW4zWUNq?= =?utf-8?B?aWdKaWs3SUcybzVyZzJrM0dRRjFLblVad0MyVjFRWFlyVk1vR01Qd3BhNjkx?= =?utf-8?B?amNFNFlQSzB1VXNkUTdTbHhGLzR3cnBTYUZLb1lXbHNQSERIeTQ2QXFrL3p2?= =?utf-8?B?bWVPcHhWSldjYUlab1g0YlkwNGowMmx0MlpSU0JNVTd2YlN0Tk52VlJjbTNq?= =?utf-8?B?ZXBhZWRZOVZCVVNaUURDb2FpVTlYR3RyNWNSeDhyQ2NaS2g1NmdsRWlTNzFZ?= =?utf-8?B?QzAvR3JyNDhHSGFyK3EyalgwWHhYZ0kzL2Yrdz09?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV0PR02MB11133.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(52116014)(1800799024)(376014)(7416014)(366016)(7053199007)(921020)(38350700014);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?ZkNPNUFJMEE0TFUwRURzQzNWMFpXL3ZYOWl6azRNUDNsMnFyUlVwSjl3RjMw?= =?utf-8?B?SkxnRDlRRnJBeEV1cjUvMWhFTFNzUFIzU3NMbld2TzlHSE5vWFBiYjhtcmwx?= =?utf-8?B?WG40c2tYeUh0RW50TEN4TTdJbllwSnpsUmJjbzRDTlR2bVM4Njc1TnA4UmxE?= =?utf-8?B?b1YzK2xwQUpYRDhjODZIVk55WkxlZDhlSW5qM0E1QXIrWmJWTVRkZWl0OUYv?= =?utf-8?B?bFBhYkRKajBRNk1tZCtsVEU5dHlsMXVvR1puTTRMSG9DRUQzNWhIcno5azVQ?= =?utf-8?B?R0xDdnBFQUVHczBmZm9WaVNvdDdTNWdIak5lNzVETk00bzBvRnhKU0E4U3JI?= =?utf-8?B?K1FYbmNGZ3pDeEhGTU9BTEJlVUtZVXlYZDhOV0hCUms5d2RNU0Z0eHExRW5D?= =?utf-8?B?aVVIUFhKVWJWa2Y0TEJxN25hOG1JanhIMU1hYTlPTGhRYW5lclVWQ3hiVWJK?= =?utf-8?B?MWUrVEQxZE9BWlJlaXAzc3RoSUZqTy9HODZ1ZjF6cVl0RHdJUWxTa0w3WDRu?= =?utf-8?B?a3dTYmlNY2MwbmI0MkhlTWo5V09pT0IvVTQ2bTRZRTlrd0h0RGlHY2I5NGt2?= =?utf-8?B?UzlZVkJ2Sy9nT2lQei9uOHBaMUJrc3R6UnQvUEVuTHJLVzlXWUVFTXZzU25L?= =?utf-8?B?ZUozUVhsMFNTMzVRTGY4c2RqYzdZWDJwOW5HNVg0eW9qRUFuY1dNZkpPTVBs?= =?utf-8?B?SWZPeEYyWmpweHBYT3A5OXdPQlFtTVEwaVl6TDNoNG5RVitPWlIyQkM0VWUy?= =?utf-8?B?MkUxQVd5MDFRL0VneVF0azNvMThOa2JOaU1ab3hVc1ZOQW5HUXJ5UXNEcWpp?= =?utf-8?B?NHBJdkhKMXhQaFZGeGJBMm5tZExPdm9adUhBbEJkWU55RE1iT0ZQQ1JneU9n?= =?utf-8?B?NWpiNnBhZ2JWckg4SkwrLzh1dyttVzR0b2dBOFZOZnNpNURNUXl6UTNKTVdH?= =?utf-8?B?V0prd3pSa1FyL0RseWZ3RHdUUjFwbm9mSTUvVUdleHcrZ2hKdFZZTU9OaS91?= =?utf-8?B?dERXRHJRKzJRNmFFanB0SGFOOVBDRE5kSVZiUGRJZUJsdDhwenhSaXVlTnEz?= =?utf-8?B?UHYzL29GTWdhcHRocytZRXEzck1qVXVHbzZDM3hOSmpCNHU2RTdxTjV5WWs5?= =?utf-8?B?azBXeEJGVUQ0elVYdXVzNER0UmZuRDBpZXZ1WVNzN0gvd0o0cDZUbGZYYXZx?= =?utf-8?B?U2dZdXZWa2dVQUwrRzFSZnZ4VkNZd0MvMlFuSmlpd0YwZ1JneU9SRkpVOVRH?= =?utf-8?B?OWNYZmRYeEFPRzBMeDZyd1NpaGhQTGtNMzRVT29tYVJ2aHVRdTA0dUtpWERU?= =?utf-8?B?dUVCM0l6QmxzZTNMZFgreTBtNDlVd3pEbkpJb3ZvQlJ2ZlpKWnBhNklyaHR2?= =?utf-8?B?Wmk2M1EySWhLbXE0b2RtYzlPYXJTWGQ2bkM2Q1VvYnlDUVl3Si9rZEQ5Rmg0?= =?utf-8?B?YUt1dXJ2WWtQNFFnaU9udDRFUHdqSWJ5WEJIT0oxSm9qb3lLZG1xUmMyNTlw?= =?utf-8?B?a2E3YWozcTdYTzlQdTZRUlYwajNMby9vN3BKZTl0d3ZjZHpMK1Z6L3NHTlY1?= =?utf-8?B?Zi92bjh0TWwyOGhuenNuQWhZVTJpbDJCaGVPOCtTNFJYU2RpM0hpSllOczli?= =?utf-8?B?QnJyK3RiU0QzQjFpQ2VPcys0a2pVemFYdU1Ibjkwdm5OUGtsa1RuMDJ0ZGty?= =?utf-8?B?TkNlTnloTHhEVGxuMnRvOGNPeFhhb05SMlBnMnFRWGR1MlkxWE1tN3hhVmpP?= =?utf-8?B?cU1pMnpIUEhRT1liM2FNWFpjU3lYNldISDJ2VU9PS3JIQ3ZVTStKWWR0ZFht?= =?utf-8?B?N010ak82U08xQjBTR1N2bXpkUkcwSVlHVkc0R0JKaTVBdVdzZHc3eUNzQi8z?= =?utf-8?B?TVg2U0FPb2dmVGFob1hqbko1RWJLSE1lQk52d3J6cjFVYWwyWVMvamJqYzYy?= =?utf-8?B?c2VGakhpQ1YzOHIzNW9lL0dLaEpYc0EyT3BOYncvMXg2T3NQbFUwWVRVVW54?= =?utf-8?B?VFJiR0xTVmgvMzlBdkNYMWdNNklNcDVvZTExMGNDTFNkcThDOGZadjErZWN5?= =?utf-8?B?eCtlTkdnaDRkTHRTZEt5N2pvejVyc2VET0gyRnVMVGplL1Voc05PTEQ5Z2g3?= =?utf-8?B?NWhwSkRkWTdxNzU1dm1tMEtORWwrZmtFYnBzK0haU0MzVVN5YlRsWlBNaW82?= =?utf-8?B?dlRDV29Mb1A3aXEyQTh5a3l4aTBldFR0eXlTVUtuc1J0bTZIN0xaYmxzTkp4?= =?utf-8?B?U0xSU3k2cG02dEhFLzNiYk1pVHMzaHZ4TUpPbFpiYTZESlBHNTFNUzJWWWFm?= =?utf-8?B?RE5mK2V4RHdnVUdjalJSNWllVmo4THlxNXkweWtNZFFSUWpKb3ljaWxmalkz?= =?utf-8?Q?zYDl7hkbF/qgxWgg=3D?= X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: 863e5641-9079-4401-8a68-08de41e0bd5c X-MS-Exchange-CrossTenant-AuthSource: LV0PR02MB11133.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Dec 2025 05:04:23.9456 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: oGZwPZwqHXP3n8FF/GEk0W5R4W3gZZaSq0U+o/xkXiYzBB66gmUhF99quTehGaAgi05E//QfZhRApk1V209HA4v9/UehX5o9N1xV4yKm2HA= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR02MB8560 X-Proofpoint-ORIG-GUID: EPiZaNsWSEjumacwys0aC-hv0WkMMkV8 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUxMjIzMDA0MCBTYWx0ZWRfX3aYB1pr76E20 tTGdShz5LRTZZIlL588h2EXC3MAS1TM+hzpxH8bw1Vmkh248xrgUcfUKfuGkrn+6nZIA5ZBtN3i LjtT+1ishJ1kCT2ktoI0Hrr2F+5QaYzbpZ/3JHGXyxn2BZybF1nvrGPFwtkdHczUXRvFv0RxvZ1 W0OBJxo4PHxG4cXIoTiuZj7NOGK5baKxuYPxAQpKREBIJm/Rx5dW7S47LtqJmM1Ezxy+aMVBngI Unax1y0a5MEbFvodJRmi83rTtlWOAUIlnYYCDUphnG2T2mY4TQ7b/o1DVUpzS6imWUJXAfemO9i vPLtG15bPBRPLbrRmI4qnDtcAMPgMPr3bv4/48VVnudtPV0LXc97C1aSv7S0XZw5F2XCr+xfNeU KHpjO7jG6HiBFChDH5wyc7WRdI02EqBFR6zPVASB57yQ+aHI9yrQKKpGohpojbqETBeOIHHy2km r2bJ2HH37E/IyJpw/mw== X-Proofpoint-GUID: EPiZaNsWSEjumacwys0aC-hv0WkMMkV8 X-Authority-Analysis: v=2.4 cv=MrxfKmae c=1 sm=1 tr=0 ts=694a22d9 cx=c_pps a=l0LO6K05DF9RfVVG1F5aEQ==:117 a=6eWqkTHjU83fiwn7nKZWdM+Sl24=:19 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=IkcTkHD0fZMA:10 a=wP3pNCr1ah4A:10 a=0kUYKlekyDsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=VwQbUJbxAAAA:8 a=1XWaLZrsAAAA:8 a=64Cc0HZtAAAA:8 a=FQUYTHRx7rOHAEkxlYsA:9 a=3ZKOabzyN94A:10 a=QEXdDO2ut3YA:10 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2025-12-23_01,2025-12-22_01,2025-10-01_01 X-Proofpoint-Spam-Reason: safe EPT exit qualification bit 6 is used when mode-based execute control is enabled, and reflects user executable addresses. Rework name to reflect the intention and add to EPT_VIOLATION_PROT_MASK, which allows simplifying the return evaluation in tdx_is_sept_violation_unexpected_pending a pinch. Rework handling in __vmx_handle_ept_violation to unconditionally clear EPT_VIOLATION_PROT_USER_EXEC until MBEC is implemented, as suggested by Sean [1]. Note: Intel SDM Table 29-7 defines bit 6 as: If the =E2=80=9Cmode-based execute control=E2=80=9D VM-execution control = is 0, the value of this bit is undefined. If that control is 1, this bit is the logical-AND of bit 10 in the EPT paging-structure entries used to translate the guest-physical address of the access causing the EPT violation. In this case, it indicates whether the guest-physical address was executable for user-mode linear addresses. [1] https://lore.kernel.org/all/aCJDzU1p_SFNRIJd@google.com/ Suggested-by: Sean Christopherson Signed-off-by: Jon Kohler --- arch/x86/include/asm/vmx.h | 5 +++-- arch/x86/kvm/vmx/common.h | 9 +++++++-- arch/x86/kvm/vmx/tdx.c | 2 +- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index c85c50019523..de3abec84fe5 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -596,10 +596,11 @@ enum vm_entry_failure_code { #define EPT_VIOLATION_PROT_READ BIT(3) #define EPT_VIOLATION_PROT_WRITE BIT(4) #define EPT_VIOLATION_PROT_EXEC BIT(5) -#define EPT_VIOLATION_EXEC_FOR_RING3_LIN BIT(6) +#define EPT_VIOLATION_PROT_USER_EXEC BIT(6) #define EPT_VIOLATION_PROT_MASK (EPT_VIOLATION_PROT_READ | \ EPT_VIOLATION_PROT_WRITE | \ - EPT_VIOLATION_PROT_EXEC) + EPT_VIOLATION_PROT_EXEC | \ + EPT_VIOLATION_PROT_USER_EXEC) #define EPT_VIOLATION_GVA_IS_VALID BIT(7) #define EPT_VIOLATION_GVA_TRANSLATED BIT(8) =20 diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h index 412d0829d7a2..adf925500b9e 100644 --- a/arch/x86/kvm/vmx/common.h +++ b/arch/x86/kvm/vmx/common.h @@ -94,8 +94,13 @@ static inline int __vmx_handle_ept_violation(struct kvm_= vcpu *vcpu, gpa_t gpa, /* Is it a fetch fault? */ error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_INSTR) ? PFERR_FETCH_MASK : 0; - /* ept page table entry is present? */ - error_code |=3D (exit_qualification & EPT_VIOLATION_PROT_MASK) + /* + * ept page table entry is present? + * note: unconditionally clear USER_EXEC until mode-based + * execute control is implemented + */ + error_code |=3D (exit_qualification & + (EPT_VIOLATION_PROT_MASK & ~EPT_VIOLATION_PROT_USER_EXEC)) ? PFERR_PRESENT_MASK : 0; =20 if (exit_qualification & EPT_VIOLATION_GVA_IS_VALID) diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 0a49c863c811..61185c30a40e 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -1922,7 +1922,7 @@ static inline bool tdx_is_sept_violation_unexpected_p= ending(struct kvm_vcpu *vcp if (eeq_type !=3D TDX_EXT_EXIT_QUAL_TYPE_PENDING_EPT_VIOLATION) return false; =20 - return !(eq & EPT_VIOLATION_PROT_MASK) && !(eq & EPT_VIOLATION_EXEC_FOR_R= ING3_LIN); + return !(eq & EPT_VIOLATION_PROT_MASK); } =20 static int tdx_handle_ept_violation(struct kvm_vcpu *vcpu) --=20 2.43.0 From nobody Sun Feb 8 00:03:44 2026 Received: from mx0b-002c1b01.pphosted.com (mx0b-002c1b01.pphosted.com [148.163.155.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F198014B084; Tue, 23 Dec 2025 05:04:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=148.163.155.12 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466300; cv=fail; b=ky6T9U6101lhD8RoDF9LuikJ3apWsp9WJ576MVXL1MmC0LYNFpIS+6VRLEd1BtaXUC38FOWHI775EyvPWIiiySXKu8RX6dsGF4Gdn4V/YRtdbqvFFAOMQuNlR8EODMevOkHbYEzbYwgC1xQP+/wNIR12DXPJOFNEtnzhHRaztTM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466300; c=relaxed/simple; bh=N2R8kanykj1w4se+ZEpmEK7vqr1jslorOyWRxt3IPPU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=fEUq7oY/iqrau4KwB1dvjLYOnkpDw1FKoyUOjymzDMf45kobKAb6OejrsyXxLCHvke805JnZ2XFCP6o8T0uj/0e5+AbaQSID9QWVrTxBEj6EQkY/AzWXuiB+7Z0WmvkRz2GgtLdU9dlX/TuUa8LRZqd6ky+tI3nf6oO7ePNeLmg= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com; spf=pass smtp.mailfrom=nutanix.com; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=WV0YdIkX; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=J1xnibM5; arc=fail smtp.client-ip=148.163.155.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nutanix.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="WV0YdIkX"; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="J1xnibM5" Received: from pps.filterd (m0127844.ppops.net [127.0.0.1]) by mx0b-002c1b01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 5BMKrL3b1942757; Mon, 22 Dec 2025 21:04:27 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= proofpoint20171006; bh=vdwyVNSGr1bu/F4R51gwOFjVoZydkdHYLRXz+H+sK cs=; b=WV0YdIkXneTW7UQBBJ/vmObjt7RjddGHcKG0IJOZQWwj3OWmQGlEtYNf0 uL1C7QkZausFVUyJAldep7/x0pXVuBQS1wQI3a68f5jdr0uH3wMUX7OfYS7sGK0x VyUPzIiAhmbOvR1fUItMbJ9ml7afJQ+JaEw+iuWuenCvKQsA4Fhyt1soQau1w6Ym WfJl5q0E44su0Vj1sYCRizwOk/Zh8qFo+/WU7WoXNk8UAhuHRP/spGfZJUMP//RI r7YbdlKy/JFiL22pWgEtFKMQ3cBjY15RqfZPSkZPfBYsC5kbR/Hmw5wMsaaGQjZt xPbWBbYL1B7SZZwJp/vjrwlKxHGUA== Received: from dm1pr04cu001.outbound.protection.outlook.com (mail-centralusazon11020085.outbound.protection.outlook.com [52.101.61.85]) by mx0b-002c1b01.pphosted.com (PPS) with ESMTPS id 4b73ydt5v4-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 22 Dec 2025 21:04:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QzG7QkqOsPJ/A2T3nLuDB4O0fUIeozIEWzzliisWP1z2rnMJ95Ig5/p00Do52ZPK/9F5QYwsX6Wv0NoW3plWnTD/HkkLFfviNv/uD6VVIHyK+uRY26AdB1KdXHsek7k3RA50XuIPlVbPd5XRZ2Tw87Bpa5k/ZlQPSfY06OuJih8zRknZ4+2K/mU0pYOqAX/yxl0LOPQsdBtb7Un2cdoKn/6TP8iioiPf/O9IsY8hVjoBRb4MvOQGzXmgDzkTNhYNNL/mlfhLJYFrFPn8Mu8plq55YjNAQu1G+4tDCv82VE0WvAbHC4GzXPXC042T7il/zh3FcLLUYRX2JQKniDWH0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vdwyVNSGr1bu/F4R51gwOFjVoZydkdHYLRXz+H+sKcs=; b=xnTwCcj0dEM3QVdQlsU+qUEsZaSNTftyQaNEuH3zW5j4WTiu4hlGl2cubIhOGaThlty3SkVI/JzEEQk8tNOdjyyD+fZmtS/FK1wYBYrAPJxP8NMNgPx3o0B0pMOLM2D7+YfJScIIf60aztEMHCobhzA6PGn4QhfU50epq6tXj2M7Auw1BSISGxutRl8xD/jexX6+juwBscl1A1E8VxCynLiK9BRA4VG31jxgAtCguBHNbeKKo0/bKyGoQrfi31HE4BvAUn3yiQ2rNja8Ax+KYkLeob1U3XjMtfyZC/Z8tOX8h27Uk42Q3654BaS1jDZTmeqGzsYwOQw6RAZDxGiSuA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vdwyVNSGr1bu/F4R51gwOFjVoZydkdHYLRXz+H+sKcs=; b=J1xnibM57FlnNpQTmQqcIEGFGQLZ+r5wjZZJg5XQH0bXaStzA/a/ItPQFzZJZpoZjAaXKYGfsIc1GJHdJNTeeo4RBISFy/TaBWyCtGRcTxerxaUsb24I33xl3Jij2YZGs3R6Bzgj1GQqD0bVl4NhHF2nVtE6C/zvQ8YT5fKsSYFhM3bVblAN4jWmRwboO6EhdxTXKTQkcYMRhx3/wsbiAIKqdnJ/luSXkMaBwna7KaEmw27wBzLYjTeY5LTMWEB4taH6xNa2IIjzwwkVRmM8g91TBqi2uSlManN07zu96YYMD29IM19YO8E8bjA5c2HddgnXg441pHddJ9cgCf3Q7Q== Received: from LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) by SA1PR02MB8560.namprd02.prod.outlook.com (2603:10b6:806:1fb::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Tue, 23 Dec 2025 05:04:25 +0000 Received: from LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc]) by LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc%4]) with mapi id 15.20.9434.009; Tue, 23 Dec 2025 05:04:25 +0000 From: Jon Kohler To: seanjc@google.com, pbonzini@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: ken@codelabs.ch, Alexander.Grest@microsoft.com, chao.gao@intel.com, madvenka@linux.microsoft.com, mic@digikod.net, nsaenz@amazon.es, tao1.su@linux.intel.com, xiaoyao.li@intel.com, zhao1.liu@intel.com, Jon Kohler Subject: [PATCH 2/8] KVM: x86/mmu: remove SPTE_PERM_MASK Date: Mon, 22 Dec 2025 22:47:55 -0700 Message-ID: <20251223054806.1611168-3-jon@nutanix.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251223054806.1611168-1-jon@nutanix.com> References: <20251223054806.1611168-1-jon@nutanix.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH0P220CA0016.NAMP220.PROD.OUTLOOK.COM (2603:10b6:510:d3::19) To LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: LV0PR02MB11133:EE_|SA1PR02MB8560:EE_ X-MS-Office365-Filtering-Correlation-Id: e00446fc-ab9a-4172-34cf-08de41e0be4b x-proofpoint-crosstenant: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|52116014|1800799024|376014|7416014|366016|921020|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?ohDXBe6V9nHOJ2v8jRYrTVFcRhrWx/7YbspUcZKGYwOoiCUjw0a4F23Lz5QG?= =?us-ascii?Q?0YqPDMdPl756z9KPurejAltKPJzidP0T0YyUuRNZxYmxxSDv3egkvhELG2Dh?= =?us-ascii?Q?nVgxfbKlKsJxfu0dHNKmMbabeipz0PWLPY2TgKWK1kg152QsOtYsjRQDvlLa?= =?us-ascii?Q?fMeIan/qTCP712vx4R40F4WZs2ItN0Kkz6V5Jb0BbSBMEZ/wjDh0MbKyWFT9?= =?us-ascii?Q?4ta+ItZ03jIhuJ3HGXYqDrd47apz/uW6gI15XsH/QnQrFxT3OlNF23tcF+EC?= =?us-ascii?Q?tQzfp7ORWwaU7ut8cxTcR3X8YNTM0SI8wKMJ3gpX3EPKdtOoXEzaqHMJMImJ?= =?us-ascii?Q?4DNy1lSe0R5cmYgY5uBtOkSAOZm1y62twiI3lMdCAYiGElL6JBCqurSaEISy?= =?us-ascii?Q?KBlYk1M6ZdDFvh5fpxkELX/dhPnCvsVbEh4VN/3w4UncpWKHd2dCUgj+18iX?= =?us-ascii?Q?YzWjugWWHN+chMn5wKFMZ880XHHzdTGckt5GdQaxQA5RR/Uxd5D5d2+UY92Y?= =?us-ascii?Q?ye3EBDZBAcByTU3y1XZmM+hcQ/UcKK4tHo9xUhBGEh49bOVfVGxqYvppP3UE?= =?us-ascii?Q?/BYCGfCeujCT9blyCi13gtJs4qiscmCXWJiqU7EtPuuXwzGhtlzijI1EUnAV?= =?us-ascii?Q?zZx7W36cP8rhvEYtOWCevZQ3M3z9ljSYHIx17pA4iNsIXtBLDXESBTA7AEze?= =?us-ascii?Q?jejeZnHjqxPKgpSdJtfaYDvA42mZSE81q8jHTSxs65QmTzPo6lJhYP1PV160?= =?us-ascii?Q?pcIGXoq2ISRoIvu0NCichztaKO44zVAgona5dB5BU5OLIQTSTCD+jB2yrKfn?= =?us-ascii?Q?Lc0klbzmFBdB8gehjodA2/fPpCW/0akmrGbrNbGeRW9e0YKe+3zrtPnSoW+4?= =?us-ascii?Q?mDd5aGwfS4gK6bw+YU71l8eNya70FAVbO5iBL2UAIQeSzk7cRHTBYMMfFHCO?= =?us-ascii?Q?K9owuTsyb+gA15yRlyfKgWf+K64NCBdK/WTrwZT+Z5Puk2QsvvdCLYWF+0xV?= =?us-ascii?Q?syC8bm7/DwLkmd1iIPlfMgEjWkOlKcwuSrP4cTBzNu6LuROZccFPhlTfblhi?= =?us-ascii?Q?ZhjfCPtC0/W0SpHp8pNOMnM8BtZoB9dKJYZ7JKW3WqZe5etyJUEyb7PSnWW2?= =?us-ascii?Q?9I554jSKcBokmToj+lTPYy/bOS5NToORYDhfglzmQRyuLv8OhD/SGeptmVPN?= =?us-ascii?Q?NM5vmEI0vRERtvx8Q+SDamfAC2SUIp+evBoHapkxHrN8r61W6GeoO01ONVhy?= =?us-ascii?Q?rafsCYjTjyEq5PrnFX7WUNDVnSaZkk+jhPWnN8PPinK16lr6nl8ky8h7Q8Yr?= =?us-ascii?Q?kEHBU/ZfdOlp0y338RfMBq5pDZSAqtriHrex80KVleq8FW1+fOhoyp4uYa7/?= =?us-ascii?Q?t4FMoOCL2M+fsVO9qatypI32CGBMF/u/79HJ4nSoo97jpFt+cLwuuTAkNAC+?= =?us-ascii?Q?DLCnS97qW1kw+yFZXxfEDir4Tg9Y8TqkHv3DWgh9Uh7olrP2vmhRd4UYm3Qm?= =?us-ascii?Q?Ux3uwgP/UgRmL9Wz9AzKTPk5qehqBSu8W4RFlvJyPlVZHtqQQ3YfVoWZng?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV0PR02MB11133.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(52116014)(1800799024)(376014)(7416014)(366016)(921020)(38350700014);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?GaTJWw0Ua1rsSpOhvnMl9DJDSGXAauF4pxonfhzRpxShNJIiNz5XWJa0x7Fd?= =?us-ascii?Q?qUlZOufbX93TnEixCtIysjvS+L7prOmOpPXimhW640bl4osrdnyE8ytTPOKT?= =?us-ascii?Q?8rm6Cg7MOJDRsWlhQ3syU2oomsH1lB55TTVgUdq3b+i+PgYsuUuzs3tmICRJ?= =?us-ascii?Q?pikB5wY6Q16IDibESvWRENptS0d1tbGv4utF45yNXlFQWyVoKakorecK6jmA?= =?us-ascii?Q?3Et6tXngjfrbQxdxRx69rfvDJmqz074i9UVgQSkvuc+bt6HKK/U5IKhMbQH7?= =?us-ascii?Q?HUg5DqjhhKsTviUyu3OALXHZKE5BACfMtyE194IxAD70fSi6YjFMgFwJSkey?= =?us-ascii?Q?1p8BtM5kdWTvvH91r5Ysly8Q1mKAVZX+rUCqd8AVtlFJQp56D4kxmnqBe40c?= =?us-ascii?Q?dqzOCzNfhwWqj3lvJuZ1fegK74yAF08Gx2NNuZAUzF5eut4PI2mJ0k9p0Huv?= =?us-ascii?Q?kHeAP2xhLptr8h5WbgBZK71/GF28UHsDK+G6WTmT+QwK9NapsRAl+W/yyXv6?= =?us-ascii?Q?w/Rd2VzuAjue87XkfCWSsMkbXvb7AXmM7cGiOYaMSNb6kz6SPgbDVjpZPNFI?= =?us-ascii?Q?AQd7WkABFy47WtqORXNnb0f755fs6QIiE5iD/0k58BBJqCzFXw3lKQKAlR6Y?= =?us-ascii?Q?zLFA7mCo2Pzw4jFrRbhkUCJl7OfK1GXTm64tpFhgeQV4EJ3L7ydPp6hRESS0?= =?us-ascii?Q?nKlhHfymu0KBH2pE6ecTqId42QvHfrUG4oqLdi4sZ7WkNH5+z8pNGilUrnqN?= =?us-ascii?Q?bSRCyrV0IKiT9sq/W461qJFMK37k5v6zCphtaPQ8FVwDzL/9xg3Wiv8VxPdw?= =?us-ascii?Q?7oYplczRK4tRolp5nbzWnSbgRqN4OdkfDwfaNDhRFOdBx2C7MfFC1pH29xSY?= =?us-ascii?Q?pZKahnCe25mPfXRUG1IEJUxtKzdxYP1/+eprI62Per0hChp8JLXVdngpDttN?= =?us-ascii?Q?jChdNkiFJJn88J0Hnpuc0Z4NYLhiXFdnCAk13XZjQwnJWwHU0EkAb3LBNPGE?= =?us-ascii?Q?zKpCZHHwgbvhKlO18w5p0sr4qDM27mR9S0oK7h9KwzHzyGpCIdaDBnw7jz7g?= =?us-ascii?Q?pWVce4J1Tg23GwSgUYpOYb6gKuIKt7TPuKyGnoRpKlJufcSAhelCTDhvFOqV?= =?us-ascii?Q?yQ2ZYzVPqBSqrIWCuxqPT9QIg8Jgivhztld8RkZ7pZjGYR4Z5Ni2Gzt1CiZP?= =?us-ascii?Q?KwwXtTT9m/T5GfQGCwRTtaOzPy8Vx2mwx3EymkafQs3aKyErV9AoFHLsZiSS?= =?us-ascii?Q?0WtVcLp7ex+rBxivGrsWR6Jpfaxom5SjUqeJR73/JN+ARmYi6eYi7oFhgI6d?= =?us-ascii?Q?X48K1HhkZp9EYmg/wolaLsNo8pBOBYHANE6xoNGt1GPLHPiKWrREGqCvlySE?= =?us-ascii?Q?DZRZcewCGYgVvxht4yD7ESmQ7U8/wknZYhKS6/AtKWYf7wXM1v3de6Uj/Q1k?= =?us-ascii?Q?beMscApX1FVxJr8U6lOZJk+SXltcA9FzBH1idzKoUfhXqJxc29PmacXFK0P9?= =?us-ascii?Q?Ld5cepAEcBjbBtS5V0rThaC0D0tjlEcmPDJzIOdmp10n4i4cRjSMRo4Dg/AF?= =?us-ascii?Q?2XJcBku3yUciiUwp/MD3sp/AV1ncvWi87chBLwK1YyvvwcJPnzo3XhQYCubh?= =?us-ascii?Q?6SZBbMTsL+nTsYkiDGsYQ4wprEuiISVLVkr1ZwEltdiH2GH/du4wXor4QI2b?= =?us-ascii?Q?KVeWYa5joabeokqL7+B79APYQWkpIX9xEVlTC0fA5T1wE8deUMy+Dhen545C?= =?us-ascii?Q?G8LgsefP7GsGcQo0wz85MomapiRke/0=3D?= X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: e00446fc-ab9a-4172-34cf-08de41e0be4b X-MS-Exchange-CrossTenant-AuthSource: LV0PR02MB11133.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Dec 2025 05:04:25.5671 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: eKmIuOZnOZpwGzf7aYcCt6PPiSBHm3DuWVP33AaLWPNqaBK1ObIgLfg6HW0rgRvdE5f6EAzNQBpaTLFPo5vm3TW3g650TfgOv3u5UIqb5iE= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR02MB8560 X-Proofpoint-ORIG-GUID: zQlobrh_OMDI-x33SsAIeVftBG-HASUv X-Proofpoint-GUID: zQlobrh_OMDI-x33SsAIeVftBG-HASUv X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUxMjIzMDA0MCBTYWx0ZWRfX5qbOouYpwGd7 SC2wXD8mRMaTA7tZmaHoUgHQ+BrlT9xAmRAkwZPUsLTdcZTsCvCOncz5uSyHPt3xjG2D7oKPbhu 0YB3O2YRRXgMmxmPmX2rOlf5M15b3g8Z0XXp0NeIVXdWdpCFf0k1Qbd0drqLxjxvbkcFzSXvYdK w37pH3iM5uYhuNNEXVuNLg672aLHwqD/steZ1RpW4tAvtOxU9Gl0WimIXnGJiMdKX/hRZUzYKsU 2ZYU0jSOFSrw6Qi5EY1vsTZ5mQVVQtnPjPBAaghfyhuXdQA3FsRrjwfJwfiB/7lpnRbfPyJnRS7 zHNpbKBgegmoUwN6sK2QmCSeLhhuMOrvFGJB474K6EqUBTCcDXDHYQ/Ynkh6QWzlJ4ozN46u/u4 uzLeavIhB1oacAXJMU4ctf2oreT+anM2DBR0mbI0CVlD9WJUtxhTVc81Geb/IDRxn++T3o3Oq6H pNM6a7zvFmmG3/g91VQ== X-Authority-Analysis: v=2.4 cv=QZBrf8bv c=1 sm=1 tr=0 ts=694a22da cx=c_pps a=CX+cjZXKan4d/jn2X7CWJw==:117 a=6eWqkTHjU83fiwn7nKZWdM+Sl24=:19 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=wP3pNCr1ah4A:10 a=0kUYKlekyDsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=64Cc0HZtAAAA:8 a=sKgUPJO2Fa4kC_44OIQA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2025-12-23_01,2025-12-22_01,2025-10-01_01 X-Proofpoint-Spam-Reason: safe Content-Type: text/plain; charset="utf-8" SPTE_PERM_MASK is no longer referenced by anything in the kernel. Signed-off-by: Jon Kohler --- arch/x86/kvm/mmu/spte.h | 3 --- 1 file changed, 3 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 3133f066927e..0fc83c9064c5 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -42,9 +42,6 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); #define SPTE_BASE_ADDR_MASK (((1ULL << 52) - 1) & ~(u64)(PAGE_SIZE-1)) #endif =20 -#define SPTE_PERM_MASK (PT_PRESENT_MASK | PT_WRITABLE_MASK | shadow_user_m= ask \ - | shadow_x_mask | shadow_nx_mask | shadow_me_mask) - #define ACC_EXEC_MASK 1 #define ACC_WRITE_MASK PT_WRITABLE_MASK #define ACC_USER_MASK PT_USER_MASK --=20 2.43.0 From nobody Sun Feb 8 00:03:44 2026 Received: from mx0b-002c1b01.pphosted.com (mx0b-002c1b01.pphosted.com [148.163.155.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C2DC32F1FC4; Tue, 23 Dec 2025 05:05:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=148.163.155.12 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466302; cv=fail; b=mmYRrFjK667E0zw1XE7TeCJiJQIxysbWxqPkdZSRLJN4pfMXl5aQtrJ09gylY6i/CFgDEbOieHuuGwGPfXPuGIEoDp2y3Us1xE1rGCQ3mujs7N98NTAJe5S8c0FED+1BshfA+Q/4hnq7+qVDSnPGNNUBIrhoYKV6o8zRRTRwyKI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466302; c=relaxed/simple; bh=T/iLOj34LKHWEQ9jY9i2CZZKG4SmZHucSalL4Bh/PFY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=koo41IiJAlvB3/nnsYDqc6asB0sOy1TdDCOvQOVDVd78vo+fdwdYd4ErMkGOeQEupCC0gktRmItsj3+lpUAERBdOGoLQ3UB3x9oC1IJpzevb7sBhZBSQXZJfGyFQPCAd8O56asqpVLKLqoLtuO1UfA56bLxS0V4QLmu6705xyco= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com; spf=pass smtp.mailfrom=nutanix.com; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=qmA8p2UB; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=V/2M3TOP; arc=fail smtp.client-ip=148.163.155.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nutanix.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="qmA8p2UB"; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="V/2M3TOP" Received: from pps.filterd (m0127842.ppops.net [127.0.0.1]) by mx0b-002c1b01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 5BMLwnIw3941949; Mon, 22 Dec 2025 21:04:28 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= proofpoint20171006; bh=8WfUqrS/0KsRBybful0VtNRlL9pxUCy+NuII3m8/e cE=; b=qmA8p2UBc7gNjPw4rN23UX9YZEMBb3D79Adn1mmdVc6xbExzE2ZMaQ01Q mT5RqOd/bM1bjL3wziwbBcuiadPTX8w//nciyf8HZBOYVBzYb79Oqd4DfuzIAYbo ZTHYiX2jXQhzibVZIDi16GUs5egkzRAnVuMz+j6t3bZKIQYJbPN3u+XGQkew2Xt6 tzuDhMbofEaTo1KRVus3SjG8Rt4Lnxtb6/v5+OMdHgCY4Q99Zwic+pZDrg0x1Ylu 0G9lsdE/+bn4zUemv2Mb6uxgI5PK76iFYuYK8Tw02S8TUD3QdjWay3Jz6nluLJam cvLB1YcHVkRdI24JKLWbXXosa5kAw== Received: from dm1pr04cu001.outbound.protection.outlook.com (mail-centralusazon11020107.outbound.protection.outlook.com [52.101.61.107]) by mx0b-002c1b01.pphosted.com (PPS) with ESMTPS id 4b7ecgrr1k-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 22 Dec 2025 21:04:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=G2G3/EiIUfcmw5cYJnUcUugmePiOpgb7BdeOlKHmh/WHe7T61/bLmFPZkbI9S8c/y6jAvUmp5PKGtEH7WLVOinzllFsnEQzkcMXrQqomrrvQkhzFmAnmrProHIPQIOOmiZTmlRhcwg0mDPPCo61KtfWLPv4hPOkdFTXKi6yvAOzhgmH+I95F53rxrdxcAzMfEFIxs5dZ57gIT3+tqbyEtDukZyTVh2OmGWrTNVxuGSK0QNwfD2mXuqY2/jonBWzs5lsNLObQMbxLPWkxs7l9R89pi6K8DsENzSJadBgVwXykDfdSg4p+1ezthOyVVV8t1pNMxiz105Nmn5awcmkAhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8WfUqrS/0KsRBybful0VtNRlL9pxUCy+NuII3m8/ecE=; b=U+tXc1B/dt4eVPowBFG5alLgGYv1PhLF2/O4ku8OcK5JjxVPHNStaK4Kd9r4DlfpNwvWg/NmWD383LiRic6wtQlhAPzerLFs+fhShFZ/dZPtDuglMqMzt43wO9DroXJGFLx/KAA4vNKbeYNbKMKfOinBndD1ZfArd3i7fLWC4Kc/OIoXXAf6lJxUSiGtF11jFMn0sGV1XCGsMPJJ9SUE69cxzjGC6yMrSdDPeVqzirhI9UAWAtvuqVJX7Mk7haS2XHGd9c3wkxF3mgW9PQI5mkV/zf/aArDqooUa0EwlM+JcUiOo74iEYxp/sq+84q1OUVpEFAqL5xMY6dWMoPZISA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8WfUqrS/0KsRBybful0VtNRlL9pxUCy+NuII3m8/ecE=; b=V/2M3TOPWFJuzxykThLUwXiVamv7UCigjrnA3KweBVG41gEsLNlrCtlA8Xp5UJZKLuTzsnIHWRP++CeqSj4isS+idCm66FTES20Ng2y63bjyCrYiBfdfl9pdgF/OBHTk0/0aJVm5fxHDG4/+TowVmep3dEF+IFrNfL58PPJrsjghO12BNk1TtFx2Vg/XRVcndgaOVMGMw0JZThcCQ0OFKU6EpRl/ncEJGbxvAOF0XJDNETX4ZnwS+rxgeAyqpJOTAa47kEi2NCXqUtCwL8JdEZeg8od0jX07rHw90d/RfKUQDbzjgq8Er7XpkL2Z8PD6n7bgx1ktgdRbEljZpf2B8g== Received: from LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) by SA1PR02MB8560.namprd02.prod.outlook.com (2603:10b6:806:1fb::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Tue, 23 Dec 2025 05:04:27 +0000 Received: from LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc]) by LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc%4]) with mapi id 15.20.9434.009; Tue, 23 Dec 2025 05:04:27 +0000 From: Jon Kohler To: seanjc@google.com, pbonzini@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: ken@codelabs.ch, Alexander.Grest@microsoft.com, chao.gao@intel.com, madvenka@linux.microsoft.com, mic@digikod.net, nsaenz@amazon.es, tao1.su@linux.intel.com, xiaoyao.li@intel.com, zhao1.liu@intel.com, Jon Kohler , Kai Huang Subject: [PATCH 3/8] KVM: x86/mmu: adjust MMIO generation bit allocation and allowed mask Date: Mon, 22 Dec 2025 22:47:56 -0700 Message-ID: <20251223054806.1611168-4-jon@nutanix.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251223054806.1611168-1-jon@nutanix.com> References: <20251223054806.1611168-1-jon@nutanix.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH0P220CA0016.NAMP220.PROD.OUTLOOK.COM (2603:10b6:510:d3::19) To LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: LV0PR02MB11133:EE_|SA1PR02MB8560:EE_ X-MS-Office365-Filtering-Correlation-Id: 9fe5d98e-9bfd-4628-0d64-08de41e0bf4b x-proofpoint-crosstenant: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|52116014|1800799024|376014|7416014|366016|921020|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?UObGCVnJdFupsE9pu1c3jH2JbWrppBZoiBtQHl/DnTwhGHfqC6TxRe3wuEtl?= =?us-ascii?Q?Tm1SC53d7MV03aOtSbl96JVV8Jq6X4nSU4GccVkSypNoj+FiO+bIDew46qLM?= =?us-ascii?Q?kg//nVsqLPOjkeNK/QFrt0h0JP5j42FI8wl8mDQKTlFXuFeAsjBCsB4S6yrl?= =?us-ascii?Q?AvvMKcmB4ucZTpuqHrpLt73meC5Bk2b7/mFEy0z1QTHhZC7XcKb8DRwabbeK?= =?us-ascii?Q?BN/+uKfs76W4gz9IIeZSXRyxUC94nXr8fGR0UNn4A2WFtXWkE1yV4TQnxwBb?= =?us-ascii?Q?Szl+nd61aMkbLbmyAut4L0xkbPYo42qdurtSfXSgwp+pWjNlMUh5/ndFMUQJ?= =?us-ascii?Q?uGCRHvSuihyhdKq4KC0uTP/lUwsFvOW3iPXgqURwQ/h7L8OpPqQZjHxngR8z?= =?us-ascii?Q?67AoVI4yCm1CIafAeBybhR7p7hxNsud9N3risMXkTkpdln9qP9MWlE070eDd?= =?us-ascii?Q?rSbZ4CjDSwravCoogXYpLz+NHg5C/RiLm49nWgIYgyjte20+1X7PjmHGlrM8?= =?us-ascii?Q?v4quQfXmqk8oEhLyy9oBpPABYg9tQHyZKNwVkAQXDSexE8VbiOJkLw/+4cUN?= =?us-ascii?Q?X/WJyZFMT4bbDk1MC3a3pwMtGgrhfMgo55Us6fBW4WBpQoTlof0eIGcOksaU?= =?us-ascii?Q?OfbmhJGrSf6Xq5ItEw+tBAzmLkTWwk8IVEBXUNhkunHJgcUh9PrD7z8pSYAF?= =?us-ascii?Q?7Ii3cmIrI6aLOwbLNcmS683K4IhxpJC8mrEYjEuAEGgYqPvhh9lGuH912vn1?= =?us-ascii?Q?6usnVGVTG5g4fALUfF3/Sa4E13g7cIjmPEUP7wIApDnTs6MKbTNspEa4dbsy?= =?us-ascii?Q?EjEySOq/srh16ckwl1zKVGsaiJq9WP7uiFPsiDfR4Zo5L4NaAHj/43aETltv?= =?us-ascii?Q?i4z8f3rx8Do2MOuUQ2F9GpD/M18wccMmntN0+SqXJU2VDMfP2Bm2C28N94WL?= =?us-ascii?Q?sdg7X/5evjTKbiKs2J4BVFK5Rx31tJ+xuhnuGiJP4EIeFfrXe3i8nU885zNC?= =?us-ascii?Q?i9WKay0sT50PPpXpaBbBkxKCqLTtrqVPpapPQlzUOn8WwVfHZz2vVvPCh5px?= =?us-ascii?Q?EXoihv43ttBXln0fM9U64wnAUBuLo0Dd4Q9vL1E3xMZoXdrhEqh7YEMw3lzC?= =?us-ascii?Q?fargmI/wrHcOQqnBlWVXV9dtWZu5OL0k8K/bVzEbg4YMNoTXtj9e72A3tKuH?= =?us-ascii?Q?VtkCdh7oymQPVaCQoaKRuODpBFpEVchpIWrzdyMSnvXuGCuCEb64nA9mbwK2?= =?us-ascii?Q?2kE1lsN4g6UqLxaV5ybKueeRJaDDHeeH2k5ZhuyQaLxRsHjrVluK2vguOxfC?= =?us-ascii?Q?uS4g1bTDW4159i/T37iV9ESHYU2wYExDF2KsMxbo5iLJo4hhvJ8B7m+qic24?= =?us-ascii?Q?ByKpcmfW7v6jbzMmvprtZypH6gQKAgsxL8etypV8AU6CzU3aNKIMu07SIyVz?= =?us-ascii?Q?g/ebq017vKcIAjTeZQVysnKYzviPYFkFyF+7ZH1QSCZtzjGttLZjBI228d2y?= =?us-ascii?Q?r/PzFZ17Zu+jydiF8o6zSsbwqE756ZLCA0DBzWuvwc5TzrofuefltBfwlQ?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV0PR02MB11133.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(52116014)(1800799024)(376014)(7416014)(366016)(921020)(38350700014);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?8SarLUVP6PqozJMPEc+DBhzCnTVzwRSYIBAywP2cOVPyDkr/7U0Go1ywAKlv?= =?us-ascii?Q?aoJHwvDNb0zwo1nJXnQTxlVzUcbGXruRuoIsNJdaWUxJFMoWqOATGz2kochS?= =?us-ascii?Q?c1oiNJjctkF8/qZeHXzotJsEmARqhgddgrQmcAj09X93dBzKI0wkD9g+kNjN?= =?us-ascii?Q?Ac5iEp/bo7y3xKH3gv1dqeVa62bH+SZq2wkn9IdnAsoBWwhoS1PbksmGRDo0?= =?us-ascii?Q?/alo5VFYrK2pS0z5Ub6KEaVxWVKzVGyf6ineHh/1YMUZV0c+SDSQKRWMtcCx?= =?us-ascii?Q?lFaKvCvc2qJt0HFzsbTIquO+3907Tsj63BZeGQz7n0sLGyRl0woM9FjvGBMO?= =?us-ascii?Q?P6/80qEykT9hQ1G8hZABP7K1vvOTBLX8faC+VwrfXtx8n0anYOFBjm9zFPFO?= =?us-ascii?Q?TYb6Y8g/Q39EieqckdkIH6AfJQnMwL4i12lL13MjvpLLbOQ6VPP4TaWBPxiO?= =?us-ascii?Q?wyBHlal2w0Z/qia4SZWrOBN2XhquRbwZ9vy0cRqgFBdN9BHBs5yhNypnEGp7?= =?us-ascii?Q?zJyRyR4P4CS7jb07fAy7BwYTXipvK/7bIoPne/shKA+a5fpVZZDFeaMJSR+R?= =?us-ascii?Q?19mHgd+Zlb2JdN1wl/DOVM3B27LU4xCrAlLGcFV2hdw2vlZhtulshCAisVeL?= =?us-ascii?Q?PXcHJIdcIX39fDHol/ms0ZruyI6BxIwHEXj+yn54lt5ItgPOjPSX7DDPYwS2?= =?us-ascii?Q?byqBJQPwFkQo+SzUV+Ac+GHdtdRm3DLplBwuZFACqMf2JFeq45Y3cgK+E45V?= =?us-ascii?Q?0MLBbIZ4BdGTkqfiAZ75czYt1rGjS1lWcdIvpiySoky3x81NdpR5SnLcTCXH?= =?us-ascii?Q?6PTSrpaZ8CYBmLZHieRa/o0IIZS9kZWO3oPuuguea9bzWZlnWjTlh8VwFveg?= =?us-ascii?Q?8UnNrxUG0ZW2yXXCFawf4or10FNVd/Znr8Hs8BkNNJqQT2W21ENSoo62mAEF?= =?us-ascii?Q?t0VbKuz0fXw1M/2c/ce70T8e29KLtCxUVEP1j0RV2MoSBIHLFzKJX/e5TRHk?= =?us-ascii?Q?lDMCKtv/HwhOXfgpeY9f8fGe7EVKsgZXwi+CRVUHukgN6/1+HrLYhgnEKzLr?= =?us-ascii?Q?rQs8SLaJbu/GKvhuRKCfIqzwVUUVIEusxaSb0TXTHHLyL9MHWvgqQWVw6JBE?= =?us-ascii?Q?PUH2DKcR/dJ/6SYTcmAlfcIHKk60xZfzgrBh1E/f2+g+4WJnhad2gIzumIym?= =?us-ascii?Q?f6e0prZmyYFooq/3Gko2jcxgv1rj8jEhEP2TIXHM9RvTtkcB3XwQhaJF50PM?= =?us-ascii?Q?DdMhpYt1U6gTeb6rXL1Aalp+aZqyV9fUpyhg6H/nLTzi03y+meqnOUL1kV+T?= =?us-ascii?Q?/k8AcajBueOXQ/o4bYbRTrghTUBAgr987iLGM/RVJB7STk/iBN1hiMuYr4LE?= =?us-ascii?Q?4PJqq5jk1isDyeXx3epeAkW/1CL6aPJpuORdjS6e8hXVbwcUFkjq6BXLrFCY?= =?us-ascii?Q?d4Wl90yjJiBeftUvLyWljZJjCIK3w4l5yTDbcjS9fHQNUVrD6QY7Wk3vRndG?= =?us-ascii?Q?bv7oEkSLZsVcDnmPhz7pN/LT2R6moTy1zQIhfpEr4aaFaDMlgHUBE0SYckX0?= =?us-ascii?Q?zEUl9EBCuh59c1EI1aQgabx0wT6YUEHDPRYl6XPPLkolOncyItAWYutXpCmV?= =?us-ascii?Q?kZ24IRL//UqsyKHyH3yg9ImbfIVCwkkSuIW9GKCi0H/HpPQ1B/vOPNmo+T1f?= =?us-ascii?Q?jrb+dmq1Itf6MyN+7zAx//piqEhrikag+8xALKtHuZCuO8csMU+g+ohIl8DM?= =?us-ascii?Q?xHw3HdEfmPjzyDml+j2929yBstBQzI4=3D?= X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9fe5d98e-9bfd-4628-0d64-08de41e0bf4b X-MS-Exchange-CrossTenant-AuthSource: LV0PR02MB11133.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Dec 2025 05:04:27.1620 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 30bWsvLfko5wz5qN1sMkOkPWKrPtfvCKMmI9KpD0pBoue3Dm0Ke1Oxq362216RbPnDLm1ArTel2oZpTzeb9RSQqQj2NdiPG4c2feAze4QOI= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR02MB8560 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUxMjIzMDA0MCBTYWx0ZWRfXwFr0XeKUfOmi tPWSYM6ynXTKdnKeBB7YLuUOvPm6c2OSKta8IMFpX4OSu4T71pjm/peSBA+918l2Dub5iMB/rZ3 FyS0mqnSQstRqjvOdO8BeiViKRLBwVLZvtkhVBjind7s6LxS0s9NzTv3Sylhah89X5iWvYbON0I USXe6+KlwUb8/Yd4Lg2wtaQaYWV9AQT5Sq4Um020zLB5Cr3c6dAa3+PzPOc1f+TsCtUTTygjrCW UlzXyDQ4zY+0Z1Yh2bYlYTB3W97Z23d36DcDqQc3rNqBwlFis6Quk6t70DwhSdf5iluikp04tER Ch698TS1/lQznmDLBg7tzUTbafd4RgS76MKYOf7VqTT1supgKw33NGdZiWaS7CvpjOHr1qTF5+u O5J8dLLhdzEm1oNvOA7mESXZzGb5igYpVjgA2pxRGlHV79wfJ0CzhmugQ9k+w5HVhH0AVJc1YWe bwVswAOWH+Q5Le1LkBQ== X-Proofpoint-ORIG-GUID: UkT3lmH2NwcVhqLYtC06PybvZNutd-uw X-Proofpoint-GUID: UkT3lmH2NwcVhqLYtC06PybvZNutd-uw X-Authority-Analysis: v=2.4 cv=R7YO2NRX c=1 sm=1 tr=0 ts=694a22dc cx=c_pps a=5R/USArCWZnskgXodYG4KA==:117 a=6eWqkTHjU83fiwn7nKZWdM+Sl24=:19 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=wP3pNCr1ah4A:10 a=0kUYKlekyDsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=QyXUC8HyAAAA:8 a=64Cc0HZtAAAA:8 a=EwT1G5GB7KXMQQH4ZFIA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2025-12-23_01,2025-12-22_01,2025-10-01_01 X-Proofpoint-Spam-Reason: safe Content-Type: text/plain; charset="utf-8" Update SPTE_MMIO_ALLOWED_MASK to allow EPT user executable (bit 10) to be treated like EPT RWX bit2:0, as when mode-based execute control is enabled, bit 10 can act like a "present" bit. No functional changes intended. Cc: Kai Huang Signed-off-by: Jon Kohler --- arch/x86/kvm/mmu/spte.h | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 0fc83c9064c5..b60666778f61 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -96,11 +96,11 @@ static_assert(!(EPT_SPTE_MMU_WRITABLE & SHADOW_ACC_TRAC= K_SAVED_MASK)); #undef SHADOW_ACC_TRACK_SAVED_MASK =20 /* - * Due to limited space in PTEs, the MMIO generation is a 19 bit subset of + * Due to limited space in PTEs, the MMIO generation is an 18 bit subset of * the memslots generation and is derived as follows: * - * Bits 0-7 of the MMIO generation are propagated to spte bits 3-10 - * Bits 8-18 of the MMIO generation are propagated to spte bits 52-62 + * Bits 0-6 of the MMIO generation are propagated to spte bits 3-9 + * Bits 7-17 of the MMIO generation are propagated to spte bits 52-62 * * The KVM_MEMSLOT_GEN_UPDATE_IN_PROGRESS flag is intentionally not includ= ed in * the MMIO generation number, as doing so would require stealing a bit fr= om @@ -111,7 +111,7 @@ static_assert(!(EPT_SPTE_MMU_WRITABLE & SHADOW_ACC_TRAC= K_SAVED_MASK)); */ =20 #define MMIO_SPTE_GEN_LOW_START 3 -#define MMIO_SPTE_GEN_LOW_END 10 +#define MMIO_SPTE_GEN_LOW_END 9 =20 #define MMIO_SPTE_GEN_HIGH_START 52 #define MMIO_SPTE_GEN_HIGH_END 62 @@ -133,7 +133,8 @@ static_assert(!(SPTE_MMU_PRESENT_MASK & * and so they're off-limits for generation; additional checks ensure the = mask * doesn't overlap legal PA bits), and bit 63 (carved out for future usage= ). */ -#define SPTE_MMIO_ALLOWED_MASK (BIT_ULL(63) | GENMASK_ULL(51, 12) | GENMAS= K_ULL(2, 0)) +#define SPTE_MMIO_ALLOWED_MASK (BIT_ULL(63) | GENMASK_ULL(51, 12) | \ + BIT_ULL(10) | GENMASK_ULL(2, 0)) static_assert(!(SPTE_MMIO_ALLOWED_MASK & (SPTE_MMU_PRESENT_MASK | MMIO_SPTE_GEN_LOW_MASK | MMIO_SPTE_GEN_HIGH_MAS= K))); =20 @@ -141,7 +142,7 @@ static_assert(!(SPTE_MMIO_ALLOWED_MASK & #define MMIO_SPTE_GEN_HIGH_BITS (MMIO_SPTE_GEN_HIGH_END - MMIO_SPTE_GEN_H= IGH_START + 1) =20 /* remember to adjust the comment above as well if you change these */ -static_assert(MMIO_SPTE_GEN_LOW_BITS =3D=3D 8 && MMIO_SPTE_GEN_HIGH_BITS = =3D=3D 11); +static_assert(MMIO_SPTE_GEN_LOW_BITS =3D=3D 7 && MMIO_SPTE_GEN_HIGH_BITS = =3D=3D 11); =20 #define MMIO_SPTE_GEN_LOW_SHIFT (MMIO_SPTE_GEN_LOW_START - 0) #define MMIO_SPTE_GEN_HIGH_SHIFT (MMIO_SPTE_GEN_HIGH_START - MMIO_SPTE_GEN= _LOW_BITS) --=20 2.43.0 From nobody Sun Feb 8 00:03:44 2026 Received: from mx0b-002c1b01.pphosted.com (mx0b-002c1b01.pphosted.com [148.163.155.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 773F92206AC; Tue, 23 Dec 2025 05:04:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=148.163.155.12 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466300; cv=fail; b=oqL2x42jchUHdiVY8KSNSIbEZDrF1gpJH+RamXvbO1093R44wGPwNhPVXTCim4oiO4fA7aw0poce/UxLQrKBRpx8H6o9CWLCye7gmkTR+S2CJWenXk9CONGoSGzGPavOyhTTTWKgr0lvBbIWsuqVqtAhE3A97NMN3va/m93USRk= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466300; c=relaxed/simple; bh=Q8vq5vkSkgaRSbFlWGACd5g35vtGs7fg9zkdnOqJnEo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=Z89cVANOjQCp8LykjSF4kA0l79qxU+597bEgcdggDe+ZcCBmzR8fK+mr5igDYi0EtRVStWbvOMjNnBIbBT7B9Z9qdD2Nkzj5wfVRDDePFZfoEXTTwsrrMS2UiddRcUMnlqbpn0UHwg5GJtrgzti6R7Pm36GZkJ639aHSCdAKfBI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com; spf=pass smtp.mailfrom=nutanix.com; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=uEQQVPoz; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=Fskwcgfw; arc=fail smtp.client-ip=148.163.155.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nutanix.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="uEQQVPoz"; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="Fskwcgfw" Received: from pps.filterd (m0127842.ppops.net [127.0.0.1]) by mx0b-002c1b01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 5BMLwsLp3941971; Mon, 22 Dec 2025 21:04:31 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= proofpoint20171006; bh=n72t6s7hpOpQpKUkPTaZ66PVCqT50XYy9oTIviXjF dA=; b=uEQQVPoz2z9PH0fLbJQVJ7H4l2YO/jpCzroDSAYPtWqtqFeRLxo1FlZUM WyR8hgyhA1GhR3sgTiZKQhvGQWxe2DZUVkQZ/v7M5UpYHgLOPM0m2vFXV7W90tnu s3iuF4AQ5jjaZ5w3gtz2ngT6pRWXlW22d2LT2JemKZOto+9b1zQhvKCp+gcreDnc 8bg68JCFusXXhLjuDf3PM8wSW10PiI8Ti4oScmespu4mGlM7MfbJrRf9pFn7zslA RV+0gm8g9iT2ymHnAgshjxP9ctrXUsFMvB2NxdcP5lnj5lcE/WVXaXzsCcPQXRQx mdWaeDa26EZKC+JH6NphN7wHJRbug== Received: from dm1pr04cu001.outbound.protection.outlook.com (mail-centralusazon11020134.outbound.protection.outlook.com [52.101.61.134]) by mx0b-002c1b01.pphosted.com (PPS) with ESMTPS id 4b7ecgrr1n-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 22 Dec 2025 21:04:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=pQqIZl2dk1eRpOkbexLW+oVf9w55aVCefjaoaVJfRcA4fre2/YrJ7NC1etrMAwTNLHRYQ6Rx4hDmmqlwRdw+5qprTdr333BBilfuP+7cq8u4rm2W4lq+OsK4ZGjqMvopEJbBokBMi99LQMEdsxZRTXGNITr7QKqJwT14+XUrv72PRqtM55ZIu7tD9U3CJPNdBNiW3vJ2BEkYBOYn73570NPIyicECJrw8SSbFDeBi/fA9QuvQLek5at69YB6DojcSYAuNvBpDFJSHitVkNEIrNkSUEBLDsrYwgepsZ3+2DsuZoCu42PBK8zqitgRhHkpxaZ5uZH+kKUgMiHqxNsbSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=n72t6s7hpOpQpKUkPTaZ66PVCqT50XYy9oTIviXjFdA=; b=Zu/dGpjOzd2U+fr37MdGz4SZ0PenuOyCOYrL4r2NiIn4Er6Bffvm5H143W4tr3EOlCsdlZp9/K5LFI2SyE7h1Tjg/8YCXlnGCTsXxi4gkvycohZvIfYU8fSicULCx1dCm6yG36Jc7TJdc1Z4MjUtQuVBJfmy+az7nvxG+Rk9TSWLqywtY4Zlq0N2dGf7A3KQtiV+n/K38LjC+Fc6fpEHlDqppioKpRr4R1K4emeXxzMKQ/goVuDFVRjL/Fv4Inl28s/TPpU0YViNgWmsMxTAvqx4IcDDYeLvKH6eJ+SaZJSVu5bLJxXKZBsaPT+m1hElesyoTFerV87Vs6k9B/yxyQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=n72t6s7hpOpQpKUkPTaZ66PVCqT50XYy9oTIviXjFdA=; b=FskwcgfwxW0s7SQoH9eliY/4hupqjKK80MkrTxrA6ugRpDHLpd6afIROG+B3ZheMVH+qODmPtJdGBkagKBCs2ETC8GmGmjK8IQYsoDaNVB5+XbYxIuoBI0JrIMLDf5EGN94E8OY36r+inRc/5TgbHoI1ih3+osOxkBgAfb9bu+HSQp8KJunPKX7lT3BLFDCKkySVp0CES7G5L0y4cQG+5AZ3nttzHCVemrxb1DZb77fifTpr4gWieGkrZLtr/5gdIxrXlLoaYH+GWbUB/Hwf4qC5iQymQ6Gpj52qB03Bs4KlAiBnoLZN0iYxcnNkjFC78WrngkSCUvkARRDejPOjBg== Received: from LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) by SA1PR02MB8560.namprd02.prod.outlook.com (2603:10b6:806:1fb::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Tue, 23 Dec 2025 05:04:29 +0000 Received: from LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc]) by LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc%4]) with mapi id 15.20.9434.009; Tue, 23 Dec 2025 05:04:28 +0000 From: Jon Kohler To: seanjc@google.com, pbonzini@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: ken@codelabs.ch, Alexander.Grest@microsoft.com, chao.gao@intel.com, madvenka@linux.microsoft.com, mic@digikod.net, nsaenz@amazon.es, tao1.su@linux.intel.com, xiaoyao.li@intel.com, zhao1.liu@intel.com, Jon Kohler Subject: [PATCH 4/8] KVM: x86/mmu: update access permissions from ACC_ALL to ACC_RWX Date: Mon, 22 Dec 2025 22:47:57 -0700 Message-ID: <20251223054806.1611168-5-jon@nutanix.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251223054806.1611168-1-jon@nutanix.com> References: <20251223054806.1611168-1-jon@nutanix.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH0P220CA0016.NAMP220.PROD.OUTLOOK.COM (2603:10b6:510:d3::19) To LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: LV0PR02MB11133:EE_|SA1PR02MB8560:EE_ X-MS-Office365-Filtering-Correlation-Id: fd067395-5fa8-4851-aebd-08de41e0c051 x-proofpoint-crosstenant: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|52116014|1800799024|376014|7416014|366016|7053199007|921020|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?41RefKC1oxYO0QOJR0bdOC4+y2ICHN0DHJG5F8FI7bLUK7MIU3NgaoeaXLvG?= =?us-ascii?Q?iMTEp+c+iXgvtXYwtbqTp93dqQU7+voH/bkYInKdMFn6rV8tf7Bv5sk14nM2?= =?us-ascii?Q?Gkkz/TMjS93vsYmQJx5yg/5BtBqqWunA1i4YkOpOTcjCatHjVBuUN7vKHrhT?= =?us-ascii?Q?Qfid7zQsXEFLBPPVc9yuEdKks89RzzOfxnpOGAfrFhjN9SNX3ZlnPJuRPVow?= =?us-ascii?Q?tCxnqK325zfeuAFgtT7UFfxBnJQLXk+U14kfaleAWkCnuHHMr/mcaOfw0LHu?= =?us-ascii?Q?wYga9REVraYTI/aejbDjFKWD+YEt13I0aMuEZs2BrRRrLGkZGRPpmTv86lgy?= =?us-ascii?Q?JLH4U6031xMfzMUBUKzNL+P1z9jS5nkcgNLGcdk0r+jAKTaQm0/LaJ662fiY?= =?us-ascii?Q?skohl9KbBg5j1TnYaAk5PNlZJm/Z1EuukJrwkiwRSzfkVYDltZw9y8wvsP2a?= =?us-ascii?Q?j1L15+XRKV0O1R9KkDm05il09yywn12UzzhcQdO1jIaecCU7wNi1z73X0cyJ?= =?us-ascii?Q?gyhO6zkS/UAFJjGiD5qf7SifFgFiRxqmi9rulzGbeLjRCb+IME7vR6dm1pDV?= =?us-ascii?Q?X0o5CVIbkH0lEIXZcrqiqROirO5j0kmHHWnLj6DX2AR5Jlz2JLAHvFbd6ptW?= =?us-ascii?Q?nhbfSuyG7OwfhBb+nnqdvOxnsTBA3ltbr/z1WepiAzH1QT94MM6tievvevu8?= =?us-ascii?Q?4IruuQcH4M/DE1KXYxOx6uLWHZ5Km025PyFIfin+EM78UDu8J36t7zWAzOfB?= =?us-ascii?Q?FRMTmagMJWrRfAeLGniAMsSerBzfnyOiO9UzFYByQMSPmwAhP/154J1b2BA+?= =?us-ascii?Q?f4qC3IRriW3d65n0U1+ChJFLzUA+3tPnezDMVRL5WN05qDyRwpizb7mjcX+x?= =?us-ascii?Q?YRtYCKMBV57E4LcT7Y9IU07dv9WHWew52G16PHJ0i8ucPJbhAw94nOB+oKh1?= =?us-ascii?Q?TeMEMF5yUptNgvA1QrHo25EbfMiyrjhs41N00UBivV6XzRDJsdRXZVIvRsiu?= =?us-ascii?Q?T4SanMogLqepN/RQu2dbHio2m7NkvSKYf0jCuddqo8s7wnM3SRrSIlTB3RC4?= =?us-ascii?Q?nRO8lYrs2UmT2mU50PZLDpbnItDTatLr07ZzOPYafNHjTctax1I1S/qslp3c?= =?us-ascii?Q?3mTBpiTjPXzNXnB5s5z8KUHeZJOHeilJaT2+DLrnnDNGQH8uhDssi7SxBS7s?= =?us-ascii?Q?TNnkyUlTnwb4TGLwjdrxREmfz3gez8axPojlC8ykGX7OeEEiHzyOmeM9M82E?= =?us-ascii?Q?3ZNpWWtYWtK8yd6OWt5lVO/HdodNg5O8ilDULRBxWVso0eQkLq/aUl/zo6nw?= =?us-ascii?Q?6gBxtpcZRf2Bb1Xo4ZpOKSfXgAD1pnZJiXojFY1X4qS5yMjcvn4WgMANuhhQ?= =?us-ascii?Q?svbS1ZQ8Te8BpQ96zFJAVCkXJuMYjUinVufvZuowm0+L+tpVuyw4BM/NjaFP?= =?us-ascii?Q?vanaQ8W1cSWtojWwi5cjU5W349/WtT4ulVgq0HAnLXm824OSRi0q69Pwa+YJ?= =?us-ascii?Q?2z9TCx/Y9tTVLeYaw/7ag/90gIs+ZxDV9ELSTieHcHiGdU1BCOD70M97eg?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV0PR02MB11133.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(52116014)(1800799024)(376014)(7416014)(366016)(7053199007)(921020)(38350700014);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?0ImcAeHVdDWRLnRqbqwzHFSaKnyFU+phsXDIFaxxWCb46bUdFAlUAMOH/9Bn?= =?us-ascii?Q?piEbaiqfe1Djf2G/R9W0S6HIrf5Ex0bIOc4LK7zUe6n7wWeIhJSYxlZfEXPY?= =?us-ascii?Q?2TFAdq9j303BE8Trr/lsabCvV0EeRwoUIhSIwSqaHA8L1eqK9WVdc+JwB6ZQ?= =?us-ascii?Q?uF0OlwJb8Jmv3o6uNt0uiRXgB/ey09ssBIUm4ltNaagCJnA5ARJtmEryTL7k?= =?us-ascii?Q?jI89PRzAUeOYZxIGEQjePqQIEZ82gmTl/u7mWiG9yrZ9ScXT5WyzrGdDux6M?= =?us-ascii?Q?p6rGiEdhCBWlJKR7Vc9S2b6HfeXeofZuRHChwNX4FrDjenOZa9FavQf9xMiX?= =?us-ascii?Q?nkyrrONfFifI6/cNXX7URpiuXRhiLrUjbgLZZZp2MwOOC8yzuY5BT0NDSehN?= =?us-ascii?Q?iBWgEZn/+0aQg2xruve6x15ILK5Nz8HOkqRIDFmYGkYBcJ86Uwa+7kWJP4Fp?= =?us-ascii?Q?t8HA7r+pNBm8VGSNXdji9bxM7Uq0E57ok89ARbjaaXifKoR3mWvj0DG1Irpx?= =?us-ascii?Q?fHHqc+QJ5ISXnHGG9qv/HpdLclffXrwha1CAAD9u73v2/zGY21hEw+kAjXFJ?= =?us-ascii?Q?MuJqnJQIEfW18ONcpHXWr8VenTQkF3Nqrj4Z3FY5/4CdKtm+0nB5HTz1cl6a?= =?us-ascii?Q?LIWK/R0mqcJsjEDBFc2E40rUf+o4ZxCLkiL8upSpCyThRP7Gry3EmsaoZYnG?= =?us-ascii?Q?XDj8Unjz8uZo1ECxfKogXpNPVMO/N8XC8iQDT1Yb9XsdHF/r3NJrJthEpe+r?= =?us-ascii?Q?aIZX1Y3yYw51aMg4WdcpGqkOnp+zE4s4/H6CgE8RUL/jyRLcNcIGE4NO4jDJ?= =?us-ascii?Q?iG6aCcHb3GEMAsaz2sI4Ttw4YaweN2lPsB9jq2uoPwgV5n+3U8Cg3jz8CGPC?= =?us-ascii?Q?Ha1UtddupjiFthPoTxu0YDUC4RHs/slnq9ThJqC09tq6VlcWBG1JS57MFFer?= =?us-ascii?Q?j6EVgAGdKmQBZ3D5jaJrgbn0f/FtF/A8dHQH5hdUQnJoOonYX0AuEdu1ykHD?= =?us-ascii?Q?1YVwaUJ8jKcUswuKethSdMzmJBUvoJrAaufUSAIg23fVTE39XaiUAXDLG7p/?= =?us-ascii?Q?qtE/+P0xdGQ0wGbVNQxVCjPwUN0ZVFXsxuezFM5AFXcewFTO2ZR9vB8Z13Mw?= =?us-ascii?Q?T1r2pmmVnFNSexDRtSO8iDLgUvRLXQ8tQW4OSEBQBb21mg5JdHm6+PZ6LhCm?= =?us-ascii?Q?DJ84BUYkODXIK95CaHMgexdlVnZo75PyEIpXmmojQV3dJLOQPXeJsrSxY/LL?= =?us-ascii?Q?KFXQrE9A3ujH7f/czlc/u+r4+ebX8T98Ctjmjly74R0xsm45UvMwRwLMHTFM?= =?us-ascii?Q?T3GHS2gz2rmiAj8A93HyXWdI8btqg5v9k/brppBQCep/twRPB22dxox0ee/x?= =?us-ascii?Q?pbu2DVuX542BbrPfZ4vW4/VkC+6LjgxNm0NphI7vYFKQ+LQAF8SmJ57ne0BZ?= =?us-ascii?Q?MCseGZ+vWz85aXEzt7CmR4So5IpxjuzlTHuJqnOEqcBoElnX9I1NsCF724ED?= =?us-ascii?Q?J0Vyz38COQ7eFAnVc544nxsBr2oxmsu/VrqBrE0n22J8LZpPNRMOzoWBYrsj?= =?us-ascii?Q?t24N/vuufFZln3eTrppA1T+nqGHlOTFUQkwk3kEyMGOivXzJCswM52NR5Egi?= =?us-ascii?Q?yqFZpNfbCG7KBfAjOyQuc/DbLxXOIME5MCmNbm2e0+19+ZkoPkzlJWT9TmzI?= =?us-ascii?Q?DiE+SPrCCcLtmjm5u92hih02YoQ/6jibINEZC4mxPU5bPkqENrey8V9P43x9?= =?us-ascii?Q?exDxI8LXc2ahS2/nqQQRnXY+4k56tFc=3D?= X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: fd067395-5fa8-4851-aebd-08de41e0c051 X-MS-Exchange-CrossTenant-AuthSource: LV0PR02MB11133.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Dec 2025 05:04:28.9376 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: VO+3u0aQu3Zsaj4HqIPFbMhUDSF/TuDE5inZYeLBXMn+gbU2kdhtsm2JEEhwegI1tI0W5lIinQOuASAUE/vZrFF4DMFiqKa6TNiyUjmd3+E= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR02MB8560 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUxMjIzMDA0MCBTYWx0ZWRfX2vHDZxGntSwr O47800kctdO01bhGjSR83PTolMDq2depdytfPi5GnDofLjsvfk8gKqLkN91zy4IVnyOO1OnSDlL MCz69Mx9+//ALk+OX8gMqz/zplb7Z5XdytOdLVSfscP1sGOMOlyNx47zTcyn9/teri8rPIrEbVg tTPoKeRFV35Lh4yFveYRLDHDkKqaEg/k9zwzV7TST+3prW53xDXMPAjZnhFD786d3EnQHzIgytT VOcP4vv/4VGcaAAtZlVndXH2K9Y407laLkCJ91zN80QcB1qsJqYs8UB441fa7PqyfwEwFin0PpV AjVBIpe/mxXwk2fs0CxNm8LP8M/eruqNpy1+H4Ng3z2LqacNfZg8KQ3s7kBXFCwNvbChij6zK36 U1v1WRyp1lcj7PBLSa36E1TnuL7C+16kPmFK2QN/WArD4sxpZaHUt2oFyog9pRHKdt1AXkkCHl4 YOwcmBYbiKH9QBwZHfA== X-Proofpoint-ORIG-GUID: BwZLp1eQdAelA9IX-fKKHRqYM5xVgj9Y X-Proofpoint-GUID: BwZLp1eQdAelA9IX-fKKHRqYM5xVgj9Y X-Authority-Analysis: v=2.4 cv=R7YO2NRX c=1 sm=1 tr=0 ts=694a22df cx=c_pps a=TszpKlPPvK6rXl4+XYbYdQ==:117 a=6eWqkTHjU83fiwn7nKZWdM+Sl24=:19 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=wP3pNCr1ah4A:10 a=0kUYKlekyDsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=VwQbUJbxAAAA:8 a=1XWaLZrsAAAA:8 a=64Cc0HZtAAAA:8 a=bsWHkKLqYCcK7wv1_R0A:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2025-12-23_01,2025-12-22_01,2025-10-01_01 X-Proofpoint-Spam-Reason: safe Content-Type: text/plain; charset="utf-8" Introduce ACC_RWX to capture traditional RWX access bits and modify the various consumers of ACC_ALL to use ACC_RWX instead, to prepare for Intel MBEC enablement, as suggested by Sean [1]. The only areas that really need ACC_ALL are kvm_mmu_page_get_access() and trace_mark_mmio_spte(). No functional change intended. [1] https://lore.kernel.org/all/aCI-z5vzzLwxOCfw@google.com/ Suggested-by: Sean Christopherson Signed-off-by: Jon Kohler --- arch/x86/kvm/mmu/mmu.c | 16 ++++++++-------- arch/x86/kvm/mmu/spte.h | 3 ++- arch/x86/kvm/mmu/tdp_mmu.c | 4 ++-- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 667d66cf76d5..b1a7c7cc0c44 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -3452,7 +3452,7 @@ static int direct_map(struct kvm_vcpu *vcpu, struct k= vm_page_fault *fault) if (it.level =3D=3D fault->goal_level) break; =20 - sp =3D kvm_mmu_get_child_sp(vcpu, it.sptep, base_gfn, true, ACC_ALL); + sp =3D kvm_mmu_get_child_sp(vcpu, it.sptep, base_gfn, true, ACC_RWX); if (sp =3D=3D ERR_PTR(-EEXIST)) continue; =20 @@ -3465,7 +3465,7 @@ static int direct_map(struct kvm_vcpu *vcpu, struct k= vm_page_fault *fault) if (WARN_ON_ONCE(it.level !=3D fault->goal_level)) return -EFAULT; =20 - ret =3D mmu_set_spte(vcpu, fault->slot, it.sptep, ACC_ALL, + ret =3D mmu_set_spte(vcpu, fault->slot, it.sptep, ACC_RWX, base_gfn, fault->pfn, fault); if (ret =3D=3D RET_PF_SPURIOUS) return ret; @@ -3698,7 +3698,7 @@ static int fast_page_fault(struct kvm_vcpu *vcpu, str= uct kvm_page_fault *fault) * current CPU took the fault. * * Need not check the access of upper level table entries since - * they are always ACC_ALL. + * they are always ACC_RWX. */ if (is_access_allowed(fault, spte)) { ret =3D RET_PF_SPURIOUS; @@ -4804,7 +4804,7 @@ static int direct_page_fault(struct kvm_vcpu *vcpu, s= truct kvm_page_fault *fault if (r) return r; =20 - r =3D kvm_mmu_faultin_pfn(vcpu, fault, ACC_ALL); + r =3D kvm_mmu_faultin_pfn(vcpu, fault, ACC_RWX); if (r !=3D RET_PF_CONTINUE) return r; =20 @@ -4895,7 +4895,7 @@ static int kvm_tdp_mmu_page_fault(struct kvm_vcpu *vc= pu, if (r) return r; =20 - r =3D kvm_mmu_faultin_pfn(vcpu, fault, ACC_ALL); + r =3D kvm_mmu_faultin_pfn(vcpu, fault, ACC_RWX); if (r !=3D RET_PF_CONTINUE) return r; =20 @@ -5614,7 +5614,7 @@ static union kvm_cpu_role kvm_calc_cpu_role(struct kv= m_vcpu *vcpu, { union kvm_cpu_role role =3D {0}; =20 - role.base.access =3D ACC_ALL; + role.base.access =3D ACC_RWX; role.base.smm =3D is_smm(vcpu); role.base.guest_mode =3D is_guest_mode(vcpu); role.ext.valid =3D 1; @@ -5695,7 +5695,7 @@ kvm_calc_tdp_mmu_root_page_role(struct kvm_vcpu *vcpu, { union kvm_mmu_page_role role =3D {0}; =20 - role.access =3D ACC_ALL; + role.access =3D ACC_RWX; role.cr0_wp =3D true; role.efer_nx =3D true; role.smm =3D cpu_role.base.smm; @@ -5826,7 +5826,7 @@ kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu *v= cpu, bool accessed_dirty, role.base.direct =3D false; role.base.ad_disabled =3D !accessed_dirty; role.base.guest_mode =3D true; - role.base.access =3D ACC_ALL; + role.base.access =3D ACC_RWX; =20 role.ext.word =3D 0; role.ext.execonly =3D execonly; diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index b60666778f61..101a2f61ec96 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -45,7 +45,8 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); #define ACC_EXEC_MASK 1 #define ACC_WRITE_MASK PT_WRITABLE_MASK #define ACC_USER_MASK PT_USER_MASK -#define ACC_ALL (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK) +#define ACC_RWX (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK) +#define ACC_ALL ACC_RWX =20 /* The mask for the R/X bits in EPT PTEs */ #define SPTE_EPT_READABLE_MASK 0x1ull diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c index c5734ca5c17d..98221ed34c51 100644 --- a/arch/x86/kvm/mmu/tdp_mmu.c +++ b/arch/x86/kvm/mmu/tdp_mmu.c @@ -1190,9 +1190,9 @@ static int tdp_mmu_map_handle_target_level(struct kvm= _vcpu *vcpu, } =20 if (unlikely(!fault->slot)) - new_spte =3D make_mmio_spte(vcpu, iter->gfn, ACC_ALL); + new_spte =3D make_mmio_spte(vcpu, iter->gfn, ACC_RWX); else - wrprot =3D make_spte(vcpu, sp, fault->slot, ACC_ALL, iter->gfn, + wrprot =3D make_spte(vcpu, sp, fault->slot, ACC_RWX, iter->gfn, fault->pfn, iter->old_spte, fault->prefetch, false, fault->map_writable, &new_spte); =20 --=20 2.43.0 From nobody Sun Feb 8 00:03:44 2026 Received: from mx0b-002c1b01.pphosted.com (mx0b-002c1b01.pphosted.com [148.163.155.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ACCD82FC00D; Tue, 23 Dec 2025 05:05:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=148.163.155.12 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466310; cv=fail; b=K9EzKXpgpfvBxV9oHRxxRscP/TkiysbBX44a5cFfcYCcVz9wCbE+45dr0ddumx+uHfodZa8Cll9Z6MTh5RJ0kqFgUDXjejgreudefdCNw4UDXWQNOi8CMMJ0vp2zGKdPZN2tRVu8zSJbWHsWt+3quzDExU9jBfZtlO1OcHI6NLM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466310; c=relaxed/simple; bh=ibHmwe41Eh8fglQmhBlVl0xyKQyXcxuhQBA1NMJYQNY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=BZQ9/7fRORR9EudhPqVqieMsCmOnBBSp5g4p2ebaqgoRgykme3NkbpbZsPIXmEFuEArWYOs/mZk/NkCxaCMnhmN4qpR7Uab8Su1h+fk5CeUiyPkcyXBNZY/YTltH1KV4UpF7Tue2H6Hji//bXl+TeZt/4c8A37WkOa8Eqy76NuA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com; spf=pass smtp.mailfrom=nutanix.com; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=G8yjCpcB; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=C2hUTamK; arc=fail smtp.client-ip=148.163.155.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nutanix.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="G8yjCpcB"; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="C2hUTamK" Received: from pps.filterd (m0127843.ppops.net [127.0.0.1]) by mx0b-002c1b01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 5BMHGVFw3289032; Mon, 22 Dec 2025 21:04:34 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= proofpoint20171006; bh=9sF+ujTX+NXuIvDRdr1YK2SSYXR5LfkAZUBtnFaZX v8=; b=G8yjCpcB6Kp+uZKOPnqlAKUdT1bagOU9cpN5MukFaVGEfmTXxue6booD2 QQr2seZtXlgBGtzABcwLYmUgZXbZPNSNMkpWXY02ChO3Ndldp6vw/kqnFHeslx4v sAAeGOhW7aaU/4U/AW8CkSUIOlkOXWUgvnDpt7htE6/4s3NccXldQZo+oXQ9Zr54 Ioid5a7Rl5Q8Z1+kjC+Rzij0IIIdGmPJQJNYejNVt5fDFs17VBvMqPEsAMQEMPlq wxcj9SMFZI97DLRA5VQZXzrEqmlDNpZ5UQ/fTWu7wbWTgv3Npood72F/yYMcGKe1 nhzgBQ2sACTmzQLSR2jwKKuDbW4GQ== Received: from sn4pr0501cu005.outbound.protection.outlook.com (mail-southcentralusazon11021123.outbound.protection.outlook.com [40.93.194.123]) by mx0b-002c1b01.pphosted.com (PPS) with ESMTPS id 4b5tsjmwuv-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 22 Dec 2025 21:04:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=IIMZPnLkVUDJmYVPUXtiteT0RYBlNo1SoMwSE0f2Yi8bzAnPdhsjxqRs8lCW73RnrWJikE7V56ENrvf0mhu0C7AbFSKN9YWPR8+9Q3RMQHpUhMHoPPgwZl++6RMtEt/cUNMtt7Q1lAzMRPdIEI3xHJMKf7C71IssoVQrj4TQmHvDxybjfaqcY08+ClOiDQJx3vL9ue5DSxtxCVXjkh5DqkdbnfaXMB6PVG1ae9QSEz3E6rwtpz6kj13iPFjT0Ce4oblwNzD2pnkFpP0qbTkU4aEAzPq0q3i5SCfkgh6WUdYIwGag23QEUhBJEdeanQtZNcp0BfOm0vHqQyXfgGnLEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9sF+ujTX+NXuIvDRdr1YK2SSYXR5LfkAZUBtnFaZXv8=; b=QgaEXMDNvyJBZHPH7UgV3ZNnGnLUu9BSqfBvGpiPS1InMqnYICPwwpUiyks3O+9HjFSmOE+Q61ixHnBKZokU3dFWaT1boaHkHTiTcD5IfII9I6YOLvlYr3DyE/YQ5rx2hisz6KyJPJ3B7+5Pd0MuMgoO3JPpNaR1lQAAwRpIL1BYGW7AM01oEGu+FoiA/7ZRubpZx1OwY16YG54VM5PaIVwNpcAL4Q9jWoixSPZOWNJYDPebxMTZyOMnfA/dz0Z40xeDoYng94UzrVvfjY2PUsChe5znnde79xPs7Y10rClRshYaHHCsDdCr72ghUurcRmU/BWgKAOgkhZtb+HmcoA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9sF+ujTX+NXuIvDRdr1YK2SSYXR5LfkAZUBtnFaZXv8=; b=C2hUTamKR4Jmx4UJNnlQo6lV2jjEUkQE0tP4dXDUdXBmhztHjZ/mvrM3fK5cPsaziGGCMbT57DdplBAEAjut/Bvf4APF88mZoEosYjszFR/7CERwyKz6+jMENX4ti0vpuLUJc4liQh+QEwbyFr+Zy0jnPrcIwbJb3EYtqqKzOsKMxWeAOZ4i/MkMQFl9ZqotfuEtnZSVHhLJcsz0E75b4bEp0vvphyAQPIxMOlQkaVViW5GaKZq+s2Y0HRvOK+sNxG50kQ2zJNACQg84+YSwQciCtWOtFeTgoEB2710a/jMpd6oVEAVH90xgXm/el4DGrzoVJma8L/taOIVtKY/O7g== Received: from LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) by SA1PR02MB8560.namprd02.prod.outlook.com (2603:10b6:806:1fb::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Tue, 23 Dec 2025 05:04:33 +0000 Received: from LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc]) by LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc%4]) with mapi id 15.20.9434.009; Tue, 23 Dec 2025 05:04:33 +0000 From: Jon Kohler To: seanjc@google.com, pbonzini@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Jonathan Corbet , Jon Kohler , linux-doc@vger.kernel.org (open list:DOCUMENTATION) Cc: ken@codelabs.ch, Alexander.Grest@microsoft.com, chao.gao@intel.com, madvenka@linux.microsoft.com, mic@digikod.net, nsaenz@amazon.es, tao1.su@linux.intel.com, xiaoyao.li@intel.com, zhao1.liu@intel.com Subject: [PATCH 5/8] KVM: x86/mmu: bootstrap support for Intel MBEC Date: Mon, 22 Dec 2025 22:47:58 -0700 Message-ID: <20251223054806.1611168-6-jon@nutanix.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251223054806.1611168-1-jon@nutanix.com> References: <20251223054806.1611168-1-jon@nutanix.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH0P220CA0016.NAMP220.PROD.OUTLOOK.COM (2603:10b6:510:d3::19) To LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: LV0PR02MB11133:EE_|SA1PR02MB8560:EE_ X-MS-Office365-Filtering-Correlation-Id: 2f6bb9cc-f676-4339-b42e-08de41e0c2c2 x-proofpoint-crosstenant: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|52116014|1800799024|376014|7416014|366016|921020|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?OOjPqAz55I9aTMarVbBN0rIvhNIYgav0lNkbJousTXSLrTtjcqhnsm4kTOix?= =?us-ascii?Q?RUq0dWdB2/onqoWuFKWPJNwEqK6OrRRCqyZIvVrD6/WbFKjreaQqtvauIaYT?= =?us-ascii?Q?Un1ioYu+Cw4hTeQYmD7Y+uRMAQ1n1NBu5p1g57sXvnCMUxDp1Q83DEefDR6H?= =?us-ascii?Q?ZLBcSX86r3q7pc2rjwBrv9nMx4bQ99eqY2CGG50jU9mPyL7bFMfMytBPLeSB?= =?us-ascii?Q?IZ8Z3+Z709mwfKSLV/t6CjS196leBJzFhhnD0L6Ma46OxOhiQKd0t6oOyNOs?= =?us-ascii?Q?oRo+EE2aAbQtsnEcUXlX1lNeNcyOJ2aBAI3rR6wYPpl7OuxooRW5rHgYKM+a?= =?us-ascii?Q?hrLvmWcZ/FOLblyKVzj2FyT8a7s/Pl2qivNO33uFLZWoUvmbD6UbzB3sgncX?= =?us-ascii?Q?h1VnXfhPoXKYs6kR5YuUXfXOJ/gyuVjk5Q+cOMeY+1UNkS0isy49i967avqR?= =?us-ascii?Q?6d3A/Y/ZDp+IywemPefbes+Z/naTaqcAVmvXpsOXGgPGZkIQvSAVOoXDlSZO?= =?us-ascii?Q?eknGBjv1orJVP41TERrs7DKUPYywqGcC/tYZhhihmdT4eC0mEtZOtp5yF86x?= =?us-ascii?Q?gyPD3RpoRLQ61urQE1wr2o8Rw0VqmeSvSSfgZdpfrz4/fGdtYsdq+JvvNUxT?= =?us-ascii?Q?jRVxupB5XNggSl3Nxw2iI4aczJNm3OEoODtLmTK8x4taltZh8mywksxTp+C3?= =?us-ascii?Q?ut0jNyy5nKocmjDUqZd6y0vHoAjxEefHbAD1UcDaPnCBy4ef1kNk2BLPoZTq?= =?us-ascii?Q?8AkyzRcPU4XxkxOHShu6Ql6n8OWJqpl+haDgx8UVRpZbgR8nBjCrqRLsVgct?= =?us-ascii?Q?Q59gZw4f4HbUIX3BSgqgSZ917u5IS4vf+Flvy0iAhLmd6QtFxuM21nLorlWt?= =?us-ascii?Q?rJlAJ52jcqKBhWaoGUBLDvcq0YOAT4w/qjTbum8R1eMkbyzSkPMUgP8oE4o5?= =?us-ascii?Q?0+HEmXk6beG5e3/E6w6YhmEtlBNxH1VqawVd/IsmWKDWtM0dN8bbA2VMwCcg?= =?us-ascii?Q?wr92v7Go6WGu4bUaSQKhVtysAAORKIbpxCxiCrkH9eWjO9xiUGu9N1hKQlyW?= =?us-ascii?Q?eLZeTaNlaROVhe6AFRT/X9jtMt8tRF1KrneQrUBRsLd8FuMSkHX+wwcYfS0N?= =?us-ascii?Q?vHUywDgAxjN1xf1Vv+svWmgSfIgXP3YPKFPz0L85CEiit0dut1ld1zBF+MZX?= =?us-ascii?Q?RGaftFS8+wca+3uXWnmVyMSOsnSMbP3xjFW++n+LuM4Qo0RRupxNOuDdnCa7?= =?us-ascii?Q?62xAsVKqQ0iyqckAHG/QE37X+cmqfQZEUKdDRHNHoTPOf5J192G8g5UzUsUz?= =?us-ascii?Q?A+0qVTwKyyhWx1ZlJJ77mT9kHS+2fBay0KI65S6JVXEJDG7YjN2r3VTHVpG+?= =?us-ascii?Q?Px+qOTkOXjsY1DY07wmBkCc/PzrLaVLBWh7zcjCRbInUJKwYUaXm39CiV74a?= =?us-ascii?Q?DwJ7J+kYhFumCj7AnzGyYa6pMIMEsYOyQNNYzUspoUKEd5vJT8WHzs47n4TJ?= =?us-ascii?Q?GUGB2+GolP6jdi90VuJZSfSfm6fVCoW6KU08doAIIL9EP6Oht0u1/eARIg?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV0PR02MB11133.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(52116014)(1800799024)(376014)(7416014)(366016)(921020)(38350700014);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Ov687WUAeWaJBZ5EKRfJvnzBau+cOKGCXNDylofLQnjWu+whz0hXWzV3EfFy?= =?us-ascii?Q?yeLalXRUqmaaiCIn4laI2ogRaztqv8pQijwf9bqfC6tcZtf9ztWqDxagF0/i?= =?us-ascii?Q?DjR48WPqoofDaCJnKzxF8BEmUsbfUFHjpUMaP7nn9U/mzMgP6s3jEY7L/C4+?= =?us-ascii?Q?ylBLb+9Nm/moMKVwKI7tVZII8lhbaNQ285jaaGOydpELmOXCnPumn770eKny?= =?us-ascii?Q?FJl6nY2sqjy7MJ7L5cOujM1JgJjvFTJRC2u+nf3Nh8MWVK26PAohNuZwfxVD?= =?us-ascii?Q?Hq4n1PNznYamXlnMaLsdMMrAKunHuOLnWBHIYPu++th0FUar4IzuRImFGxAk?= =?us-ascii?Q?NIt9ZiliAIo5ez7ArRmkDvziEbKcjTzZbzwmF7bvQQPeI2JBHTjj0wciJ1t+?= =?us-ascii?Q?0KTUMnmMljGeb2AnqSMlYmVEYNynXTJTugjzlnnM07JrDhCUnWyt1GLmTS1u?= =?us-ascii?Q?GBVZgLZFfKe0BlIp/6UkgR1DuK8/hB+xej9i1GUMvO1ihK0/hZGdpriDIbgC?= =?us-ascii?Q?k66x9cwrDBMhUg7mi71sgBvz/4x4Duu/V6DkgrIim8k8CmFOEZ9goqG4o7i0?= =?us-ascii?Q?tAsJJwz5FAZmRuCf73k1Sm5zFXZfQ1aJcG0kLMF9U/TnUjvLka3LS9MZ3xaq?= =?us-ascii?Q?ahJizcfpl5ZhvswD0qDDm65nJqV3caC7YvrJAJZfLpHsaXi8kJ4zoTOoOXxn?= =?us-ascii?Q?OPlf4d5GwBsGbesOOHTHrp4+Zj3VY88cFaMT6/v7u4YzNmn87JDN/VA74PuE?= =?us-ascii?Q?QYxlLbWIcIMclzrYVaKVyQ0XaUp25pWRBFcKYxllkCfsQgkqJ+ej7jv7OEPm?= =?us-ascii?Q?lozkXeutLIDzrawwYGA7TZohO+3bFQSWblPv6uokNQndVGiuxSa0xxaMuaPR?= =?us-ascii?Q?+Z1EYVKttS0MaR/VYxxhi+9f94j/tJYgmmfHoyJbmXoW1rBD/dm++p8Ea0s5?= =?us-ascii?Q?pVER7peG+p/d0dhe05m7qocoqXLlZvyJlWQyp5ltShFlgi5stOzvr27Xu8P+?= =?us-ascii?Q?26Dc1aGr1IPFGL70nJ56YBNdwtDWRH4o/0DtcTehZguAEcNqY4IFLl3pNnVF?= =?us-ascii?Q?32Z1+HwFE9oF6WKoTglOgLFuujCtmLGEWxi/uZCoQkbH3T22xmGM1eDZJO5Y?= =?us-ascii?Q?Mk01mliKYTqzppc9NIRgCau+QboNNjc8XPztKIWORpR/8hxqjs7L7dpcBIHV?= =?us-ascii?Q?w5gE9WDQ6T/MlMzz0uFLPR90FKsZZsREdv5w9X8A2puwCfJrwazX0dmVmJqU?= =?us-ascii?Q?WkVmcV0Nw6FyFNmohGB3/wQ9bTiek2oZISmjh1yHXlJyy1aCysCotQTGSh6/?= =?us-ascii?Q?OEBEskI6RAM/aMtocfuGLc98MpKOokvBveAmgt85/wTGsvRySiUQJib7k3vh?= =?us-ascii?Q?qFNHCO0U2yBMTf5Td1YXvPmNDSlE6CTt0AD9mgaQXJyKQwA6DALmeQprfdu/?= =?us-ascii?Q?yMtWscNBuZjim624SYmia4W80VMNYT0AoE0ct+OhoGC+UfntJHImay0dor9N?= =?us-ascii?Q?txhZqvn1J8+CovD1qcY1wn7vESw1a2hyPYacS8ttVckCzU5ocAtgGyQzjugT?= =?us-ascii?Q?TgvgcfyXBl3yN3bhfkl8gh6Ap0/i5/rrxkHys6A/sC5Lv4uhjG43oOeCppe0?= =?us-ascii?Q?sjaagEljZhr854sYf1X+Ldq+J2j1qvVqIRqFSXKcg6Bt+glxZPGHLTsG9mHd?= =?us-ascii?Q?mom24GylQ80h04XUN/6NBtaIyFpmfTolZQbj5/VJ0nCGWnQfgR+kVY2m67aI?= =?us-ascii?Q?+A8urE6w4Px+Cf7nDaYfwAeZrnmXcJU=3D?= X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2f6bb9cc-f676-4339-b42e-08de41e0c2c2 X-MS-Exchange-CrossTenant-AuthSource: LV0PR02MB11133.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Dec 2025 05:04:33.0009 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: p3L0e84+g2+zpefz//Ci/LQVQhdibtYDtGaflaOTRnjZRwj0HnBLM04RZQ5c9ui8vkPvSGU9XZF4rWsHvN+jbgwMwW16YWG085Va9u1I+Ss= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR02MB8560 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUxMjIzMDA0MCBTYWx0ZWRfX4Nxi3U0RfwG/ hx7K+S/2ZaRRyj3xuo3u0Fg/i6Q1JnmlpY8dt3bZzPqg+8UKwad4LSnbLqccLSWBDHpIvVM77aG gdOEzWGZ6kfFobbldy97YuKQleeJWliM3ePQr/VlVm75DwBQKSOz5kCxrn04AlxJclShsAN3drD 3UMAb5/DRhJSxHywVxowA+hqAkTCDMWhBkxZQ8x+myQmIa+DsE35ztPRFrVYbs83ogF3jQ1bN6s sQgZgbSSqQUeOTIl/oleUT/Dx7SyZDUrrnm9swiNHhkaGeA9zrUyr9dXbq4Mxi6gia8L53xSYni 86gBESbdssUSCENdi9KXkwsCp1mUYJKZ1FXDeAMkeltH6quslhpjhVSbPrLie+nJzT2sEZgyFM/ VD1E+xEJKHTex7ckH0l01cpmRwrNjxdINb0uFb6WJhp5zvvVLvumIy7XJAhjiVwrF2CW6k+DuX+ /x+sveEWCgZSFRH+DFw== X-Proofpoint-GUID: ho4k8jiSIOMMNXZdpIhaQxnSHSNWKpuN X-Proofpoint-ORIG-GUID: ho4k8jiSIOMMNXZdpIhaQxnSHSNWKpuN X-Authority-Analysis: v=2.4 cv=Xr73+FF9 c=1 sm=1 tr=0 ts=694a22e2 cx=c_pps a=1pmWRJemPF16E+bttNzokw==:117 a=6eWqkTHjU83fiwn7nKZWdM+Sl24=:19 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=wP3pNCr1ah4A:10 a=0kUYKlekyDsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=64Cc0HZtAAAA:8 a=v587mRpB5INqV5_a_pwA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2025-12-23_01,2025-12-22_01,2025-10-01_01 X-Proofpoint-Spam-Reason: safe Content-Type: text/plain; charset="utf-8" Extend kvm_mmu_page_role access bitfield from 3 to 4, where the 4th bit will be used to track user executable pages with Intel mode-based execute control (MBEC). Extend SPTE generation and introduce shadow_ux value to account for user and kernel executable distinctions under MBEC. Extend kvm_mmu_page_role to include a new has_mbec field, such that a given MMU's can be flagged as one with MBEC-awareness, which is to say with an access bitfield that can evaluate to 4 different options. Modified various functions to utilize the new access masks, ensuring compatibility with MBEC. Update mmu documentation to clarify the role of execute permissions when MBEC is enabled. Add capability helper for cpu_has_vmx_mode_based_ept_exec and plumb into kvm_mmu_set_ept_masks. NOTE: Also roll back change to ACC_ALL vs ACC_RWX in mmu.c, as VM's do not boot properly, which likely need to be reworked, open to ideas! Past that, no functional change intended, as nothing sets has_mbec yet. Signed-off-by: Jon Kohler --- Documentation/virt/kvm/x86/mmu.rst | 9 ++++- arch/x86/include/asm/kvm_host.h | 11 ++--- arch/x86/include/asm/vmx.h | 4 ++ arch/x86/kvm/mmu.h | 8 +++- arch/x86/kvm/mmu/mmu.c | 24 +++++------ arch/x86/kvm/mmu/mmutrace.h | 23 +++++++---- arch/x86/kvm/mmu/paging_tmpl.h | 24 +++++++---- arch/x86/kvm/mmu/spte.c | 65 +++++++++++++++++++++++------- arch/x86/kvm/mmu/spte.h | 57 +++++++++++++++++++++++--- arch/x86/kvm/mmu/tdp_mmu.c | 12 ++++-- arch/x86/kvm/vmx/capabilities.h | 6 +++ arch/x86/kvm/vmx/vmx.c | 3 +- 12 files changed, 188 insertions(+), 58 deletions(-) diff --git a/Documentation/virt/kvm/x86/mmu.rst b/Documentation/virt/kvm/x8= 6/mmu.rst index 2b3b6d442302..f63db1a2b3df 100644 --- a/Documentation/virt/kvm/x86/mmu.rst +++ b/Documentation/virt/kvm/x86/mmu.rst @@ -172,7 +172,14 @@ Shadow pages contain the following information: quadrant maps 1GB virtual address space. role.access: Inherited guest access permissions from the parent ptes in the form uw= x. - Note execute permission is positive, not negative. + Note execute permission is positive, not negative. When Intel MBEC is + not enabled, permissions follow the uwx form. When Intel MBEC is enabl= ed, + execute is split into two permissions, kernel executable and user + executable, with the split controlled by role.has_mbec. + role.has_mbec: + When role.has_mbec=3D1, Intel mode-based execute control is active, wh= ich + gives the guest the ability to split execute pages into two permission= s, + kernel executable and user executable. role.invalid: The page is invalid and should not be used. It is a root page that is currently pinned (by a cpu hardware register pointing to it); once it = is diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 48598d017d6f..66afcff43ec5 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -319,11 +319,11 @@ struct kvm_kernel_irq_routing_entry; * the number of unique SPs that can theoretically be created is 2^n, wher= e n * is the number of bits that are used to compute the role. * - * But, even though there are 20 bits in the mask below, not all combinati= ons + * But, even though there are 22 bits in the mask below, not all combinati= ons * of modes and flags are possible: * * - invalid shadow pages are not accounted, mirror pages are not shadow= ed, - * so the bits are effectively 18. + * so the bits are effectively 20. * * - quadrant will only be used if has_4_byte_gpte=3D1 (non-PAE paging); * execonly and ad_disabled are only used for nested EPT which has @@ -338,7 +338,7 @@ struct kvm_kernel_irq_routing_entry; * cr0_wp=3D0, therefore these three bits only give rise to 5 possibil= ities. * * Therefore, the maximum number of possible upper-level shadow pages for a - * single gfn is a bit less than 2^13. + * single gfn is a bit less than 2^15. */ union kvm_mmu_page_role { u32 word; @@ -347,7 +347,7 @@ union kvm_mmu_page_role { unsigned has_4_byte_gpte:1; unsigned quadrant:2; unsigned direct:1; - unsigned access:3; + unsigned access:4; unsigned invalid:1; unsigned efer_nx:1; unsigned cr0_wp:1; @@ -357,7 +357,8 @@ union kvm_mmu_page_role { unsigned guest_mode:1; unsigned passthrough:1; unsigned is_mirror:1; - unsigned :4; + unsigned has_mbec:1; + unsigned:2; =20 /* * This is left at the top of the word so that diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index de3abec84fe5..9a98c063148c 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -547,6 +547,7 @@ enum vmcs_field { #define VMX_EPT_IPAT_BIT (1ull << 6) #define VMX_EPT_ACCESS_BIT (1ull << 8) #define VMX_EPT_DIRTY_BIT (1ull << 9) +#define VMX_EPT_USER_EXECUTABLE_MASK (1ull << 10) #define VMX_EPT_SUPPRESS_VE_BIT (1ull << 63) #define VMX_EPT_RWX_MASK (VMX_EPT_READABLE_MASK | = \ VMX_EPT_WRITABLE_MASK | \ @@ -605,9 +606,12 @@ enum vm_entry_failure_code { #define EPT_VIOLATION_GVA_TRANSLATED BIT(8) =20 #define EPT_VIOLATION_RWX_TO_PROT(__epte) (((__epte) & VMX_EPT_RWX_MASK) <= < 3) +#define EPT_VIOLATION_USER_EXEC_TO_PROT(__epte) (((__epte) & VMX_EPT_USER_= EXECUTABLE_MASK) >> 4) =20 static_assert(EPT_VIOLATION_RWX_TO_PROT(VMX_EPT_RWX_MASK) =3D=3D (EPT_VIOLATION_PROT_READ | EPT_VIOLATION_PROT_WRITE | EPT_VIOLATION= _PROT_EXEC)); +static_assert(EPT_VIOLATION_USER_EXEC_TO_PROT(VMX_EPT_USER_EXECUTABLE_MASK= ) =3D=3D + (EPT_VIOLATION_PROT_USER_EXEC)); =20 /* * Exit Qualifications for NOTIFY VM EXIT diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index f63074048ec6..558a15ff82e6 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -81,7 +81,8 @@ u8 kvm_mmu_get_max_tdp_level(void); void kvm_mmu_set_mmio_spte_mask(u64 mmio_value, u64 mmio_mask, u64 access_= mask); void kvm_mmu_set_mmio_spte_value(struct kvm *kvm, u64 mmio_value); void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_mask); -void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_exec_only); +void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_exec_only, + bool has_mbec); =20 void kvm_init_mmu(struct kvm_vcpu *vcpu); void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0, @@ -174,6 +175,11 @@ static inline void kvm_mmu_refresh_passthrough_bits(st= ruct kvm_vcpu *vcpu, __kvm_mmu_refresh_passthrough_bits(vcpu, mmu); } =20 +static inline bool mmu_has_mbec(struct kvm_vcpu *vcpu) +{ + return vcpu->arch.mmu->root_role.has_mbec; +} + /* * Check if a given access (described through the I/D, W/R and U/S bits of= a * page fault error code pfec) causes a permission fault with the given PTE diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index b1a7c7cc0c44..b0eb8d4c5ef2 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -2033,7 +2033,7 @@ static bool kvm_sync_page_check(struct kvm_vcpu *vcpu= , struct kvm_mmu_page *sp) */ const union kvm_mmu_page_role sync_role_ign =3D { .level =3D 0xf, - .access =3D 0x7, + .access =3D 0xf, .quadrant =3D 0x3, .passthrough =3D 0x1, }; @@ -3080,7 +3080,7 @@ static int mmu_set_spte(struct kvm_vcpu *vcpu, struct= kvm_memory_slot *slot, ret =3D RET_PF_SPURIOUS; } else { flush |=3D mmu_spte_update(sptep, spte); - trace_kvm_mmu_set_spte(level, gfn, sptep); + trace_kvm_mmu_set_spte(vcpu, level, gfn, sptep); } =20 if (wrprot && write_fault) @@ -3452,7 +3452,7 @@ static int direct_map(struct kvm_vcpu *vcpu, struct k= vm_page_fault *fault) if (it.level =3D=3D fault->goal_level) break; =20 - sp =3D kvm_mmu_get_child_sp(vcpu, it.sptep, base_gfn, true, ACC_RWX); + sp =3D kvm_mmu_get_child_sp(vcpu, it.sptep, base_gfn, true, ACC_ALL); if (sp =3D=3D ERR_PTR(-EEXIST)) continue; =20 @@ -3465,7 +3465,7 @@ static int direct_map(struct kvm_vcpu *vcpu, struct k= vm_page_fault *fault) if (WARN_ON_ONCE(it.level !=3D fault->goal_level)) return -EFAULT; =20 - ret =3D mmu_set_spte(vcpu, fault->slot, it.sptep, ACC_RWX, + ret =3D mmu_set_spte(vcpu, fault->slot, it.sptep, ACC_ALL, base_gfn, fault->pfn, fault); if (ret =3D=3D RET_PF_SPURIOUS) return ret; @@ -3698,9 +3698,9 @@ static int fast_page_fault(struct kvm_vcpu *vcpu, str= uct kvm_page_fault *fault) * current CPU took the fault. * * Need not check the access of upper level table entries since - * they are always ACC_RWX. + * they are always ACC_ALL. */ - if (is_access_allowed(fault, spte)) { + if (is_access_allowed(fault, spte, vcpu)) { ret =3D RET_PF_SPURIOUS; break; } @@ -3748,7 +3748,7 @@ static int fast_page_fault(struct kvm_vcpu *vcpu, str= uct kvm_page_fault *fault) =20 /* Verify that the fault can be handled in the fast path */ if (new_spte =3D=3D spte || - !is_access_allowed(fault, new_spte)) + !is_access_allowed(fault, new_spte, vcpu)) break; =20 /* @@ -4804,7 +4804,7 @@ static int direct_page_fault(struct kvm_vcpu *vcpu, s= truct kvm_page_fault *fault if (r) return r; =20 - r =3D kvm_mmu_faultin_pfn(vcpu, fault, ACC_RWX); + r =3D kvm_mmu_faultin_pfn(vcpu, fault, ACC_ALL); if (r !=3D RET_PF_CONTINUE) return r; =20 @@ -4895,7 +4895,7 @@ static int kvm_tdp_mmu_page_fault(struct kvm_vcpu *vc= pu, if (r) return r; =20 - r =3D kvm_mmu_faultin_pfn(vcpu, fault, ACC_RWX); + r =3D kvm_mmu_faultin_pfn(vcpu, fault, ACC_ALL); if (r !=3D RET_PF_CONTINUE) return r; =20 @@ -5614,7 +5614,7 @@ static union kvm_cpu_role kvm_calc_cpu_role(struct kv= m_vcpu *vcpu, { union kvm_cpu_role role =3D {0}; =20 - role.base.access =3D ACC_RWX; + role.base.access =3D ACC_ALL; role.base.smm =3D is_smm(vcpu); role.base.guest_mode =3D is_guest_mode(vcpu); role.ext.valid =3D 1; @@ -5695,7 +5695,7 @@ kvm_calc_tdp_mmu_root_page_role(struct kvm_vcpu *vcpu, { union kvm_mmu_page_role role =3D {0}; =20 - role.access =3D ACC_RWX; + role.access =3D ACC_ALL; role.cr0_wp =3D true; role.efer_nx =3D true; role.smm =3D cpu_role.base.smm; @@ -5826,7 +5826,7 @@ kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu *v= cpu, bool accessed_dirty, role.base.direct =3D false; role.base.ad_disabled =3D !accessed_dirty; role.base.guest_mode =3D true; - role.base.access =3D ACC_RWX; + role.base.access =3D ACC_ALL; =20 role.ext.word =3D 0; role.ext.execonly =3D execonly; diff --git a/arch/x86/kvm/mmu/mmutrace.h b/arch/x86/kvm/mmu/mmutrace.h index 764e3015d021..74d51370422a 100644 --- a/arch/x86/kvm/mmu/mmutrace.h +++ b/arch/x86/kvm/mmu/mmutrace.h @@ -22,10 +22,16 @@ __entry->root_count =3D sp->root_count; \ __entry->unsync =3D sp->unsync; =20 +/* + * X =3D=3D ACC_EXEC_MASK: executable without guest_exec_control and only + * supervisor execute with guest exec control + * x =3D=3D ACC_USER_EXEC_MASK: user execute with guest exec control + */ #define KVM_MMU_PAGE_PRINTK() ({ \ const char *saved_ptr =3D trace_seq_buffer_ptr(p); \ static const char *access_str[] =3D { \ - "---", "--x", "w--", "w-x", "-u-", "-ux", "wu-", "wux" \ + "----", "---X", "-w--", "-w-X", "--u-", "--uX", "-wu-", "-wuX", \ + "x---", "x--X", "xw--", "xw-X", "x-u-", "x-uX", "xwu-", "xwuX" \ }; \ union kvm_mmu_page_role role; \ \ @@ -336,8 +342,8 @@ TRACE_EVENT( =20 TRACE_EVENT( kvm_mmu_set_spte, - TP_PROTO(int level, gfn_t gfn, u64 *sptep), - TP_ARGS(level, gfn, sptep), + TP_PROTO(struct kvm_vcpu *vcpu, int level, gfn_t gfn, u64 *sptep), + TP_ARGS(vcpu, level, gfn, sptep), =20 TP_STRUCT__entry( __field(u64, gfn) @@ -346,7 +352,8 @@ TRACE_EVENT( __field(u8, level) /* These depend on page entry type, so compute them now. */ __field(bool, r) - __field(bool, x) + __field(bool, kx) + __field(bool, ux) __field(signed char, u) ), =20 @@ -356,15 +363,17 @@ TRACE_EVENT( __entry->sptep =3D virt_to_phys(sptep); __entry->level =3D level; __entry->r =3D shadow_present_mask || (__entry->spte & PT_PRESENT_MASK); - __entry->x =3D is_executable_pte(__entry->spte); + __entry->kx =3D is_executable_pte(__entry->spte, false, vcpu); + __entry->ux =3D is_executable_pte(__entry->spte, true, vcpu); __entry->u =3D shadow_user_mask ? !!(__entry->spte & shadow_user_mask) := -1; ), =20 - TP_printk("gfn %llx spte %llx (%s%s%s%s) level %d at %llx", + TP_printk("gfn %llx spte %llx (%s%s%s%s%s) level %d at %llx", __entry->gfn, __entry->spte, __entry->r ? "r" : "-", __entry->spte & PT_WRITABLE_MASK ? "w" : "-", - __entry->x ? "x" : "-", + __entry->kx ? "X" : "-", + __entry->ux ? "x" : "-", __entry->u =3D=3D -1 ? "" : (__entry->u ? "u" : "-"), __entry->level, __entry->sptep ) diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index ed762bb4b007..664b424108ed 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -124,12 +124,17 @@ static inline void FNAME(protect_clean_gpte)(struct k= vm_mmu *mmu, unsigned *acce *access &=3D mask; } =20 -static inline int FNAME(is_present_gpte)(unsigned long pte) +static inline int FNAME(is_present_gpte)(struct kvm_vcpu *vcpu, + unsigned long pte) { #if PTTYPE !=3D PTTYPE_EPT return pte & PT_PRESENT_MASK; #else - return pte & 7; + /* + * For EPT, an entry is present if any of bits 2:0 are set. + * With mode-based execute control, bit 10 also indicates presence. + */ + return (pte & 7) || (mmu_has_mbec(vcpu) && (pte & (1ULL << 10))); #endif } =20 @@ -152,7 +157,7 @@ static bool FNAME(prefetch_invalid_gpte)(struct kvm_vcp= u *vcpu, struct kvm_mmu_page *sp, u64 *spte, u64 gpte) { - if (!FNAME(is_present_gpte)(gpte)) + if (!FNAME(is_present_gpte)(vcpu, gpte)) goto no_present; =20 /* Prefetch only accessed entries (unless A/D bits are disabled). */ @@ -181,8 +186,9 @@ static inline unsigned FNAME(gpte_access)(u64 gpte) unsigned access; #if PTTYPE =3D=3D PTTYPE_EPT access =3D ((gpte & VMX_EPT_WRITABLE_MASK) ? ACC_WRITE_MASK : 0) | - ((gpte & VMX_EPT_EXECUTABLE_MASK) ? ACC_EXEC_MASK : 0) | - ((gpte & VMX_EPT_READABLE_MASK) ? ACC_USER_MASK : 0); + ((gpte & VMX_EPT_EXECUTABLE_MASK) ? ACC_EXEC_MASK : 0) | + ((gpte & VMX_EPT_USER_EXECUTABLE_MASK) ? ACC_USER_EXEC_MASK : 0) | + ((gpte & VMX_EPT_READABLE_MASK) ? ACC_USER_MASK : 0); #else BUILD_BUG_ON(ACC_EXEC_MASK !=3D PT_PRESENT_MASK); BUILD_BUG_ON(ACC_EXEC_MASK !=3D 1); @@ -332,7 +338,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, if (walker->level =3D=3D PT32E_ROOT_LEVEL) { pte =3D mmu->get_pdptr(vcpu, (addr >> 30) & 3); trace_kvm_mmu_paging_element(pte, walker->level); - if (!FNAME(is_present_gpte)(pte)) + if (!FNAME(is_present_gpte)(vcpu, pte)) goto error; --walker->level; } @@ -414,7 +420,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, */ pte_access =3D pt_access & (pte ^ walk_nx_mask); =20 - if (unlikely(!FNAME(is_present_gpte)(pte))) + if (unlikely(!FNAME(is_present_gpte)(vcpu, pte))) goto error; =20 if (unlikely(FNAME(is_rsvd_bits_set)(mmu, pte, walker->level))) { @@ -493,6 +499,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, * out of date if it is serving an EPT misconfiguration. * [5:3] - Calculated by the page walk of the guest EPT page tables * [7:8] - Derived from [7:8] of real exit_qualification + * [10] - Derived from real exit_qualification, useful only with MBEC. * * The other bits are set to 0. */ @@ -511,6 +518,9 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, * ACC_*_MASK flags! */ walker->fault.exit_qualification |=3D EPT_VIOLATION_RWX_TO_PROT(pte_acce= ss); + if (mmu_has_mbec(vcpu)) + walker->fault.exit_qualification |=3D + EPT_VIOLATION_USER_EXEC_TO_PROT(pte_access); } #endif walker->fault.address =3D addr; diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index 37647afde7d3..a4720eedcacb 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -30,6 +30,7 @@ u64 __read_mostly shadow_host_writable_mask; u64 __read_mostly shadow_mmu_writable_mask; u64 __read_mostly shadow_nx_mask; u64 __read_mostly shadow_x_mask; /* mutual exclusive with nx_mask */ +u64 __read_mostly shadow_ux_mask; u64 __read_mostly shadow_user_mask; u64 __read_mostly shadow_accessed_mask; u64 __read_mostly shadow_dirty_mask; @@ -223,19 +224,38 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_= page *sp, * would tie make_spte() further to vCPU/MMU state, and add complexity * just to optimize a mode that is anything but performance critical. */ - if (level > PG_LEVEL_4K && (pte_access & ACC_EXEC_MASK) && + if (level > PG_LEVEL_4K && + (pte_access & (ACC_EXEC_MASK | ACC_USER_EXEC_MASK)) && is_nx_huge_page_enabled(vcpu->kvm)) { pte_access &=3D ~ACC_EXEC_MASK; + if (mmu_has_mbec(vcpu)) + pte_access &=3D ~ACC_USER_EXEC_MASK; } =20 - if (pte_access & ACC_EXEC_MASK) - spte |=3D shadow_x_mask; - else + if (pte_access & (ACC_EXEC_MASK | ACC_USER_EXEC_MASK)) { + if (pte_access & ACC_EXEC_MASK) + spte |=3D shadow_x_mask; + + if (pte_access & ACC_USER_EXEC_MASK) + spte |=3D shadow_ux_mask; + } else { spte |=3D shadow_nx_mask; + } =20 if (pte_access & ACC_USER_MASK) spte |=3D shadow_user_mask; =20 + /* + * With MBEC enabled, EPT misconfigurations occur if bit 0 is clear + * (read disabled) and bit 10 is set (user-executable). Prevent the + * creation of such invalid SPTEs by clearing the user-executable bit + * when read access is not permitted. + */ + if (mmu_has_mbec(vcpu) && + !(spte & VMX_EPT_READABLE_MASK) && + (spte & VMX_EPT_USER_EXECUTABLE_MASK)) + spte &=3D ~VMX_EPT_USER_EXECUTABLE_MASK; + if (level > PG_LEVEL_4K) spte |=3D PT_PAGE_SIZE_MASK; =20 @@ -311,17 +331,21 @@ static u64 modify_spte_protections(u64 spte, u64 set,= u64 clear) KVM_MMU_WARN_ON(set & clear); spte =3D (spte | set) & ~clear; =20 + /* + * With MBEC enabled, ensure we don't create invalid SPTEs where + * read access is disabled but user-executable access is enabled. + */ + if (shadow_ux_mask && + !(spte & VMX_EPT_READABLE_MASK) && + (spte & VMX_EPT_USER_EXECUTABLE_MASK)) + spte &=3D ~VMX_EPT_USER_EXECUTABLE_MASK; + if (is_access_track) spte =3D mark_spte_for_access_track(spte); =20 return spte; } =20 -static u64 make_spte_executable(u64 spte) -{ - return modify_spte_protections(spte, shadow_x_mask, shadow_nx_mask); -} - static u64 make_spte_nonexecutable(u64 spte) { return modify_spte_protections(spte, shadow_nx_mask, shadow_x_mask); @@ -356,8 +380,14 @@ u64 make_small_spte(struct kvm *kvm, u64 huge_spte, * the page executable as the NX hugepage mitigation no longer * applies. */ - if ((role.access & ACC_EXEC_MASK) && is_nx_huge_page_enabled(kvm)) - child_spte =3D make_spte_executable(child_spte); + if ((role.access & (ACC_EXEC_MASK | ACC_USER_EXEC_MASK)) && + is_nx_huge_page_enabled(kvm)) { + if (role.access & ACC_EXEC_MASK) + child_spte |=3D shadow_x_mask; + + if (role.access & ACC_USER_EXEC_MASK) + child_spte |=3D shadow_ux_mask; + } } =20 return child_spte; @@ -389,7 +419,8 @@ u64 make_nonleaf_spte(u64 *child_pt, bool ad_disabled) u64 spte =3D SPTE_MMU_PRESENT_MASK; =20 spte |=3D __pa(child_pt) | shadow_present_mask | PT_WRITABLE_MASK | - shadow_user_mask | shadow_x_mask | shadow_me_value; + shadow_user_mask | shadow_ux_mask | shadow_x_mask | + shadow_me_value; =20 if (ad_disabled) spte |=3D SPTE_TDP_AD_DISABLED; @@ -489,7 +520,8 @@ void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_mask) } EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_mmu_set_me_spte_mask); =20 -void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_exec_only) +void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_exec_only, + bool has_mbec) { kvm_ad_enabled =3D has_ad_bits; =20 @@ -501,7 +533,7 @@ void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_e= xec_only) /* VMX_EPT_SUPPRESS_VE_BIT is needed for W or X violation. */ shadow_present_mask =3D (has_exec_only ? 0ull : VMX_EPT_READABLE_MASK) | VMX_EPT_SUPPRESS_VE_BIT; - + shadow_ux_mask =3D has_mbec ? VMX_EPT_USER_EXECUTABLE_MASK : 0ull; shadow_acc_track_mask =3D VMX_EPT_RWX_MASK; shadow_host_writable_mask =3D EPT_SPTE_HOST_WRITABLE; shadow_mmu_writable_mask =3D EPT_SPTE_MMU_WRITABLE; @@ -509,9 +541,11 @@ void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_= exec_only) /* * EPT Misconfigurations are generated if the value of bits 2:0 * of an EPT paging-structure entry is 110b (write/execute). + * With MBEC, the additional case of bit 0 clear and bit 10 set + * (read disabled but user-executable) is prevented in make_spte(). */ kvm_mmu_set_mmio_spte_mask(VMX_EPT_MISCONFIG_WX_VALUE, - VMX_EPT_RWX_MASK | VMX_EPT_SUPPRESS_VE_BIT, 0); + (VMX_EPT_RWX_MASK | VMX_EPT_SUPPRESS_VE_BIT), 0); } EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_mmu_set_ept_masks); =20 @@ -551,6 +585,7 @@ void kvm_mmu_reset_all_pte_masks(void) shadow_dirty_mask =3D PT_DIRTY_MASK; shadow_nx_mask =3D PT64_NX_MASK; shadow_x_mask =3D 0; + shadow_ux_mask =3D 0; shadow_present_mask =3D PT_PRESENT_MASK; =20 shadow_acc_track_mask =3D 0; diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 101a2f61ec96..74fb1fe60d89 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -45,8 +45,9 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); #define ACC_EXEC_MASK 1 #define ACC_WRITE_MASK PT_WRITABLE_MASK #define ACC_USER_MASK PT_USER_MASK +#define ACC_USER_EXEC_MASK (1ULL << 3) #define ACC_RWX (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK) -#define ACC_ALL ACC_RWX +#define ACC_ALL (ACC_RWX | ACC_USER_EXEC_MASK) =20 /* The mask for the R/X bits in EPT PTEs */ #define SPTE_EPT_READABLE_MASK 0x1ull @@ -180,6 +181,7 @@ extern u64 __read_mostly shadow_mmu_writable_mask; extern u64 __read_mostly shadow_nx_mask; extern u64 __read_mostly shadow_x_mask; /* mutual exclusive with nx_mask */ extern u64 __read_mostly shadow_user_mask; +extern u64 __read_mostly shadow_ux_mask; extern u64 __read_mostly shadow_accessed_mask; extern u64 __read_mostly shadow_dirty_mask; extern u64 __read_mostly shadow_mmio_value; @@ -344,9 +346,53 @@ static inline bool is_last_spte(u64 pte, int level) return (level =3D=3D PG_LEVEL_4K) || is_large_pte(pte); } =20 -static inline bool is_executable_pte(u64 spte) +static inline bool is_executable_pte(u64 spte, bool is_user_access, + struct kvm_vcpu *vcpu) { - return (spte & (shadow_x_mask | shadow_nx_mask)) =3D=3D shadow_x_mask; + if (spte & shadow_nx_mask) + return false; + + if (!mmu_has_mbec(vcpu)) + return (spte & shadow_x_mask) =3D=3D shadow_x_mask; + + /* + * Warn against AMD systems (where shadow_x_mask =3D=3D 0) reaching + * this point, so this will always evaluate to true for user-mode + * pages, but until GMET is implemented, this should be a no-op. + */ + if (WARN_ON_ONCE(!shadow_x_mask)) + return is_user_access || !(spte & shadow_user_mask); + + return spte & (is_user_access ? shadow_ux_mask : shadow_x_mask); +} + +static inline bool is_executable_pte_fault(u64 spte, + struct kvm_page_fault *fault, + struct kvm_vcpu *vcpu) +{ + if (spte & shadow_nx_mask) + return false; + + if (!mmu_has_mbec(vcpu)) + return (spte & shadow_x_mask) =3D=3D shadow_x_mask; + + /* + * Warn against AMD systems (where shadow_x_mask =3D=3D 0) reaching + * this point, so this will always evaluate to true for user-mode + * pages, but until GMET is implemented, this should be a no-op. + */ + if (WARN_ON_ONCE(!shadow_x_mask)) + return fault->user || !(spte & shadow_user_mask); + + /* + * For TDP MMU, the fault->user bit indicates a read access, + * not the guest's CPL. For execute faults, check both execute + * permissions since we don't know the actual CPL. + */ + if (fault->is_tdp) + return spte & (shadow_x_mask | shadow_ux_mask); + + return spte & (fault->user ? shadow_ux_mask : shadow_x_mask); } =20 static inline kvm_pfn_t spte_to_pfn(u64 pte) @@ -479,10 +525,11 @@ static inline bool is_mmu_writable_spte(u64 spte) * SPTE protections. Note, the caller is responsible for checking that the * SPTE is a shadow-present, leaf SPTE (either before or after). */ -static inline bool is_access_allowed(struct kvm_page_fault *fault, u64 spt= e) +static inline bool is_access_allowed(struct kvm_page_fault *fault, u64 spt= e, + struct kvm_vcpu *vcpu) { if (fault->exec) - return is_executable_pte(spte); + return is_executable_pte_fault(spte, fault, vcpu); =20 if (fault->write) return is_writable_pte(spte); diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c index 98221ed34c51..46988a11dc51 100644 --- a/arch/x86/kvm/mmu/tdp_mmu.c +++ b/arch/x86/kvm/mmu/tdp_mmu.c @@ -1183,16 +1183,20 @@ static int tdp_mmu_map_handle_target_level(struct k= vm_vcpu *vcpu, return RET_PF_RETRY; =20 if (is_shadow_present_pte(iter->old_spte) && - (fault->prefetch || is_access_allowed(fault, iter->old_spte)) && + (fault->prefetch || + is_access_allowed(fault, iter->old_spte, vcpu)) && is_last_spte(iter->old_spte, iter->level)) { WARN_ON_ONCE(fault->pfn !=3D spte_to_pfn(iter->old_spte)); return RET_PF_SPURIOUS; } =20 if (unlikely(!fault->slot)) - new_spte =3D make_mmio_spte(vcpu, iter->gfn, ACC_RWX); + new_spte =3D make_mmio_spte(vcpu, iter->gfn, + ACC_ALL); else - wrprot =3D make_spte(vcpu, sp, fault->slot, ACC_RWX, iter->gfn, + wrprot =3D make_spte(vcpu, sp, fault->slot, + ACC_ALL, + iter->gfn, fault->pfn, iter->old_spte, fault->prefetch, false, fault->map_writable, &new_spte); =20 @@ -1220,7 +1224,7 @@ static int tdp_mmu_map_handle_target_level(struct kvm= _vcpu *vcpu, new_spte); ret =3D RET_PF_EMULATE; } else { - trace_kvm_mmu_set_spte(iter->level, iter->gfn, + trace_kvm_mmu_set_spte(vcpu, iter->level, iter->gfn, rcu_dereference(iter->sptep)); } =20 diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilitie= s.h index 02aadb9d730e..8107c8cb1d4b 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -270,6 +270,12 @@ static inline bool cpu_has_vmx_tsc_scaling(void) SECONDARY_EXEC_TSC_SCALING; } =20 +static inline bool cpu_has_vmx_mode_based_ept_exec(void) +{ + return vmcs_config.cpu_based_2nd_exec_ctrl & + SECONDARY_EXEC_MODE_BASED_EPT_EXEC; +} + static inline bool cpu_has_vmx_bus_lock_detection(void) { return vmcs_config.cpu_based_2nd_exec_ctrl & diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index b6e370213769..520ccca27502 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -8607,7 +8607,8 @@ __init int vmx_hardware_setup(void) =20 if (enable_ept) kvm_mmu_set_ept_masks(enable_ept_ad_bits, - cpu_has_vmx_ept_execute_only()); + cpu_has_vmx_ept_execute_only(), + cpu_has_vmx_mode_based_ept_exec()); else vt_x86_ops.get_mt_mask =3D NULL; =20 --=20 2.43.0 From nobody Sun Feb 8 00:03:44 2026 Received: from mx0a-002c1b01.pphosted.com (mx0a-002c1b01.pphosted.com [148.163.151.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8BCE52F49F0; Tue, 23 Dec 2025 05:05:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=148.163.151.68 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466319; cv=fail; b=CIJtGzlCpSI44t69AhoADoUB26PpWwHunofDGdYXNw5D4j6AbFvby2VdSMt9LocTfJ0N2HYaipHKZSZG26P6GprfhK31+jTrzjEmsY/YoDOaOUO/JyUwfRpF8VwtexTRyd7d7YGGpeh+o8xmYnl6M8Hgr7nEMgXVoa0ZOfomkTs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466319; c=relaxed/simple; bh=zIC7MfmDfqwBNIxZyy5dDYDmAMCvqg9ZI19Q5OHFp6o=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=kZVMidyZ/r8BytkaMH/+wQrzgM2T769pZw7VFYcFdKgM+WtdRUiCboAN9DwcsR+P6mUKSFyMvQbrvT27YvLyQs6OBTTgv+Nv1ijDKosN3X6T2sCF63W88fD+fTO4Ps2EneKCpkd1BPuqkPo4J/BbiaN+DA83hZ6relNOteBLADE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com; spf=pass smtp.mailfrom=nutanix.com; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=AN2ZQoXx; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=G4WThx7l; arc=fail smtp.client-ip=148.163.151.68 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nutanix.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="AN2ZQoXx"; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="G4WThx7l" Received: from pps.filterd (m0127838.ppops.net [127.0.0.1]) by mx0a-002c1b01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 5BMHLI6r2280199; Mon, 22 Dec 2025 21:04:38 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= proofpoint20171006; bh=JXCiJm8zlx/Nx8gW9iEyffaZLWBG6yAdNp/vBPcUv tU=; b=AN2ZQoXxUOLQ+fwYF6YitkHn3jSh4yYIMY+ggj7HBIPldsVhsItxqRnMO UzeKC55NTxGsgfF9VqqLYUwXLdEnyZcVfYYPa+YUuwOTGnUbJzhV5m9lvjOh8jQX 3tFL+7XOykeX+k+RgmjP+htut3XN0801oWaTkY8QZ73W+3p+9LJR1o+eB4embV9C HMmMUB2oYgGZA2Cc/F1gUDocjujiRoKpdPgG9OyWm+WzMOX8sLwdouGm+I+LAc4r xRK4CAYW9vgyXO84ax8eBm1z/nEk0PS4DwdT4R9GS7npXcChFRDzhX8idT53dx0B 5+HvbvygGjmwgrzhh8BK0zjznHU4w== Received: from dm1pr04cu001.outbound.protection.outlook.com (mail-centralusazon11020139.outbound.protection.outlook.com [52.101.61.139]) by mx0a-002c1b01.pphosted.com (PPS) with ESMTPS id 4b5v7yvuvt-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 22 Dec 2025 21:04:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=dUZLiuAQtTanTEpo43EJ7A+jig1A4l6s33pVw/Cr2FWaMpkp6SuZd4Kdm+d0pxGmfkqUCruJDN06hD+GG5Mc0687hfStj0AEWv8BG4mf6viOAS4c7YPJ5gcBB+hmZJy3FFxZgyEJdWPYxokLYn6nPmVaUfzHCVmKmMwGleDTIFiyye28m0HtHLLkwsBVXQm7Y2iKXm9dYDZTVs12AdAGwsMuWc88wEKG8PyYuaNZvqwZZOlDwk2MMUZifuGgSrFjyaRF6CIFuML+Zjei2e54R0V7szV3mXwmlFB7k+DwN42PUJoZNhvcxn9qVDfuuSK2CY7XTKI0j4ZERdnqceaYSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JXCiJm8zlx/Nx8gW9iEyffaZLWBG6yAdNp/vBPcUvtU=; b=AzMZIXx6OPDBW1q+ZRFwmwaLJhhLos55OEVU58Qq8KKfdqjNS0epVK7+Qvkvlsn5QR9xLurJwMjk9Yhlh+uCrKH+eYTExT2Zjym4LcBYo5b0ftWE8njPhTSPII8hV1ZuutTOyVRgPn8/iyN3MdFA9gJKu7nkVK+3rMbrFlSvQzt/VCVg9f+P9Rv9Gqq3D8C/4keeXB0cTI9b90xFhymcB4PKwDk4VsUQFDcO2/YHnkUzYsf7aftQ6ZzmyiD98DTgcS3fnqqMz+I2b/urkixZklHE6/D+eWIDDv376OJVOAIKEM5ArtB/zzvFdadN+pSfEcgMUAlKk/WGrsyvjmPhdg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JXCiJm8zlx/Nx8gW9iEyffaZLWBG6yAdNp/vBPcUvtU=; b=G4WThx7l7l9/gITtzOPOgM0U0mfUN9u1y/VwWTmLq/oi/N84Z/raPtM/0yUQpexFbgyegNRobAeIbzoQZNS8ADL9PE1tcJqTpvD2JKE2s2cUECv0A5fzhtLcJff9s8BkkoSJD9Ue5pWMWa409EUj8+YP+Sf0z7GJZKAMcp0q/Kc/Q0VwPBgZ7+LDzUgCfVB0hfIKcX63m1GwFZi/km2/c5726cztFUpLP5U96D6JvV5YTm/9W/6g4HcJ+rUTvV24VHf5mQV20WQcq12dTBZse3AhHZtg77orHx7JVn/oGbQ3zEC32k8xe1fnXhG9MgQMEcf77JVi7besmQZM57hiKg== Received: from LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) by SA1PR02MB8560.namprd02.prod.outlook.com (2603:10b6:806:1fb::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Tue, 23 Dec 2025 05:04:36 +0000 Received: from LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc]) by LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc%4]) with mapi id 15.20.9434.009; Tue, 23 Dec 2025 05:04:34 +0000 From: Jon Kohler To: seanjc@google.com, pbonzini@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: ken@codelabs.ch, Alexander.Grest@microsoft.com, chao.gao@intel.com, madvenka@linux.microsoft.com, mic@digikod.net, nsaenz@amazon.es, tao1.su@linux.intel.com, xiaoyao.li@intel.com, zhao1.liu@intel.com, Jon Kohler Subject: [PATCH 6/8] KVM: VMX: enhance EPT violation handler for MBEC Date: Mon, 22 Dec 2025 22:47:59 -0700 Message-ID: <20251223054806.1611168-7-jon@nutanix.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251223054806.1611168-1-jon@nutanix.com> References: <20251223054806.1611168-1-jon@nutanix.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH0P220CA0016.NAMP220.PROD.OUTLOOK.COM (2603:10b6:510:d3::19) To LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: LV0PR02MB11133:EE_|SA1PR02MB8560:EE_ X-MS-Office365-Filtering-Correlation-Id: 621d769c-c76b-4007-cd49-08de41e0c3ec x-proofpoint-crosstenant: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|52116014|1800799024|376014|7416014|366016|921020|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?XAthW9aEXMiEWDYAzsbL+yfzGzaHZS9zUAEHFWXMZwQK8RL9HqUT8OQ16tis?= =?us-ascii?Q?AV231KfGcJzA9sPEEgWSv7pKObFgtmJJqfpTvEHK4tUI8TokPYSPu/xeJ3pR?= =?us-ascii?Q?Gw9dLHZ/BpbcrsLfsFzOMdkMcCtQWpVxoITz4NH19Pq+hKFUAhdwG8TpByMo?= =?us-ascii?Q?KeKjFEnknfeTEsmJSCdxxB3JfXu8TBkKpJkDY0dNVPa5n8qmwCjymCmJ4nfx?= =?us-ascii?Q?r0uS4+VEQ0gGML4LX2kmLF4i8AVuwU6cTVX0JP8LwEd9BTskB8scOcMun3qw?= =?us-ascii?Q?XNXK1XeW+Xr+hs0AAH7srIDfRULZk46c327yIMmhhc1jegONPLlNg1dcp2bs?= =?us-ascii?Q?7sWNIAqbAFjrqNvksi6xlURafX9g1dQ3BAjOjGE8HZBMpHn9dd8A32VkJILj?= =?us-ascii?Q?k1fGW/lFqAGHzuPg4LITiEYDtLZcjemdmVcMYwk/yBCxb91Br7HtleRLrg6p?= =?us-ascii?Q?G1VpOkDaTjOlHEa1DWDIBErLYlZVIGv0CemVEVJVgk15M1LbgSZuBpBhWF0R?= =?us-ascii?Q?jh9vDxaLYH6gdRGlSKz8obbtFPwCEUsHwA7/yAyq4dGeApfUJesT3IChAZkx?= =?us-ascii?Q?G2yJRlA1eLCIYt/GnX4VlnIN5mApZPlQsYyAitA+HDxdJf1CnJejQqW5T2Fz?= =?us-ascii?Q?cMWs276djM3ttKQHQKT/LKSG3mnevcRX8SqRKCipUYFLV9Se61iomH4f4Eq5?= =?us-ascii?Q?+6LAAXF4jTmpN2DkDo4uVVTP7Ey3QerukiAaYAIRx6rLo106mfOUjxG4+ChZ?= =?us-ascii?Q?xQAzdgdwFkIqBAOLot8lZFXanbTeClCy3S6hrIYliQ+Z0DOPKyuhuWJ0oEfR?= =?us-ascii?Q?Gb/u2yeJQvhxZ0/u09Ox72gUZS/lRhptNNXTTinu7RDN1PGI7NSKtH0G6V5m?= =?us-ascii?Q?LKSb4b5ldFvq9ZTZL6Xwul+q8a28sDN9TQjiap2sGmlNUoESWktxmq67gCh2?= =?us-ascii?Q?kyiYJsNwA96Liq65klLsPCLWjI8hbnQ/7hR6oIx528glOWt1OC59iSwsfxC6?= =?us-ascii?Q?hzzE+2GOe2Q5Oir33pyVEstCWetHV20ogi2dfA4pSepz8Bi1hzyGROaPnnsu?= =?us-ascii?Q?/me3TuitFj7k4nTVy+f4A5eW/k38IfNXlywkPnfmBo7nST1Izdh+Zkj7dAYn?= =?us-ascii?Q?1K5jVyY+8BiQdtZ0zM3r6VQSAnnQwlT5K337evRz4o+TuPCWy1pyWMqrraRT?= =?us-ascii?Q?pcYuIBaBUm0kXyHH4xNd6I7iO0c9nj17IQ2ML5MNS8oS+OhWgwMv//qTQfI/?= =?us-ascii?Q?y2OcJ8+sG2zwq7RYd+elkmBzjg5MwMrTD/ENs4sjqtF0lkqeuaBBj9uLsDLd?= =?us-ascii?Q?iUEWnH72obhTOwO9ekgZvdkdUbUHaTzWWwiurcTyabF52zW9sU9oiFt1ZwPG?= =?us-ascii?Q?CGhYkyELYDtyAbuUIeLY+36AggLbJVuGlXGDisPF+7NPHiguh2WHL3aMw0e0?= =?us-ascii?Q?9p8F5OSKFRVE03p9pOZi3mW9mt5nSYnTKxd/rpTMpdhsip/u26Ll0ixiQ0h/?= =?us-ascii?Q?B3MInLqmE9IXSIhMkhV6klBMNps2cr1vdZkWaHZNiyc4HIevHpbqV/wWpA?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV0PR02MB11133.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(52116014)(1800799024)(376014)(7416014)(366016)(921020)(38350700014);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?fGGqZwN/Mqu3SeTN79WM1LVHKoFUd8WUA1i07DVpI6wV3WHb8uF42xR4Az/b?= =?us-ascii?Q?2vQp2KZzlJxObAY3wgDUqw30ivlaUTqOYzgTvEL8Lu6deKiUbG5mOSxcUlYz?= =?us-ascii?Q?4pZeJj06NPrhUN98egtlsM7Ib2aqFuMLUbX/noiJpI8LHmm6kVrePLABac4r?= =?us-ascii?Q?9KJF4an7clJExUQqNTwS/8Gk3+UE9Gqk/0JDNP2UZP0gesoOfXOLVOzp2tPM?= =?us-ascii?Q?5OS+RsqFL6tKywVAsGxbd1hzid4ufN0Kh7xLYQhoSCANpTpjzctdBpTIQOom?= =?us-ascii?Q?qwjdpmYRNvOOopm/vbQERufh0mP3x21qhgo5bJneex+FnnwQVK8CrkkCj3uZ?= =?us-ascii?Q?hWEGHPybMvluWevn6Q5PM6r2Eoep4vlqWPbIJMX9GXz1z9n1GNmGcMwbnR36?= =?us-ascii?Q?YoPHHhfT0baRYIm9x44rPtUES5joRDxnVddWEOZz4hlNL70qMRTrnejAbxjA?= =?us-ascii?Q?RGTtlNk/IcAIBCrLNqFPcYlvcbGgrFZ7CSQEJbZ3X9IeXw5JHwpQEn03CsR7?= =?us-ascii?Q?zDgIkzVc1JTXzKz3ai44wTXwgyHhV63o2TxiNHjjqMpCtl1Wn/epfoMwaVvd?= =?us-ascii?Q?5yfQF5F7/4x86/LehW7AIV4MXWThvPBqdbyF1O3rv1DXrQF1LxvXlcwIiLnf?= =?us-ascii?Q?XXUvvSij7tZ3fbDW2KSeS55KRaibpVaeqtrS5/Qny8ads0QjCD+UAro2jZKt?= =?us-ascii?Q?mBx0gQ6sXe5bXB1kLaf7peyHtVk3Yc83Qm9wSBVCVtFAaUrAbZBf/kO/eWpB?= =?us-ascii?Q?bHNr2BBJSGqWG6oUwvCL0tbH7UAyTZjjc7WU28XGlPH5IW24mMEn2Tamxyuo?= =?us-ascii?Q?MH5k+iQgBdqZJNTDR8WoQMJhNtxOdCxF9A5nrXC5OpYtr+AIyCBrsyh0fJfP?= =?us-ascii?Q?ZEWX1z2ac9dtLQZX7g7oVIBc/TeGbNAmP8SlbMm3zUy/40hU7tm8muVo6Zhb?= =?us-ascii?Q?wJ/DeNBOeBvYt9JWBsGrvGK4Gx6Wq0z2U5s5O9ZSCvtY0L2cmyyFDX+alA9t?= =?us-ascii?Q?u7+Onpt4qwV+nUz5uY/V+emBOkh45oq31JBGe0HK+f5gqtfvOjRNPdSDmeEB?= =?us-ascii?Q?8wInl8VPV3c3jJTHErGChPxxe6HJAqBSXhk+MkkKLY3NjO+pOymUx0su/x0L?= =?us-ascii?Q?Tx2cteXUGySxHSCvfRbHHXZ+nSGjqDbInZB3xnDff0TCHu3aljiUJq6mOtsb?= =?us-ascii?Q?Q1wvlep8TKL82LaZeNzA9EM/GFGbpcHpRSHTBGWNZwiolnOaCY56tMHyyWvq?= =?us-ascii?Q?P5oVUrGXuu7leOWXqlAK36WBRnXlgjDemt2OfLTLAVk3HFWIx2biEhKH1Q6t?= =?us-ascii?Q?3e5hIyOxKfVqlEJfwEXSK2RlKJQrlOhgY92mwcMzKmSvJv8DGdn5EEJ4KHSX?= =?us-ascii?Q?MyWyI2Q4xjjOXBcFJu8mTJSxPhGrv7En+uxudgH46JTdNViESsvbqPyA5Dnw?= =?us-ascii?Q?aLZCD+PxxVq9JaWyls6q/Vb3KKoVzWu4ODDll1/1/sxcUH5DkF9eH8naQ2UD?= =?us-ascii?Q?Ti3o5lwI73FaiNmUnXy7VGOrcIIrSsjgsQEqhOTnuI/N2Dt4N2GoWRVu20iZ?= =?us-ascii?Q?DgafKtBzYmRa5MNbOABSWYuwEhx/jKuZjSFGcFeZifUEQK+1Kk+P09vKAGb8?= =?us-ascii?Q?YVQRPi341XlCSXt4pLwAmC0rv4BhifnFp0uU8llGdkqZB2pNyUXumrp6aTBE?= =?us-ascii?Q?nAVKS+yRpVMVcGACg0E0REfFBwWeH4XMn/djrgc+z6jjQxMpyxtiQS586hyT?= =?us-ascii?Q?cFU4mM/S9vroA5akbEEqR8B/9Kit7NI=3D?= X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: 621d769c-c76b-4007-cd49-08de41e0c3ec X-MS-Exchange-CrossTenant-AuthSource: LV0PR02MB11133.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Dec 2025 05:04:34.9337 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 1R+SaLxA2Ka/M7g2k+UvEHpdN9Ccc1Fl6hAXh8v/jYVivAOMj59YFkJ0D9/pT4F+b24kpbSM/BsNzjxNZ1/ry2h78/SaPebKlMvfMvGIWo4= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR02MB8560 X-Proofpoint-ORIG-GUID: ubWB_F-hzhlB3cX8HBIinycvgPJNTQUG X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUxMjIzMDA0MCBTYWx0ZWRfXzZFewL91ZSd+ pyYQVU99ULnVEHV1SwMWYQv0ABV88+p1UbbyG5RzihkiDjWbbndvgZFIzsZ8KV+CN7EcbBHjGcE URNpt9568Rn7sC1Zppomu/+hcy36NafBoa1mVoMYgEyzLWP0uYxTNeP0aeMg1SfiF9TdKHZotAe AQ/g/SihtaQjqbsgF1lETJSLcEZ+uOckvqM6SzckmaIKpTVS21HTd0+DPwjgriphNd2ly/V52jt kmHJeBF2Ar4SunCpWBHQyQAXk3j8q4L25X5f1MbR0/xFqnRRPs/4jfwUlsctpUToOG4yhFWr890 SWbKWrJd90OyN3o9qAABO8ep2ByfsDe30DszxVt9hJ0ama/hfbbcu0CBhV0HgHrNj7s3TR/uM3W 21s5/dJLouyMghJIwwmqzTOQFjKNsPLQKzc150H8m4GmNPeYJsnCw3FwHgN/Zbx772txwcm2Vs1 SgjnS2uCUW48psQ9RMQ== X-Authority-Analysis: v=2.4 cv=S8TUAYsP c=1 sm=1 tr=0 ts=694a22e5 cx=c_pps a=zLxRk7/rSTrB1jskNZbxBg==:117 a=6eWqkTHjU83fiwn7nKZWdM+Sl24=:19 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=wP3pNCr1ah4A:10 a=0kUYKlekyDsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=64Cc0HZtAAAA:8 a=mTso-R6HNDvPYhgs-xYA:9 X-Proofpoint-GUID: ubWB_F-hzhlB3cX8HBIinycvgPJNTQUG X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2025-12-23_01,2025-12-22_01,2025-10-01_01 X-Proofpoint-Spam-Reason: safe Content-Type: text/plain; charset="utf-8" Extend __vmx_handle_ept_violation to understand mmu_has_mbec and the differences between user mode and kernel mode fetches. Add synthetic PF bit PFERR_USER_FETCH_MASK in EPT violation handler, used in error_code as a signal that the EPT violation is a user mode instruction fetch into permission_fault. Extend permissions_fault and route mmu_has_mbec to a special handler, mbec_permission_fault, since permission_fault can no longer trivially shift to figure out if there was a permission fault or not. Signed-off-by: Jon Kohler --- arch/x86/include/asm/kvm_host.h | 8 +++- arch/x86/kvm/mmu.h | 7 +++- arch/x86/kvm/mmu/mmu.c | 66 +++++++++++++++++++++++++++++++++ arch/x86/kvm/mmu/spte.h | 14 ++++--- arch/x86/kvm/vmx/common.h | 22 ++++++----- 5 files changed, 100 insertions(+), 17 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 66afcff43ec5..99381c55fceb 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -286,7 +286,13 @@ enum x86_intercept_stage; * when the guest was accessing private memory. */ #define PFERR_PRIVATE_ACCESS BIT_ULL(49) -#define PFERR_SYNTHETIC_MASK (PFERR_IMPLICIT_ACCESS | PFERR_PRIVATE_ACCE= SS) +/* + * USER_FETCH_MASK is a KVM-defined flag used to indicate user fetches when + * translating EPT violations for Intel MBEC. + */ +#define PFERR_USER_FETCH_MASK BIT_ULL(50) +#define PFERR_SYNTHETIC_MASK (PFERR_IMPLICIT_ACCESS | PFERR_PRIVATE_ACCE= SS | \ + PFERR_USER_FETCH_MASK) =20 /* apic attention bits */ #define KVM_APIC_CHECK_VAPIC 0 diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 558a15ff82e6..d7bf679183f7 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -95,6 +95,8 @@ int kvm_handle_page_fault(struct kvm_vcpu *vcpu, u64 erro= r_code, u64 fault_address, char *insn, int insn_len); void __kvm_mmu_refresh_passthrough_bits(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu); +bool mbec_permission_fault(struct kvm_vcpu *vcpu, unsigned int pte_access, + unsigned int pfec); =20 int kvm_mmu_load(struct kvm_vcpu *vcpu); void kvm_mmu_unload(struct kvm_vcpu *vcpu); @@ -216,7 +218,10 @@ static inline u8 permission_fault(struct kvm_vcpu *vcp= u, struct kvm_mmu *mmu, =20 kvm_mmu_refresh_passthrough_bits(vcpu, mmu); =20 - fault =3D (mmu->permissions[index] >> pte_access) & 1; + if (mmu_has_mbec(vcpu)) + fault =3D mbec_permission_fault(vcpu, pte_access, pfec); + else + fault =3D (mmu->permissions[index] >> pte_access) & 1; =20 WARN_ON_ONCE(pfec & (PFERR_PK_MASK | PFERR_SS_MASK | PFERR_RSVD_MASK)); if (unlikely(mmu->pkru_mask)) { diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index b0eb8d4c5ef2..673f2cebc36c 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5664,6 +5664,72 @@ void __kvm_mmu_refresh_passthrough_bits(struct kvm_v= cpu *vcpu, reset_guest_paging_metadata(vcpu, mmu); } =20 +/* + * Check permissions for MBEC-enabled EPT accesses. + * Handles all permission checks with MBEC awareness (UX/KX distinction). + * + * Returns true if access should fault, false otherwise. + */ +bool mbec_permission_fault(struct kvm_vcpu *vcpu, unsigned int pte_access, + unsigned int pfec) +{ + bool has_ux =3D pte_access & ACC_USER_EXEC_MASK; + bool has_kx =3D pte_access & ACC_EXEC_MASK; + bool write_fault =3D false; + bool fetch_fault =3D false; + bool read_fault =3D false; + + /* + * Fault conditions: + * - Write fault: pfec has WRITE_MASK set but pte_access lacks + * WRITE permission + * - Fetch fault: pfec has FETCH_MASK set but pte_access lacks + * matching execute permission. For MBEC, checks both guest PTE + * U/S bits and CPL, both are additive: + * * If neither UX nor KX is set: + * always fault (no execute permission at all) + * * User fetch (guest PTE user OR CPL > 0): + * requires UX permission (has_ux) + * * Kernel fetch (guest PTE supervisor AND CPL =3D 0): + * requires KX permission (has_kx) + * - Read fault: pfec has USER_MASK set (read access in EPT + * context) but pte_access lacks read permission + * + * Note: In EPT context, PFERR_USER_MASK indicates read access, + * not user-mode access. This is different from regular paging + * where PFERR_USER_MASK means user-mode (CPL=3D3). + * ACC_USER_MASK in EPT context maps to VMX_EPT_READABLE_MASK + * (bit 0), the readable permission. + */ + + /* Check write permission independently */ + if (pfec & PFERR_WRITE_MASK) + write_fault =3D !(pte_access & ACC_WRITE_MASK); + + /* Check fetch permission independently */ + if (pfec & PFERR_FETCH_MASK) { + /* + * For MBEC, check execute permissions. A fetch faults if: + * - User fetch (guest PTE user OR CPL > 0) lacks UX permission + * - Kernel fetch (guest PTE supervisor AND CPL =3D 0) lacks KX permissi= on + */ + bool is_user_fetch =3D (pfec & PFERR_USER_FETCH_MASK) || + (kvm_x86_call(get_cpl)(vcpu) > 0); + + /* + * A user-mode fetch requires user-execute permission (UX). + * A kernel-mode fetch requires kernel-execute permission (KX). + */ + fetch_fault =3D is_user_fetch ? !has_ux : !has_kx; + } + + /* Check read permission: PFERR_USER_MASK indicates read in EPT */ + if (pfec & PFERR_USER_MASK) + read_fault =3D !(pte_access & ACC_USER_MASK); + + return write_fault || fetch_fault || read_fault; +} + static inline int kvm_mmu_get_tdp_level(struct kvm_vcpu *vcpu) { int maxpa; diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 74fb1fe60d89..cb94f039898d 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -383,14 +383,18 @@ static inline bool is_executable_pte_fault(u64 spte, */ if (WARN_ON_ONCE(!shadow_x_mask)) return fault->user || !(spte & shadow_user_mask); - /* - * For TDP MMU, the fault->user bit indicates a read access, - * not the guest's CPL. For execute faults, check both execute - * permissions since we don't know the actual CPL. + * For TDP MMU, fault->user indicates a read access, not CPL. + * For execute faults, we don't know the CPL here, so we can't + * definitively check permissions. Being optimistic and checking + * for any execute permission can lead to infinite fault loops + * if the wrong type of execute permission is present (e.g. UX + * only for a kernel fetch). The safe approach is to be + * pessimistic and return false, forcing the fault to the slow + * path which can do a full permission check. */ if (fault->is_tdp) - return spte & (shadow_x_mask | shadow_ux_mask); + return false; =20 return spte & (fault->user ? shadow_ux_mask : shadow_x_mask); } diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h index adf925500b9e..96bdca78696d 100644 --- a/arch/x86/kvm/vmx/common.h +++ b/arch/x86/kvm/vmx/common.h @@ -83,6 +83,7 @@ static inline bool vt_is_tdx_private_gpa(struct kvm *kvm,= gpa_t gpa) static inline int __vmx_handle_ept_violation(struct kvm_vcpu *vcpu, gpa_t = gpa, unsigned long exit_qualification) { + unsigned long rwx_mask; u64 error_code; =20 /* Is it a read fault? */ @@ -92,16 +93,17 @@ static inline int __vmx_handle_ept_violation(struct kvm= _vcpu *vcpu, gpa_t gpa, error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_WRITE) ? PFERR_WRITE_MASK : 0; /* Is it a fetch fault? */ - error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_INSTR) - ? PFERR_FETCH_MASK : 0; - /* - * ept page table entry is present? - * note: unconditionally clear USER_EXEC until mode-based - * execute control is implemented - */ - error_code |=3D (exit_qualification & - (EPT_VIOLATION_PROT_MASK & ~EPT_VIOLATION_PROT_USER_EXEC)) - ? PFERR_PRESENT_MASK : 0; + if (exit_qualification & EPT_VIOLATION_ACC_INSTR) { + error_code |=3D PFERR_FETCH_MASK; + if (mmu_has_mbec(vcpu) && + exit_qualification & EPT_VIOLATION_PROT_USER_EXEC) + error_code |=3D PFERR_USER_FETCH_MASK; + } + /* ept page table entry is present? */ + rwx_mask =3D EPT_VIOLATION_PROT_MASK; + if (mmu_has_mbec(vcpu)) + rwx_mask |=3D EPT_VIOLATION_PROT_USER_EXEC; + error_code |=3D (exit_qualification & rwx_mask) ? PFERR_PRESENT_MASK : 0; =20 if (exit_qualification & EPT_VIOLATION_GVA_IS_VALID) error_code |=3D (exit_qualification & EPT_VIOLATION_GVA_TRANSLATED) ? --=20 2.43.0 From nobody Sun Feb 8 00:03:44 2026 Received: from mx0a-002c1b01.pphosted.com (mx0a-002c1b01.pphosted.com [148.163.151.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 568DB3093A7; Tue, 23 Dec 2025 05:05:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=148.163.151.68 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466316; cv=fail; b=SraoMbzNIEdOQVBuIcuXwksHkKopjoOnXKgMWIMxbv1HdTuNafHju8Z0URxDr3Vqxbna+M7LZbG/FfH82ILhNnnprJpTA+8anOVNfSmxgAlfxLOzzn5hQmF93we6FoYCXgxCuShMJ33ZeO89ZcxQI+ddtVe6Ahyu+5x7RPbbaP4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466316; c=relaxed/simple; bh=a/zC3qr3V4bDI+D+xBOhQeh386P29x8YXNI4pRRUmy4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=kMS7Q1cNGLsvDEz6lvXdtzwm3f7ykZjRSHVSlJefPOxopBqkEd+2s8rZ14r51ynIvFbRNvgLDgRIXd49xS6Yk9D0/4kU+hdLJ74wDtASoI/hLdtcbKK8TZjaEnNaZtaVQFmRS4vQpQNg2EmhPQJD4hvWFNY6wPAA8lAgsx1VaOc= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com; spf=pass smtp.mailfrom=nutanix.com; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=TqfP5UVX; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=yND1Yir4; arc=fail smtp.client-ip=148.163.151.68 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nutanix.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="TqfP5UVX"; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="yND1Yir4" Received: from pps.filterd (m0127838.ppops.net [127.0.0.1]) by mx0a-002c1b01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 5BMHLI6s2280199; Mon, 22 Dec 2025 21:04:38 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= proofpoint20171006; bh=dyfJDTXWUl270fKJpOG2/s6afn00K3NpxHPb14jFv Pw=; b=TqfP5UVX0L+tIUsMctwsGod07uCWm2gVecHLwA/LV2tK12Ni5mJtxSQtm aTGamuU3xJcYiqBF0juZqtmHzGOT/Avul+9AxnWH43ycjTEuwj5lsl00yzc77r1T eU6Vb2c2qpnVNaRg4Azn+ROEAIPOpFqDLiIww3T250f2cW1FehTF1EGZbLTFXo4G xyv4y5rOSzniPyOs9bxx0FS4U60C2iLDwr7xBVuC4Y9RQ7dkTEF9/G5FU3eD/KeU ZueByt7x0Rc9ycvzS/MSmelSWykAedsCy3ympyOlEyTLzC/ddnOELWWp89mJksyd vllpDSsuZdQ845Bd2wQuCBev2jBFg== Received: from dm1pr04cu001.outbound.protection.outlook.com (mail-centralusazon11020139.outbound.protection.outlook.com [52.101.61.139]) by mx0a-002c1b01.pphosted.com (PPS) with ESMTPS id 4b5v7yvuvt-2 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 22 Dec 2025 21:04:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=TTn9t/sT/EqIeV0gPBGKLWJ/AlHyJgFV1XuEeXDjp6r1rrUFGvVZXXN92xoXbCjS37HnmvDPCpcZuMQ437ad8UAORvNnFvtaM+9LLsaRkMc3ef0w+65NSdbWu8eKVCXng+FsGRgwTrx59yXTLdcZScaPq9kbPx1EXznNue7u41iFD+e8F6HUTFho04YIPw7/dHaTr7OuPLq9u31Mvi2zsLC0F5/TXJnSIdwB8lNSDs6eJsEobAcvNgOaDIAx06pIqkTv3REafzDetI+xLzeQjxX3RJQTIhgqduaLVW0j2vdwZgqNpYXZiS+T9097K/HF0MbOOhbQ1qloL3uQWLRI6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dyfJDTXWUl270fKJpOG2/s6afn00K3NpxHPb14jFvPw=; b=vFuqwL9N0JxLzo465r/3BlAm71OM283s6Bb+Po96j3ZwNLaLfZxPIHAgsfXKEdHm1ss/Jbx/J5UtvI23bmiFYPfXpSs401reqcusO8l7mIsJQZkNYQibhZRjtrzABD8Ku+QeAU6O+nZxOzf9wKHw1LKFk/vHdIVw0i4IzQ+xDmI/PgT+i3f9C+Sfs9d6agPWka2WwRcfH8uM88EXxcxnUsVSDkq4JxCIdL5OfKLLZ8ihqE1avQRtixlB1FcHTYVuddf5plJ8n3/XPM5BdIyTh+0wNgXsOoITuoSjwE4CJvijjWdBoYrSU7PgzCGaNFBtsXMlrYbHcmJuJNodGmPgHw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dyfJDTXWUl270fKJpOG2/s6afn00K3NpxHPb14jFvPw=; b=yND1Yir4YZ4wcUNA7hfv9SFQazw0eIach7Hjpi1JOLEd6oK5/oR/Hvbbzd0HhRhyQrryv00x0DIe50XcVVvTwpic65dRS1g3vtf4yavZv6KxzhYZ8INYZ7o/lo9Hkgrv1kjmO/cgiptUSxibNOK4MUeg2izzLVlDwMyPJWRvsD24Qv1Oc25JQdTgXYwOhArD+5mQrC7WJwltJaeyBSYVN4jTs79s6+Hx9N9vn3pewgLEUbZ5RUBO6V9Tuh1aBn+aX7I9AUSvlP60RePXWYjua+LFEcvvsXqsy8Bbm0tzBliwG7YBGfPXmeAY9UvuxyiwLLbDmfhM7qYkX7JIp9dibQ== Received: from LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) by SA1PR02MB8560.namprd02.prod.outlook.com (2603:10b6:806:1fb::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Tue, 23 Dec 2025 05:04:36 +0000 Received: from LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc]) by LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc%4]) with mapi id 15.20.9434.009; Tue, 23 Dec 2025 05:04:36 +0000 From: Jon Kohler To: seanjc@google.com, pbonzini@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: ken@codelabs.ch, Alexander.Grest@microsoft.com, chao.gao@intel.com, madvenka@linux.microsoft.com, mic@digikod.net, nsaenz@amazon.es, tao1.su@linux.intel.com, xiaoyao.li@intel.com, zhao1.liu@intel.com, Jon Kohler Subject: [PATCH 7/8] KVM: VMX: allow MBEC with EVMCS Date: Mon, 22 Dec 2025 22:48:00 -0700 Message-ID: <20251223054806.1611168-8-jon@nutanix.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251223054806.1611168-1-jon@nutanix.com> References: <20251223054806.1611168-1-jon@nutanix.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH0P220CA0016.NAMP220.PROD.OUTLOOK.COM (2603:10b6:510:d3::19) To LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: LV0PR02MB11133:EE_|SA1PR02MB8560:EE_ X-MS-Office365-Filtering-Correlation-Id: f6b7d928-fd52-404e-8a83-08de41e0c4d4 x-proofpoint-crosstenant: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|52116014|1800799024|376014|7416014|366016|921020|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?qpTpaxJKrte+BeB/fybCszMtg02Ojng+KCArJ6N9D8WCQhab4QK4CYR4x/AG?= =?us-ascii?Q?cgRaRYit7dovjN1U79Oo6q2eibpkKdAvfKFgRgFe2Ug9L6HSqkjOpjmAfec8?= =?us-ascii?Q?ct7vFowgEAAPLy6ygRa3H79vYjidl9MDmwx3tmoDWghQDLBQMRWb0htMPbta?= =?us-ascii?Q?0LDwg0pOELox63IsT5B5zF6XOgCBAvbUlL0Qwgb/UWJ6I9C1pxAnBZmtgqG8?= =?us-ascii?Q?D7INbkUFREnRKcMxhNdIlzM+BIrNE2/+GligISydMunqo821WbDGIc9rdZk/?= =?us-ascii?Q?5WOR/NbhNFxGB3me9mN7KS2e6anNxlZ3kV83vsIO6kVCfTIzi0iPfUEHNziF?= =?us-ascii?Q?+aj2jC1qtKae/kiW9+9Kpq7R9vxDN3FjY+YWF1btJa/rd+2anlEIYugfhOAm?= =?us-ascii?Q?h9nWpu7yuEy+JdAyoG6LYzsEr2jQOrsBq6UcfBwCFK5OA+sQf7Hbh/pqpGtX?= =?us-ascii?Q?c7jXB+WePR/hdbcGiK+h+kDhJ/xi6gxqcFPbJZEjdp+Qgg4MU/BURT6e2fUd?= =?us-ascii?Q?pv3Gt3jZ7X+Aaf9ApJpppccMDDZKx5KEds+qeRY5nt1+hvdw3gLRF8x9YJ1y?= =?us-ascii?Q?iLmIzigzByVhniDVOi/B+wdVkACY7KyQEVlf1loA6++g3E5iFjESTWd28C4l?= =?us-ascii?Q?L6QtH7GVSXeUG0k5G6oXoFTw5ntoex66RL45g7dPsPeiwnSCerRWOUxNOlHP?= =?us-ascii?Q?SMjgocskF7bqd4UImGWznjcpb/nKox0+tC/YawaGmX9dPL+EBh7UwfwDUrAW?= =?us-ascii?Q?ctl0nIxfnwswyKI+CAKiIPtFCGUhUTNntnm7ZyWPx7zqGrbvtl52hV0/PtrZ?= =?us-ascii?Q?lXGIlKBrNP3NfE4DsYVeJdf0nZ1nd17qOlNj2x6jBZ8l4I4k74DnIf/MzRyL?= =?us-ascii?Q?W/RkG8E7BiqrLYvwg2WvsQVTyuloOolQKUGZoZgMmVFWZyWkRl4t5+qmskIz?= =?us-ascii?Q?NKhn+MoHG5w9ulTqsfJcmYzDimEh+4pWwVeNI4VfVMS1D2fMiEhc4ANAA3F0?= =?us-ascii?Q?eo9xIA3C9yzBsDFBHYdqpfr3tJMN6ckWa/fpCVPtErDzef5hs7E1tsidZaWI?= =?us-ascii?Q?IUGWVJUeCIaMQDgM1zU+j0a35oIALCL/f56GNhoelqlwu5IAlY3fKvYmPISu?= =?us-ascii?Q?P7TaexxW3xDmJWXgZGIxY1Amiasq+ZAwp1DIx3PNA4Zo2St126foOCfEkTb8?= =?us-ascii?Q?NQtTmyvtottNUyK9ENJiPG/9XbKrksM7FZYZ/SyfypSsDpiVA5IeRaHlmh8p?= =?us-ascii?Q?pPLy5+rsSPitnGDRh+qf1Ef1pASI20nyXf8dsYsjBlyQFlD0pubONLhKSLE0?= =?us-ascii?Q?nqWPPn6jRdW/E8k4CcaMLIt/7K2W2ZiKfp5it37RNHh3Gyoq+/t1u5x9pM39?= =?us-ascii?Q?BtR9DwPNEMvc/RI1bnOHi2YfL+Ku9RUbJVxaBn304GJfjZSfethtOIMUWlsB?= =?us-ascii?Q?l8kRw6bMtKkosP39IPoCCCIDT9yK4lbT2nTX8nqzBgTHnbPlGpKHTrHfiTMG?= =?us-ascii?Q?OPEl67HMkSwTx9QMT2f5CWPwe+5ZLh7EkAw+Jbx+yOu4ytnKh00HdKtE+g?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV0PR02MB11133.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(52116014)(1800799024)(376014)(7416014)(366016)(921020)(38350700014);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?7JYQsRSeHZs8eES3UYNNTIMl9YItY7tWqfWvZc4/Y4VXF+hb0DAnyoJBEkGq?= =?us-ascii?Q?GaWPxVo+HPlwUdXSkMO18/cjCvykhTbHirW6n5oktTEQR3sBF9+Yx4V6/UpM?= =?us-ascii?Q?L+emKTl1rvquAB8mrgLZgyJeHljUmmrF582oDKpM35N13rxyhJMgr7KJoFFP?= =?us-ascii?Q?W+Mb6A+frAWQAPf/fHLtoWpQUctYsUErwa7CEhECWP3VhZlVCQR1XywXhs28?= =?us-ascii?Q?i4e1Ot9QpPhB1Q+UvPVvondBTqRvTuXdYi+Z8o75AJt3bDMNJPc8zJj2iTbC?= =?us-ascii?Q?E3urI5fxPvF5jF2TwQjtDJPhPWkSTCWGlM+rQVQvdF7GpRWosA3Jy6Kp8XPZ?= =?us-ascii?Q?hM2mZtXRMorngEzymnrmzOpi6rfoIaGoKRjO3v68n3wII6MxjMlG5OUhQyn7?= =?us-ascii?Q?J5jO7J8S/1sjTtiUcKUTx8v6DVOmuCL/CKBdsb308BeSPgK7jbmxLWUZQ/Hz?= =?us-ascii?Q?LS3B5NNwMK78wVWsARYhgE3P0Y2/gwe3JUpj6otMtieoMiCVccCMo2yC4JJp?= =?us-ascii?Q?TNZubPGxuIrBJ1+Dkdk8VDHXPXHCA8l3O76ADdEmnqAeMW3QIfe+AeVcKjHJ?= =?us-ascii?Q?C6T2DBhUEEuYvo2E53Zm8Cl57slKVFBQaSWj85MMdTkEQMch9smDR4Crkphb?= =?us-ascii?Q?GhRiw4/njVVhTN1/EOh1JXpQeOR84Zqy9Z4XBVaeH5igI3NYyx9kwXuT5Cr1?= =?us-ascii?Q?n30+jZneklIvDKEA2fcprqaESHw2qWrzteCOsIMekxLKVMJMoURoEPUQrGFJ?= =?us-ascii?Q?FB1JKhT1uuu8OKr7eTEzkr6mYZG0rr+rfNKXE9zkEY7X+0stzD1OJHlkWEHf?= =?us-ascii?Q?7yECgpQBgdPAykjLiQBf5xckkdWy9cdrvA0NjC5Phxgs/ufI8fR6nCM1kV2U?= =?us-ascii?Q?wtyUwHIRr5tOpwPL7zdyiekrS6/rvp4eJsTPrsQhPXy8egATON/N6ZTnE1ge?= =?us-ascii?Q?5Hzqx1qH7bigkWbA/tsE1nfIAww+zEnJj17WPn8hYsr4anjibW1Rd6LCH0jJ?= =?us-ascii?Q?BVDqapIRyBtgeXdCL3baFe1s0AP3t+3J1LxOrHsi3W3w/lwPkGvsXyF69yev?= =?us-ascii?Q?NG6MVHC1uCxRkWK9kTmKkUTf/K+MHcNeJepjLK7MuQ0ZxtgUiCDbZsSqSBCd?= =?us-ascii?Q?+6xGZM+caF6Ppa5Kno3v/YfM8VP7kEGvhHwkJOYnURev3abrGDzgpa1SQyzl?= =?us-ascii?Q?FHENr7DT4xCJih4AiFHr8KSYg4PBF1YeVH6yNHXg7P2nC92+TuLpLTNXfFKY?= =?us-ascii?Q?JfaVC6gNMSwz1QVQJWQ3oWyrULcAe8tSDi0o9BemSLXkra+V7Bv4AUxVb//x?= =?us-ascii?Q?ci4NuseZDYidvZMIbjSyRZkXDjr8pRaNTjx8xcP7o5TkuvOBlEXO8syvXzAz?= =?us-ascii?Q?wSAwxIPhZwoa+Pk2wGZvnIPxRAA0dBkADM7LedwKzJfSOqfZQxkZqtggS4Cu?= =?us-ascii?Q?RRGB+b5F7PnBWQQxyRUpgERyWUIFmCiZBNN9HLClGWcqpRG3lI3hZ3yJ0Il2?= =?us-ascii?Q?mgjR+IqKHWBEZzySlcjJHXCnQVU/t6hnpiFn4C2dhFKcaH88+vNPELv03vKo?= =?us-ascii?Q?6A2j67ABVrDDRbWYM2YGcQmLPXCJ1GnoIBhCg2//7nFkJLxApJ0AFHJJBHNs?= =?us-ascii?Q?p0Giy5caXf3nmTkB5ntlrDa6K/u6oAQ/YqEbNMNECkySZPoxhATieQn+UYar?= =?us-ascii?Q?U60W+ik2rpWVxxD1iVGIFqxbAD/uVrKqqeApHHLRTZ6p2rJZKiXxl0rW2MFs?= =?us-ascii?Q?HfIPgjWV+fxeCa5eYfxPTCr/lVfCJU0=3D?= X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: f6b7d928-fd52-404e-8a83-08de41e0c4d4 X-MS-Exchange-CrossTenant-AuthSource: LV0PR02MB11133.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Dec 2025 05:04:36.5425 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: RtVb6hHrTh3GWquPMcUwQ8I+woMOIucHaq5Cynp0w25w2VLPCvs4wtq48X9zl9/kmSdnry8LAE8/2spojKuuYfifZrCT1IcS1/rnkJBcMBw= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR02MB8560 X-Proofpoint-ORIG-GUID: ZWvMIu8fY6cgS3g-5E2fJfrvPrKhQZ2c X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUxMjIzMDA0MCBTYWx0ZWRfX2ahSN9iGh1DH i1PliphEw3J6a24jckHKxbtWKA4/s0Wl2ONxFYfJCPOUexwA4DuMp+FaIbiefvYDgH9QSbA+B5r P0KxTqz3eaPrkyo5+1x+KSjowsK7hOitM5EswsaPO+Zw+gRLYpQZdbrsa/YJJsokTzuUemNZdD6 aLfn54Mi40UGXGvOfbJSygUVsxg/SFvELZNmK4ymRqUpgG/RSL9wp0UiNMl1oIBABN5qxeZx9xx AyPRx6JmJPuFwJMOc1LD056Pcj9ZwH4DeNq0lwYjyclrt9YndYH17AxiHFeD7t8sDUCbXd2lPgj lwGbNYP23IxMXPdIBL/Nu4JoFBjvnjbb9T9Db9+mQ2nXXcLRdNPz/FyH6s9L6NlOb+RHWFPPfKd Aid1YU4R9LVeowdio3LhTHufaqFbyxPnsTYMFyWm0Zuy0gJzy1HDTOxImjUsqJ0pFIFcvv2PLJl +h/iURIRDNm4B30Y66Q== X-Authority-Analysis: v=2.4 cv=S8TUAYsP c=1 sm=1 tr=0 ts=694a22e6 cx=c_pps a=zLxRk7/rSTrB1jskNZbxBg==:117 a=6eWqkTHjU83fiwn7nKZWdM+Sl24=:19 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=wP3pNCr1ah4A:10 a=0kUYKlekyDsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=64Cc0HZtAAAA:8 a=0i2ZdGeQOifu-2FwdKEA:9 X-Proofpoint-GUID: ZWvMIu8fY6cgS3g-5E2fJfrvPrKhQZ2c X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2025-12-23_01,2025-12-22_01,2025-10-01_01 X-Proofpoint-Spam-Reason: safe Content-Type: text/plain; charset="utf-8" Extend EVMCS1_SUPPORTED_2NDEXEC to allow MBEC and EVMCS to coexist. Presenting both EVMCS and MBEC simultaneously causes KVM to filter out MBEC and not present it as a supported control to the guest, preventing performance gains from MBEC when Windows HVCI is enabled. The guest may choose not to use MBEC (e.g., if the admin does not enable Windows HVCI / Memory Integrity), but if they use traditional nested virt (Hyper-V, WSL2, etc.), having EVMCS exposed is important for improving nested guest performance. IOW allowing MBEC and EVMCS to coexist provides maximum optionality to Windows users without overcomplicating VM administration. Signed-off-by: Jon Kohler --- arch/x86/kvm/vmx/hyperv_evmcs.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/vmx/hyperv_evmcs.h b/arch/x86/kvm/vmx/hyperv_evmc= s.h index 6536290f4274..0568f76aafc1 100644 --- a/arch/x86/kvm/vmx/hyperv_evmcs.h +++ b/arch/x86/kvm/vmx/hyperv_evmcs.h @@ -87,6 +87,7 @@ SECONDARY_EXEC_PT_CONCEAL_VMX | \ SECONDARY_EXEC_BUS_LOCK_DETECTION | \ SECONDARY_EXEC_NOTIFY_VM_EXITING | \ + SECONDARY_EXEC_MODE_BASED_EPT_EXEC | \ SECONDARY_EXEC_ENCLS_EXITING) =20 #define EVMCS1_SUPPORTED_3RDEXEC (0ULL) --=20 2.43.0 From nobody Sun Feb 8 00:03:44 2026 Received: from mx0b-002c1b01.pphosted.com (mx0b-002c1b01.pphosted.com [148.163.155.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2FAFF2F90C9; Tue, 23 Dec 2025 05:05:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=148.163.155.12 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466308; cv=fail; b=aofa2Nbt2402xbODQbQPV3h8tZBIxwIG3f1XOmpfKMCkW/dromynhtW8NCPeiTI4fy9zfGCNNnLdC5LqT2laKS2UTMuG4W42ZuTfNK5RbYPQJdo7zNt3O+SxwXO8xCvV7PvgStw36JD/M16dobrPY1hF0Lpd0fTwr9xy+hCcCcM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1766466308; c=relaxed/simple; bh=/MXgDyT8V5xAixT4CzYhUBHo78I23HjnkPqXDibhNZM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: Content-Type:MIME-Version; b=cgFpHiTt0/z13xm9u1VMxQ5blaQBNNcU+lIxuq0Z0Ekt5OuP+saA5jsl5OlwxBWakaVGo/s7wmeMrkmClUskr7wXWsSpNivZdEC1KUXIjDxsCR1ulDChl0Grm6evlgWEyJFyqFP7ScnBOvW9dsns8VPoB/+yDvmgh5GtJUYSek4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com; spf=pass smtp.mailfrom=nutanix.com; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=12TfU6R1; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b=EkTXrjqh; arc=fail smtp.client-ip=148.163.155.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nutanix.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nutanix.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="12TfU6R1"; dkim=pass (2048-bit key) header.d=nutanix.com header.i=@nutanix.com header.b="EkTXrjqh" Received: from pps.filterd (m0127842.ppops.net [127.0.0.1]) by mx0b-002c1b01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 5BMLwnIx3941949; Mon, 22 Dec 2025 21:04:39 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= proofpoint20171006; bh=JTKOnxfafwq5oDZQeRaQrTdKCUCChVYBXSSqe43K7 hk=; b=12TfU6R180k57HtPdkjC/92k7dAV/J3Eix+xxVwGuumryCXK3HMGWGzLK OAjEM+ScuvqruYfsDFC+XVkLUV7rJqde6ZxkGQjQk3X4idYzbv9ZDpcC3PJL/AWj 8v00oqqrqDUBrk8OYDGuLqofTA347mqUT7470f+6qdGjPfhDyFITsRK0tAnrbyWe OcfWwj9hP+x3S6LYXw5mAHeBT/GWiB5pcb/gKO0v7fYLQdRTslIZ9IBtjSO+5b9F kNbZczWiG0scnajyO/5bq9G0u0JZ1GA04Gl0Q7xf6b9SmJshZIzGDsycv6wwuWWo LXInDuylx4LA//JCDYkN8kPW6Oqow== Received: from dm1pr04cu001.outbound.protection.outlook.com (mail-centralusazon11020078.outbound.protection.outlook.com [52.101.61.78]) by mx0b-002c1b01.pphosted.com (PPS) with ESMTPS id 4b7ecgrr1q-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 22 Dec 2025 21:04:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KNQ9OUMuTsq4QP4/Tr1TDRAieHE13R6ZepWBp5YLGJlBH6flQROuJ7CgzVy3KX8RAWTRbI2TDY+C4eCtsDhf9PVfK/qBoPH4VPyDc+KH+v5fNYF39Vhm8QdTWr7sPt+/O5xZlGBstZ+GzB3kITKZIdUv6146paCmtQRjvQwoyMz8vjSjBoUx7HnPHKgmG1J/asxrQfQP36HrhUz8LfpvNvuFJW0pKiYX/3e9YRAIZZTEfLzOmMY1Ty0tKvBD4bnav8+mgv4dr23JcHyonFaE5nuk6vB+5m+IwbZloD3CQyNBLmWF+O5Klsts1CUvo1aORpswti2kPmdSoqEW0PwTpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JTKOnxfafwq5oDZQeRaQrTdKCUCChVYBXSSqe43K7hk=; b=AGGasAxUM8GjI/Vst4BEtV6HVAs7qS9NyHhtBNoc0fS4DoWOKzyj9vOrWWDGrxaLKtB8dD7w/C7FgERx0NkFfv51tBdqEx8FFXSkaW5gkIfqxYutfh8Ulof+ifZpj4PKaYa4trKap9ZdaOhhYFwBZr/fk+VJr9b1WZAkeBnf6MnW0AamWHmalBq4YfYIm14cXni4zgr83AeE5Lowb8zRb/nS1XAoMMrZGd4SToURuiY724OLZbMR4MYNLdpxb23CKbkjRLNCbmFPi+RreDmaMyqcuiPDN+AoeEoUbMRW/imgMb159BNGZrlTVPiI5bu6tLRwZ5UhtI9A9Ln1Zlt1CA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JTKOnxfafwq5oDZQeRaQrTdKCUCChVYBXSSqe43K7hk=; b=EkTXrjqhGlOV72jDyncPvoCCtv4ye7FSZoeG/5aPKcJyC3xfAhJOgk554b64QqO9UfqqF+UP2k6S3OH/jteNnJWVJ/DuL1RXt5KenmYMCHuYXd6oC1lvCBZBn1pzj22IQdtZJ1kYjt71aIsz1iuWeaZ4LIdgM/zyCpLLlSRXQP1qwStvhaObaJUhepnCjzWLuH67BB7kGLVA2QuPrDJR1IspA7ytQAyIp3k/mSW1jD4bnLDyDNnsAjcDwb2u/ExSvTMEYEQmVNfow51XN2tZZPEX7lfnxg5AiSNUz3IygRCASdQByINJVJUfXNpfY7L6pZ9+UrtGT0i5tuO34gbRLQ== Received: from LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) by SA1PR02MB8560.namprd02.prod.outlook.com (2603:10b6:806:1fb::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Tue, 23 Dec 2025 05:04:38 +0000 Received: from LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc]) by LV0PR02MB11133.namprd02.prod.outlook.com ([fe80::10e5:8031:1b1b:b2dc%4]) with mapi id 15.20.9434.009; Tue, 23 Dec 2025 05:04:38 +0000 From: Jon Kohler To: seanjc@google.com, pbonzini@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: ken@codelabs.ch, Alexander.Grest@microsoft.com, chao.gao@intel.com, madvenka@linux.microsoft.com, mic@digikod.net, nsaenz@amazon.es, tao1.su@linux.intel.com, xiaoyao.li@intel.com, zhao1.liu@intel.com, Jon Kohler Subject: [PATCH 8/8] KVM: nVMX: advertise MBEC and setup mmu has_mbec Date: Mon, 22 Dec 2025 22:48:01 -0700 Message-ID: <20251223054806.1611168-9-jon@nutanix.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251223054806.1611168-1-jon@nutanix.com> References: <20251223054806.1611168-1-jon@nutanix.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH0P220CA0016.NAMP220.PROD.OUTLOOK.COM (2603:10b6:510:d3::19) To LV0PR02MB11133.namprd02.prod.outlook.com (2603:10b6:408:333::18) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: LV0PR02MB11133:EE_|SA1PR02MB8560:EE_ X-MS-Office365-Filtering-Correlation-Id: f4788f76-e338-4b8c-4cf9-08de41e0c5e7 x-proofpoint-crosstenant: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|52116014|1800799024|376014|7416014|366016|921020|38350700014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?gBdcIDiv2tdOPG/ieMDnLaNjygy40tCp7KfiTJ4q8liElNJxEFBlOc2tjpNG?= =?us-ascii?Q?M30eoTcKMtnz3uR8sirHKMamph2NeSnCj9Sc2DFSPm9TiCaHo32eNEKT0yjn?= =?us-ascii?Q?/6BodZYc8BYOdvv1RwwE0WKk+LPNM9hxuxyxpXhbieXqZ9RyutnNZCeWpEfd?= =?us-ascii?Q?m/OHCqQcVRryWvdv1O0bO+gdlJMyqfwcYGdDCthx4H/UHrrQ8Bbg4vUhiCys?= =?us-ascii?Q?qzqrcLDI38p5eY++yU2DPqfQT2NMKvNqve3XsubSnv5Iar+nPJqDQzypw9wH?= =?us-ascii?Q?2i4L7JpmjKcvk+sRWtFHLr+GO0t7NHG9etRasw0XyJWnux5w+6aq5z7qtU7P?= =?us-ascii?Q?a8zWIWbjTvjMob2XGrqWsvSoMWQCnWssfJ89nRiL8OSHsYyZCfaNvMkm0xoz?= =?us-ascii?Q?iB9wyMOgcmNqFXUk/hRn8sxF+Ph5GX9OGd6beC+IKwiw1DGn3nF0v3f4y95K?= =?us-ascii?Q?5qG1zSy4Z6PDK4N5na4Qq+uRElxx6B2i01LPEJoGQY6pfcVSILvg1/PZAtTO?= =?us-ascii?Q?nQxpDEpTRSosV7BJiIQGwAAJEuPPyzJWrZapex80AkKMfwpn/M8K49Y9MwoF?= =?us-ascii?Q?XHlD8bJdrIiUtB3b+hkJ3a2h6LDhoCU8Orr9rpkPAUpDp63UjMqU0tpUyymG?= =?us-ascii?Q?eKznpOfUg9OPgHPyY6pcrKO95SxMvJIqYYSAZh57er9QSprTEh0WQa1XFJTJ?= =?us-ascii?Q?3xV+fzfzUSMfqSU9+P9X7pIErFzyHLqQxfHDkrHT8Wu5EXJnsRpuvNodBqPk?= =?us-ascii?Q?Slzu38dR3JhOXa5SzLs8pYMrORhBJr/ffOOrrmcOmRExwIsE88bp89e34Rmw?= =?us-ascii?Q?H22ULPzbaRoS+Axyp035hs/GTG3mzzTTwNzYm5onaBEZJZku2X2GFqJcM9Pz?= =?us-ascii?Q?4ER7fBUL+nXI6S1ryjVl5EmJoJ3+Q16HZT0HPsVpYOI03QmoXnMLvfZU1OaO?= =?us-ascii?Q?UfN57yf269GMupypG8we8kuOA3aPq6Pu1VmJIjk+zs7yQXZcqemcsP1btIN7?= =?us-ascii?Q?3Fc+kL6Q89z5UFOv/kfblrClMGJhDdOAC68skRMtwZuVXZDLw9SlwISeX1t+?= =?us-ascii?Q?xdcsb37hR5bhHML3ezsxm6RBav8IVjdUBQBGhms1yT4c2L+G4dTO+xjtk27K?= =?us-ascii?Q?XdIHa7ZcMRWu9n/5UaL9oehbGffuA72lMM3kQCrgoyGHrbzcl3ilohYhhONt?= =?us-ascii?Q?Ct8y87w5AyCRs2nd5xiLADudOdeupsVYSZYlmY7ivTcCGHZHxDRiftZP3U0U?= =?us-ascii?Q?DXO3fbrpihNM38gpZA/biGxbiYYdVtEYI7/2QHCP15oOMD6WK9h7Cg7PFSBa?= =?us-ascii?Q?T4qv/aDLPpLT7jyOd8wbgAK+fGEz5DcaF++lMXepJqJhQ8AOnFsyQdbhI0zD?= =?us-ascii?Q?FFIv8i7fAoC3DuJhTMmaHrfHzImmSFWdv0V9iaK5PdkEzEpTXu/6Vr9T+l+G?= =?us-ascii?Q?IF2c9+KunRbgSTIYbQbpSAt4uESrFsnZfpgqc3RUi6vsqPoBReX9FW2hL6jY?= =?us-ascii?Q?E/NeUcKOa6/tjGv0Ua02eRqzGCbcS7OKaoncmJ4ZPUBF/kIdM6ZtG5YrYg?= =?us-ascii?Q?=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV0PR02MB11133.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(52116014)(1800799024)(376014)(7416014)(366016)(921020)(38350700014);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?wZkNN1zGxoWbcGI+9y0t3crgiSytG5h8FpQTtmAf+I2jaaSyvg/Ord4fQgCY?= =?us-ascii?Q?+1gA/ni3JMCIUVvdzwhT1IlEDaRm4LeDKqcRU2oIswUrJtnIEVVuqa7OJhVi?= =?us-ascii?Q?4lI14Ze0AilbFoNr068Qv2HRpVV/9LcUuyeD6ePquQLNd2VzMysSr+10YsOO?= =?us-ascii?Q?wlbadqqQKOZHthyssOTcxSEo+fbw3Gb97YEOsqrRiIPnrbSFr2ki3VEOLBH3?= =?us-ascii?Q?vKQKSJm5SwBRXBzZl8yG96mL2TNHd/FZnf+1H3TEiJtsULS5PD1lzy39ygap?= =?us-ascii?Q?OuG33aZSWaub4Hp7RPWTTalxzKkc11Q2E61yOe3b7NsEJZIJ+nEoaCjzcFpa?= =?us-ascii?Q?CSNkHhBB69mEDShdTrvA1dWSRqgnMBxOKSJhLxWvaiDU3MIxWeQ+J665oUmd?= =?us-ascii?Q?K+KEAxprb7WoQV1d9o6SDhQJ/8CosvvRLBKKEMgXxdcjbBMldACYx3xg7yxf?= =?us-ascii?Q?T60PGsjWDRqo+w4cYkANIFZ+azIHtgjo4Ni3xzSmG/tWkgrL8exQAvUpGnhV?= =?us-ascii?Q?lacjLBLdP3D0vZIYLzdM6WtzYy2CLPsq8wN0+8SmruQyByR3YNSn/iNTx8H+?= =?us-ascii?Q?g2CvQkD/1DotzzqBep4PPayNR81S097BJBhx1y9d2Fut7s5DDxR1AhbSDkb5?= =?us-ascii?Q?kS/z1/lRBdZsVsgTfAzYrzVXLk0JVpjAjP5Yas3UX5TbVgWzEIIfeCbh2bBD?= =?us-ascii?Q?xOP/kmXg/pIJSFwUuTKnTaK8c5IIh9c7cv6vGeMUGTDUqrQVVFr3Dksb0f10?= =?us-ascii?Q?fBy2cmN7/1A5r39IE7nQgkVUKWs516kSst3NhwBMvEMvcDq7UD/Svzs8AOa8?= =?us-ascii?Q?8DRszMFZj3JxsY+jTjSLQt4NwUTjZV5ReyWKEQ+A0Uywskwy+ulioRvCsBuV?= =?us-ascii?Q?H9WrmGJF38/NfbZLMQlcT0poxq54GOn2I4buguRxRbCkP4f+GKxE0NVyXDiP?= =?us-ascii?Q?5OR0FA/cl3KyhjPDs9etkITNH7T6ZcSHvbZLLmOLtRchsjdFYKa6vlAjgapi?= =?us-ascii?Q?WbZyl9KuDNKsKeUyxiDjJ/Rbb1MluCo68l2Ixs83zLBWcQ2l1BmxdQdrL+72?= =?us-ascii?Q?TH2kh31OgbVaSpZA4BUD4uhS/A0nS5kEjeCRHVfFRONgvQ5wAgNaM5j/6DAN?= =?us-ascii?Q?bCGilvXLUm8gqAoDqEQ1/OX1N1Ssdpaq2f9GbnxJTHPNCkPVAaisrYcatPU9?= =?us-ascii?Q?2UronFEiX6nv2UCShgFwtQntsnlgFUfEPx3IMsljb/qffVCWx2V1niu74q3Y?= =?us-ascii?Q?5GQvCl4qtxW+73k5EVshW6OxQLmZarX2/0+zdI3udxVN8uyQ5sHbbtPaDNQN?= =?us-ascii?Q?kFH5MRK6PKg3mfArj/4NbaWgtJH3jA6JBW8c0kJswfg6zoqRCQAbMEVZ160+?= =?us-ascii?Q?8fjyILfVJu7fXOHCuMYAzm4B19bxZ6pV8Atp+QOu+KfUQiDVdjAIEGlVNj+b?= =?us-ascii?Q?h1Uu4ZQolcQkH84WoY0yeT3HWr9XsoGJ4jljR5F649yMxLQdNAsF5YD/9rHL?= =?us-ascii?Q?hl34GmAdDK3a/8p7Mv8bo62cQyZhVh14Fgv1PCW+dXBLk1512gKNyXTYrScY?= =?us-ascii?Q?yfreNoWN3WatQZVPSEsI4dC/OnYtvs+UELvrKmM61h6hiJPadKknuvroO9uN?= =?us-ascii?Q?vfeGiS6ZSD5RNovgjlzPvvvx3Z7ewJI7wr+2lDLdmsr7bQ9FqTzROq3I0Evb?= =?us-ascii?Q?Po/zMVhF9+nqOPNQIyDoreDJ9ASkf1UjzVb0Jakvae1rNT/CkbfksenU1OXe?= =?us-ascii?Q?xiNHi9v+M2bsklaFVX1TpmqTCEDUtxA=3D?= X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: f4788f76-e338-4b8c-4cf9-08de41e0c5e7 X-MS-Exchange-CrossTenant-AuthSource: LV0PR02MB11133.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Dec 2025 05:04:38.2499 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: kuJmmROQ3yZ6Ol2ur7EgWOxCb4WGzQadV36bPdy8xgnWsvWN2feSIcAiNJh/J+zGAs44nEvWhh38Q7DtsWscID+4hiJKLSFxpTFRj5l5pDE= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR02MB8560 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUxMjIzMDA0MCBTYWx0ZWRfX4n3PTo5RKwUU LHVSYEgAZnwfQqe2ucQM670cDaHpViF7CZzHjQD7q88+fvzVrDIss2Qxj1TF4BQt5oBAb4VdMPf Vwz4c1rkZLPSmtboidbK/ucDuTY3ZJ9j/JGpLIT7xL8/gTal8DEdemhWEPx7re5w9v8aABSG9Ab zWQye30U189wlF2WZiAjoUEgiw8eN0/4j0XwhYjfbRb/EkTdLbI5YTDNYWgCB+CTkJkUG0kPw++ oP+tYyKj8NeO8WOro89AVdq90hBVxliQ+qtsTH99QuCfgFPvEwe4ytiTmEVizHUPd00WjCHVPFp boZbf0IgMz0mEpEHhdY0bAkN29sbo85Fr/VA7fvvOu4ai6gM7k3PhqThPoRs3vS3sp1JkGCfeET 8VlBCzICDPYpiagGJ4t5qaUoAX7g0i9Z51lqXTdUjIcOBmbpzWUnGcvG9OvlqHp1BBXmTlUv44x JUIVw2uSpBRg0HnMNvw== X-Proofpoint-ORIG-GUID: JA1fzyXWR8H70KQI3FNSjsEdt5Jx4Fe3 X-Proofpoint-GUID: JA1fzyXWR8H70KQI3FNSjsEdt5Jx4Fe3 X-Authority-Analysis: v=2.4 cv=R7YO2NRX c=1 sm=1 tr=0 ts=694a22e7 cx=c_pps a=qgEGzIGkZH4qQFF7vfwnSQ==:117 a=6eWqkTHjU83fiwn7nKZWdM+Sl24=:19 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=wP3pNCr1ah4A:10 a=0kUYKlekyDsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=64Cc0HZtAAAA:8 a=5b0qK6K-TFpaBXZJLVYA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2025-12-23_01,2025-12-22_01,2025-10-01_01 X-Proofpoint-Spam-Reason: safe Content-Type: text/plain; charset="utf-8" Add SECONDARY_EXEC_MODE_BASED_EPT_EXEC as optional secondary execution control bit; however, this is not used by L1 VM's, so filter out this similar to how VMFUNC is treated. Advertise SECONDARY_EXEC_MODE_BASED_EPT_EXEC (MBEC) to userspace, which allows userspace to expose and advertise the feature to the guest. When MBEC is enabled by userspace, configure mmu root_role has_mbec. Signed-off-by: Jon Kohler --- arch/x86/kvm/vmx/nested.c | 6 ++++++ arch/x86/kvm/vmx/vmx.c | 7 +++++++ arch/x86/kvm/vmx/vmx.h | 1 + 3 files changed, 14 insertions(+) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index bcea087b642f..ca1f548e0703 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -474,6 +474,7 @@ static void nested_ept_new_eptp(struct kvm_vcpu *vcpu) =20 static void nested_ept_init_mmu_context(struct kvm_vcpu *vcpu) { + struct vmcs12 *vmcs12 =3D get_vmcs12(vcpu); WARN_ON(mmu_is_nested(vcpu)); =20 vcpu->arch.mmu =3D &vcpu->arch.guest_mmu; @@ -483,6 +484,8 @@ static void nested_ept_init_mmu_context(struct kvm_vcpu= *vcpu) vcpu->arch.mmu->get_pdptr =3D kvm_pdptr_read; =20 vcpu->arch.walk_mmu =3D &vcpu->arch.nested_mmu; + if (nested_cpu_has2(vmcs12, SECONDARY_EXEC_MODE_BASED_EPT_EXEC)) + vcpu->arch.mmu->root_role.has_mbec =3D true; } =20 static void nested_ept_uninit_mmu_context(struct kvm_vcpu *vcpu) @@ -7313,6 +7316,9 @@ static void nested_vmx_setup_secondary_ctls(u32 ept_c= aps, msrs->ept_caps |=3D VMX_EPT_AD_BIT; } =20 + if (cpu_has_vmx_mode_based_ept_exec()) + msrs->secondary_ctls_high |=3D + SECONDARY_EXEC_MODE_BASED_EPT_EXEC; /* * Advertise EPTP switching irrespective of hardware support, * KVM emulates it in software so long as VMFUNC is supported. diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 520ccca27502..e23e4ffdc1b8 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2682,6 +2682,7 @@ static int setup_vmcs_config(struct vmcs_config *vmcs= _conf, return -EIO; =20 vmx_cap->ept =3D 0; + _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_MODE_BASED_EPT_EXEC; _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_EPT_VIOLATION_VE; } if (!(_cpu_based_2nd_exec_control & SECONDARY_EXEC_ENABLE_VPID) && @@ -4610,6 +4611,12 @@ static u32 vmx_secondary_exec_control(struct vcpu_vm= x *vmx) */ exec_control &=3D ~SECONDARY_EXEC_ENABLE_VMFUNC; =20 + /* + * KVM doesn't support mode-based EPT execute control for L1, but the + * capability is advertised to L1 guests so they can use it for L2. + */ + exec_control &=3D ~SECONDARY_EXEC_MODE_BASED_EPT_EXEC; + /* SECONDARY_EXEC_DESC is enabled/disabled on writes to CR4.UMIP, * in vmx_set_cr4. */ exec_control &=3D ~SECONDARY_EXEC_DESC; diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index bb3d96b620b1..ef45e0ca0bb8 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -584,6 +584,7 @@ static inline u8 vmx_get_rvi(void) SECONDARY_EXEC_ENABLE_VMFUNC | \ SECONDARY_EXEC_BUS_LOCK_DETECTION | \ SECONDARY_EXEC_NOTIFY_VM_EXITING | \ + SECONDARY_EXEC_MODE_BASED_EPT_EXEC | \ SECONDARY_EXEC_ENCLS_EXITING | \ SECONDARY_EXEC_EPT_VIOLATION_VE) =20 --=20 2.43.0