From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DA6A523A9B3 for ; Sat, 21 Mar 2026 00:09:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051782; cv=none; b=GWjQdtDjhPK/tOJEy6mDYIgNxKlwJniyofSvCPxpoTr8q0FEyCOZp+PPHju84qREWuTNHXVpIblm8GYz9yl6SVMZVIDjub6VLqIX7NvX21GhChPnY/1MiqursStlJ9grZvxoTXpAOMX4DBu3RR6zBx65pA4LD6wpd334KugGo2c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051782; c=relaxed/simple; bh=zDCBCYBPUvbeE25M9z63UMM9kTMU/AQZnM1CnQbk58s=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type:Content-Type; b=FS4iRc0FjwzLiqMpq4LxNNty5xXLv4iGZc8wrZSnSFmtT5kYZQh90fd7CTtBciQ/7Fk7wFjSnKUSMy5eTlQibFngBbQazgp/impH7pGgkTd0kQRdzgGwEWDfsB6lH8xvCXS7LO8yB3g+ZPq4awhc++I7PZGUxAnc0n/DPan2y60= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=gq13fBUi; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=DNs5EGzX; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="gq13fBUi"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="DNs5EGzX" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051780; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=sc7ZxTtUy7hlpRcyZngf1dKFBcofak52j6l4UPVMDlo=; b=gq13fBUiLaLsLLKr8Gu66pdh6QtTI6H8OWn83DMVqM+/KgMIeiOlRq0tbVlfLDbMKmUIUd vaLYfub8wY++xVwfqmX69vp34bPyK6ciYQOQTd6smPPZb5ikZCPUNxTZRtfmKfXtgOsTfR b8bxor9MqQAv9KgmfnOi2V63UbApZWQ= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-7-1wGLjQZ_MyW0iWyrIfI4Rg-1; Fri, 20 Mar 2026 20:09:38 -0400 X-MC-Unique: 1wGLjQZ_MyW0iWyrIfI4Rg-1 X-Mimecast-MFC-AGG-ID: 1wGLjQZ_MyW0iWyrIfI4Rg_1774051778 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-4837bfcfe0dso9391415e9.1 for ; Fri, 20 Mar 2026 17:09:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051777; x=1774656577; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=sc7ZxTtUy7hlpRcyZngf1dKFBcofak52j6l4UPVMDlo=; b=DNs5EGzXb8pahymQaHxsjjWPV/4Tb2Verj4FSfNO0Usgp6oqyol3vvp5x0/DdhF4U6 6+Sqihvj+z4UZZDWLBwK1mP8ungU/HOvblsq9PgEDqtve82sIff4eJ76gyc7T+lBHLkb 76PE0WjPnjcjPWSnG85QecO13myOKEm5P2Ea4ugaxFYKs86aSy4p6GUTSYK7lIaA1rFw Ua/t48W45RRnOez27Bk9rN+rZEqU+PidiaH4wbfI4Q5+32s60BsnVzLePyEul1eiDZo9 EqqyCO6CSpE2iLcngk1HLCRRkexLSkmPufX008+UFR/CElj9BLKxUG9auDnFhp+LxiDN 6LMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051777; x=1774656577; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=sc7ZxTtUy7hlpRcyZngf1dKFBcofak52j6l4UPVMDlo=; b=jGmhd39yNCFwgyidW8oFW20oKDTdHZ1vhGUaWL3DqeSOb1UHxGGFcTt+Qzlm9u2knq rSQu6dyFghnbYreR0BsAfreI/kIpuXRqpOtaufSJ1AY9CSi/J3w7P9a2KJMJvwSDLp+g zbx0DOuvdv/JixYctccAyUqDpEjk/UiSvVzD3oIx0ERzr0UqahYtcYvR16q+eI+YZlco uGWrDquIzrAxXOJxxBlj1dTuYJRAJl9hWQNLzvQCQ57n6riirOUN3Kn/AGWutSkEuKsg L71Dhnq+HHqa4ToA/Mnc26WitgVR0NYwkedW8od5kyzw8hrY8Iwtnj5p+w21AlPeDDV1 ZcqA== X-Gm-Message-State: AOJu0YxLMMy0ntWyfNPPxTaXnPovvWiyJZ0aDr5HOd4ogRYoyf9vhVCd jPQFvq8CvGK7WFwGVjd6IlN0PZEl0g8vVdA2k/iRKIP/ev0bXYWYVJEDwIdDSely7LC5rq5cN0X IJvV8baP5jttWMuFbT8T27tpT6aQ6Nw422zb//iKTGFH9uPDq+Xd+1CPm7WUFB05JXE/DG/fklg gGUPt6odIcdkoYMGjEUFG4W/NyyJq+12ki+hJTXCfDecRteqanPA== X-Gm-Gg: ATEYQzw6Y+feom8nkQFNe8ncUzvY7Sc/6QijONq4qSbg6SV+JgDhqR7qTcmmYsqOo8A fwnhnR6myVMzYTYvQWvmV66zt+JkfVH1QhT+76m5FKElv9DxOJ/F7+inNlYSbCFAp50grCMsaVe GGTle6+PctBsq+cqN9PyPPUMtQ2vDD7SbPULRMXN21EVdh5HonzhVxahZRxKpCn566YPGd0yQJa Hr+JLJsjkcUoZsWqpfDhBpXaCEykYEzQVNDW1kRdFQ3ADRmuL9Od+cWqQApsbo62+wS6LNAlUzI OlMdcnQFT6O1P32mXXalPkM6axOgdWiwz0qED6Sz9mRReKBz+4idiRXzp+KEM9ogghyl9tEA4h9 YrLr3nIkh7gnL+W+dndw7qwYkFpdf5c26Oyl7EwIvhdFwJt2zv1tRsowLkEfOeYZN8Fpxsl5zZ7 dKnnSqtE1Af6WXMMX/KCFOhZ1V X-Received: by 2002:a05:600c:4ed1:b0:485:f1d1:8f3d with SMTP id 5b1f17b1804b1-486fede5d12mr70797685e9.6.1774051776793; Fri, 20 Mar 2026 17:09:36 -0700 (PDT) X-Received: by 2002:a05:600c:4ed1:b0:485:f1d1:8f3d with SMTP id 5b1f17b1804b1-486fede5d12mr70797325e9.6.1774051776218; Fri, 20 Mar 2026 17:09:36 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486fe032a55sm177243955e9.7.2026.03.20.17.09.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:34 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 01/22] KVM: TDX/VMX: rework EPT_VIOLATION_EXEC_FOR_RING3_LIN into PROT_MASK Date: Sat, 21 Mar 2026 01:09:10 +0100 Message-ID: <20260321000931.1947084-2-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Type: text/plain Content-Transfer-Encoding: quoted-printable From: Jon Kohler EPT exit qualification bit 6 is used when mode-based execute control is enabled, and reflects user executable addresses. Rework name to reflect the intention and add to EPT_VIOLATION_PROT_MASK, which allows simplifying the return evaluation in tdx_is_sept_violation_unexpected_pending a pinch. Rework handling in __vmx_handle_ept_violation to unconditionally clear EPT_VIOLATION_PROT_USER_EXEC until MBEC is implemented, as suggested by Sean [1]. Note: Intel SDM Table 29-7 defines bit 6 as: If the =E2=80=9Cmode-based execute control=E2=80=9D VM-execution control = is 0, the value of this bit is undefined. If that control is 1, this bit is the logical-AND of bit 10 in the EPT paging-structure entries used to translate the guest-physical address of the access causing the EPT violation. In this case, it indicates whether the guest-physical address was executable for user-mode linear addresses. [1] https://lore.kernel.org/all/aCJDzU1p_SFNRIJd@google.com/ Suggested-by: Sean Christopherson Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-2-jon@nutanix.com> Signed-off-by: Paolo Bonzini Acked-by: Kai Huang --- arch/x86/include/asm/vmx.h | 5 +++-- arch/x86/kvm/vmx/common.h | 9 +++++++-- arch/x86/kvm/vmx/tdx.c | 2 +- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index cca7d6641287..4a0804cc7c82 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -587,10 +587,11 @@ enum vm_entry_failure_code { #define EPT_VIOLATION_PROT_READ BIT(3) #define EPT_VIOLATION_PROT_WRITE BIT(4) #define EPT_VIOLATION_PROT_EXEC BIT(5) -#define EPT_VIOLATION_EXEC_FOR_RING3_LIN BIT(6) +#define EPT_VIOLATION_PROT_USER_EXEC BIT(6) #define EPT_VIOLATION_PROT_MASK (EPT_VIOLATION_PROT_READ | \ EPT_VIOLATION_PROT_WRITE | \ - EPT_VIOLATION_PROT_EXEC) + EPT_VIOLATION_PROT_EXEC | \ + EPT_VIOLATION_PROT_USER_EXEC) #define EPT_VIOLATION_GVA_IS_VALID BIT(7) #define EPT_VIOLATION_GVA_TRANSLATED BIT(8) =20 diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h index 412d0829d7a2..adf925500b9e 100644 --- a/arch/x86/kvm/vmx/common.h +++ b/arch/x86/kvm/vmx/common.h @@ -94,8 +94,13 @@ static inline int __vmx_handle_ept_violation(struct kvm_= vcpu *vcpu, gpa_t gpa, /* Is it a fetch fault? */ error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_INSTR) ? PFERR_FETCH_MASK : 0; - /* ept page table entry is present? */ - error_code |=3D (exit_qualification & EPT_VIOLATION_PROT_MASK) + /* + * ept page table entry is present? + * note: unconditionally clear USER_EXEC until mode-based + * execute control is implemented + */ + error_code |=3D (exit_qualification & + (EPT_VIOLATION_PROT_MASK & ~EPT_VIOLATION_PROT_USER_EXEC)) ? PFERR_PRESENT_MASK : 0; =20 if (exit_qualification & EPT_VIOLATION_GVA_IS_VALID) diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index c308aedd8613..bf9fe76d974d 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -1921,7 +1921,7 @@ static inline bool tdx_is_sept_violation_unexpected_p= ending(struct kvm_vcpu *vcp if (eeq_type !=3D TDX_EXT_EXIT_QUAL_TYPE_PENDING_EPT_VIOLATION) return false; =20 - return !(eq & EPT_VIOLATION_PROT_MASK) && !(eq & EPT_VIOLATION_EXEC_FOR_R= ING3_LIN); + return !(eq & EPT_VIOLATION_PROT_MASK); } =20 static int tdx_handle_ept_violation(struct kvm_vcpu *vcpu) --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4BBCE273D77 for ; Sat, 21 Mar 2026 00:09:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051784; cv=none; b=cTk8EUEBI0FTgMViqpVk9AVBdn/8MagRI/HXYja+Ro8R89BkkQnciyHnzqxWLaRizFRwSGcTewf6np8RPowLt08TGEm7rcRnP6vH7C0NdZkVBMyX7ZEX677nOuGj4NOeiv3zZNy4lyqrRaFSTgvLy1UPdmGFqWLZz+Tv8g5qvvg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051784; c=relaxed/simple; bh=w6YAb8ugu86VHmga44IWfL0zX03LYLcB7U/JmbkGjao=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=N0UjvZdOQs5l8vcni5vDmp3PXzTsh9QG2hhBJMjWZ0PreOJVtS7ZgSTrg4UhMWDS1/RFP9RJ7K1NxxIW+Z4WuXGnWzwmNUsxmPIFnBW0GRGD8ve69LzxVdRC2ca4GoB6d7puyUv3eXWhsrLhQFeDh7odDtbJpX2YjjArQp7vTow= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=KA+dDOGf; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=PHs6iEw3; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="KA+dDOGf"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="PHs6iEw3" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051782; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=i0aglvj+2VO9ti6n01MQ2ehRFqW/1tKmIWd/HfHoWyw=; b=KA+dDOGfjTmxxjhfwJlzYndla6sjkvJeDOSikYAS6n7fP6Z7PJI9cP/4c2dNw2NpSp1AW3 EJCzCjgy+8lr2D8sSRofMjBkK/YnFFwgKr99MZ9CTj+iQv1CRs3Bf6ONAIHmCEza8Wjexu IECLX/TVuU92NDCftp137y7/fupq1+s= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-108-SvKNZEskMVmNsO53o78pWA-1; Fri, 20 Mar 2026 20:09:41 -0400 X-MC-Unique: SvKNZEskMVmNsO53o78pWA-1 X-Mimecast-MFC-AGG-ID: SvKNZEskMVmNsO53o78pWA_1774051780 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-486fa07f2bbso5620245e9.2 for ; Fri, 20 Mar 2026 17:09:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051779; x=1774656579; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=i0aglvj+2VO9ti6n01MQ2ehRFqW/1tKmIWd/HfHoWyw=; b=PHs6iEw311p0XbitC+F1bRoDA8lPA92j132Wm+jskAgKbVGA8Gq6cRdqiC/r9NvxMj m5KOsIcoWYFVRloQc6n/m444IbHjOj551ATbocTaLMNihr1qZiO1PzpsqMCpxX8Lqlmx JVrMt+1wf5CYAAbLgYFj4dXuKY9OypjQ7LptBrQjc0K8w1lgaU0qv8wHTLLI3DtCv6EA LPmKlrmt6x/pA4Fg+Fdv5AiAK2oDJhqtPGTTNXdDZE03UHd8kQPhvWAUJOqcvGavVS80 byxEEsGGdJbFkOOjzatSZltjbwOK84v6ZU7nKjeRM2bXvkQughSnaiIPEGT0HB5B1k4/ metw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051779; x=1774656579; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=i0aglvj+2VO9ti6n01MQ2ehRFqW/1tKmIWd/HfHoWyw=; b=SDOZPm/2DSPmrFDDIGMhMqFlhdR5mdrprKXtYQ9nVUTdt/CEZXy1jxlVm7ox3Kc2zV bqDgS/+6zV7fV3p3tlYlM7vDRqE6aqA9BEsHJlRpVj/36bEOkMHgBfUJO4TYhd0/tboF 2DK4S8OgYu+EesQfUe7AAFd8fCkExdbSmfPZxusgc8OVjBtVjm28UilBhxPfcNi6vlf3 IJP7JNp8T6HlMfKhufAThm4ICN3fY/Z3rbiPA6Ra8Oq8fg6ArdQPIpBzg5Nqw2p1O4O5 7kM94vzvoBmF8pIJ9f4vE8xyzlw8phjwIMZN9P+KFxCSVUNGkCC4MXB0HWIakn1PErDx dMXg== X-Gm-Message-State: AOJu0YxQPURK8tujsLU2y07ITjgC970Xpy6J3VN2tRA0AF4SjjU8sovK MVQ74l00JdIHkDZ9LztB7V9TOiLBx3RNaOEBj+JYOGzLoPj4SmZp9+g8HDAxufBINYNZ80YUr6C swdXb23V86WWBJUlg8BE6lgQFFrsYR6yQ02xpO+cGS5PzAQ6YOJ8xUR9f/t8Ig+8tOIJdKCyLNG kiwE+iCKL3Z/idSYKL7aIZGFZSOKNiPBCEqWetMaDbqe1Ft7A6aA== X-Gm-Gg: ATEYQzw6fOA7n/pQIAuLuWEiZkgmmXvrppNgJcqWt5Sw6c+SgX5RdiKps89XBsnNF9C VbuwRipjyNZ0j07Q3LClUlAVAUrJDZoZzF7JGLwSBMjd+ZoQn78AeC1g0189+2Yo0Zl0/ZprHGU 0ms8b9wlVbzibKwRHExHHKAczc0rmn4lKti30nJt203hbTFqkv/wb2saDMdwCP3Qx3TpEE4uLnI Oe6aBqgZksSPJtp8TVnVRPiBGdvN0MrK/n7EWzbZGUGpRbpS+Zr5g+Kn2RCqdVTPjH1RC5m/3FU xu0E6oyz3gf1/JMng9mB3XGBI4Km/8P0iXYqVl0rOlboIGOzNT1O4j1XT8iEJjC5h5xWQ8NGb2p vWAlJiuEcsrR6tFE7zAQfycL+SkrL2x6ju9tF9iJlXleHxZpaI4lpPJkN7GzXq7srmWVRhZPpy+ XbyRobqO8TCVYEoEc6R9Hq4enE X-Received: by 2002:a05:600c:4e8f:b0:483:badb:618b with SMTP id 5b1f17b1804b1-486fee1e062mr68528055e9.24.1774051779032; Fri, 20 Mar 2026 17:09:39 -0700 (PDT) X-Received: by 2002:a05:600c:4e8f:b0:483:badb:618b with SMTP id 5b1f17b1804b1-486fee1e062mr68527795e9.24.1774051778528; Fri, 20 Mar 2026 17:09:38 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486f8b322d9sm162958295e9.8.2026.03.20.17.09.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:37 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 02/22] KVM: x86/mmu: remove SPTE_PERM_MASK Date: Sat, 21 Mar 2026 01:09:11 +0100 Message-ID: <20260321000931.1947084-3-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jon Kohler SPTE_PERM_MASK is no longer referenced by anything in the kernel. Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-3-jon@nutanix.com> Signed-off-by: Paolo Bonzini Reviewed-by: Kai Huang --- arch/x86/kvm/mmu/spte.h | 3 --- 1 file changed, 3 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 3133f066927e..0fc83c9064c5 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -42,9 +42,6 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); #define SPTE_BASE_ADDR_MASK (((1ULL << 52) - 1) & ~(u64)(PAGE_SIZE-1)) #endif =20 -#define SPTE_PERM_MASK (PT_PRESENT_MASK | PT_WRITABLE_MASK | shadow_user_m= ask \ - | shadow_x_mask | shadow_nx_mask | shadow_me_mask) - #define ACC_EXEC_MASK 1 #define ACC_WRITE_MASK PT_WRITABLE_MASK #define ACC_USER_MASK PT_USER_MASK --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AD36028D8DA for ; Sat, 21 Mar 2026 00:09:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051794; cv=none; b=OEYmGYC+RXYO7c8pUz1gaz1Ya84b07gr3Y+3vX1YAUb7I8KgM+cdw3rZ4BgUPU0jDqAWYMFUlAscqHJgkuQAs/NhPjK9HN6wsTQpwwGMUzZfxRafyoWGp6iQerEsQ0Vcs2croR5N6gmkLGe7jnOnuChY7tP9FFqWh9sawTFrk6M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051794; c=relaxed/simple; bh=z3zvzNjoHdnJl9hGaj4lEgJ4kD/PTw19cwfqw3eo3Yw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=cWH1K3ci77trHlbBHwTc/+OeehCouh1cs3Le4a6nU1ZId3X1m/D1fMZ1l4W9739GOafswrw9U9wV3ea4jKOq8G6s8C8imbxdmwfRnAG6T3nEWYfh6Y1A6bjwaIVbNxmqdkEvE76HbcBpjuRbJwJMkYj52c/upq8aFp+YtqspyWk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=KS8gXGTi; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=PISf/7vB; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="KS8gXGTi"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="PISf/7vB" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051784; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0x8Li3x48YFTevSqz2TQi+0tuTqD1+6xIYxZTsWPCJo=; b=KS8gXGTiifY4aoNlJKknLe3FeTc0MJKXaaq97exm7Jla0GWC/2E/x7u/BTwWwni56XUbLW cqsLivzh1CatBKjyIr8rG2K5vAfGQFFnyaiD9342dixFtrqOHGnq9M2QclGyiTrgUoSNU+ 3GDfMpV7XAqyQk+jzY8wQf5F3rQG6lA= Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-125-2hQjIG_2Mlq4KXKCxVTaGQ-1; Fri, 20 Mar 2026 20:09:43 -0400 X-MC-Unique: 2hQjIG_2Mlq4KXKCxVTaGQ-1 X-Mimecast-MFC-AGG-ID: 2hQjIG_2Mlq4KXKCxVTaGQ_1774051782 Received: by mail-wr1-f71.google.com with SMTP id ffacd0b85a97d-43b3da235dbso937981f8f.1 for ; Fri, 20 Mar 2026 17:09:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051781; x=1774656581; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0x8Li3x48YFTevSqz2TQi+0tuTqD1+6xIYxZTsWPCJo=; b=PISf/7vBAZ0hB61DgnwJCPgUq+vrhK90dpaypWcSQcxYXJoRHoyUS6ONQ1MOl9/xH6 1A+sqKAGZXQWT3J32RxIpdqCFZw7bUktnYkjpP1pvIfiFW9Q4/h9pN7oL0ykV3yWmXz8 K/4C4+CKGONlo+7P7E0MluTp8UlRkLIYwFw0iKTd0I24+2DtYx39H57I2oC2cvp/q6gW MxnT4048TgDM6qFPWZ8RhH0TanT9ctJ+vNbsDkrRtYKoWCsXgCQH0mCtiaPsbz86urLo +Vv7aPrWRIK49ezTiAdPX7XuWyf4MHA6ch4qhInig7bdK9/AkEeZAe7T5UkJZdOoEyQv y96w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051781; x=1774656581; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=0x8Li3x48YFTevSqz2TQi+0tuTqD1+6xIYxZTsWPCJo=; b=F4P/HFaXHFYS9zIn8IgCnuA2zuW/gUZLDUKTU+Mnq6VNQNtlM12q92UfGKne0nQ18g 3pMVRq0H0iNQBclkZHMrfMCJi+dsfm39L6h5kQKpSTTT2H0L81RH/u3ikOChwwas9hSF 7RbNkOKX+GlfyGzGVPHz2/bUB0CzTAaOIQOrCFwbn+HL9cWvMbxnh6uiX159LE5mD+gA whLLvzlU9Nri+MvHHw8EBhoRJ78HU5MbzBqM8jyzL80wS1kBz513qacl/tQfW/cyL6B9 zHgmqxrCjQkWjW4UaHVk89a2BcQXyPD2w1dIwn4e1JEHkjc7NQo9TK/DYzIEnApXaVtc y6pA== X-Gm-Message-State: AOJu0YyLwEXKcdKyi/U4iNq4elm2ztzF/TuDCnzGR7cG0fYQOZNuNbuZ 4K99HbJdv5PhnzUMqPiyr1otmnkQuse1Tu3thMU987ZY0mBoHs6C8Ib96csB7MZ/m4+ON4/e/aC vqDJq7ug6WdgUcEFj1JgphhJu4MBspfdPHjZTcEECQNaAjqsjqSQq6UrI1HqZvMNvtAGa5Wt3Pc sGp04ZCNLMop6MlUVJCrpUV9WceqtySV9ePBiPKaBqdReafNd80Q== X-Gm-Gg: ATEYQzxgC4csrBoRDynjNwjsiWOobA7X7tPzllL2RwZY6Q7rLcKOFXg87d8e6BrzCRZ IHuJB6Su3G12cHzDcMi9a/Gb4mMiWjL7zyGNZn1tGPEncqEKWzj8yE6JcvwxrYTQ7rNx8zbvkE0 JlA2XNxpd6tXzAiVJrwxdnCoAWPhz0eP2t/DdeaHNPugcF0+hlB8E86V8AqYgUj048Chu4BMOQz 25GoN/C3chW4Nj1JUk6zziXofUZv8R71N9bgVE1Gyyi+up91X+kbRI4smSd3szzTwgSBCJpIhVG 4RCa2qWxMb3iR/IAeNRTys9M8r7aO/CM3bkrIOeE5UdgSsnxmpjnGbZH3XFpeqbWyGAp53+A/Kj TH2YdzuSj0aMc/pk7Ls09VfWmVvI6OriRKO5q2D/KuMea7K4KwZM422Qoe3z/g8JJL4C8Xky1Su holPTXSpDgf1ErQJB4gIf9Mx46 X-Received: by 2002:a05:6000:2dc2:b0:43b:6352:a262 with SMTP id ffacd0b85a97d-43b64286a5amr8310938f8f.41.1774051781577; Fri, 20 Mar 2026 17:09:41 -0700 (PDT) X-Received: by 2002:a05:6000:2dc2:b0:43b:6352:a262 with SMTP id ffacd0b85a97d-43b64286a5amr8310907f8f.41.1774051781069; Fri, 20 Mar 2026 17:09:41 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b644acb52sm11272304f8f.7.2026.03.20.17.09.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:39 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Kai Huang Subject: [PATCH 03/22] KVM: x86/mmu: adjust MMIO generation bit allocation and allowed mask Date: Sat, 21 Mar 2026 01:09:12 +0100 Message-ID: <20260321000931.1947084-4-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jon Kohler Update SPTE_MMIO_ALLOWED_MASK to allow EPT user executable (bit 10) to be treated like EPT RWX bit2:0, as when mode-based execute control is enabled, bit 10 can act like a "present" bit. No functional changes intended. Cc: Kai Huang Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-4-jon@nutanix.com> Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu/spte.h | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 0fc83c9064c5..b60666778f61 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -96,11 +96,11 @@ static_assert(!(EPT_SPTE_MMU_WRITABLE & SHADOW_ACC_TRAC= K_SAVED_MASK)); #undef SHADOW_ACC_TRACK_SAVED_MASK =20 /* - * Due to limited space in PTEs, the MMIO generation is a 19 bit subset of + * Due to limited space in PTEs, the MMIO generation is an 18 bit subset of * the memslots generation and is derived as follows: * - * Bits 0-7 of the MMIO generation are propagated to spte bits 3-10 - * Bits 8-18 of the MMIO generation are propagated to spte bits 52-62 + * Bits 0-6 of the MMIO generation are propagated to spte bits 3-9 + * Bits 7-17 of the MMIO generation are propagated to spte bits 52-62 * * The KVM_MEMSLOT_GEN_UPDATE_IN_PROGRESS flag is intentionally not includ= ed in * the MMIO generation number, as doing so would require stealing a bit fr= om @@ -111,7 +111,7 @@ static_assert(!(EPT_SPTE_MMU_WRITABLE & SHADOW_ACC_TRAC= K_SAVED_MASK)); */ =20 #define MMIO_SPTE_GEN_LOW_START 3 -#define MMIO_SPTE_GEN_LOW_END 10 +#define MMIO_SPTE_GEN_LOW_END 9 =20 #define MMIO_SPTE_GEN_HIGH_START 52 #define MMIO_SPTE_GEN_HIGH_END 62 @@ -133,7 +133,8 @@ static_assert(!(SPTE_MMU_PRESENT_MASK & * and so they're off-limits for generation; additional checks ensure the = mask * doesn't overlap legal PA bits), and bit 63 (carved out for future usage= ). */ -#define SPTE_MMIO_ALLOWED_MASK (BIT_ULL(63) | GENMASK_ULL(51, 12) | GENMAS= K_ULL(2, 0)) +#define SPTE_MMIO_ALLOWED_MASK (BIT_ULL(63) | GENMASK_ULL(51, 12) | \ + BIT_ULL(10) | GENMASK_ULL(2, 0)) static_assert(!(SPTE_MMIO_ALLOWED_MASK & (SPTE_MMU_PRESENT_MASK | MMIO_SPTE_GEN_LOW_MASK | MMIO_SPTE_GEN_HIGH_MAS= K))); =20 @@ -141,7 +142,7 @@ static_assert(!(SPTE_MMIO_ALLOWED_MASK & #define MMIO_SPTE_GEN_HIGH_BITS (MMIO_SPTE_GEN_HIGH_END - MMIO_SPTE_GEN_H= IGH_START + 1) =20 /* remember to adjust the comment above as well if you change these */ -static_assert(MMIO_SPTE_GEN_LOW_BITS =3D=3D 8 && MMIO_SPTE_GEN_HIGH_BITS = =3D=3D 11); +static_assert(MMIO_SPTE_GEN_LOW_BITS =3D=3D 7 && MMIO_SPTE_GEN_HIGH_BITS = =3D=3D 11); =20 #define MMIO_SPTE_GEN_LOW_SHIFT (MMIO_SPTE_GEN_LOW_START - 0) #define MMIO_SPTE_GEN_HIGH_SHIFT (MMIO_SPTE_GEN_HIGH_START - MMIO_SPTE_GEN= _LOW_BITS) --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A5BAB1E22E9 for ; Sat, 21 Mar 2026 00:09:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051791; cv=none; b=ZAZYzhxcmKI1sXhdzMvuvoRNDNb24GrInL648ppYWsEFu5iILWk2Thab9OUImUEnBP8MAH12GWQ5y1N+29Z8YAFk0Ozs+poJzqaMQ5EBMvThvtrAcbBgu5F6Yz6F2mrJXlzKypOOTwcrMv7atsPjYtUCwzEPzmi1eQy4nkm1Iic= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051791; c=relaxed/simple; bh=iVcE9RrZcl26REv9KZcwEG1itIHBEVAGnJ7liWzs2n8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Lbz8HgSMsv+BCEDCnE+hPxfVLM/5sV65yGwU2xSL5wMUEJtyyLx3Nl5T8hA7VxL6vqGb5kUKgjdKOz9DwMtR8smH7dMpsJQF2fzq5GvZF853jE4dTJI7nSYaJBBdgEsGZh5NVI/EIPlj8hf0iyU2FIC/NyhRBfi5jRRIUZZTqaM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=aVG38zvG; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=KmfU2ocm; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="aVG38zvG"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="KmfU2ocm" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051786; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cwAnQNfaCoyR40gaeMt6QITdHXPQjNKk5ABGyzLqLus=; b=aVG38zvGxwRdJbFVNu7MKCdmutLYsHoHsd2Gsct7es9lIr03PVRwmVP1pYWUn/aG9hm3tJ DzPyLgFIJKkSisgEfgGWV7TIvwVe33muJOckxjbICXBVUVAs6WgzmHNIvTXfQjcsjvypfM GYzZExWFh79RYeDBSv+rjleLm/zhhv0= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-690-OeKcb4_NPG6JwPewe_LD9Q-1; Fri, 20 Mar 2026 20:09:45 -0400 X-MC-Unique: OeKcb4_NPG6JwPewe_LD9Q-1 X-Mimecast-MFC-AGG-ID: OeKcb4_NPG6JwPewe_LD9Q_1774051784 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-4837b6f6b93so7821085e9.3 for ; Fri, 20 Mar 2026 17:09:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051784; x=1774656584; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=cwAnQNfaCoyR40gaeMt6QITdHXPQjNKk5ABGyzLqLus=; b=KmfU2ocmu1pAowzJA7gFf7lk8WmyVOsNdJDdA3fRnupCk0HkkfKTC5KSkxRiUZZwU5 VgFt1JPUFHRptqjUR3J4MBaflu64Lhwf3SQBnUZrneIYKsS8eLs3MvEA6oxVvLLVF9DG ZiL/dPaU0eYHtpa7sKp0yx+THWayfLICE8fe607FG650+Covx5IgpHsMyGNa6PE2LHn3 zRMB85cQ0F9bnDavqrBuhIBPVfiiZxezUN4YBqBKF1tcSqcGz8X/YnIOILqMAxz2zR9Z Bp5qElmCpMthEBeKN6DbjWPNp/b24bLKwrWJKHz8yMrNWthnpN8Np4NtsPWOUt1Htq8Q u6mA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051784; x=1774656584; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=cwAnQNfaCoyR40gaeMt6QITdHXPQjNKk5ABGyzLqLus=; b=j24SYEfzd+72Wn6Qi8tolE7asPCPDedY3mqfq6+h6MzHD8xEVCmb8Yiu976cF0HJBt dGuxIQBb/VkXm6VG8iHRKCBd30cfTTsfZpMJsLIFSodSj2HWwV+Pyp9u6Qk607foh/sr pJcAv8xWkhxtdCkvqF/Q9cxCoSGeDy28aYIw29pANO5AoD+uhai65CU5CsqfCN5ZSjwE JPEys8akd+4Ge9ryAb2mHHuVq8hbOQjJhSoniA5w1TovYtPS2DyMhqXfO7+rpZ/YMOvM 03yGfcmDCmlnWGw32AON3sZ/VxwZixpHOAeNA+zRJyVX33SQJ+e6ZL8WL5iEIJi79HVI 2fkA== X-Gm-Message-State: AOJu0YxAW42tC8lRhsT9HexaZzIti0PLmcq8M8oxQsJozNJmqoKa0u9s Rhr34KA+QW88dfurtkMmW9qRJ+7AaWr58IlNj1MnFFjtPc6nc/xW6kr5/fhu8BdhGVowb8IwdnY qq0dXOR78WPTsah8YU+wjTI294yciLlpONA1xKf/xL7yAz7sgQKngox7gYKI9lmCZ1UQQUgwAqI lGgOw0PmbgqxHWw1+WlEZAwXolS9BULq1KqrrBxRuPAOePYCRyTg== X-Gm-Gg: ATEYQzw1z/04Mn5qmKKEgIlPyMku0yRo5XGj3ZmA60t3hwb3CkraaawvDDRe2y8n5g6 xgCi9/jX59Wv78nQiLelb6SCvUEviRDae6oxMgQWHkYtifSpGfTYkLXavzf0nuyprA9DdhdzyRg MCZRIMV1yO4jnqZGgpgJvSVaUjY2BeMbRpKRcvmG4k1u7M8AX5E+Y1xJPN44QA3NHcUkoUYPUvI rlH+VEgfF+3jNg1iUp/XprEr6NhyzMi0RwSxRcqNQPP+wn7GWSOkB8/zQ4wm3IFTUKbNczONeI1 BeZdggD/6y6qr66l2G2cjMKzlthit7OqRa+IAGkuqUjan+YCq9nbfYzWda5Pqyhj/+n2VTiBbEy IGSqNhJsPkYl9ZWFCBpgsq6uPMzrL0Lrrck/5dokyI9Utp1Nqo6DLoyqHS1QhX7KR3wIWmpK6eU mubWsNzGkX1Y/lSNqxBTSlsKYY X-Received: by 2002:a05:600c:45c5:b0:485:3b34:2f51 with SMTP id 5b1f17b1804b1-486febbc66bmr74063125e9.4.1774051783744; Fri, 20 Mar 2026 17:09:43 -0700 (PDT) X-Received: by 2002:a05:600c:45c5:b0:485:3b34:2f51 with SMTP id 5b1f17b1804b1-486febbc66bmr74062885e9.4.1774051783287; Fri, 20 Mar 2026 17:09:43 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-487004e7bc4sm34110035e9.2.2026.03.20.17.09.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:42 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 04/22] KVM: x86/mmu: shuffle high bits of SPTEs in preparation for MBEC Date: Sat, 21 Mar 2026 01:09:13 +0100 Message-ID: <20260321000931.1947084-5-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Access tracking will need to save bit 10 when MBEC is enabled. Right now it is simply shifting the R and X bits into bits 54 and 56, but bit 10 would not fit with the same scheme. Reorganize the high bits so that access tracking will use bits 52, 54 and 62. As a side effect, the free bits are compacted slightly, with 56-59 still unused. Signed-off-by: Paolo Bonzini Acked-by: Kai Huang --- arch/x86/kvm/mmu/spte.h | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index b60666778f61..7223a61b1260 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -17,10 +17,20 @@ */ #define SPTE_MMU_PRESENT_MASK BIT_ULL(11) =20 +/* + * The ignored high bits are allocated as follows: + * - bits 52, 54: saved X-R bits for access tracking when EPT does not hav= e A/D + * - bits 53 (EPT only): host writable + * - bits 55 (EPT only): MMU-writable + * - bits 56-59: unused + * - bits 60-61: type of A/D tracking + * - bits 62: unused + */ + /* * TDP SPTES (more specifically, EPT SPTEs) may not have A/D bits, and may= also * be restricted to using write-protection (for L2 when CPU dirty logging,= i.e. - * PML, is enabled). Use bits 52 and 53 to hold the type of A/D tracking = that + * PML, is enabled). Use bits 60 and 61 to hold the type of A/D tracking = that * is must be employed for a given TDP SPTE. * * Note, the "enabled" mask must be '0', as bits 62:52 are _reserved_ for = PAE @@ -29,7 +39,7 @@ * TDP with CPU dirty logging (PML). If NPT ever gains PML-like support, = it * must be restricted to 64-bit KVM. */ -#define SPTE_TDP_AD_SHIFT 52 +#define SPTE_TDP_AD_SHIFT 60 #define SPTE_TDP_AD_MASK (3ULL << SPTE_TDP_AD_SHIFT) #define SPTE_TDP_AD_ENABLED (0ULL << SPTE_TDP_AD_SHIFT) #define SPTE_TDP_AD_DISABLED (1ULL << SPTE_TDP_AD_SHIFT) @@ -65,7 +75,7 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); */ #define SHADOW_ACC_TRACK_SAVED_BITS_MASK (SPTE_EPT_READABLE_MASK | \ SPTE_EPT_EXECUTABLE_MASK) -#define SHADOW_ACC_TRACK_SAVED_BITS_SHIFT 54 +#define SHADOW_ACC_TRACK_SAVED_BITS_SHIFT 52 #define SHADOW_ACC_TRACK_SAVED_MASK (SHADOW_ACC_TRACK_SAVED_BITS_MASK << \ SHADOW_ACC_TRACK_SAVED_BITS_SHIFT) static_assert(!(SPTE_TDP_AD_MASK & SHADOW_ACC_TRACK_SAVED_MASK)); @@ -84,8 +94,8 @@ static_assert(!(SPTE_TDP_AD_MASK & SHADOW_ACC_TRACK_SAVED= _MASK)); * to not overlap the A/D type mask or the saved access bits of access-tra= cked * SPTEs when A/D bits are disabled. */ -#define EPT_SPTE_HOST_WRITABLE BIT_ULL(57) -#define EPT_SPTE_MMU_WRITABLE BIT_ULL(58) +#define EPT_SPTE_HOST_WRITABLE BIT_ULL(53) +#define EPT_SPTE_MMU_WRITABLE BIT_ULL(55) =20 static_assert(!(EPT_SPTE_HOST_WRITABLE & SPTE_TDP_AD_MASK)); static_assert(!(EPT_SPTE_MMU_WRITABLE & SPTE_TDP_AD_MASK)); --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1FD8724E4C6 for ; Sat, 21 Mar 2026 00:09:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051793; cv=none; b=kWzYi/CQFYtc2K3PDOIBM6fWe8E37k9PEkABHruWf5rfrIUgmCPpuYUu2rRGChikfiqI8VdnJ+HdwURroDKK++U2sETD0j5pCQ6QRQ82an3pli1TvAbkWViGVFuTkc3pp/emjiwqGnb10yZhBnyHGInsqC3jM1lGc/lEhe92zwM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051793; c=relaxed/simple; bh=OJBsyJfTqth9OfgUA01Qnwq1JO04burdCzePl3InDIo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=FX7T4dCkoFHrE0NkIX7sz4Ji1C2kdHvI3FYsn+6OJDQPIvxs+UebLnt59BhjKgY/rmT57CSZbswX9/fMYm+5gdEMp1OhFnDUAnNJpM+dAbPLdDbRXR0aTQWgpjVKjur03YQqwMDUM9RN24YimJlIGHLtT2WlPaAbPtvZys7FCD4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=G+j84spt; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=So4scJkA; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="G+j84spt"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="So4scJkA" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051789; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qXO9T9Z8K77B5X3+NmDVkDSP2SW3BrCQveRA3iJEcWI=; b=G+j84sptyKIL6VITNA/4FwdK+abj5hrUOnc4ND9UzkzkLWiHMtgnz6hWcVAxB2nTXb2CY4 A/wPEjJ/jGA9F/isxklq4cfcvBZnfGtdtz2N9ZB9jLPNFJGEnivrilDFnPjvNtR58WXfEo 6/XNjTJoV2Tc0SBBfQ1+oI8AyqBUIcQ= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-333-MCH-PLsePriTFBNRQPgsuQ-1; Fri, 20 Mar 2026 20:09:48 -0400 X-MC-Unique: MCH-PLsePriTFBNRQPgsuQ-1 X-Mimecast-MFC-AGG-ID: MCH-PLsePriTFBNRQPgsuQ_1774051787 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-486fa35b005so24224635e9.2 for ; Fri, 20 Mar 2026 17:09:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051786; x=1774656586; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=qXO9T9Z8K77B5X3+NmDVkDSP2SW3BrCQveRA3iJEcWI=; b=So4scJkAxN3XmcQRDIymFGd6QDRyc/WkYENICafZL+Z59m/hxsqMfY+8As8kC70tIE dfg8MaW5HRNIca6X5GQI+NF2qoWOUkbT8MWdc2VYTkWG4Zwvai+oGaDh4k7EEFUkBBGm sWYapbEYmVLgiqyF8rvwCnKnNIAnZEIifAujSDI+8UCOdbVnUJmPTJKP5Bps912DtL3I c4xgZRsMnOpOvC1JZt3x8Ranhb56EqXpYp0T/wrDhfWTD0Sl3A0v83s4bnb/f8iAqx0B LNH9wvwB3LadPyceMjz2cQGw0o3J0tqUCVNk7ykYQlrtjHgkNy/7/AyK2yjkyzVYaCtC SQ+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051786; x=1774656586; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=qXO9T9Z8K77B5X3+NmDVkDSP2SW3BrCQveRA3iJEcWI=; b=ldXIeMmyTrRgBPHXchPn8NEj1EC2TxBOraXUOFvjjSg6nAnUf88lVtqhXqXDBITvE8 V67EFZsUw1kPMpAjxZTGhHpn/ZqS6bKE/aGeycvhtwdpVjrNVTURD5qOb79QxQXBODwM Nk+S7LU/nSYwX1UpJWmBl6W68r+XTSiYYPkJY85E0TFS6HlsZZ0rH2n1o0Z/ofwabd2+ p4Aa8XCVG1rw4Q2+pobU7tEDtu4Whs4zS2jqQpoGet3S7jFDr1WiE0mH7jdL75Jx4zVs 4WnSxfePBqE0GL3/9EQJkojO4yikAGQXFKMkdadOL4DvnAhZpBlurOLtCm2eKr0O1f08 5czQ== X-Gm-Message-State: AOJu0YwWKkQfnzMwSsmEbnMuXMfHudtv5uxkzydjUFcLgzpctOHJilTC Qid7oB+SF0bRtEuCjPr6CMq5ffVNpGDoY84CvOumfJ8beZHcay+Zjt7k8ZgQ2hZJQQPmpmOxlUq Ggq7aMA+zcfy6hL+rrXQKb2Yb1tBBhroLuoHRsigmMATrr9rHqicrqse58wV2CfVgiVD5la15Mt uYEi3nFvpjFd8n9YF5unGeVR+fSTzEs1KkecKKsj60gJb445ItNg== X-Gm-Gg: ATEYQzwN06z6aNO38GYTqSl8J/iVSsY6tRPkGsVDNPmcnzHB1S2dIBHzYhIBkQRGVxn rqWyUVeaIH5qjGL4O8rZGhz69sWelN/yHRNhBoqKZqxA2ym41+BksXjoES7BAxUGBmQBtJMUeZZ nYESP43hbh2V79zigHPliF09aw/UuB1KN90fl4PG/o46yKaSATa9tyoypwS2c716g3S3j34dh+E MtoAd9KoI/OedWWP5NNJTvGVAQ2/OEypBL2vdpwfcTcQaE2jUd1miuX6zdTwtUnODr3mEhRn0G1 i6NAfzvuFZg4EmazxPl72cNFkdABugUTgMcAFFUlWJqKCsuRT1SQEsxfD1w0zryHE8ReKyVwhnk x1f0JtfQqoUJJHzLMicAUexRQbv+TEKjYMBAupTGIMxkR7pSI2kREHdKMtkOgAS3eRshzzTz9nF xfIOWpYJgvZG+JJGgOaivFhrQD X-Received: by 2002:a05:600c:3e8d:b0:486:fe45:483 with SMTP id 5b1f17b1804b1-486fee25f82mr63400825e9.22.1774051785865; Fri, 20 Mar 2026 17:09:45 -0700 (PDT) X-Received: by 2002:a05:600c:3e8d:b0:486:fe45:483 with SMTP id 5b1f17b1804b1-486fee25f82mr63400545e9.22.1774051785417; Fri, 20 Mar 2026 17:09:45 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486ff1cb178sm26349555e9.29.2026.03.20.17.09.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:44 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 05/22] KVM: x86/mmu: remove SPTE_EPT_* Date: Sat, 21 Mar 2026 01:09:14 +0100 Message-ID: <20260321000931.1947084-6-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" spte.h is already including vmx.h, use the constants it defines. Signed-off-by: Paolo Bonzini Reviewed-by: Kai Huang --- arch/x86/kvm/mmu/spte.h | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 7223a61b1260..3d77755b6b10 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -57,10 +57,6 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); #define ACC_USER_MASK PT_USER_MASK #define ACC_ALL (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK) =20 -/* The mask for the R/X bits in EPT PTEs */ -#define SPTE_EPT_READABLE_MASK 0x1ull -#define SPTE_EPT_EXECUTABLE_MASK 0x4ull - #define SPTE_LEVEL_BITS 9 #define SPTE_LEVEL_SHIFT(level) __PT_LEVEL_SHIFT(level, SPTE_LEVEL_BITS) #define SPTE_INDEX(address, level) __PT_INDEX(address, level, SPTE_LEVEL_B= ITS) @@ -73,8 +69,8 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); * restored only when a write is attempted to the page. This mask obvious= ly * must not overlap the A/D type mask. */ -#define SHADOW_ACC_TRACK_SAVED_BITS_MASK (SPTE_EPT_READABLE_MASK | \ - SPTE_EPT_EXECUTABLE_MASK) +#define SHADOW_ACC_TRACK_SAVED_BITS_MASK (VMX_EPT_READABLE_MASK | \ + VMX_EPT_EXECUTABLE_MASK) #define SHADOW_ACC_TRACK_SAVED_BITS_SHIFT 52 #define SHADOW_ACC_TRACK_SAVED_MASK (SHADOW_ACC_TRACK_SAVED_BITS_MASK << \ SHADOW_ACC_TRACK_SAVED_BITS_SHIFT) --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A71491FBC8E for ; Sat, 21 Mar 2026 00:09:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051795; cv=none; b=XWsLIwEiqyVb/9GJvAa20UBsOGKS3koZdXAbyj/JsLb3BK6CKAY/mQbU3DqvokQ4rOp6LVQy3S3g06nbs/wJEoQa0xDO/U8jyfurTspM4CuCWpobepcsLa3V5yeEarMyad2SOO9NIeSMO/2AExOxzI3pqkw3dp+jD+ICixOEm5Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051795; c=relaxed/simple; bh=7NaJbF+V2W5Ta2GDLeEGbucPkdKKkGGF8s6b1G42ECo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Ou/XdD/VSW/bov+gEqfcogh2UzDQ/vzD/U8Gf8kqV+x0GZLx0DQyZivB5MBA2G9dPIHBWF79ojyzQnT4DbBvqPq3PCd+Vo+enGt5rDvdCoIqNBSHdDKQy/2KD+rLma5p+QP6x5wRi5fpbZ64QkW+2YfK7No3M0iGXsP5PvDPCCk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=acHecEud; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=SVSM7fAU; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="acHecEud"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="SVSM7fAU" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051791; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DBpdMV64mgMJLmufv84JnT4W5g24GEtGQX6G/w72xZk=; b=acHecEudkbqStrAmMI4SoKJHFMyNDRGT/E3pvWmQNqa9CVTUYx5lpXNYJfM/y1onnfBFkt 0ZCY4zVXMDEeuYVizTtC7ZSrBMEgS8DO+JJcNqHvZCdClBIoUAwcOzHst4DQl7mqwMMSvs tgruBX1jkkNMoAiYDYyb50W4j249UkI= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-674-PsXA-3WmNPu95UILxVWulg-1; Fri, 20 Mar 2026 20:09:50 -0400 X-MC-Unique: PsXA-3WmNPu95UILxVWulg-1 X-Mimecast-MFC-AGG-ID: PsXA-3WmNPu95UILxVWulg_1774051789 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-486fe3b9441so13399185e9.3 for ; Fri, 20 Mar 2026 17:09:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051788; x=1774656588; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=DBpdMV64mgMJLmufv84JnT4W5g24GEtGQX6G/w72xZk=; b=SVSM7fAUakqXcRmlOu94NTAtvNWl3b84CW72J/PBLOQwXsXl037L2emYA722VzXe5/ OSCZwbXTTYkP/znpwve1eeCkq++ZAM8KLwh5j1D5G3klGuFO98zuL9Uf3TL6/RvAREgg xmEQEc3RxNkZhXRX4lIxD3QSWCX/67YKcsvxWKsC5qIKrZuyidTDjM6BXisVBgmh8qSw wfpEqv02yhOdulmC83BZdnb1vyQvMTDcqCxXmaliySxbSPQTbGgsj0UPRmy+WrtNKV3P Ina6bWy4uOIaQ+KS0bk0qrX6wEhdc6Wh8buUanwAx9i8W9TcOiuWZ6vWnRZstUpZij73 JBmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051788; x=1774656588; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=DBpdMV64mgMJLmufv84JnT4W5g24GEtGQX6G/w72xZk=; b=Ak3VdBeJT+Xz49KTSsa1VVvhFGDUTetCxdJTSz2al30ZMFKCLTx7mwunifHvGCZqLl 4TfqGI31q83tLC9aaOHbv5C9EPnJQAq20jLeK31XruzzpD+eklT6EWWyVUjxEuQ/4ojL kOpMZTZ+E1GB8kD9IphLmvNJ3rdDz5AO5xg6rhPWHwh6ukFxixcGrMEh6iBzkc8UTsWT sIbUeD1GGApGoBxkwbAiHzbZEtVwaqtdic+rLdvh1R7T70SddvCz0O7h6kvBlJMELXNF iz3cutg/5ofZeajKZhieO5QBB0p5X65h2/C26xM4P9T792n0LLafowarvqB9f8papThM 1ceg== X-Gm-Message-State: AOJu0YzBh4rPRSOW/I9X0gNx0/stoM+PZg7gGwlcZrXdibBiYWon2thS o7Z1TInReMKgMDPy9eIMBtwPZywx1SR0mSZNe2i4BnF53p3Pt5q1pA1dsuHve8g0o9ECOnyWrVp u4iKClXkP5HXapB5zflMuGC5lyKgem+bVlh6415ru4gUOmI6qBYVykUjRRurwQxA1vYXrvKtmp1 U2TV9/O4Qz94KAVUkJIG5HB3YwzDYJZx+tgkHGcpXHGWGvQq8WbQ== X-Gm-Gg: ATEYQzyrovljKcGb++Fv/zl/Q3MurfjZXs+J2btpkU/+kL68cFvEDdcsg8VNjY1q33i y28JA312116oBKu5kqSm9904OaFwzoJ3SG4RC86SABbNxTp4RPBA4kk7VR7y7eOCT9d9HZMl2Ln W6Fh5ukjgzRrgIV+pZDf/vG0StL04P3cDLA5cvbtrkdJarQjL8YSLED659aybFYDcH8gJVlC2pT Z6qMh1DWKH6hGOVUEFVfKe3fVaWRTJEhYuXAmNgOZ4NvQTa7WbigtiFttaeMmstmjqFHTxIdsTI jcQYHPu+KnUutDNFYpbY0oiN90KTbm6Er9jaQQaU84/iMdFC+nTd2yV8ohg8kkMio1PKij+oHOG 2GDMdfocQZP3lnje4X/NwHliGZdVj9tREkjFy12+hi7Kq3K+0nPqV0PJeytKlPePoLWdtp1AWr9 Ifg5pTyqWtC3VRFrPYO2bUOw3C X-Received: by 2002:a05:600c:a4a:b0:486:fe83:8621 with SMTP id 5b1f17b1804b1-486fee1ab20mr57041625e9.23.1774051788438; Fri, 20 Mar 2026 17:09:48 -0700 (PDT) X-Received: by 2002:a05:600c:a4a:b0:486:fe83:8621 with SMTP id 5b1f17b1804b1-486fee1ab20mr57041365e9.23.1774051787979; Fri, 20 Mar 2026 17:09:47 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486fe7d6c54sm236718365e9.4.2026.03.20.17.09.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:46 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 06/22] KVM: x86/mmu: merge make_spte_{non,}executable Date: Sat, 21 Mar 2026 01:09:15 +0100 Message-ID: <20260321000931.1947084-7-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" As the logic will become more complicated with the introduction of MBEC, at least write it only once. Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu/spte.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index df31039b5d63..e2acd9ed9dba 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -317,14 +317,15 @@ static u64 modify_spte_protections(u64 spte, u64 set,= u64 clear) return spte; } =20 -static u64 make_spte_executable(u64 spte) +static u64 make_spte_executable(u64 spte, u8 access) { - return modify_spte_protections(spte, shadow_x_mask, shadow_nx_mask); -} - -static u64 make_spte_nonexecutable(u64 spte) -{ - return modify_spte_protections(spte, shadow_nx_mask, shadow_x_mask); + u64 set, clear; + if (access & ACC_EXEC_MASK) + set =3D shadow_x_mask; + else + set =3D shadow_nx_mask; + clear =3D set ^ (shadow_nx_mask | shadow_x_mask); + return modify_spte_protections(spte, set, clear); } =20 /* @@ -356,8 +357,8 @@ u64 make_small_spte(struct kvm *kvm, u64 huge_spte, * the page executable as the NX hugepage mitigation no longer * applies. */ - if ((role.access & ACC_EXEC_MASK) && is_nx_huge_page_enabled(kvm)) - child_spte =3D make_spte_executable(child_spte); + if (is_nx_huge_page_enabled(kvm)) + child_spte =3D make_spte_executable(child_spte, role.access); } =20 return child_spte; @@ -379,7 +380,7 @@ u64 make_huge_spte(struct kvm *kvm, u64 small_spte, int= level) huge_spte &=3D KVM_HPAGE_MASK(level) | ~PAGE_MASK; =20 if (is_nx_huge_page_enabled(kvm)) - huge_spte =3D make_spte_nonexecutable(huge_spte); + huge_spte =3D make_spte_executable(huge_spte, 0); =20 return huge_spte; } --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3336A28C009 for ; Sat, 21 Mar 2026 00:09:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051797; cv=none; b=BL5Rfw8iphMPqr15fX19enX4YX5Nc3qRyDfpdFT3p+tZZNmeRQNTSapxzFlS3FqNu3f2imEnxXt7aZ/L2UJmMCQ0FWij9yemyZIhxoCbmaVqHuGvQf8R+bI9UkHlKqklp44Z4sOC0WUrns38+O5wJo//xjtNMGASo7002lgZhF0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051797; c=relaxed/simple; bh=DihxkOWv+JxG2UN2lSc1s5hKwrXbScKzUbU50MBSt4Q=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=sJisYEAttSmwEvjm6zLpuzLXMz72eo6VFttPfgnQZXL08db0EYRCEEaW7HQNAhHYq5fIzZzuNAldtk4vJYVV8qfvOFz+iR8Tff917cFdA6PY61VHugTQRJuK0NYFKxbE38Low+z3s6KmWrGobMGY+qKrR8/TNFa+ob4C0j1SSeE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=ILQDd2Qe; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=DMmqXwIO; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="ILQDd2Qe"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="DMmqXwIO" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051795; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5B88nIkjrPBlPRLOnsql4t3eOhkXCnIkbUvpZ9XuDX0=; b=ILQDd2Qe+U1tvk1FStgRX6i4ihbzdSwijE49bkW7jqmGKegZ/Ih3pONsmMxzEL4xGAaTae 2QieqzjPouK9ZK71sXS4oGaTCRIji7fDBE1y878xAL+BSIJvMhZgF2lifDMg4K9N7KuNFJ NwYs8LJHCieUU0pRco6chopPmlh2Rtg= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-103-oNGv3ZhIOuOf0TbYFFFRww-1; Fri, 20 Mar 2026 20:09:53 -0400 X-MC-Unique: oNGv3ZhIOuOf0TbYFFFRww-1 X-Mimecast-MFC-AGG-ID: oNGv3ZhIOuOf0TbYFFFRww_1774051792 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-439b3011be7so2298335f8f.1 for ; Fri, 20 Mar 2026 17:09:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051791; x=1774656591; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5B88nIkjrPBlPRLOnsql4t3eOhkXCnIkbUvpZ9XuDX0=; b=DMmqXwIOvxCYoOuM7uXlctmNH8Ny3N/glVDN1uliHyYnCJAJnf5GLgNf5BwADyjlVI 2Zo9T6HEhy7H7rngl4pR+YkEjLHKEk0wHbYmmGWhiGGSZrRArAiWj/J64l304+kX3/zn y029kpDX7Z3act8f5RBnEWwA+YbWk9lUVcHhfxbuwgAl/+oWQ44wc4U1D5GLPIONGvnR lE4ssC5LvKdtILU2WtQoOezKEon04L4YAn7qWBuUcNTdVKzDZe/g99nxoQ2/ZNZ8T/Ep 0yY4odai1AUOaIpUtXw74lCSJI+48/rj8qTrEAKEC2dHtq2yexozuXf1qAx58SGESX52 GMVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051791; x=1774656591; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=5B88nIkjrPBlPRLOnsql4t3eOhkXCnIkbUvpZ9XuDX0=; b=HrOhlZrA6tu1B87LQ/RUyOOLc1QHIFRlh+1gT43LGnS88WsX/FUdkWyMEz8ulV4hpq 8fs06XSQ830zK2SlopdouiabUT7+/RST6Aq+RopApkBbjibaGs7lB2G3uKd8Xmvfk8k2 C0mr4BZOiDoY1Jf2mWDyRyQzNvJwqU0+HfSX2LAegGT9gmeal3kuDx3j7wL5imv+pcLK gPxH3biim4/TZl//AwIMgsPvbXLlORiSGyDWN627glNSEfCo5QWRlTTcQQUWdoYXp1Dc zmg00hvyJhJUwS7Qd+uyx2rBMdmfJJwaSIWBNfk5ta8HLZJqYXKdkLrvbuv+heicAGqj /uog== X-Gm-Message-State: AOJu0YwegbDEeG+6Or0eSEFN50ikiBCUEinY2h7VbRZrX51nVtTMwTPz ODlKT194gZ+LfDTbLX8SUD2gw4Nsx14uRiWIaVeJU8gLtRdEiYeU+AwW/RzugDJotU3r8tgcKV4 hX725OvCAdN7xIDWyck15mZZOKxkalOwnZX20ecRlULXvcGU9YM97dV2/KGaqu6z6BfBacG9fmG 9SPzxqmnsScnNhBKZSTMboYc7roUfVgeZg6RD6oUsvGrhZKPBAqg== X-Gm-Gg: ATEYQzyQgjk/rIWFzPXymXqLgRqwGmvtE4XS53ytgNo9jBNpaDvoLT3diJk29r+diGR tUG/Tjk3+PiqkK+NoLC6rh8aCLg0hqN05qfQHvxUJZUMcW5OSsQLATO2Qd707LM36dB6Jhiq/xd LUzA/HnSzsg1Y6gbKrF51WJFE6h3kYrh05Usq4+zLveAqnMRwKEL67P9EhkDcnFCRoF1JLRGnqq 0GGYAJSZi4MOiAo0mEaK6zb3fLFXycoA+pcQM2HFGNtGvMb9R96fkS77bPxZPN1qUy45OCnRPsm HyARTjAbDNCmCtQkyQPGihAF7zAzMOuihuWDyiFyEvq1uEdO7KUVwKYXKJ9wQLJplnMHrIXRDAc dLxkRJ82y9RewYHhxqa86fKXKu3VdRjNoNfxv80lHCPhfBl7JNiJOcz/Qswifr8fqnGbUNGk+za vCj/Xh4bSIuFGHITskGsWMP9f5 X-Received: by 2002:a05:600c:45c5:b0:483:8062:b2f with SMTP id 5b1f17b1804b1-486febb5f45mr70918385e9.6.1774051791302; Fri, 20 Mar 2026 17:09:51 -0700 (PDT) X-Received: by 2002:a05:600c:45c5:b0:483:8062:b2f with SMTP id 5b1f17b1804b1-486febb5f45mr70918035e9.6.1774051790669; Fri, 20 Mar 2026 17:09:50 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486fe7d6c54sm236722535e9.4.2026.03.20.17.09.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:48 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 07/22] KVM: x86/mmu: rename and clarify BYTE_MASK Date: Sat, 21 Mar 2026 01:09:16 +0100 Message-ID: <20260321000931.1947084-8-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The BYTE_MASK macro is the central point of the black magic in update_permission_bitmask(). Rename it to something that relates to how it is used, and add a comment explaining how it works. Using shifts instead of powers of two was actually suggested by David Hildenbrand back in 2017 for clarity[1] but I evidently forgot his suggestion when applying to kvm.git. [1] https://lore.kernel.org/kvm/e4b5df86-31ae-2f4e-0666-393753e256df@redhat= .com/ Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu/mmu.c | 55 ++++++++++++++++++++++++++++++------------ 1 file changed, 39 insertions(+), 16 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 0349e26baa2d..84351df8a9cb 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5416,29 +5416,53 @@ reset_ept_shadow_zero_bits_mask(struct kvm_mmu *con= text, bool execonly) max_huge_page_level); } =20 -#define BYTE_MASK(access) \ - ((1 & (access) ? 2 : 0) | \ - (2 & (access) ? 4 : 0) | \ - (3 & (access) ? 8 : 0) | \ - (4 & (access) ? 16 : 0) | \ - (5 & (access) ? 32 : 0) | \ - (6 & (access) ? 64 : 0) | \ - (7 & (access) ? 128 : 0)) - +/* + * Build a mask with all combinations of PTE access rights that + * include the given access bit. The mask can be queried with + * "mask & (1 << access)", where access is a combination of + * ACC_* bits. + * + * By mixing and matching multiple masks returned by ACC_BITS_MASK, + * update_permission_bitmask() builds what is effectively a + * two-dimensional array of bools. The second dimension is + * provided by individual bits of permissions[pfec >> 1], and + * logical &, | and ~ operations operate on all the 8 possible + * combinations of ACC_* bits. + */ +#define ACC_BITS_MASK(access) \ + ((1 & (access) ? 1 << 1 : 0) | \ + (2 & (access) ? 1 << 2 : 0) | \ + (3 & (access) ? 1 << 3 : 0) | \ + (4 & (access) ? 1 << 4 : 0) | \ + (5 & (access) ? 1 << 5 : 0) | \ + (6 & (access) ? 1 << 6 : 0) | \ + (7 & (access) ? 1 << 7 : 0)) =20 static void update_permission_bitmask(struct kvm_mmu *mmu, bool ept) { unsigned byte; =20 - const u8 x =3D BYTE_MASK(ACC_EXEC_MASK); - const u8 w =3D BYTE_MASK(ACC_WRITE_MASK); - const u8 u =3D BYTE_MASK(ACC_USER_MASK); + const u8 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); + const u8 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); + const u8 u =3D ACC_BITS_MASK(ACC_USER_MASK); =20 bool cr4_smep =3D is_cr4_smep(mmu); bool cr4_smap =3D is_cr4_smap(mmu); bool cr0_wp =3D is_cr0_wp(mmu); bool efer_nx =3D is_efer_nx(mmu); =20 + /* + * In hardware, page fault error codes are generated (as the name + * suggests) on any kind of page fault. permission_fault() and + * paging_tmpl.h already use the same bits after a successful page + * table walk, to indicate the kind of access being performed. + * + * However, PFERR_PRESENT_MASK and PFERR_RSVD_MASK are never set here, + * exactly because the page walk is successful. PFERR_PRESENT_MASK is + * removed by the shift, while PFERR_RSVD_MASK is repurposed in + * permission_fault() to indicate accesses that are *not* subject to + * SMAP restrictions. + */ for (byte =3D 0; byte < ARRAY_SIZE(mmu->permissions); ++byte) { unsigned pfec =3D byte << 1; =20 @@ -5485,10 +5509,9 @@ static void update_permission_bitmask(struct kvm_mmu= *mmu, bool ept) * - The access is supervisor mode * - If implicit supervisor access or X86_EFLAGS_AC is clear * - * Here, we cover the first four conditions. - * The fifth is computed dynamically in permission_fault(); - * PFERR_RSVD_MASK bit will be set in PFEC if the access is - * *not* subject to SMAP restrictions. + * Here, we cover the first four conditions. The fifth + * is computed dynamically in permission_fault() and + * communicated by setting PFERR_RSVD_MASK. */ if (cr4_smap) smapf =3D (pfec & (PFERR_RSVD_MASK|PFERR_FETCH_MASK)) ? 0 : kf; --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD9A42749DC for ; Sat, 21 Mar 2026 00:09:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051803; cv=none; b=AtNGGKF9CUzRGz1yyvrOFpNqviRY7LpBLEWztNd8n4KPi5tGNkbLvvsKcpAdFT1XpguF7Grhqde853WybTNOMYxhWz6/MEoUGPfa8HUR/3oa++RpcrIKJG0DHuQlGdCoHbFOURnk+f1CFBuUFjCZd7ExGtPUxfoCzI+mU2qIFlw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051803; c=relaxed/simple; bh=ONNnmmHHTvZZuq1E66YR5KlEWSW1FH6WWzPZVjXzpp4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=p1BMH8yjsfE0DLIn8kyOx+kEmq8LuuO2ZPOrIfuFD24Z5eqmanGaWZgcPNcuriZGGnnz0xKURr/8198XluTmlnbOB5t0ibgGgzZlgVHViwj6glQ+Bwuzlu+bmPKf+w4cxir+UsiOp+wRx4gP81hLscmBIFr1BqlB0l8N0/R4r10= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=GPCREyR9; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=fuGOFNDO; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="GPCREyR9"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="fuGOFNDO" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051798; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=q59OVnPK7veWu46dmOf9r5Y7uxmYjxSGeRJZVAJUaWA=; b=GPCREyR9yUoAErLL6TVtl2x7UcyXmktATdzH828Kh/QibqVttvWCiLzgIDEYcy1V8cHmcW d79OeHKBI7BdOKKxo0Rr69Y6tNhI12hbwMNOrePxFVYk45XJCNOGcU14QdSZRvJit7COZv RWTA0JyFKEoD/QJzxh5B/vah2vbW0zI= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-378-18lXOUbDNguwo3-b9EL1xA-1; Fri, 20 Mar 2026 20:09:56 -0400 X-MC-Unique: 18lXOUbDNguwo3-b9EL1xA-1 X-Mimecast-MFC-AGG-ID: 18lXOUbDNguwo3-b9EL1xA_1774051795 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-4852cf0318dso27297585e9.3 for ; Fri, 20 Mar 2026 17:09:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051794; x=1774656594; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=q59OVnPK7veWu46dmOf9r5Y7uxmYjxSGeRJZVAJUaWA=; b=fuGOFNDOFbZc0cFgy8cutjNUzD9NDnb9+vuI/KhZiN+vB4mw1zLTLmNxOY9jUHb/mD Dzld7UBPiUTVaKvEh1VlwG3pWJWFf/ofIT03O7rNmiC0KHpmT6BUjscvZ/iHksIxkttZ j0XYaV2jSjZIH8jCNLrhCAhp2oTZ7TAFU1gFdJ4S4kpm5EDysx2MbjwTvlAHjkE8UGKo KNm69n/Bdor8Pa2Oi9YmVJjPhG0dVwWtyo/Q2ZEMML79vs+iUd9cxkRoc91hbwxZMbXW E4SRqfwDiPMLHxvjgfEAsWG26q7N7klkSHtzuD84Y35SPKspIXwSiJX6pAmLWwGVsW2E wqOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051794; x=1774656594; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=q59OVnPK7veWu46dmOf9r5Y7uxmYjxSGeRJZVAJUaWA=; b=m/JnC/JlEkF2JmSJrKEJNgRMcrtGO5uCopcDnnvJXxx0NJj9vGVxTyFVPDq3Ik1Vew 5yNC3nQIuRo8OZwlw46YLNKUQSD7CZKTIjMkb7KmhZzS3ewBUQt0D20WiOgQ7E7gzNba k/IxMIKyp7c2cyTMdy83yiRuJeNQgcYDKQKKWh8F5W8jQ4Dah1Vg/oIzDKQSkwsByRh9 yy4YFJm3VRr9d3F9JUw153lwrrOFDV2vLjT4qHZkIbU1JXmHfny1wePM73rL6B4cd+CB iAkpm3ZjlZYmPyroBN10tSYOwcuadl3VLH8+1UFrMyRUFQyYl/SPKhqoREcfWbp29uzF uHYg== X-Gm-Message-State: AOJu0Yxdx086c3cNJQBysC9fRAVxSjwS9WEkItc3eDJMRWhsn6Zqm/FN 8E+9sqQIN1X7rrwPjNz/LgbcmpjpgA1tR/C8QOYExK+1hWvthbapFzp7Xa/rR6Ur14ndKZyDB0Y tKmOpWCtSGdKehTYwnVhk5jyB1zlgIb7uUGeDkE5rfF11BWct6Da4tQ4b9Cu9ccYpHP9ONxhzut FiO/wUkd8pJaRUNH2b1PJmNBxXChshmVCdzG/PwHoNgPYFlpFb7Q== X-Gm-Gg: ATEYQzzNjyA3LOQcWlqwI1KKX4UAal7Hl9EF6Wx0xfPEuErwm7AN2a+9zQCyiHGqak0 GVh9OWNxVSfy52yHIkryilSa9BkgzEcXFWmLBnTY7bh3UBtAyxxSadhPCZSxcYfTBtZS6a6elO2 RAu9VaVBIWnU4AVVdj9eTPnodvBv1M2ComJU/hWE6dh4MCQ+WU+EVv13I1AucVfKUqJBxVkMMHR zSXeJhuJx2k4v9BHna8SgWTP2/FKhcvpJfQBMbzHwsxrjSsrHUenqTjIRlSYm89gY8yC++Zrk2B btKMog35w7GfkMGqZXAmT3cjELCBCQKqKWKpmwpXHs+J63Rbl7oe9PYzn2QZijlivwu9X+GX4Nq CjJjTFyz4yQ9jCKHetQhPrXpRiXxVYHRvY6VN46mn3irxQ66pRxtNlaNkZZ1LfT9Sng+EqtPpTf 8AQ8M8hticZUfCD3em7692Smdl X-Received: by 2002:a05:600c:3546:b0:485:3f1c:d887 with SMTP id 5b1f17b1804b1-486fee28918mr67987895e9.26.1774051794001; Fri, 20 Mar 2026 17:09:54 -0700 (PDT) X-Received: by 2002:a05:600c:3546:b0:485:3f1c:d887 with SMTP id 5b1f17b1804b1-486fee28918mr67987465e9.26.1774051793419; Fri, 20 Mar 2026 17:09:53 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486fe6d9896sm112298305e9.2.2026.03.20.17.09.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:51 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 08/22] KVM: x86/mmu: introduce ACC_READ_MASK Date: Sat, 21 Mar 2026 01:09:17 +0100 Message-ID: <20260321000931.1947084-9-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Read permissions so far were only needed for EPT, which does not need ACC_USER_MASK. Therefore, for EPT page tables ACC_USER_MASK was repurposed as a read permission bit. In order to implement nested MBEC, EPT will genuinely have four kinds of accesses, and there will be no room for such hacks; bite the bullet at last, enlarging ACC_ALL to four bits and permissions[] to 2^4 bits (u16). The new code does not enforce that the XWR bits on non-execonly processors have their R bit set, even when running nested: none of the shadow_*_mask values have bit 0 set, and make_spte() genuinely relies on ACC_READ_MASK being requested! This works becase, if execonly is not supported by the processor, shadow EPT will generate an EPT misconfig vmexit if the XWR bits represent a non-readable page, and therefore the pte_access argument to make_spte() will also always have ACC_READ_MASK set. Signed-off-by: Paolo Bonzini --- arch/x86/include/asm/kvm_host.h | 12 +++++----- arch/x86/kvm/mmu.h | 2 +- arch/x86/kvm/mmu/mmu.c | 39 +++++++++++++++++++++------------ arch/x86/kvm/mmu/mmutrace.h | 3 ++- arch/x86/kvm/mmu/paging_tmpl.h | 21 +++++++++--------- arch/x86/kvm/mmu/spte.c | 18 ++++++--------- arch/x86/kvm/mmu/spte.h | 5 +++-- arch/x86/kvm/vmx/capabilities.h | 5 ----- arch/x86/kvm/vmx/common.h | 5 +---- arch/x86/kvm/vmx/vmx.c | 3 +-- 10 files changed, 56 insertions(+), 57 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 871c7ff4fb29..3efb238c683c 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -317,11 +317,11 @@ struct kvm_kernel_irq_routing_entry; * the number of unique SPs that can theoretically be created is 2^n, wher= e n * is the number of bits that are used to compute the role. * - * But, even though there are 20 bits in the mask below, not all combinati= ons + * But, even though there are 21 bits in the mask below, not all combinati= ons * of modes and flags are possible: * * - invalid shadow pages are not accounted, mirror pages are not shadow= ed, - * so the bits are effectively 18. + * so the bits are effectively 19. * * - quadrant will only be used if has_4_byte_gpte=3D1 (non-PAE paging); * execonly and ad_disabled are only used for nested EPT which has @@ -336,7 +336,7 @@ struct kvm_kernel_irq_routing_entry; * cr0_wp=3D0, therefore these three bits only give rise to 5 possibil= ities. * * Therefore, the maximum number of possible upper-level shadow pages for a - * single gfn is a bit less than 2^13. + * single gfn is a bit less than 2^14. */ union kvm_mmu_page_role { u32 word; @@ -345,7 +345,7 @@ union kvm_mmu_page_role { unsigned has_4_byte_gpte:1; unsigned quadrant:2; unsigned direct:1; - unsigned access:3; + unsigned access:4; unsigned invalid:1; unsigned efer_nx:1; unsigned cr0_wp:1; @@ -355,7 +355,7 @@ union kvm_mmu_page_role { unsigned guest_mode:1; unsigned passthrough:1; unsigned is_mirror:1; - unsigned :4; + unsigned :3; =20 /* * This is left at the top of the word so that @@ -481,7 +481,7 @@ struct kvm_mmu { * Byte index: page fault error code [4:1] * Bit index: pte permissions in ACC_* format */ - u8 permissions[16]; + u16 permissions[16]; =20 u64 *pae_root; u64 *pml4_root; diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index b4b6860ab971..f5d35f66750b 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -81,7 +81,7 @@ u8 kvm_mmu_get_max_tdp_level(void); void kvm_mmu_set_mmio_spte_mask(u64 mmio_value, u64 mmio_mask, u64 access_= mask); void kvm_mmu_set_mmio_spte_value(struct kvm *kvm, u64 mmio_value); void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_mask); -void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_exec_only); +void kvm_mmu_set_ept_masks(bool has_ad_bits); =20 void kvm_init_mmu(struct kvm_vcpu *vcpu); void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0, diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 84351df8a9cb..b87dbf9e42b9 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -2029,7 +2029,7 @@ static bool kvm_sync_page_check(struct kvm_vcpu *vcpu= , struct kvm_mmu_page *sp) */ const union kvm_mmu_page_role sync_role_ign =3D { .level =3D 0xf, - .access =3D 0x7, + .access =3D ACC_ALL, .quadrant =3D 0x3, .passthrough =3D 0x1, }; @@ -5426,7 +5426,7 @@ reset_ept_shadow_zero_bits_mask(struct kvm_mmu *conte= xt, bool execonly) * update_permission_bitmask() builds what is effectively a * two-dimensional array of bools. The second dimension is * provided by individual bits of permissions[pfec >> 1], and - * logical &, | and ~ operations operate on all the 8 possible + * logical &, | and ~ operations operate on all the 16 possible * combinations of ACC_* bits. */ #define ACC_BITS_MASK(access) \ @@ -5436,15 +5436,24 @@ reset_ept_shadow_zero_bits_mask(struct kvm_mmu *con= text, bool execonly) (4 & (access) ? 1 << 4 : 0) | \ (5 & (access) ? 1 << 5 : 0) | \ (6 & (access) ? 1 << 6 : 0) | \ - (7 & (access) ? 1 << 7 : 0)) + (7 & (access) ? 1 << 7 : 0) | \ + (8 & (access) ? 1 << 8 : 0) | \ + (9 & (access) ? 1 << 9 : 0) | \ + (10 & (access) ? 1 << 10 : 0) | \ + (11 & (access) ? 1 << 11 : 0) | \ + (12 & (access) ? 1 << 12 : 0) | \ + (13 & (access) ? 1 << 13 : 0) | \ + (14 & (access) ? 1 << 14 : 0) | \ + (15 & (access) ? 1 << 15 : 0)) =20 static void update_permission_bitmask(struct kvm_mmu *mmu, bool ept) { unsigned byte; =20 - const u8 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); - const u8 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); - const u8 u =3D ACC_BITS_MASK(ACC_USER_MASK); + const u16 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); + const u16 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); + const u16 u =3D ACC_BITS_MASK(ACC_USER_MASK); + const u16 r =3D ACC_BITS_MASK(ACC_READ_MASK); =20 bool cr4_smep =3D is_cr4_smep(mmu); bool cr4_smap =3D is_cr4_smap(mmu); @@ -5467,24 +5476,26 @@ static void update_permission_bitmask(struct kvm_mm= u *mmu, bool ept) unsigned pfec =3D byte << 1; =20 /* - * Each "*f" variable has a 1 bit for each UWX value + * Each "*f" variable has a 1 bit for each ACC_* combo * that causes a fault with the given PFEC. */ =20 + /* Faults from reads to non-readable pages */ + u16 rf =3D (pfec & (PFERR_WRITE_MASK|PFERR_FETCH_MASK)) ? 0 : (u16)~r; /* Faults from writes to non-writable pages */ - u8 wf =3D (pfec & PFERR_WRITE_MASK) ? (u8)~w : 0; + u16 wf =3D (pfec & PFERR_WRITE_MASK) ? (u16)~w : 0; /* Faults from user mode accesses to supervisor pages */ - u8 uf =3D (pfec & PFERR_USER_MASK) ? (u8)~u : 0; + u16 uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; /* Faults from fetches of non-executable pages*/ - u8 ff =3D (pfec & PFERR_FETCH_MASK) ? (u8)~x : 0; + u16 ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; /* Faults from kernel mode fetches of user pages */ - u8 smepf =3D 0; + u16 smepf =3D 0; /* Faults from kernel mode accesses of user pages */ - u8 smapf =3D 0; + u16 smapf =3D 0; =20 if (!ept) { /* Faults from kernel mode accesses to user pages */ - u8 kf =3D (pfec & PFERR_USER_MASK) ? 0 : u; + u16 kf =3D (pfec & PFERR_USER_MASK) ? 0 : u; =20 /* Not really needed: !nx will cause pte.nx to fault */ if (!efer_nx) @@ -5517,7 +5528,7 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) smapf =3D (pfec & (PFERR_RSVD_MASK|PFERR_FETCH_MASK)) ? 0 : kf; } =20 - mmu->permissions[byte] =3D ff | uf | wf | smepf | smapf; + mmu->permissions[byte] =3D ff | uf | wf | rf | smepf | smapf; } } =20 diff --git a/arch/x86/kvm/mmu/mmutrace.h b/arch/x86/kvm/mmu/mmutrace.h index f35a830ce469..44545f6f860a 100644 --- a/arch/x86/kvm/mmu/mmutrace.h +++ b/arch/x86/kvm/mmu/mmutrace.h @@ -25,7 +25,8 @@ #define KVM_MMU_PAGE_PRINTK() ({ \ const char *saved_ptr =3D trace_seq_buffer_ptr(p); \ static const char *access_str[] =3D { \ - "---", "--x", "w--", "w-x", "-u-", "-ux", "wu-", "wux" \ + "----", "r---", "-w--", "rw--", "--u-", "r-u-", "-wu-", "rwu-", \ + "---x", "r--x", "-w-x", "rw-x", "--ux", "r-ux", "-wux", "rwux" \ }; \ union kvm_mmu_page_role role; \ \ diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index ed762bb4b007..bbdbf4ae2d65 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -170,25 +170,24 @@ static bool FNAME(prefetch_invalid_gpte)(struct kvm_v= cpu *vcpu, return true; } =20 -/* - * For PTTYPE_EPT, a page table can be executable but not readable - * on supported processors. Therefore, set_spte does not automatically - * set bit 0 if execute only is supported. Here, we repurpose ACC_USER_MASK - * to signify readability since it isn't used in the EPT case - */ static inline unsigned FNAME(gpte_access)(u64 gpte) { unsigned access; #if PTTYPE =3D=3D PTTYPE_EPT access =3D ((gpte & VMX_EPT_WRITABLE_MASK) ? ACC_WRITE_MASK : 0) | ((gpte & VMX_EPT_EXECUTABLE_MASK) ? ACC_EXEC_MASK : 0) | - ((gpte & VMX_EPT_READABLE_MASK) ? ACC_USER_MASK : 0); + ((gpte & VMX_EPT_READABLE_MASK) ? ACC_READ_MASK : 0); #else - BUILD_BUG_ON(ACC_EXEC_MASK !=3D PT_PRESENT_MASK); - BUILD_BUG_ON(ACC_EXEC_MASK !=3D 1); + /* + * P is set here, so the page is always readable and W/U/!NX represent + * allowed accesses. + */ + BUILD_BUG_ON(ACC_READ_MASK !=3D PT_PRESENT_MASK); + BUILD_BUG_ON(ACC_WRITE_MASK !=3D PT_WRITABLE_MASK); + BUILD_BUG_ON(ACC_USER_MASK !=3D PT_USER_MASK); + BUILD_BUG_ON(ACC_EXEC_MASK & (PT_WRITABLE_MASK | PT_USER_MASK | PT_PRESEN= T_MASK)); access =3D gpte & (PT_WRITABLE_MASK | PT_USER_MASK | PT_PRESENT_MASK); - /* Combine NX with P (which is set here) to get ACC_EXEC_MASK. */ - access ^=3D (gpte >> PT64_NX_SHIFT); + access |=3D gpte & PT64_NX_MASK ? 0 : ACC_EXEC_MASK; #endif =20 return access; diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index e2acd9ed9dba..0b09124b0d54 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -194,12 +194,6 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_p= age *sp, int is_host_mmio =3D -1; bool wrprot =3D false; =20 - /* - * For the EPT case, shadow_present_mask has no RWX bits set if - * exec-only page table entries are supported. In that case, - * ACC_USER_MASK and shadow_user_mask are used to represent - * read access. See FNAME(gpte_access) in paging_tmpl.h. - */ WARN_ON_ONCE((pte_access | shadow_present_mask) =3D=3D SHADOW_NONPRESENT_= VALUE); =20 if (sp->role.ad_disabled) @@ -228,6 +222,9 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_pa= ge *sp, pte_access &=3D ~ACC_EXEC_MASK; } =20 + if (pte_access & ACC_READ_MASK) + spte |=3D PT_PRESENT_MASK; /* or VMX_EPT_READABLE_MASK */ + if (pte_access & ACC_EXEC_MASK) spte |=3D shadow_x_mask; else @@ -390,6 +387,7 @@ u64 make_nonleaf_spte(u64 *child_pt, bool ad_disabled) u64 spte =3D SPTE_MMU_PRESENT_MASK; =20 spte |=3D __pa(child_pt) | shadow_present_mask | PT_WRITABLE_MASK | + PT_PRESENT_MASK /* or VMX_EPT_READABLE_MASK */ | shadow_user_mask | shadow_x_mask | shadow_me_value; =20 if (ad_disabled) @@ -490,18 +488,16 @@ void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_ma= sk) } EXPORT_SYMBOL_GPL(kvm_mmu_set_me_spte_mask); =20 -void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_exec_only) +void kvm_mmu_set_ept_masks(bool has_ad_bits) { kvm_ad_enabled =3D has_ad_bits; =20 - shadow_user_mask =3D VMX_EPT_READABLE_MASK; + shadow_user_mask =3D 0; shadow_accessed_mask =3D VMX_EPT_ACCESS_BIT; shadow_dirty_mask =3D VMX_EPT_DIRTY_BIT; shadow_nx_mask =3D 0ull; shadow_x_mask =3D VMX_EPT_EXECUTABLE_MASK; - /* VMX_EPT_SUPPRESS_VE_BIT is needed for W or X violation. */ - shadow_present_mask =3D - (has_exec_only ? 0ull : VMX_EPT_READABLE_MASK) | VMX_EPT_SUPPRESS_VE_BIT; + shadow_present_mask =3D VMX_EPT_SUPPRESS_VE_BIT; =20 shadow_acc_track_mask =3D VMX_EPT_RWX_MASK; shadow_host_writable_mask =3D EPT_SPTE_HOST_WRITABLE; diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 3d77755b6b10..0c305f2f4ba0 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -52,10 +52,11 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); #define SPTE_BASE_ADDR_MASK (((1ULL << 52) - 1) & ~(u64)(PAGE_SIZE-1)) #endif =20 -#define ACC_EXEC_MASK 1 +#define ACC_READ_MASK PT_PRESENT_MASK #define ACC_WRITE_MASK PT_WRITABLE_MASK #define ACC_USER_MASK PT_USER_MASK -#define ACC_ALL (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK) +#define ACC_EXEC_MASK 8 +#define ACC_ALL (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK |= ACC_READ_MASK) =20 #define SPTE_LEVEL_BITS 9 #define SPTE_LEVEL_SHIFT(level) __PT_LEVEL_SHIFT(level, SPTE_LEVEL_BITS) diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilitie= s.h index 5316c27f6099..3bda6a621d8a 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -288,11 +288,6 @@ static inline bool cpu_has_vmx_flexpriority(void) cpu_has_vmx_virtualize_apic_accesses(); } =20 -static inline bool cpu_has_vmx_ept_execute_only(void) -{ - return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT; -} - static inline bool cpu_has_vmx_ept_4levels(void) { return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT; diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h index adf925500b9e..1afbf272efae 100644 --- a/arch/x86/kvm/vmx/common.h +++ b/arch/x86/kvm/vmx/common.h @@ -85,11 +85,8 @@ static inline int __vmx_handle_ept_violation(struct kvm_= vcpu *vcpu, gpa_t gpa, { u64 error_code; =20 - /* Is it a read fault? */ - error_code =3D (exit_qualification & EPT_VIOLATION_ACC_READ) - ? PFERR_USER_MASK : 0; /* Is it a write fault? */ - error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_WRITE) + error_code =3D (exit_qualification & EPT_VIOLATION_ACC_WRITE) ? PFERR_WRITE_MASK : 0; /* Is it a fetch fault? */ error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_INSTR) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 2e687761aeaf..98801c408b8c 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -8425,8 +8425,7 @@ __init int vmx_hardware_setup(void) set_bit(0, vmx_vpid_bitmap); /* 0 is reserved for host */ =20 if (enable_ept) - kvm_mmu_set_ept_masks(enable_ept_ad_bits, - cpu_has_vmx_ept_execute_only()); + kvm_mmu_set_ept_masks(enable_ept_ad_bits); else vt_x86_ops.get_mt_mask =3D NULL; =20 --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 485E91E22E9 for ; Sat, 21 Mar 2026 00:10:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051809; cv=none; b=qBsmJtVHAGTl43AaoPMKbbeMdON6CcmFxc+iTu1KA7RU6QhYSROah2XDtwpaW+vbycXDeV+9S7i2NkMPm51bvfT5fcgERlr8PgXUIWpccYBg/4ON8FBy98TAcSuPKzdVyk4j7eAXPkDrijzHtOvaZiW5xg0xA9FZZRHxBFpFpbc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051809; c=relaxed/simple; bh=C26AKlcqhxES8P78PlFAFfTqVSHkV2KhanGxvACIoSQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Z1xknUJ/FLh6x3Vf0Jy6XINsrkuog+W/498oc1MvJUJoQdV+BSLoo328nim4etOsk0shE/4s30KEhHaRlxpYw+86ZRQiy5gMPBnb/GBgYVp+rpcnnsYrBp/qVlBD1b4a8cRZp7x67K60gu77lJx2xO30tTRXy6Or+qkJw4rYuns= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=VSFTgdUs; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=eGWOjP5N; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="VSFTgdUs"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="eGWOjP5N" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051799; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=4RAFXUH565cQlW4EoICJT88q50/yfKIJoFVq4Wl4i3Y=; b=VSFTgdUsnyupsjdIWsQebFkdOBvrLdmNDnFACZxx/ym+0yPKqrb1luoyUg1D2S6RdNNn7D e39GcmU5UEaFb4LYfRi8JallEtEwKNfLCFfXS+3xoYhPA35LosPRnlWuj4NLlT6mLa3S3+ 4GWItw8NzJNrb82onOB8Hd3ByKcBoyQ= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-59-cUesB7ucMTeZ8fAUKg6zHw-1; Fri, 20 Mar 2026 20:09:57 -0400 X-MC-Unique: cUesB7ucMTeZ8fAUKg6zHw-1 X-Mimecast-MFC-AGG-ID: cUesB7ucMTeZ8fAUKg6zHw_1774051796 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-4839fc4cef6so34756045e9.0 for ; Fri, 20 Mar 2026 17:09:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051795; x=1774656595; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=4RAFXUH565cQlW4EoICJT88q50/yfKIJoFVq4Wl4i3Y=; b=eGWOjP5NZeKgxoidf6ArcSzevU+dVDAJPbUxjqrkGxsQ258g5jEfIMNRYF5ga3z2y7 lNPWKsFS7w+hNR4t2kNjJhSnIeZLOyhmiT4soahb2DswXNmjWitedjw2Emej/j7EJhW6 Zkq2z6vvbySQmofm5XWFZ9HHwxvr3TgwQhSKMCVUJjm3RK/ARNgn6fb7HtwRfk0nacxH EcKVsRhEufg/xa3CrC9U1VGYw0QnzjtOwtVt4DI8h3eMfhY6PjTZxga1RtSq6d1XB4uE 3OE+2BfeHEwxy3Q23Lapu73mKt3rSoE6mOP9OY2sgrPQFsWOrSeYyCENpDt1H+e3RKSp zN3w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051795; x=1774656595; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=4RAFXUH565cQlW4EoICJT88q50/yfKIJoFVq4Wl4i3Y=; b=N9eG6zUrjdWlEcFlfmZlqU9B9TC8B3NZQYyITX12b7tssBDh8r6PETOICn/dwOxFPz SciX3iIk/qmoaamUdibNyfLJTijEpoe+zR5Y4rU5XO3jGicgXmE9/2N3brGE57n473Cv sD/IE5jp9ByWq6Q721vcKLyEgODZEbAF+69UxxCDNGTV63Rt+tz4/EKjff+D04LXGRQe cjn7LryDfvptYw1z3tpBGxlBEoHjJAizzUCoXoKORvSYceYLuJN+y8VttDct+gRU8/s5 d2lhkfle05tlN+/XjOSMiDyzVqR1V1SWLhPalIt6eOjdDow5RKvc3jTiY0ucajexyNDH o72Q== X-Gm-Message-State: AOJu0YzwZgvpu9xDTMcl4+yVubJ8E7UiAnjqojM/CLRNNjlve0gXo9iY GHUoaXCavtcNGL9DmtqQA2EeYhdDZOQ8Sj8MZOVRtPyZkSie1nzGFTliXt7ZoGJllw4zuwwBLwr vF+AZwmlS5vKUdqMoV186MpOspgGbC/hmojjGju8LEO7HZ8+84DUoQQcEXvu9lO9T72KfvLZoTa UBRE2LmP3mkOsvvm2cDi6rt4zWZyH5nJQODcKJLV3XPfuegBhraA== X-Gm-Gg: ATEYQzwfvkFPhsVWuETskf/UGoeOZxhe06C6o8bvWGl7LBDKYbX56j+POsyxxX3gIfj Epk1+kAszEVjwLLjZ4bOgXDPmM8fSkC5VcIeZ7thuMTnfpeLAzUFLuzX/qv8lPRtzYVkUObqDIs TGdD/swaqVEn2faYU1si9shJECi7o1CB0/Gog/lONIuWi6pwmiHgv/4B62cJSQslUcshDKVWeCu xF1+e86IogyW2nzi8YdNMG/U3OAlsl1WwWLpUiApM8dX8RvPVTPEs+Mpx2sc4ITpchJc5nXUeWJ CRoHode8I9Yr8SMadHVeFPvI/1I0/4R0EJA1WdaHyxNQwM8HRQjHEA8BJsly99VdImaj32PdZ7g Fne57dUhW7ilEcr+7x1RFVCBvRdLpwzSPBVsxpEtE5pyqxCi/tR7tojV542euPKUJJDWP/RC/z3 EzrkznK0U+hsGzXzHo1XqEZaza X-Received: by 2002:a05:600c:8215:b0:46e:59bd:f7e2 with SMTP id 5b1f17b1804b1-486fe8e4038mr73838555e9.11.1774051795193; Fri, 20 Mar 2026 17:09:55 -0700 (PDT) X-Received: by 2002:a05:600c:8215:b0:46e:59bd:f7e2 with SMTP id 5b1f17b1804b1-486fe8e4038mr73838295e9.11.1774051794749; Fri, 20 Mar 2026 17:09:54 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486ff1e6029sm49600975e9.9.2026.03.20.17.09.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:54 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 09/22] KVM: x86/mmu: separate more EPT/non-EPT permission_fault() Date: Sat, 21 Mar 2026 01:09:18 +0100 Message-ID: <20260321000931.1947084-10-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that EPT is not abusing anymore ACC_USER_MASK, move its handling entirely in the !ept branch. Merge smepf and ff into a single variable because EPT's "SMEP" (actually MBEC) is defined differently. Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu/mmu.c | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index b87dbf9e42b9..b7366e416baa 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5452,7 +5452,6 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) =20 const u16 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); const u16 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); - const u16 u =3D ACC_BITS_MASK(ACC_USER_MASK); const u16 r =3D ACC_BITS_MASK(ACC_READ_MASK); =20 bool cr4_smep =3D is_cr4_smep(mmu); @@ -5485,21 +5484,24 @@ static void update_permission_bitmask(struct kvm_mm= u *mmu, bool ept) /* Faults from writes to non-writable pages */ u16 wf =3D (pfec & PFERR_WRITE_MASK) ? (u16)~w : 0; /* Faults from user mode accesses to supervisor pages */ - u16 uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; - /* Faults from fetches of non-executable pages*/ - u16 ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; - /* Faults from kernel mode fetches of user pages */ - u16 smepf =3D 0; + u16 uf =3D 0; + /* Faults from fetches of non-executable pages */ + u16 ff =3D 0; /* Faults from kernel mode accesses of user pages */ u16 smapf =3D 0; =20 - if (!ept) { + if (ept) { + ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; + } else { + const u16 u =3D ACC_BITS_MASK(ACC_USER_MASK); + /* Faults from kernel mode accesses to user pages */ u16 kf =3D (pfec & PFERR_USER_MASK) ? 0 : u; =20 - /* Not really needed: !nx will cause pte.nx to fault */ - if (!efer_nx) - ff =3D 0; + uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; + + if (efer_nx) + ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; =20 /* Allow supervisor writes if !cr0.wp */ if (!cr0_wp) @@ -5507,7 +5509,7 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) =20 /* Disallow supervisor fetches of user code if cr4.smep */ if (cr4_smep) - smepf =3D (pfec & PFERR_FETCH_MASK) ? kf : 0; + ff |=3D (pfec & PFERR_FETCH_MASK) ? kf : 0; =20 /* * SMAP:kernel-mode data accesses from user-mode @@ -5528,7 +5530,7 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) smapf =3D (pfec & (PFERR_RSVD_MASK|PFERR_FETCH_MASK)) ? 0 : kf; } =20 - mmu->permissions[byte] =3D ff | uf | wf | rf | smepf | smapf; + mmu->permissions[byte] =3D ff | uf | wf | rf | smapf; } } =20 --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3860921CC59 for ; Sat, 21 Mar 2026 00:10:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051809; cv=none; b=c7qR8++RIIhFh71Ntca+U5v2JWVtRxTuSr+jfjZFnv9/kSef4S4hGtPpYwVUJqxGhkO4qhNQsG8lHKFfBa68Co/okd9mfSkBMB8OItmy3Uvz9Vy18e56swGtkxxtU9INaXPzYFomI703La3J3ivqXfaU+dylFnbSNIUEhjjbNec= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051809; c=relaxed/simple; bh=5iUWbtzlz2YObxdoLlpGeHo0/a6BjtfyWEcRu3CZ6MQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=dqFsob4ZCFkD2cUYjU6YB9qc3Jn0Hh5IAqBs1Ho2Bv8OHwkJLHfdTn+ZefpNrTWpXhQLlbHasQ7m6SD9uNitw2daz0dEfYjc20KBRVWlpEqSXwnqMrPrigoJq6K4lnJ1jcb0siSPJl+4DCb+lXo2s95JZp8F674MfANemKrWiHE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=JceaN+aH; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=AuFbAax8; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="JceaN+aH"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="AuFbAax8" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051802; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MJQ8BDq4XDZQi2opeGtHBzWX/P8/hfIOuCb1cE+lngI=; b=JceaN+aHVulG2m1q1FW6Md4JswPp+Wr3NxuEXql3x1LTJQkfSTQHDf19mrl8B6P9lDmFxf FmJZ71qmJgQB6c7PnU8WXpvy8bsF66Pf8nAT543eqY7deBdxkQS9qxI5y/WBshT3xxCzE3 ftLrdC9cbsMpdg31jzCgGrlC8G+sGow= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-117-SbR9b0gnMnej9JE2iQRevw-1; Fri, 20 Mar 2026 20:10:00 -0400 X-MC-Unique: SbR9b0gnMnej9JE2iQRevw-1 X-Mimecast-MFC-AGG-ID: SbR9b0gnMnej9JE2iQRevw_1774051800 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-48378df3469so18294565e9.1 for ; Fri, 20 Mar 2026 17:10:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051798; x=1774656598; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MJQ8BDq4XDZQi2opeGtHBzWX/P8/hfIOuCb1cE+lngI=; b=AuFbAax8XOrHUYAxxfNVDqGz40Ma4ADH5rwlnY4P9a6T/zpMcgNYaFgkl0csltDbkl RV3vBa9MaXENnYxUmcIrc4bJpoySQCPLKtWFkvvnB6/XTUv6nbF5NefJ6bJit0MxKRxO 17j6rwkMkItRDi1AbT+DlfvnIICpKLDaLMEO8lpqk8m9YtA9TOPVn40O+BGt1PCWKkuV aZ02QceDP6wCv+uTgGEc+l6Ij/yCBfpSJJPBisBnozBj76HSaVC1DP5q9bmS/XZIfTlk nhGn7ANKZaK/hPkwVN7LulpRsaAp67Zfw7e3jY1Zqoci4YJdqaSeAg4Cu6teywXtkqWQ vhMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051798; x=1774656598; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=MJQ8BDq4XDZQi2opeGtHBzWX/P8/hfIOuCb1cE+lngI=; b=rxDSS5U8ys0jOCDODITHDJ2y+lgc/zrgm0EVCNeg51+q5pYSy6Pp4JsdGvEQ5xxfgc 8Ok5+yq1O32RneTBG7LUCWqkBqBneNcppAPY/lM+LLVDghS9zFi//HTBLJARoNGdmcvI egKDlNqodkXxWoNq++ElMJr41m30i5PocdXWH3OJXXucXqRgKImnGpjO2Ak4vuCOq+2a oTUr9kZwcwL07THZ8VRE7LvoE8Edp0TB79mBBc3/2eHzCDTEYvPdzVK/gX+m8qi0ktOB dTo+oA7k6JFB9IlBu0tQMEeUouowapbi0pTol6mhiDSdS1Ki3pqurAu6tnIQyOu1usMh hmuw== X-Gm-Message-State: AOJu0Yx6Duj+WmoLu8DjRXkGg6oQBO0JJIYWdH37hcYkW9lQW/6afK7E COyXHGoT984opES9DemiP8E4bEP2rzqO0X6j0qjZKBf15qAru9sbBgMOrhMZ8mkMaI0ov4zpDOa XyPfdK83KDXJw6ZuWHA9pTzQb9j5Pkf41m41dafGkpJfR9zM+vianUNUHTSyaJKpQccWRX0UYC6 EpTIZ5bu+mlRaSCEXR1NZtsYAqtINUoWGk+2TWDmtZxNHhvO9kAg== X-Gm-Gg: ATEYQzxGm+6pkvRoFE06Z710dr0cLkwu3cdrbfXO0sBtmT3CPMwl2DzoXqV9jNKEUz1 H//Xh9ZGTArFDR1rYNT4HLuS9LGC1rX0LgbrByxJTL32vvkD+6VzxOJiViy+hSmDAiPsAn46WEa jlF7kgVGPJMrqIl/DNZ0wuaFh1H8Dh7GkUnYHWm+x1dpTA4DYc9ReCbKsuVJqYIETfyuUOzvQk5 UTF0VuuKKGTyTEFTdOh3Epq1EROpbeeknL+ULWKXrl9SjHw2GyFkhgbbuBuCDHxK43nALLuSpBQ P/XUOEzC4RFbq5/4D1038Z+t4IzNFfkohi3SMKoS4Qf/T0knZY7k5HPvzV9M7/g48nvrHkiekB/ 0TCP+R/GA4sh3YuUbRWbZJqb14VRxe14nZ84vr0xlvlr1RJ1hMY1HA2D/Cq8mVGOf0/NqbhpWhq HgxsrJwvaLnRQDSyO+KIke4MBj X-Received: by 2002:a05:600c:3286:b0:486:fdb9:c065 with SMTP id 5b1f17b1804b1-486fdb9c0f4mr66311385e9.2.1774051798393; Fri, 20 Mar 2026 17:09:58 -0700 (PDT) X-Received: by 2002:a05:600c:3286:b0:486:fdb9:c065 with SMTP id 5b1f17b1804b1-486fdb9c0f4mr66311105e9.2.1774051797771; Fri, 20 Mar 2026 17:09:57 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b6470393fsm10985743f8f.17.2026.03.20.17.09.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:55 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 10/22] KVM: x86/mmu: split XS/XU bits for MBEC Date: Sat, 21 Mar 2026 01:09:19 +0100 Message-ID: <20260321000931.1947084-11-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When EPT is in use, replace ACC_USER_MASK with ACC_USER_EXEC_MASK, so that supervisor and user-mode execution can be controlled independently (ACC_USER_MASK would not allow a setting similar to XU=3D0 XS=3D1 W=3D1 R=3D1). Replace shadow_x_mask with shadow_xs_mask/shadow_xu_mask, to allow setting XS and XU bits separately in EPT entries. Signed-off-by: Paolo Bonzini --- arch/x86/include/asm/vmx.h | 1 + arch/x86/kvm/mmu/mmu.c | 15 ++++++++--- arch/x86/kvm/mmu/mmutrace.h | 6 ++--- arch/x86/kvm/mmu/paging_tmpl.h | 4 +++ arch/x86/kvm/mmu/spte.c | 47 ++++++++++++++++++++++------------ arch/x86/kvm/mmu/spte.h | 8 +++--- 6 files changed, 55 insertions(+), 26 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index 4a0804cc7c82..0041f8a77447 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -538,6 +538,7 @@ enum vmcs_field { #define VMX_EPT_IPAT_BIT (1ull << 6) #define VMX_EPT_ACCESS_BIT (1ull << 8) #define VMX_EPT_DIRTY_BIT (1ull << 9) +#define VMX_EPT_USER_EXECUTABLE_MASK (1ull << 10) #define VMX_EPT_SUPPRESS_VE_BIT (1ull << 63) #define VMX_EPT_RWX_MASK (VMX_EPT_READABLE_MASK | = \ VMX_EPT_WRITABLE_MASK | \ diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index b7366e416baa..254d69c4b9f3 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5371,7 +5371,7 @@ static void reset_shadow_zero_bits_mask(struct kvm_vc= pu *vcpu, static inline bool boot_cpu_is_amd(void) { WARN_ON_ONCE(!tdp_enabled); - return shadow_x_mask =3D=3D 0; + return shadow_xs_mask =3D=3D 0; } =20 /* @@ -5450,7 +5450,6 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) { unsigned byte; =20 - const u16 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); const u16 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); const u16 r =3D ACC_BITS_MASK(ACC_READ_MASK); =20 @@ -5491,8 +5490,18 @@ static void update_permission_bitmask(struct kvm_mmu= *mmu, bool ept) u16 smapf =3D 0; =20 if (ept) { - ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; + const u16 xs =3D ACC_BITS_MASK(ACC_EXEC_MASK); + const u16 xu =3D ACC_BITS_MASK(ACC_USER_EXEC_MASK); + + if (pfec & PFERR_FETCH_MASK) { + /* Ignore XU unless MBEC is enabled. */ + if (cr4_smep) + ff =3D pfec & PFERR_USER_MASK ? (u16)~xu : (u16)~xs; + else + ff =3D (u16)~xs; + } } else { + const u16 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); const u16 u =3D ACC_BITS_MASK(ACC_USER_MASK); =20 /* Faults from kernel mode accesses to user pages */ diff --git a/arch/x86/kvm/mmu/mmutrace.h b/arch/x86/kvm/mmu/mmutrace.h index 44545f6f860a..e22588d3e145 100644 --- a/arch/x86/kvm/mmu/mmutrace.h +++ b/arch/x86/kvm/mmu/mmutrace.h @@ -354,8 +354,8 @@ TRACE_EVENT( __entry->sptep =3D virt_to_phys(sptep); __entry->level =3D level; __entry->r =3D shadow_present_mask || (__entry->spte & PT_PRESENT_MASK); - __entry->x =3D is_executable_pte(__entry->spte); - __entry->u =3D shadow_user_mask ? !!(__entry->spte & shadow_user_mask) := -1; + __entry->x =3D (__entry->spte & (shadow_xs_mask | shadow_nx_mask)) =3D= =3D shadow_xs_mask; + __entry->u =3D !!(__entry->spte & (shadow_xu_mask | shadow_user_mask)); ), =20 TP_printk("gfn %llx spte %llx (%s%s%s%s) level %d at %llx", @@ -363,7 +363,7 @@ TRACE_EVENT( __entry->r ? "r" : "-", __entry->spte & PT_WRITABLE_MASK ? "w" : "-", __entry->x ? "x" : "-", - __entry->u =3D=3D -1 ? "" : (__entry->u ? "u" : "-"), + __entry->u ? "u" : "-", __entry->level, __entry->sptep ) ); diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index bbdbf4ae2d65..c657ea90bb33 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -174,6 +174,10 @@ static inline unsigned FNAME(gpte_access)(u64 gpte) { unsigned access; #if PTTYPE =3D=3D PTTYPE_EPT + /* + * For now nested MBEC is not supported and permission_fault() ignores + * ACC_USER_EXEC_MASK. + */ access =3D ((gpte & VMX_EPT_WRITABLE_MASK) ? ACC_WRITE_MASK : 0) | ((gpte & VMX_EPT_EXECUTABLE_MASK) ? ACC_EXEC_MASK : 0) | ((gpte & VMX_EPT_READABLE_MASK) ? ACC_READ_MASK : 0); diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index 0b09124b0d54..0b3e2b97afbf 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -29,8 +29,9 @@ bool __read_mostly kvm_ad_enabled; u64 __read_mostly shadow_host_writable_mask; u64 __read_mostly shadow_mmu_writable_mask; u64 __read_mostly shadow_nx_mask; -u64 __read_mostly shadow_x_mask; /* mutual exclusive with nx_mask */ u64 __read_mostly shadow_user_mask; +u64 __read_mostly shadow_xs_mask; /* mutual exclusive with nx_mask and use= r_mask */ +u64 __read_mostly shadow_xu_mask; /* mutual exclusive with nx_mask and use= r_mask */ u64 __read_mostly shadow_accessed_mask; u64 __read_mostly shadow_dirty_mask; u64 __read_mostly shadow_mmio_value; @@ -216,22 +217,30 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_= page *sp, * when CR0.PG is toggled, but leveraging that to ignore the mitigation * would tie make_spte() further to vCPU/MMU state, and add complexity * just to optimize a mode that is anything but performance critical. + * + * Use ACC_USER_EXEC_MASK here assuming only Intel processors (EPT) + * are affected by the NX huge page erratum. */ - if (level > PG_LEVEL_4K && (pte_access & ACC_EXEC_MASK) && + if (level > PG_LEVEL_4K && + (pte_access & (ACC_EXEC_MASK | ACC_USER_EXEC_MASK)) && is_nx_huge_page_enabled(vcpu->kvm)) { - pte_access &=3D ~ACC_EXEC_MASK; + pte_access &=3D ~(ACC_EXEC_MASK | ACC_USER_EXEC_MASK); } =20 if (pte_access & ACC_READ_MASK) spte |=3D PT_PRESENT_MASK; /* or VMX_EPT_READABLE_MASK */ =20 - if (pte_access & ACC_EXEC_MASK) - spte |=3D shadow_x_mask; - else - spte |=3D shadow_nx_mask; - - if (pte_access & ACC_USER_MASK) - spte |=3D shadow_user_mask; + if (shadow_nx_mask) { + if (!(pte_access & ACC_EXEC_MASK)) + spte |=3D shadow_nx_mask; + if (pte_access & ACC_USER_MASK) + spte |=3D shadow_user_mask; + } else { + if (pte_access & ACC_EXEC_MASK) + spte |=3D shadow_xs_mask; + if (pte_access & ACC_USER_EXEC_MASK) + spte |=3D shadow_xu_mask; + } =20 if (level > PG_LEVEL_4K) spte |=3D PT_PAGE_SIZE_MASK; @@ -317,11 +326,13 @@ static u64 modify_spte_protections(u64 spte, u64 set,= u64 clear) static u64 make_spte_executable(u64 spte, u8 access) { u64 set, clear; - if (access & ACC_EXEC_MASK) - set =3D shadow_x_mask; + if (shadow_nx_mask) + set =3D (access & ACC_EXEC_MASK) ? 0 : shadow_nx_mask; else - set =3D shadow_nx_mask; - clear =3D set ^ (shadow_nx_mask | shadow_x_mask); + set =3D + (access & ACC_EXEC_MASK ? shadow_xs_mask : 0) | + (access & ACC_USER_EXEC_MASK ? shadow_xu_mask : 0); + clear =3D set ^ (shadow_nx_mask | shadow_xs_mask | shadow_xu_mask); return modify_spte_protections(spte, set, clear); } =20 @@ -388,7 +399,7 @@ u64 make_nonleaf_spte(u64 *child_pt, bool ad_disabled) =20 spte |=3D __pa(child_pt) | shadow_present_mask | PT_WRITABLE_MASK | PT_PRESENT_MASK /* or VMX_EPT_READABLE_MASK */ | - shadow_user_mask | shadow_x_mask | shadow_me_value; + shadow_user_mask | shadow_xs_mask | shadow_xu_mask | shadow_me_value; =20 if (ad_disabled) spte |=3D SPTE_TDP_AD_DISABLED; @@ -496,7 +507,8 @@ void kvm_mmu_set_ept_masks(bool has_ad_bits) shadow_accessed_mask =3D VMX_EPT_ACCESS_BIT; shadow_dirty_mask =3D VMX_EPT_DIRTY_BIT; shadow_nx_mask =3D 0ull; - shadow_x_mask =3D VMX_EPT_EXECUTABLE_MASK; + shadow_xs_mask =3D VMX_EPT_EXECUTABLE_MASK; + shadow_xu_mask =3D VMX_EPT_EXECUTABLE_MASK; shadow_present_mask =3D VMX_EPT_SUPPRESS_VE_BIT; =20 shadow_acc_track_mask =3D VMX_EPT_RWX_MASK; @@ -547,7 +559,8 @@ void kvm_mmu_reset_all_pte_masks(void) shadow_accessed_mask =3D PT_ACCESSED_MASK; shadow_dirty_mask =3D PT_DIRTY_MASK; shadow_nx_mask =3D PT64_NX_MASK; - shadow_x_mask =3D 0; + shadow_xs_mask =3D 0; + shadow_xu_mask =3D 0; shadow_present_mask =3D PT_PRESENT_MASK; =20 shadow_acc_track_mask =3D 0; diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 0c305f2f4ba0..7323ff19056b 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -54,7 +54,8 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); =20 #define ACC_READ_MASK PT_PRESENT_MASK #define ACC_WRITE_MASK PT_WRITABLE_MASK -#define ACC_USER_MASK PT_USER_MASK +#define ACC_USER_MASK PT_USER_MASK /* non EPT */ +#define ACC_USER_EXEC_MASK ACC_USER_MASK /* EPT only */ #define ACC_EXEC_MASK 8 #define ACC_ALL (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK |= ACC_READ_MASK) =20 @@ -184,8 +185,9 @@ extern bool __read_mostly kvm_ad_enabled; extern u64 __read_mostly shadow_host_writable_mask; extern u64 __read_mostly shadow_mmu_writable_mask; extern u64 __read_mostly shadow_nx_mask; -extern u64 __read_mostly shadow_x_mask; /* mutual exclusive with nx_mask */ extern u64 __read_mostly shadow_user_mask; +extern u64 __read_mostly shadow_xs_mask; /* mutual exclusive with nx_mask = and user_mask */ +extern u64 __read_mostly shadow_xu_mask; /* mutual exclusive with nx_mask = and user_mask */ extern u64 __read_mostly shadow_accessed_mask; extern u64 __read_mostly shadow_dirty_mask; extern u64 __read_mostly shadow_mmio_value; @@ -352,7 +354,7 @@ static inline bool is_last_spte(u64 pte, int level) =20 static inline bool is_executable_pte(u64 spte) { - return (spte & (shadow_x_mask | shadow_nx_mask)) =3D=3D shadow_x_mask; + return (spte & (shadow_xs_mask | shadow_xu_mask | shadow_nx_mask)) !=3D s= hadow_nx_mask; } =20 static inline kvm_pfn_t spte_to_pfn(u64 pte) --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F24B32561A7 for ; Sat, 21 Mar 2026 00:10:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051808; cv=none; b=d1x7LbVddqsMqDNX6YvTCgHDDlyvX5rQzJfGocBd5+sc6p+fWO3Aa3BwsTrCgQa2gJm4QzHI6WmeJYrXgQX7p6dh2ATjnOMpXV0HEkAX7m3LKLmVOVPAB7YImYHuJFxfGOBaQ+NHjJQgV1LPp1Ld7L/4TSWIEw7fYVpsS1oOryI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051808; c=relaxed/simple; bh=thxTCLXMnXXt46NcG+nxt5y3q4ww1NruS+v2uYl1Qy8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=kStN/AnXhm1V47FxRDC+Hyr8AR6IScw0yvEs18entb4Y+qe4kzOzKvTB75hjXTNXYRdQuw9pu92kY+EJJa3EdR1tP17FZroQ+CRTUmZP6xOCGNZbnDfoul3GRYjqsSNMn4jtC1jWg58S84HPUz1hJHAahQfbRG9KJBrtl0AH+6I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=if74V9tw; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=AGyCdr++; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="if74V9tw"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="AGyCdr++" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051805; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Rt4woCnFZxmsTI89VQAPOQ9bzq7Xm3BBIVink+l0C4o=; b=if74V9twlGMKpoDnAUPexwagW/Ak4XvBOjIOInNsGjMVhJCsxDITTUzMBTm3DKkDYFxyAp qaYPKgQTYOPds1n8Nmbux+9cjShcUdPZ6nCII3Ci1e3OQ+iPe0D2EEQXuzp91oopkAxnig 5nJCnbQ9XrLOxBJJ50MxFw7VuyMY5yY= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-368-qCZ85rLkPoe3MoSBHT4aVQ-1; Fri, 20 Mar 2026 20:10:03 -0400 X-MC-Unique: qCZ85rLkPoe3MoSBHT4aVQ-1 X-Mimecast-MFC-AGG-ID: qCZ85rLkPoe3MoSBHT4aVQ_1774051802 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-485c45885e6so33080545e9.0 for ; Fri, 20 Mar 2026 17:10:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051801; x=1774656601; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Rt4woCnFZxmsTI89VQAPOQ9bzq7Xm3BBIVink+l0C4o=; b=AGyCdr++AmIdbSEqEW7XdvDbQgdT6wCnBFXr0wREbppk4pBpifFvOSeLJ/u5rGlEds h6RsbMqQjDZPvbMwsW030rfPnjA7+8Ii3ulpfcVwBevuhGBvvfL8ey1c1JNm/31jINkA qMIDO+LZKvDDM06y50NTww25muRcig9gi5F2Xg/ca4V/9jsQCPRFaxGuDASjNPKpWBJw AXvhE90bnNFtBZNaS5uEBJbMWKmypzy0DwoiIeXmbzNEmdjck2jRocaamzyAxYfbX2Yx 0p2mSLv6B1EaQwm2jsNZDNFxZE0FwWxy0bh3jx1co9+Ex1Si25+KwJlAvQ33VEkfrUhI 5q1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051801; x=1774656601; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Rt4woCnFZxmsTI89VQAPOQ9bzq7Xm3BBIVink+l0C4o=; b=VpLjDNXSXcznC6zok9584NT5Mecx8Q3NvgmJG2ckc+rBKFSR89LnrpOT2V4qcGamfk BE6XNu05dN4/ZhQQAH2WAdxIklY8bAX0KH2ww33v01WFz8dU4FBv0bXKEdtzdaV1X5lJ cDck9cXlPP+8QebK758bIrIU4HWwbVY9+MDWN2v9SKexHr9gPSEHyq+hJ97DtQQ83yLK 11TCNy2gWNJQ7E59HIGcWU0p7SAW/wgXi3M+QlMpv5QwVaFzmd7Let1PxB2945PkU24Q saRMPwvXFAte4H6m/3Bahwv3ZA+c/GS1XPZnxOBDs29mKGBrGhCd93MRIMHkAkTgOy0F VB5g== X-Gm-Message-State: AOJu0YwapNduqDBfrmo1hVHhcPEOF/wfCr1Q09qskWjsTKncDDIGA9eP mWeQGFVIOTwV9bKNgfHJThsplZKU203vsGP/7XCg6laD2BVcNV55G6gFrLihIaVJ90m03gzB8+v 9N94o/nwbslGgxszFIkC57GIvrF9OCIiM8XmW+LTY4CjRYkTOUqq0lKzm53aZfQpwkhMjqToBRg HTLqRvV6t0rt4nSlNRpIFEZ9yIgJX8HS6EherpBfDvqqSQaFU4Ng== X-Gm-Gg: ATEYQzypvcSIEI41l/x4Yb4aBLQ4o9k5GXetIwyV7bhF0pXcPo1QkwQPy+hdxLjZM10 bpY/1nerA44OeEAb0OZd3vrMHuvi8wxFqTchCgyYQ+XJzNuGKJoUvinebr3dqbpld3kdTUN6Uoc FcUa3ofXwp2Pr07KvF7FSzahOJ7lEU4sHsxtrYg88wL18uSR4Gpwb+GMkYtQdDeKmEnwyqwPcJJ CrJuoN0O6WpruR/X8NH6ikmA6Poh8thMIMsqpGPLOlRIqllXkYkzkyj4LH1MaOt5l9C/EmHvF5T mqsM6aKwloIg45d7nPrXIQN4riwn9zYD+ZqjW20bK6PqdViyuNbk2i4Ol7P2zPM4Bkeb8T0dXpI HQa550jmn4YmHitq/8GoyumYULox8fbIGHXUUpmsdBvQhu9sqf3A2TZN5BQUWnZ0QDbpbxx5lxm P0o87qsmb5b9nWaL/AQFvkC13I X-Received: by 2002:a05:600c:a43:b0:485:3f1c:d897 with SMTP id 5b1f17b1804b1-486fedb586dmr71991035e9.9.1774051801170; Fri, 20 Mar 2026 17:10:01 -0700 (PDT) X-Received: by 2002:a05:600c:a43:b0:485:3f1c:d897 with SMTP id 5b1f17b1804b1-486fedb586dmr71990725e9.9.1774051800604; Fri, 20 Mar 2026 17:10:00 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486fe68ec05sm160796775e9.0.2026.03.20.17.09.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:09:58 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 11/22] KVM: x86/mmu: move cr4_smep to base role Date: Sat, 21 Mar 2026 01:09:20 +0100 Message-ID: <20260321000931.1947084-12-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Guest page tables can be reused independent of the value of CR4.SMEP (at least if WP=3D1). However, this is not true of EPT MBEC pages, because presence of EPT entries is signaled by bits 0-2 when MBEC is off, and bits 0-2 + bit 10 when MBEC is on. In preparation for enabling MBEC, move cr4_smep to the base role. This makes the smep_andnot_wp bit redundant, so remove it. Signed-off-by: Paolo Bonzini --- Documentation/virt/kvm/x86/mmu.rst | 10 ++++------ arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 23 +++++++++++++++-------- arch/x86/kvm/mmu/mmu.c | 6 +++--- 4 files changed, 23 insertions(+), 17 deletions(-) diff --git a/Documentation/virt/kvm/x86/mmu.rst b/Documentation/virt/kvm/x8= 6/mmu.rst index 2b3b6d442302..666aa179601a 100644 --- a/Documentation/virt/kvm/x86/mmu.rst +++ b/Documentation/virt/kvm/x86/mmu.rst @@ -184,10 +184,8 @@ Shadow pages contain the following information: Contains the value of efer.nx for which the page is valid. role.cr0_wp: Contains the value of cr0.wp for which the page is valid. - role.smep_andnot_wp: - Contains the value of cr4.smep && !cr0.wp for which the page is valid - (pages for which this is true are different from other pages; see the - treatment of cr0.wp=3D0 below). + role.cr4_smep: + Contains the value of cr4.smep for which the page is valid. role.smap_andnot_wp: Contains the value of cr4.smap && !cr0.wp for which the page is valid (pages for which this is true are different from other pages; see the @@ -435,8 +433,8 @@ from being written by the kernel after cr0.wp has chang= ed to 1, we make the value of cr0.wp part of the page role. This means that an spte created with one value of cr0.wp cannot be used when cr0.wp has a different value - it will simply be missed by the shadow page lookup code. A similar issue -exists when an spte created with cr0.wp=3D0 and cr4.smep=3D0 is used after -changing cr4.smep to 1. To avoid this, the value of !cr0.wp && cr4.smep +exists when an spte created with cr0.wp=3D0 and cr4.smap=3D0 is used after +changing cr4.smap to 1. To avoid this, the value of !cr0.wp && cr4.smap is also made a part of the page role. =20 Large pages diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-= x86-ops.h index 18a5c3119e1a..2ac25b418b26 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -93,6 +93,7 @@ KVM_X86_OP_OPTIONAL(sync_pir_to_irr) KVM_X86_OP_OPTIONAL_RET0(set_tss_addr) KVM_X86_OP_OPTIONAL_RET0(set_identity_map_addr) KVM_X86_OP_OPTIONAL_RET0(get_mt_mask) +KVM_X86_OP_OPTIONAL_RET0(tdp_has_smep) KVM_X86_OP(load_mmu_pgd) KVM_X86_OP_OPTIONAL(link_external_spt) KVM_X86_OP_OPTIONAL(set_external_spte) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 3efb238c683c..0d6d20ab48dd 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -332,8 +332,8 @@ struct kvm_kernel_irq_routing_entry; * paging has exactly one upper level, making level completely redunda= nt * when has_4_byte_gpte=3D1. * - * - on top of this, smep_andnot_wp and smap_andnot_wp are only set if - * cr0_wp=3D0, therefore these three bits only give rise to 5 possibil= ities. + * - on top of this, smap_andnot_wp is only set if cr0_wp=3D0, + * therefore these two bits only give rise to 3 possibilities. * * Therefore, the maximum number of possible upper-level shadow pages for a * single gfn is a bit less than 2^14. @@ -349,12 +349,19 @@ union kvm_mmu_page_role { unsigned invalid:1; unsigned efer_nx:1; unsigned cr0_wp:1; - unsigned smep_andnot_wp:1; unsigned smap_andnot_wp:1; unsigned ad_disabled:1; unsigned guest_mode:1; unsigned passthrough:1; unsigned is_mirror:1; + + /* + * cr4_smep is also set for EPT MBEC. Because it affects + * which pages are considered non-present (bit 10 additionally + * must be zero if MBEC is on) it has to be in the base role. + */ + unsigned cr4_smep:1; + unsigned :3; =20 /* @@ -381,10 +388,10 @@ union kvm_mmu_page_role { * tables (because KVM doesn't support Protection Keys with shadow paging)= , and * CR0.PG, CR4.PAE, and CR4.PSE are indirectly reflected in role.level. * - * Note, SMEP and SMAP are not redundant with sm*p_andnot_wp in the page r= ole. - * If CR0.WP=3D1, KVM can reuse shadow pages for the guest regardless of S= MEP and - * SMAP, but the MMU's permission checks for software walks need to be SME= P and - * SMAP aware regardless of CR0.WP. + * Note, SMAP is not redundant with smap_andnot_wp in the page role. If + * CR0.WP=3D1, KVM can reuse shadow pages for the guest regardless of SMAP, + * but the MMU's permission checks for software walks need to be SMAP + * aware regardless of CR0.WP. */ union kvm_mmu_extended_role { u32 word; @@ -394,7 +401,6 @@ union kvm_mmu_extended_role { unsigned int cr4_pse:1; unsigned int cr4_pke:1; unsigned int cr4_smap:1; - unsigned int cr4_smep:1; unsigned int cr4_la57:1; unsigned int efer_lma:1; }; @@ -1813,6 +1819,7 @@ struct kvm_x86_ops { int (*set_tss_addr)(struct kvm *kvm, unsigned int addr); int (*set_identity_map_addr)(struct kvm *kvm, u64 ident_addr); u8 (*get_mt_mask)(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio); + bool (*tdp_has_smep)(struct kvm *kvm); =20 void (*load_mmu_pgd)(struct kvm_vcpu *vcpu, hpa_t root_hpa, int root_level); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 254d69c4b9f3..a0b4774e405a 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -227,7 +227,7 @@ static inline bool __maybe_unused is_##reg##_##name(str= uct kvm_mmu *mmu) \ } BUILD_MMU_ROLE_ACCESSOR(base, cr0, wp); BUILD_MMU_ROLE_ACCESSOR(ext, cr4, pse); -BUILD_MMU_ROLE_ACCESSOR(ext, cr4, smep); +BUILD_MMU_ROLE_ACCESSOR(base, cr4, smep); BUILD_MMU_ROLE_ACCESSOR(ext, cr4, smap); BUILD_MMU_ROLE_ACCESSOR(ext, cr4, pke); BUILD_MMU_ROLE_ACCESSOR(ext, cr4, la57); @@ -5653,7 +5653,7 @@ static union kvm_cpu_role kvm_calc_cpu_role(struct kv= m_vcpu *vcpu, =20 role.base.efer_nx =3D ____is_efer_nx(regs); role.base.cr0_wp =3D ____is_cr0_wp(regs); - role.base.smep_andnot_wp =3D ____is_cr4_smep(regs) && !____is_cr0_wp(regs= ); + role.base.cr4_smep =3D ____is_cr4_smep(regs); role.base.smap_andnot_wp =3D ____is_cr4_smap(regs) && !____is_cr0_wp(regs= ); role.base.has_4_byte_gpte =3D !____is_cr4_pae(regs); =20 @@ -5665,7 +5665,6 @@ static union kvm_cpu_role kvm_calc_cpu_role(struct kv= m_vcpu *vcpu, else role.base.level =3D PT32_ROOT_LEVEL; =20 - role.ext.cr4_smep =3D ____is_cr4_smep(regs); role.ext.cr4_smap =3D ____is_cr4_smap(regs); role.ext.cr4_pse =3D ____is_cr4_pse(regs); =20 @@ -5724,6 +5723,7 @@ kvm_calc_tdp_mmu_root_page_role(struct kvm_vcpu *vcpu, =20 role.access =3D ACC_ALL; role.cr0_wp =3D true; + role.cr4_smep =3D kvm_x86_call(tdp_has_smep)(vcpu->kvm); role.efer_nx =3D true; role.smm =3D cpu_role.base.smm; role.guest_mode =3D cpu_role.base.guest_mode; --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 25F2E221FCD for ; Sat, 21 Mar 2026 00:10:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051810; cv=none; b=HwDWJ4KJIU7j1NK29nzyTRDQ8JeGp3kImqk71BaTvDfjlGUz0FAjDuTkxStwA4dwKNq4WwmUeWvM5PuP5gfZ/POfvMmmi6U++kBUoPWglE8hwCCIC9AKQOa8d46akPYXIZzQzPJefZVz/+9STTT22wWqnMPA3xpzk/3ydIcIfYs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051810; c=relaxed/simple; bh=6hAYeH1jg734OzEy9t2zHNEGzLF64Xen0G6aA0tUh0E=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=cVYyJuSfJkV3zBBjJdVb+x5mQuqfvumiSXLEsJfj7vyYbEvEuRsRj7D3i21nZIll0xxfC4YWZJO+OqgDWD7eAgIzUgLkPgNcU3orbEDMCoPqzb3hscF0EA0qFSZ3bdtH4pHXPK5gkFLFp8aWkjVJxByQeaxqlxHWFQIueQvzrPA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=jQjJWcPE; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=YmdY9CuA; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="jQjJWcPE"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="YmdY9CuA" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051808; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=19ie81EeW2ptRkJG9krhvX9JhFD1zD6U9sRVAVS7sWE=; b=jQjJWcPEnyuqP8zSqSnn52DUZPyXImluUgGM9gDbBhDxix5JreHgOs9ADuFGbx07DTLo0O uel+Pbo2iDgdEOiaB74PmKp4j19v87kdaZ5JQw6R+YcjyXK8NV0y/Ux13B2LAHRJ2S8Cu7 6qO3byv5e1IL3IcqBxgUCliUYV6A1tw= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-102-KBSx_gvCMhyCtt37Nr_5mw-1; Fri, 20 Mar 2026 20:10:07 -0400 X-MC-Unique: KBSx_gvCMhyCtt37Nr_5mw-1 X-Mimecast-MFC-AGG-ID: KBSx_gvCMhyCtt37Nr_5mw_1774051806 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-4853466655dso26694865e9.3 for ; Fri, 20 Mar 2026 17:10:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051804; x=1774656604; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=19ie81EeW2ptRkJG9krhvX9JhFD1zD6U9sRVAVS7sWE=; b=YmdY9CuAiReLEveh3SWStOU39FEbqHeIJugDgmwh+tFb8sAwMCS8xZfXiyKw0UeUym t5Sif+Ez45BFOknSxQvTdqdESNKDEwPiJN1Fw5JArBBH9NoiXPeSP6gwfYbUreRIg4OA gHwL4OBFZsR0arKACuAwoVtm97NIB/WOctRawLdfVxfU/gnikQf6PA5WAwXxZhbLERQq hgNPWkTEjemE2C7MLTVfPL/FnnB7ImL4ejLPutqprDtrWzvVJABTeeYKgPpkH75KRNUT goPQ1l5QtAqhqGa2mFLtuDzdh/lzK9Y81xO0lqYdfOO7pxFm+Gg3b0/DNqT19zwEKDur zHbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051804; x=1774656604; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=19ie81EeW2ptRkJG9krhvX9JhFD1zD6U9sRVAVS7sWE=; b=levCxGkH1tPEazoLD/He3YLFavG0siYskvgCcI5bpPbvAjZgYCV7si5d/5Bl0lSbtT 2YlSeTwERNwm7S1IAc4+M0y6uQwlLdtJTUGASpJK6wcdWbHh/D9bSVlg2gFzucY5h7hv eQI/V/GZZBOOEwvrTrN+lsMxI1jgWuE1XcUgSb9NDWLT7wpIAHkQnB0LGK6CGn0MbIoO WAqNKmJ+LjfiEMad96DSxTS274T1GUi+OJoDlt2RKvYR7iEdFqRyeYoXcrVYljKuyMoq TsWLPGpIOI+QDbJFWr0WBWBdzN1jpWej75CusnOykgqp/q6T08oTrbrB5RPSc4RGVboB MAeA== X-Gm-Message-State: AOJu0YyllDaL8jptlruLQtbVP/BsUZpftP6ZwXmZV9Sd2YZMcZPDox1H 6LxReyCvrS/qLIohvIzhnZMbezgSrcYvYYlUTc8LQfVnX1/9W8dVQer5XghBXGuUds81jSwp/KI Mb3iCnIBCVNBjvkQNurhq0Q15uYo68zBJjNsq53SegmBlKvbY/V+xi6jYYKdPJLoCZjtJlvJS8y N1bXavY9z4VPIzrpbGx4y/P1b3v7M/lELugF7DjMVsZNpck2tGww== X-Gm-Gg: ATEYQzwSSnbKDMWtivj9d+kKjPODWWmC/G8NY61325xWHAKddgG8A6hNinV2oUq4wXt DIM1WNbWpljhXRtko/9ma9VCSj0j5qTWuZV8lMnYRb2SnvVQrzUyzH88J8d9WNQ/6TZMq1I5ILT tXEX8l3KVgBSV2pj2oR5MweHHskFp6u+IjUw86WjABKs8k8oPnd4WwLNZkGimXyrnLd0lq9JExQ yF99teanfvrVwbZ3y5/0wsmzR+kYz0elIuc1hsr5MZIeoxbRwxd1L1a/Qx25PcUPw/ReobhIg+X pBrsOpQl+2qfpupipb8ECKzPGuRblXwX0WoTLWfAAJVZv9fSVr1wQOfRrtdZC4/8EWIj4vppWpD bdArbW7YjkFNgfkk6Uf/LXqeyk6cjv4OKT6iufx01GReR74EsHF/UX4xBi9irOrRVvihJtNuvYk EDYiK+mFzvqscJvUhZ4/6nFynF X-Received: by 2002:a05:600c:c8a:b0:485:4453:401d with SMTP id 5b1f17b1804b1-486fede7336mr71303875e9.2.1774051804345; Fri, 20 Mar 2026 17:10:04 -0700 (PDT) X-Received: by 2002:a05:600c:c8a:b0:485:4453:401d with SMTP id 5b1f17b1804b1-486fede7336mr71303425e9.2.1774051803859; Fri, 20 Mar 2026 17:10:03 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486ff1d3befsm25877895e9.32.2026.03.20.17.10.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:01 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 12/22] KVM: VMX: enable use of MBEC Date: Sat, 21 Mar 2026 01:09:21 +0100 Message-ID: <20260321000931.1947084-13-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add SECONDARY_EXEC_MODE_BASED_EPT_EXEC as optional secondary execution control bit. If enabled, configure XS and XU separately (even if they are always used together). Signed-off-by: Paolo Bonzini --- arch/x86/include/asm/vmx.h | 3 +++ arch/x86/kvm/mmu.h | 7 ++++++- arch/x86/kvm/mmu/spte.c | 4 ++-- arch/x86/kvm/mmu/spte.h | 5 +++-- arch/x86/kvm/vmx/capabilities.h | 6 ++++++ arch/x86/kvm/vmx/common.h | 17 ++++++++++++----- arch/x86/kvm/vmx/main.c | 11 ++++++++++- arch/x86/kvm/vmx/vmx.c | 16 +++++++++++++++- arch/x86/kvm/vmx/vmx.h | 1 + arch/x86/kvm/vmx/x86_ops.h | 1 + 10 files changed, 59 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index 0041f8a77447..5fef7a531cb7 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -597,9 +597,12 @@ enum vm_entry_failure_code { #define EPT_VIOLATION_GVA_TRANSLATED BIT(8) =20 #define EPT_VIOLATION_RWX_TO_PROT(__epte) (((__epte) & VMX_EPT_RWX_MASK) <= < 3) +#define EPT_VIOLATION_USER_EXEC_TO_PROT(__epte) (((__epte) & VMX_EPT_USER_= EXECUTABLE_MASK) >> 4) =20 static_assert(EPT_VIOLATION_RWX_TO_PROT(VMX_EPT_RWX_MASK) =3D=3D (EPT_VIOLATION_PROT_READ | EPT_VIOLATION_PROT_WRITE | EPT_VIOLATION= _PROT_EXEC)); +static_assert(EPT_VIOLATION_USER_EXEC_TO_PROT(VMX_EPT_USER_EXECUTABLE_MASK= ) =3D=3D + (EPT_VIOLATION_PROT_USER_EXEC)); =20 /* * Exit Qualifications for NOTIFY VM EXIT diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index f5d35f66750b..2a6caac39d40 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -76,12 +76,17 @@ static inline gfn_t kvm_mmu_max_gfn(void) return (1ULL << (max_gpa_bits - PAGE_SHIFT)) - 1; } =20 +static inline bool mmu_has_mbec(struct kvm_mmu *mmu) +{ + return mmu->root_role.cr4_smep; +} + u8 kvm_mmu_get_max_tdp_level(void); =20 void kvm_mmu_set_mmio_spte_mask(u64 mmio_value, u64 mmio_mask, u64 access_= mask); void kvm_mmu_set_mmio_spte_value(struct kvm *kvm, u64 mmio_value); void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_mask); -void kvm_mmu_set_ept_masks(bool has_ad_bits); +void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_mbec); =20 void kvm_init_mmu(struct kvm_vcpu *vcpu); void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0, diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index 0b3e2b97afbf..f51e74e7202d 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -499,7 +499,7 @@ void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_mask) } EXPORT_SYMBOL_GPL(kvm_mmu_set_me_spte_mask); =20 -void kvm_mmu_set_ept_masks(bool has_ad_bits) +void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_mbec) { kvm_ad_enabled =3D has_ad_bits; =20 @@ -508,7 +508,7 @@ void kvm_mmu_set_ept_masks(bool has_ad_bits) shadow_dirty_mask =3D VMX_EPT_DIRTY_BIT; shadow_nx_mask =3D 0ull; shadow_xs_mask =3D VMX_EPT_EXECUTABLE_MASK; - shadow_xu_mask =3D VMX_EPT_EXECUTABLE_MASK; + shadow_xu_mask =3D has_mbec ? VMX_EPT_USER_EXECUTABLE_MASK : VMX_EPT_EXE= CUTABLE_MASK; shadow_present_mask =3D VMX_EPT_SUPPRESS_VE_BIT; =20 shadow_acc_track_mask =3D VMX_EPT_RWX_MASK; diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 7323ff19056b..61414f8deaa2 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -24,7 +24,7 @@ * - bits 55 (EPT only): MMU-writable * - bits 56-59: unused * - bits 60-61: type of A/D tracking - * - bits 62: unused + * - bits 62 (EPT only): saved XU bit for disabled AD */ =20 /* @@ -72,7 +72,8 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); * must not overlap the A/D type mask. */ #define SHADOW_ACC_TRACK_SAVED_BITS_MASK (VMX_EPT_READABLE_MASK | \ - VMX_EPT_EXECUTABLE_MASK) + VMX_EPT_EXECUTABLE_MASK | \ + VMX_EPT_USER_EXECUTABLE_MASK) #define SHADOW_ACC_TRACK_SAVED_BITS_SHIFT 52 #define SHADOW_ACC_TRACK_SAVED_MASK (SHADOW_ACC_TRACK_SAVED_BITS_MASK << \ SHADOW_ACC_TRACK_SAVED_BITS_SHIFT) diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilitie= s.h index 3bda6a621d8a..02037e559410 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -393,4 +393,10 @@ static inline bool cpu_has_notify_vmexit(void) SECONDARY_EXEC_NOTIFY_VM_EXITING; } =20 +static inline bool cpu_has_ept_mbec(void) +{ + return vmcs_config.cpu_based_2nd_exec_ctrl & + SECONDARY_EXEC_MODE_BASED_EPT_EXEC; +} + #endif /* __KVM_X86_VMX_CAPS_H */ diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h index 1afbf272efae..eff0b51bfda5 100644 --- a/arch/x86/kvm/vmx/common.h +++ b/arch/x86/kvm/vmx/common.h @@ -74,6 +74,8 @@ static __always_inline bool is_td_vcpu(struct kvm_vcpu *v= cpu) { return false; } =20 #endif =20 +extern int vt_get_cpl(struct kvm_vcpu *vcpu); + static inline bool vt_is_tdx_private_gpa(struct kvm *kvm, gpa_t gpa) { /* For TDX the direct mask is the shared mask. */ @@ -91,15 +93,20 @@ static inline int __vmx_handle_ept_violation(struct kvm= _vcpu *vcpu, gpa_t gpa, /* Is it a fetch fault? */ error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_INSTR) ? PFERR_FETCH_MASK : 0; - /* - * ept page table entry is present? - * note: unconditionally clear USER_EXEC until mode-based - * execute control is implemented - */ + /* Is it a fetch fault? */ + error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_INSTR) + ? PFERR_FETCH_MASK : 0; + /* ept page table entry is present? */ error_code |=3D (exit_qualification & (EPT_VIOLATION_PROT_MASK & ~EPT_VIOLATION_PROT_USER_EXEC)) ? PFERR_PRESENT_MASK : 0; =20 + if (mmu_has_mbec(vcpu->arch.mmu)) { + error_code |=3D vt_get_cpl(vcpu) > 0 ? PFERR_USER_MASK : 0; + error_code |=3D (exit_qualification & EPT_VIOLATION_PROT_USER_EXEC) + ? PFERR_PRESENT_MASK : 0; + } + if (exit_qualification & EPT_VIOLATION_GVA_IS_VALID) error_code |=3D (exit_qualification & EPT_VIOLATION_GVA_TRANSLATED) ? PFERR_GUEST_FINAL_MASK : PFERR_GUEST_PAGE_MASK; diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index dbab1c15b0cd..601d1b7437a8 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -354,7 +354,7 @@ static void vt_set_segment(struct kvm_vcpu *vcpu, struc= t kvm_segment *var, vmx_set_segment(vcpu, var, seg); } =20 -static int vt_get_cpl(struct kvm_vcpu *vcpu) +int vt_get_cpl(struct kvm_vcpu *vcpu) { if (is_td_vcpu(vcpu)) return 0; @@ -750,6 +750,14 @@ static int vt_set_identity_map_addr(struct kvm *kvm, u= 64 ident_addr) return vmx_set_identity_map_addr(kvm, ident_addr); } =20 +static bool vt_tdp_has_smep(struct kvm *kvm) +{ + if (is_td(kvm)) + return false; + + return vmx_tdp_has_smep(kvm); +} + static u64 vt_get_l2_tsc_offset(struct kvm_vcpu *vcpu) { /* TDX doesn't support L2 guest at the moment. */ @@ -952,6 +960,7 @@ struct kvm_x86_ops vt_x86_ops __initdata =3D { .set_tss_addr =3D vt_op(set_tss_addr), .set_identity_map_addr =3D vt_op(set_identity_map_addr), .get_mt_mask =3D vmx_get_mt_mask, + .tdp_has_smep =3D vt_op(tdp_has_smep), =20 .get_exit_info =3D vt_op(get_exit_info), .get_entry_info =3D vt_op(get_entry_info), diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 98801c408b8c..350d26f792c4 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -112,6 +112,9 @@ module_param(emulate_invalid_guest_state, bool, 0444); static bool __read_mostly fasteoi =3D 1; module_param(fasteoi, bool, 0444); =20 +static bool __read_mostly enable_mbec =3D 1; +module_param_named(mbec, enable_mbec, bool, 0444); + module_param(enable_apicv, bool, 0444); module_param(enable_ipiv, bool, 0444); =20 @@ -2625,6 +2628,7 @@ static int setup_vmcs_config(struct vmcs_config *vmcs= _conf, return -EIO; =20 vmx_cap->ept =3D 0; + _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_MODE_BASED_EPT_EXEC; _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_EPT_VIOLATION_VE; } if (!(_cpu_based_2nd_exec_control & SECONDARY_EXEC_ENABLE_VPID) && @@ -4520,6 +4524,9 @@ static u32 vmx_secondary_exec_control(struct vcpu_vmx= *vmx) */ exec_control &=3D ~SECONDARY_EXEC_ENABLE_VMFUNC; =20 + if (!enable_mbec) + exec_control &=3D ~SECONDARY_EXEC_MODE_BASED_EPT_EXEC; + /* SECONDARY_EXEC_DESC is enabled/disabled on writes to CR4.UMIP, * in vmx_set_cr4. */ exec_control &=3D ~SECONDARY_EXEC_DESC; @@ -7580,6 +7587,11 @@ u8 vmx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn,= bool is_mmio) return (MTRR_TYPE_WRBACK << VMX_EPT_MT_EPTE_SHIFT); } =20 +bool vmx_tdp_has_smep(struct kvm *kvm) +{ + return enable_mbec; +} + static void vmcs_set_secondary_exec_control(struct vcpu_vmx *vmx, u32 new_= ctl) { /* @@ -8406,6 +8418,8 @@ __init int vmx_hardware_setup(void) ple_window_shrink =3D 0; } =20 + if (!cpu_has_ept_mbec()) + enable_mbec =3D 0; if (!cpu_has_vmx_apicv()) enable_apicv =3D 0; if (!enable_apicv) @@ -8425,7 +8439,7 @@ __init int vmx_hardware_setup(void) set_bit(0, vmx_vpid_bitmap); /* 0 is reserved for host */ =20 if (enable_ept) - kvm_mmu_set_ept_masks(enable_ept_ad_bits); + kvm_mmu_set_ept_masks(enable_ept_ad_bits, enable_mbec); else vt_x86_ops.get_mt_mask =3D NULL; =20 diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index d3389baf3ab3..743fa33b349e 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -576,6 +576,7 @@ static inline u8 vmx_get_rvi(void) SECONDARY_EXEC_ENABLE_VMFUNC | \ SECONDARY_EXEC_BUS_LOCK_DETECTION | \ SECONDARY_EXEC_NOTIFY_VM_EXITING | \ + SECONDARY_EXEC_MODE_BASED_EPT_EXEC | \ SECONDARY_EXEC_ENCLS_EXITING | \ SECONDARY_EXEC_EPT_VIOLATION_VE) =20 diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 2b3424f638db..1fb1128b1eb7 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -104,6 +104,7 @@ void vmx_load_eoi_exitmap(struct kvm_vcpu *vcpu, u64 *e= oi_exit_bitmap); int vmx_set_tss_addr(struct kvm *kvm, unsigned int addr); int vmx_set_identity_map_addr(struct kvm *kvm, u64 ident_addr); u8 vmx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio); +bool vmx_tdp_has_smep(struct kvm *kvm); =20 void vmx_get_exit_info(struct kvm_vcpu *vcpu, u32 *reason, u64 *info1, u64 *info2, u32 *intr_info, u32 *error_code); --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B7CF2ED17B for ; Sat, 21 Mar 2026 00:10:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051814; cv=none; b=RUC0Atx5p6opm7BmwDgA3nvIHUAtm21OIr2gbNTk0dNu3JZhi6k0pRdzsqEReZczy2ymuBW23IY40bQ9K7JSREU1ZRSM/kY0DvFywqKNlMewDl8HNCVBm7ray1cowqGZ0nFF5+/rCTHrxJP1+WOvj6Dz8HbD+4E7fbTKvYYQJGY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051814; c=relaxed/simple; bh=ANppQFqf+X4t4pHOfjYdzVVFwAF97XHTPN/zZhag3Ps=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=n2JwRkd3o2FgIZULzDp8FwyQKjxGN+VwlCsWFt0dNa03IvEDymYv1wKWuUr24ZG/iSicbA36LdYYL32njonFl4pVthiBZbweDnJSRGLILgMxBDz6dUDWaV/N+KFrIcVKM70p9PkQxP4VzgB1Z9kd/TrMD51jcHhx3tGIRQ8Yoz4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=MrLnXcEI; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=OnpumlhD; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="MrLnXcEI"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="OnpumlhD" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051811; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zdVmercWnCZLP8zFvHBbqxOZlu/sYmRu38PlBYz1DLw=; b=MrLnXcEICp8dOW9SImnkMq5Z7X082CFhsGY5tsjzTxOkKlV+MI/x2nPqUjWVYqeji4iitb ngEWFPq1qJhU9T/xSWyMSni+LKDeTRwr4ZdTByW65BsNEYZAolPkl880BUFumYHAh8eJ2N /pUeMvdHgyG4C1IEVErAJqUpx5Taipg= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-611-5Bl-mymeNQen5wjLiVX62Q-1; Fri, 20 Mar 2026 20:10:09 -0400 X-MC-Unique: 5Bl-mymeNQen5wjLiVX62Q-1 X-Mimecast-MFC-AGG-ID: 5Bl-mymeNQen5wjLiVX62Q_1774051808 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-486f89b7f69so15179065e9.0 for ; Fri, 20 Mar 2026 17:10:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051807; x=1774656607; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=zdVmercWnCZLP8zFvHBbqxOZlu/sYmRu38PlBYz1DLw=; b=OnpumlhD4bB93COB0i+aQ9dSXMxvANr0bncrOFxU3MT5CljNInJ1plrTDDyFC7MV6e 5qP4CUF4Jxsh/chZTZKETUzaUZkh4N5sJXoL6jPzB2Xq/PiEUgzNfTRXnOlPn7uO7Jd1 P8VIUGcA/NzJtq+YwKVgguTlx/oW9rlsdxhzMj+Us3hUonNc4H9mjKsIXOJwhm4INxUo a3vVirOBQM0TRRkT4fYVca1ev0hLhxO99NIDoktpsLw7n3dCMpQUsbGNpnfmmdbunLZH GL3RZ8EdlOv/m8evroidKiTEQWMAwbl/B3WQudkgjfHUKwxjh4LB7T6U34t1Cy3JoF8b NRKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051807; x=1774656607; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=zdVmercWnCZLP8zFvHBbqxOZlu/sYmRu38PlBYz1DLw=; b=cfHAlZvfHoOYuFgt/Z/jK42RcZVAbYqWSPk/zgXHg5AVPQ3YeFxNaQhwZz8qeVQJN4 9OkvxwE2+DF7KkjOh3FBA/W3kh1e0lAEmdan47yOY8LmWKaOsBqFHWSUPMmDI8kHTFDR ic6+GzoZsl8pwjBRJlXGmLiTCk0asbCRjPXe5yNRKwjwfmwia89wq3CLDOPqJtVcoLlb i2fMfubMMLBSyfLK3oUY7+WGtEuqhQrlzBb+kl9VWXlBzW+hFrbSEu0u4Kpip6XQ3UeW fX16iaAP1E/45RubxIpDWoY4wzuTroFnx4LxTvjxbPxLKUjP1ZMVm2s4qtB6VcDHXG1A xWxA== X-Gm-Message-State: AOJu0YynF1Wbjce+6K4pDeIce/zuMPGhp1vcPMW24Lb2xLNF494CMso5 d3j7P57QeH39qVdCSlKRUOGGgt2oBK1bJC/IlqeSTzOkw0WGzM5PIRf6xnke/zF6RojR78Ua1vT nO5P1fdXUxlPlYEzbWAuoUZv+7OAbgjY7hWLjMfKm3IzkTJoCVmBZTgSw5c1iXSbqacTO7h6wQW aQozs6MwIR4rZ6DBC3dDYdTKSsCck2cW/v+FiOvyEw3e3sEPzAAg== X-Gm-Gg: ATEYQzxGTHbxrDTU7uVe/UdfaIPbi7h1CBy/szZNek2u+eZZKDCzWFseUVB+g59QMr5 B2SG1PIy/V0zJVna9t0JoZzD7TRgNQskJM/oLACoQYWMmKr+1pK97ZyUWNrk2JS8qkCsfNFkmzS XYb0CbX9o1kTEV2nDepAgCTxQJG6HTlL2jlMSuFKjqLhaoYDdzLPxM6lkr8g2Gn/+D0vvgTK/I2 WNtdxIIOpWoET8JaDF9WLHQK1yiK1IYa3cmAgD2cwXnITZotVM/PkkVcd/RswnfLFy+G5J8S77r tQEc1PEicPgz7tbSkDDObnB9pOLTAUtYyNcoLLS6Zn/nSz6vxkN9kGNjf6zj9bcs5JL3qsFvCD7 EE9WgnLJPVN3X+KVXKLsAnz/MwEeS41n8PHgp4ztMzNG8n5+TCANnehPLaQJtCcWwXayMB85J3D wYzOupIO1XJawr7vVUOBPM5BuX X-Received: by 2002:a05:600c:530f:b0:485:2ce2:4c87 with SMTP id 5b1f17b1804b1-486febb455dmr74703445e9.4.1774051807400; Fri, 20 Mar 2026 17:10:07 -0700 (PDT) X-Received: by 2002:a05:600c:530f:b0:485:2ce2:4c87 with SMTP id 5b1f17b1804b1-486febb455dmr74703105e9.4.1774051806935; Fri, 20 Mar 2026 17:10:06 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486f8b949e1sm289668275e9.9.2026.03.20.17.10.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:04 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 13/22] KVM: x86/mmu: add support for nested MBEC Date: Sat, 21 Mar 2026 01:09:22 +0100 Message-ID: <20260321000931.1947084-14-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu/paging_tmpl.h | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index c657ea90bb33..d50085308506 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -124,12 +124,17 @@ static inline void FNAME(protect_clean_gpte)(struct k= vm_mmu *mmu, unsigned *acce *access &=3D mask; } =20 -static inline int FNAME(is_present_gpte)(unsigned long pte) +static inline int FNAME(is_present_gpte)(struct kvm_mmu *mmu, + unsigned long pte) { #if PTTYPE !=3D PTTYPE_EPT return pte & PT_PRESENT_MASK; #else - return pte & 7; + /* + * For EPT, an entry is present if any of bits 2:0 are set. + * With mode-based execute control, bit 10 also indicates presence. + */ + return pte & (7 | (mmu_has_mbec(mmu) ? VMX_EPT_USER_EXECUTABLE_MASK : 0)); #endif } =20 @@ -152,7 +157,7 @@ static bool FNAME(prefetch_invalid_gpte)(struct kvm_vcp= u *vcpu, struct kvm_mmu_page *sp, u64 *spte, u64 gpte) { - if (!FNAME(is_present_gpte)(gpte)) + if (!FNAME(is_present_gpte)(vcpu->arch.mmu, gpte)) goto no_present; =20 /* Prefetch only accessed entries (unless A/D bits are disabled). */ @@ -173,14 +178,17 @@ static bool FNAME(prefetch_invalid_gpte)(struct kvm_v= cpu *vcpu, static inline unsigned FNAME(gpte_access)(u64 gpte) { unsigned access; -#if PTTYPE =3D=3D PTTYPE_EPT /* - * For now nested MBEC is not supported and permission_fault() ignores - * ACC_USER_EXEC_MASK. + * Set bits in ACC_*_MASK even if they might not be used in the + * actual checks. For example, if EFER.NX is clear permission_fault() + * will ignore ACC_EXEC_MASK, and if MBEC is disabled it will + * ignore ACC_USER_EXEC_MASK. */ +#if PTTYPE =3D=3D PTTYPE_EPT access =3D ((gpte & VMX_EPT_WRITABLE_MASK) ? ACC_WRITE_MASK : 0) | ((gpte & VMX_EPT_EXECUTABLE_MASK) ? ACC_EXEC_MASK : 0) | - ((gpte & VMX_EPT_READABLE_MASK) ? ACC_READ_MASK : 0); + ((gpte & VMX_EPT_READABLE_MASK) ? ACC_READ_MASK : 0) | + ((gpte & VMX_EPT_USER_EXECUTABLE_MASK) ? ACC_USER_EXEC_MASK : 0); #else /* * P is set here, so the page is always readable and W/U/!NX represent @@ -335,7 +343,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, if (walker->level =3D=3D PT32E_ROOT_LEVEL) { pte =3D mmu->get_pdptr(vcpu, (addr >> 30) & 3); trace_kvm_mmu_paging_element(pte, walker->level); - if (!FNAME(is_present_gpte)(pte)) + if (!FNAME(is_present_gpte)(mmu, pte)) goto error; --walker->level; } @@ -417,7 +425,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, */ pte_access =3D pt_access & (pte ^ walk_nx_mask); =20 - if (unlikely(!FNAME(is_present_gpte)(pte))) + if (unlikely(!FNAME(is_present_gpte)(mmu, pte))) goto error; =20 if (unlikely(FNAME(is_rsvd_bits_set)(mmu, pte, walker->level))) { @@ -514,6 +522,9 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, * ACC_*_MASK flags! */ walker->fault.exit_qualification |=3D EPT_VIOLATION_RWX_TO_PROT(pte_acce= ss); + if (mmu_has_mbec(mmu)) + walker->fault.exit_qualification |=3D + EPT_VIOLATION_USER_EXEC_TO_PROT(pte_access); } #endif walker->fault.address =3D addr; --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 516F82FFDDE for ; Sat, 21 Mar 2026 00:10:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051816; cv=none; b=jU8iLxNPUmlCGk0Sx4nBWJnXh9K+tFvmXEIsls4Q/HPBCcVQuPVtrnVH1AFh68YtKvSqsrwixu5b8fjZM0dnfZ5+6+OIMIdlP58xgVJEj2mOYXW/EOd1RLwbrWI8IrwLFgyxywieFCRvswSxTDRzy4rWxd7yFzpbhobdYQwFdPs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051816; c=relaxed/simple; bh=m150tyPF0qz+Yniy1uibRcAotrXLeoPzs7/NaMKpPOU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Sity00UpprXQCoFoI0OV/lPm1M4UJnXjK3noTCUgG4KeFaE+3ML3jfIaHLG9116jtyKnF6Uab21aQ/y2OQpBEhwOcWde66p8+r0rsR38ux+s5kNR1U9SGkFGnayshOe3SWzk7pemtjVWLjm1RXIZqUVw81nzCUzce+guoBQba+A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=GqGN73Bv; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=XWwZJ9zF; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="GqGN73Bv"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="XWwZJ9zF" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051814; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=73seKWR51q+TIpru2UraHv6BQGSCJ+KST2GFL+f5EOY=; b=GqGN73BvaKDOicPQmNWYR3CUnvxnCMzBHvApuKN28/ZqpoERVxcxamRnUS9y7hc4pueok6 dExGZlBVmxPmsetnKdVvXqVNbXx4+GEpHol0UrT1J7OhX4rEMfN44A1f4xatiC8drNEPaY cttlZPXsIeihUWD+s3f5v3b2Q3yuoNA= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-210-KnhhlkpSOeCJggU1p-ORrQ-1; Fri, 20 Mar 2026 20:10:13 -0400 X-MC-Unique: KnhhlkpSOeCJggU1p-ORrQ-1 X-Mimecast-MFC-AGG-ID: KnhhlkpSOeCJggU1p-ORrQ_1774051812 Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-43b4a9a3bf6so490402f8f.0 for ; Fri, 20 Mar 2026 17:10:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051810; x=1774656610; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=73seKWR51q+TIpru2UraHv6BQGSCJ+KST2GFL+f5EOY=; b=XWwZJ9zFh9f6TKLxwTRRSL2rnKInjOOCaA32w0hJvilFaQ0SMZj3bl6IBWFB7tmuga a08UlrZPdVzUShGZx+uAWtMwjMaWcqa2Umk/MNlRjjckmCSrhQwpiXspEG8BUQgEyI7A aJz/n4DLSMF52S11vQUmMqM4UKuP8ZNG9UGo7Z4JIT+zCHXmkJX7SplEiHFWJUxcFOjA jMOE6DSE/3z3iHsP+9jD+fBnnKbF/y8JCnzOsfIlbotUBCfAKTGJp6Oh+mOrYw0fYyaj OYm7jgQvAOB1I14t0Qf4+m0z2az8xwy5+PKf+d4hnK80TahtDHi03kF19sIaajz8Ymes VKMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051810; x=1774656610; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=73seKWR51q+TIpru2UraHv6BQGSCJ+KST2GFL+f5EOY=; b=IKBXfe6jg1szpxBf94fxVMGETCqTgfUC8JlGlAqV9Kn5QQ8k4qrbI3m8LpyADEJbw1 5vEXaq8OxLKrkx50HjrIkHFqbTfLuE6mQuMee29MiwBWQoN/SBxvVUzZAB/61p/SiouL VT/+98oa8yW/5dmg5sV8hof1jmxKaa6ssSWQ7pb4ITvnvlarnsCcBs7jPb2VX/FNlwqE eD7vnLrmQytNDn13VbyDQF9cScaEuPXIX4bh3Eg9nng9VE5G798P2Vgk/Z1zmpd7THtu NPujVZob8zVdekYxzo7HPIbNolo27r0hxKo+mU4WAErCUaSNEb1DcpGeprs32aKqD97s KwIg== X-Gm-Message-State: AOJu0YyUrDlVpgd6sIshPGWGHC03Hnju3LTbhscz09U2mSoCfXOkVkv4 SC8SMg90FWGnTSkkenvxTGbqGezYfnS1hGzHmb5k4M3LhzE2U2OkvvmFJtBIKfvd2+UBnSB8GlF OSijDZol8IVa3HcwlLygxRvrWuy/KuUpdLevdDM3R8nPeaED+BOI2VsU4NM4KoG6eU9gUhLCTAf zHX0FcR7+9rNgFztvIsviig5KPjYhkLegm4JoOImbaPlJDMNdLZQ== X-Gm-Gg: ATEYQzwL/AfrRpfw6ryUw157DDsouKavJMb0/SiPN6jPf6geoPRlQvpLVRDpht6l1qo T4+wueBiUNgoYpGPmH3aqd0BOOSlhseuOFwpsfVqfyPR8GO/UEuBgLiR7b7ZLd/757qPXorrmmB 8+Y2EEMdv+HLd5XcIbGYdqfvsXW7kryqjLNn72AlxvL9wm4DSp+107wIUNtk3JCVYGpMIkad2rA VI3TF+L6GxhxeJNitNQugFqkzNcm9jQVDX+1hKo+8kFk+fZYyl5uwJRiGcadr9oGJ8J5D99lgH0 tlYxCj1vszuDQyY2Zgu7xluNdSnuJILhJABZ8ICf50ZtP9vzKlsapFZ9/KFQCex6me1c8gIOMGs o9LzfK1oH6tGJIYJYF3/kn9EiQg0uw/pVskLsi8OrJO3NMc68r8RY3pUg/6NPfmzKNU2euU+Ewq +o3hjEu6kjHKcZWOTwx6gBq15u X-Received: by 2002:a05:6000:2dc2:b0:43b:4aba:8f44 with SMTP id ffacd0b85a97d-43b64287241mr8001827f8f.45.1774051810582; Fri, 20 Mar 2026 17:10:10 -0700 (PDT) X-Received: by 2002:a05:6000:2dc2:b0:43b:4aba:8f44 with SMTP id ffacd0b85a97d-43b64287241mr8001798f8f.45.1774051810116; Fri, 20 Mar 2026 17:10:10 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b644ae132sm10122385f8f.6.2026.03.20.17.10.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:07 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 14/22] KVM: nVMX: advertise MBEC to nested guests Date: Sat, 21 Mar 2026 01:09:23 +0100 Message-ID: <20260321000931.1947084-15-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jon Kohler Advertise SECONDARY_EXEC_MODE_BASED_EPT_EXEC (MBEC) to userspace, which allows userspace to expose and advertise the feature to the guest. When MBEC is enabled by the guest, it is passed to the MMU via cr4_smep and to the processor by the merging of vmcs12->secondary_vm_exec_control into the VMCS02's secondary VM execution controls. Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-9-jon@nutanix.com> Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu.h | 2 +- arch/x86/kvm/mmu/mmu.c | 7 ++++--- arch/x86/kvm/vmx/nested.c | 10 ++++++++++ 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 2a6caac39d40..035244ccbb5e 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -93,7 +93,7 @@ void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsig= ned long cr0, unsigned long cr4, u64 efer, gpa_t nested_cr3); void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, bool execonly, int huge_page_level, bool accessed_dirty, - gpa_t new_eptp); + bool mbec, gpa_t new_eptp); bool kvm_can_do_async_pf(struct kvm_vcpu *vcpu); int kvm_handle_page_fault(struct kvm_vcpu *vcpu, u64 error_code, u64 fault_address, char *insn, int insn_len); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index a0b4774e405a..647dffb69d85 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5839,7 +5839,7 @@ EXPORT_SYMBOL_GPL(kvm_init_shadow_npt_mmu); =20 static union kvm_cpu_role kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu *vcpu, bool accessed_di= rty, - bool execonly, u8 level) + bool execonly, u8 level, bool mbec) { union kvm_cpu_role role =3D {0}; =20 @@ -5849,6 +5849,7 @@ kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu *v= cpu, bool accessed_dirty, */ WARN_ON_ONCE(is_smm(vcpu)); role.base.level =3D level; + role.base.cr4_smep =3D mbec; role.base.has_4_byte_gpte =3D false; role.base.direct =3D false; role.base.ad_disabled =3D !accessed_dirty; @@ -5864,13 +5865,13 @@ kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu = *vcpu, bool accessed_dirty, =20 void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, bool execonly, int huge_page_level, bool accessed_dirty, - gpa_t new_eptp) + bool mbec, gpa_t new_eptp) { struct kvm_mmu *context =3D &vcpu->arch.guest_mmu; u8 level =3D vmx_eptp_page_walk_level(new_eptp); union kvm_cpu_role new_mode =3D kvm_calc_shadow_ept_root_page_role(vcpu, accessed_dirty, - execonly, level); + execonly, level, mbec); =20 if (new_mode.as_u64 !=3D context->cpu_role.as_u64) { /* EPT, and thus nested EPT, does not consume CR0, CR4, nor EFER. */ diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 7c55551a2680..7b0861d02166 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -460,6 +460,12 @@ static void nested_ept_inject_page_fault(struct kvm_vc= pu *vcpu, vmcs12->guest_physical_address =3D fault->address; } =20 +static inline bool nested_ept_mbec_enabled(struct kvm_vcpu *vcpu) +{ + struct vmcs12 *vmcs12 =3D get_vmcs12(vcpu); + return nested_cpu_has2(vmcs12, SECONDARY_EXEC_MODE_BASED_EPT_EXEC); +} + static void nested_ept_new_eptp(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); @@ -468,6 +474,7 @@ static void nested_ept_new_eptp(struct kvm_vcpu *vcpu) =20 kvm_init_shadow_ept_mmu(vcpu, execonly, ept_lpage_level, nested_ept_ad_enabled(vcpu), + nested_ept_mbec_enabled(vcpu), nested_ept_get_eptp(vcpu)); } =20 @@ -7145,6 +7152,9 @@ static void nested_vmx_setup_secondary_ctls(u32 ept_c= aps, msrs->ept_caps |=3D VMX_EPT_AD_BIT; } =20 + if (cpu_has_ept_mbec()) + msrs->secondary_ctls_high |=3D + SECONDARY_EXEC_MODE_BASED_EPT_EXEC; /* * Advertise EPTP switching irrespective of hardware support, * KVM emulates it in software so long as VMFUNC is supported. --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5E0D425A2A2 for ; Sat, 21 Mar 2026 00:10:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051818; cv=none; b=kouAx4gLC973bAZ/8j9AAG2xvchdNfC36Ec3Nt2ezWRuDHNUswn1xATTVem8yQ22DXRj0y+FwoGNMFwx1p2ds/3b0eNnyr89vP5IBnW9cJpYIbzl6AodcvhTSIcrYGfTDRtLouejgBKxUI/0kOkxBGxRthE6w1AdEgYlqhtoQV4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051818; c=relaxed/simple; bh=EXWGQ3d2DsRzy9C4MjG+80OCusc9j4AMdbCgJYgwkPM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=UmusfG9pG6i3qT4/gJS4ilbfbmcZsBkMkyOsAPPfyRZoD24/8sU5yvjktVJnKz96WRslQB35QM088ACoUIe2h2d/V7JKSOrmSm3mSD97E2Sdr4NtYvkNNnEUmK704cBvMNe+7TD+T5jTzA4YsATAowpwIKVNQ/JWPzYnL2Ad+gM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=hHX6F5AR; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=PzvNER1D; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="hHX6F5AR"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="PzvNER1D" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051816; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=bfxOU2dVxeep+fVV39XDWC9/aTob8vYFwfwCGLL4Ttk=; b=hHX6F5ART8UJfZc+L4LkEpgLM9u1pAH0DDgpTK0AcHFEEqYDCl/OaUCzMg7D4cUfTr3L24 /r/NDaGUbGK6eEIem4Rr+gzT8XB8z1fx4/D1WXEGKarFRPjwH9Xul34o2jY1xGKPz1tkix BffD+ze00Bl9G7gNtFEZ6+e7uPwFHyg= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-683-FZkhM3JHPhu0HPcNJU2uxA-1; Fri, 20 Mar 2026 20:10:15 -0400 X-MC-Unique: FZkhM3JHPhu0HPcNJU2uxA-1 X-Mimecast-MFC-AGG-ID: FZkhM3JHPhu0HPcNJU2uxA_1774051814 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-486fb142205so17987195e9.1 for ; Fri, 20 Mar 2026 17:10:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051813; x=1774656613; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bfxOU2dVxeep+fVV39XDWC9/aTob8vYFwfwCGLL4Ttk=; b=PzvNER1DqGsyZ0B3VVTOA7aChP8xTzYDnsNeoZ6Z+16Fa+knQh0kUe90fg13rXnyLG 8T8hI7sG/FD0ya7DlvO4YwAkrrE6uydi2dJvvC/uqQgjgL4+NbmXBOgU7gOSHBYuU9Za eaFUDWM8E7g/PCWukM0GXgag82eNgzgvzsF709C0Oi7uSg5L/Hbyo76E8K/dRU9Fgw/E VGl+6mBkVwxjrL9RWUa6i8TTiCfUT7USZmgI+TU/eO479ooTlpqbRWCx2zzoLaMh93TG /RXRnX+w33kg1gVpW6ym0jDSstuPbHYl0qZfJzQxS8QCOlIufSA5IYusuU7e4wDYcEO5 PpsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051813; x=1774656613; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=bfxOU2dVxeep+fVV39XDWC9/aTob8vYFwfwCGLL4Ttk=; b=T9dCCgKLXGbwUrLfJpOWPQgFhVAfo0vFHUqnxXXFhIDK9B+lkq334iVmnavaurMIcG 7ByssTSaqAAfZL9Rai/FdxXHLqNDPosI/XsPws7R3T3ijPIS5crY9Qmgp8m9uOJIN/f1 56juS4HzgjXVBIvilKSMv8rQmeb0qvX962TsLvvShMENg6qnKfEqxD1plMCCIp/+XJTe 2w0Oj0eRDyvYL5Yt1LJ+uH61i3q2xhR6HPJNCNTKbdEztlR83p/oyorKKcqEuk5g5etd Ocn0P7Tmo702QZSmU32Ir9QQs0UrS99oDpwx9wRNf9tDId0EjGCPutSHH8mfd8vYL/zs C/Ow== X-Gm-Message-State: AOJu0YxTv+VDK0MmcXwj21MbRLqjk0rmS+fTV9h3PmaIlEJwvOcqFJp4 9YPXpRqAslG3RvHfElOpUaz2mx+T7PQBDqhMoWdNSPdW4oi0rQ+q9+pA9UnHUMLmzDKnay5GW7L UyxpkJGNRgbWkhj19/Wj5pGOu4h9hY/WMDLV+IryK9goge8wtwyy+147JuxZLHTg45qiaLtQSxF oxuotWooXE0M2W96Th/Bh6xWNYSrqXNADTDOeZbbTm3LNWNMlmBg== X-Gm-Gg: ATEYQzyrCEVGrcXn0rcMsZebP9vQgfoFAGekeVKZrZvuGVl/KiUzRLavE+nMXaYY3eo 5uAMaFdTQMN6sln+wFDKPpIUO1GVDA8ViohbgNsvXZHsxcy79dOQ8z5DTWyyc2v2VZf4UKkR3Ss OjHb/OA0T3cbUWKqnHQ5au8Qsq0ite0jdEgw2zi5ThbsuB9HOXRN8t+FMFuDj/lwnaZmE4vAkMo xrEScsVbzjO0n4bB/oNIyobADC250RIWPX/XuRgcn9DhhDWfeLtJI1AzCiVuUuLxVD3dk7TvgKc udTJktFaveNiAe+MamqmHPLkixSseFLxD+B/tYggO+D/o/Oakq6gnvyZszPWOqpjUGXMAnUFTKk Md/yO93IeybqavHRLy8mbL+/ErjI/iI8jm7aV32HHgdPFqPiJ1AXW98mdtAfPFT1k/S3wUPRVmM wZ3ZBbwQBqYiFiAdwKLkgvxtdw X-Received: by 2002:a05:600c:35c1:b0:485:3b50:fe54 with SMTP id 5b1f17b1804b1-486fedb2545mr81295415e9.11.1774051813455; Fri, 20 Mar 2026 17:10:13 -0700 (PDT) X-Received: by 2002:a05:600c:35c1:b0:485:3b50:fe54 with SMTP id 5b1f17b1804b1-486fedb2545mr81295075e9.11.1774051813024; Fri, 20 Mar 2026 17:10:13 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486fe967c64sm94008335e9.2.2026.03.20.17.10.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:11 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 15/22] KVM: nVMX: allow MBEC with EVMCS Date: Sat, 21 Mar 2026 01:09:24 +0100 Message-ID: <20260321000931.1947084-16-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jon Kohler Extend EVMCS1_SUPPORTED_2NDEXEC to allow MBEC and EVMCS to coexist. Presenting both EVMCS and MBEC simultaneously causes KVM to filter out MBEC and not present it as a supported control to the guest, preventing performance gains from MBEC when Windows HVCI is enabled. The guest may choose not to use MBEC (e.g., if the admin does not enable Windows HVCI / Memory Integrity), but if they use traditional nested virt (Hyper-V, WSL2, etc.), having EVMCS exposed is important for improving nested guest performance. IOW allowing MBEC and EVMCS to coexist provides maximum optionality to Windows users without overcomplicating VM administration. Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-8-jon@nutanix.com> Signed-off-by: Paolo Bonzini --- arch/x86/kvm/vmx/hyperv_evmcs.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/vmx/hyperv_evmcs.h b/arch/x86/kvm/vmx/hyperv_evmc= s.h index 6536290f4274..0568f76aafc1 100644 --- a/arch/x86/kvm/vmx/hyperv_evmcs.h +++ b/arch/x86/kvm/vmx/hyperv_evmcs.h @@ -87,6 +87,7 @@ SECONDARY_EXEC_PT_CONCEAL_VMX | \ SECONDARY_EXEC_BUS_LOCK_DETECTION | \ SECONDARY_EXEC_NOTIFY_VM_EXITING | \ + SECONDARY_EXEC_MODE_BASED_EPT_EXEC | \ SECONDARY_EXEC_ENCLS_EXITING) =20 #define EVMCS1_SUPPORTED_3RDEXEC (0ULL) --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B4282D5A19 for ; Sat, 21 Mar 2026 00:10:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051821; cv=none; b=ptXHvTyZ1gbcb5D+Eo/PK79IFM1uL5J3pH0dmU0Zu7+omMVed/ue+ewRb7S2i1ieDySP5Q4ErER6aXhzrRxpmdD71BYVjMoahgu/xYGvaFQpxvQMbwlAl/FDIpgOPGzEQGVuq27beKRIOQ64uBE95JLhi2A1pF2WjASOlk8VCKM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051821; c=relaxed/simple; bh=qpfSwESFLIlwjcqgqHf3Mzr6+Jhapyh4n2GkzBzAjXQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=rR1aQ2hGCJD8u3LXfeqx+xb6PJLfiIfI2x8p2QNjfN2e3XZWafp22myQXROLiU97KwS/dYQaltMPnq5gYB5/+B6OWFIEno0aO9fEQpKMrNIyOyMepX7dpQpmkJk6tW5NYpETTwCSRDkefDU2jGHlj6bH0CuTRoOyBJ1jbJgXYAc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=UUm0gcxB; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=oTcrW4Ne; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="UUm0gcxB"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="oTcrW4Ne" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051819; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Jg9FJYTi3ipQ4IiFmY2Dnx6hNOGPYdEpeaX3QtXeZQY=; b=UUm0gcxBma38e2VUwKaClK0UG4Es5u4VqXueSfKlKPYiripYbU3GOGK7UfuPb9/H5uyD5w ggrSyoJ+L22LckwgDRliftEZTI7OOB3YhmFZU+JydBpj1umFdgLd42azPAyJLjNlYa/Ej8 g6KTbkAiZbJU7aniO8Bl2m/DGRvgn+c= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-460-qflySqzUN3CQo2X4dOVTPg-1; Fri, 20 Mar 2026 20:10:18 -0400 X-MC-Unique: qflySqzUN3CQo2X4dOVTPg-1 X-Mimecast-MFC-AGG-ID: qflySqzUN3CQo2X4dOVTPg_1774051817 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-486fb142205so17987395e9.1 for ; Fri, 20 Mar 2026 17:10:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051816; x=1774656616; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Jg9FJYTi3ipQ4IiFmY2Dnx6hNOGPYdEpeaX3QtXeZQY=; b=oTcrW4NeEqcTwSvUPYepmNaJFefveX/0UGJw+GAapAfdFpbQhLCzy48ByHirvAZP79 EzmNlRejyu+1brtECNfg1nnKsD5aWmnpFUTfr+tBAlTenvsK+DJwjBfQOvv7ptWBVKKM 9STAxTt2HEP0858Vw6FTE3V5GIcz87FmxqPGmjP0LF+BWno7tntn/AgjTlzDakdHtfkz akTqmIXit1EdPcCKKmlOE+0mu8swm6yAhkSOokDnY0cqvG8s3k7gALweAxTe0ScC0L8l 4v/qs/copDr8Vc+UjOJeC4JJj+6H18ayK2ki5no0VLzoM0VYS+4AWf8MzaVdFcyznmLe 5anA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051816; x=1774656616; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Jg9FJYTi3ipQ4IiFmY2Dnx6hNOGPYdEpeaX3QtXeZQY=; b=TRZ4vWqCjDC7rgTom26GscECi+AcznvSL/T7RfWDFxHM5pwCDPV4lSU0C2y3wadWOJ 0peTt13GNlTDyQ8mMZ98c/503cj6cJQvPaiQgype4u2dT3QswCXMuu4mwWA941e+xUuX GULtC0zvcwiPDGcEKjQef/3s4HD7psxt/MCVKqVyOzjdO0ImS8mzU9xqSEe1CTzJhlOl IM6GrTzuPMYYOLbIiFr+lxsM35270IsD2pfqGBSwo+JD94BXa/VTfJTf2GmTJ+tC+sVj xrRhuNDCc9QLa2CdibCTLuCv39iux6qT/0Aj5BkR7utugiOXYvBQrcBb4NkU1wEzL7Pd BmTw== X-Gm-Message-State: AOJu0YzWja4X3s/DlDWuZbtV3KTCmh932mx/3KcPFeWETj06tevkbZPv vFjzK7cZnvVaY60/fr253rhI/TNLve0+TZpbCpbuHw32Tjs8Aqa2xQt5upbSEymJ1u5zI0bF1bM XkePmEkCJZyjPaJ3YxkeF3YPWeejit4I5DfZlilM5SQCqoobyI9S3SSKGMcxlnC+XFIHhcsvvvR v7Eo4t22RcMZvtuKgpcV4JHbC1LxCO1LDK5LLlgCTPepNAaVYMdQ== X-Gm-Gg: ATEYQzxbPkcKumulOZAmVeo8Xwx0jzV+1KEptIeoIrJXz7GV3EYcQQrhgYEWFHHEAAT NvCt4fpM0RHZc4I7bCc7hR6Cj/4wTLGoes4HqrulnBMmIgEvvmFaymCfWkVeztCXVJb8jVBiRJp dxljkTjbhlpvrVCdPSr8FMQQekc+iLA7zGV449b1WUdVsvQtlHBVKprNhstTab+6jpx5P4HAVyC xMJNBZcHUBEriRQZ/dp62Jk8OjukM3sr52ZdcLdbjZG9ZYPNW6sYsdtNnsyjZMP7UCLMsGeobQZ kcO3MvgZSK3Hzdb6dcufZj3/KytmJF8kQEAM8PmagYNEVHaKn7o6yuu3muHlPmArUihkpvJt9ad JoajVmLsmWcs8BDd9o8GO8nq7JSgX65wqFK5tBYB7uYahptrs/+Cf3vG7JzViZw9adayGXqfxpy wx7sittshs+m1gCGdYlA/mWv/X X-Received: by 2002:a05:600c:1f86:b0:480:1d0b:2d32 with SMTP id 5b1f17b1804b1-486fedb5916mr75347575e9.12.1774051816416; Fri, 20 Mar 2026 17:10:16 -0700 (PDT) X-Received: by 2002:a05:600c:1f86:b0:480:1d0b:2d32 with SMTP id 5b1f17b1804b1-486fedb5916mr75347245e9.12.1774051815938; Fri, 20 Mar 2026 17:10:15 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486fe8367d8sm121266625e9.14.2026.03.20.17.10.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:13 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 16/22] KVM: x86/tdp_mmu: propagate access mask from kvm_mmu_page to PTE Date: Sat, 21 Mar 2026 01:09:25 +0100 Message-ID: <20260321000931.1947084-17-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Until now, all SPTEs have had all kinds of access allowed; however, for GMET to be enabled all the pages have to have ACC_USER_MASK disabled. By marking them as supervisor pages, the processor allows execution from either user or supervisor mode (unlike for normal paging, NPT ignores the U bit for reads and writes). That will mean that the root page's role has ACC_USER_MASK cleared and that has to be propagated down through the TDP MMU pages. Do that in tdp_mmu_map_handle_target_level. Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu/tdp_mmu.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c index 7f3d7229b2c1..f0e7528435cf 100644 --- a/arch/x86/kvm/mmu/tdp_mmu.c +++ b/arch/x86/kvm/mmu/tdp_mmu.c @@ -1161,9 +1161,9 @@ static int tdp_mmu_map_handle_target_level(struct kvm= _vcpu *vcpu, } =20 if (unlikely(!fault->slot)) - new_spte =3D make_mmio_spte(vcpu, iter->gfn, ACC_ALL); + new_spte =3D make_mmio_spte(vcpu, iter->gfn, sp->role.access); else - wrprot =3D make_spte(vcpu, sp, fault->slot, ACC_ALL, iter->gfn, + wrprot =3D make_spte(vcpu, sp, fault->slot, sp->role.access, iter->gfn, fault->pfn, iter->old_spte, fault->prefetch, false, fault->map_writable, &new_spte); =20 --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 99A8F2DF3FD for ; Sat, 21 Mar 2026 00:10:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051825; cv=none; b=MMVNRp1L+b7JJEIh18/gCGf0+dK4kPXDvEk+ltGy82vtXUWpUHurJe3l6QVFPVDiWEhfn3UjrTdSJ926Pq66QB8sLXpWgPnP0M0fwTPZgh2AZY6vSysNOC1788NxHisJL73czfqCU6W5+fakmdFvn2d7t+Tz/zqD5jiKCyoxScA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051825; c=relaxed/simple; bh=/16SafDH9K05Lrj2Hx5uWI8fsz2rMRK5QpEm2KFKex0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Bl/D94tLP+QjW9kdk/aeJ48GSHnHKMiK0Vw7JmmNJDE1rhQ5pmN3pnBat38YaomEF36j6mi6XtwDmu9PO17R/WChqIFo84hjlS37gNkndUq8kcvc/FiCAryOuMW/XeynR7MFQZNN22C9tsDSXjNAJSGDP94GCwQL1DhKNzrYEL4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=hgEqw97s; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=owPtHKQm; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="hgEqw97s"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="owPtHKQm" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051823; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XfElTO9TcWC97/JAeIaxbpPcvqCq+qJTPgscQo4VRkQ=; b=hgEqw97sytat+sbGnqR6Ov6fipMCkMEMfWRVuCowhd0EuTcazOtIj5Gbf4KNf6QXp7rDeu AqMSJ0vGVVpujqiYVrKBhRjgx6GUke451HKVmEoz6MtSgj/kPJPCj5CJJPhzoMUhNpknhS lCO1x7Lt/kd2G3uHP8Oy4wXXDZ2fMPU= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-423-j4pG6kaoMlKm1K7DwZhm7w-1; Fri, 20 Mar 2026 20:10:22 -0400 X-MC-Unique: j4pG6kaoMlKm1K7DwZhm7w-1 X-Mimecast-MFC-AGG-ID: j4pG6kaoMlKm1K7DwZhm7w_1774051821 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-486fcc05b20so8323975e9.3 for ; Fri, 20 Mar 2026 17:10:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051819; x=1774656619; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=XfElTO9TcWC97/JAeIaxbpPcvqCq+qJTPgscQo4VRkQ=; b=owPtHKQmOLimlQ7cUsKUydSkdN4d641ENnSzHu8sURhfRJDkBHpS9RxG69MP3TrifL /ITnMBvy+y6apu9pnzL9ZhXPgJv81P2/JInKFA05dI1gRHMtw5FgnLAysx6M4mZjjAPD bVuRGsHSShrYZOmCyLroHb9y0W573d+AdSDDnC7K63jckRH8c7GtWqNQfMCh1B0cgsyI E0tam9WW+XavfOTcqoPQtlCrZVlwG5KDpbNOUB+0Kibx38tzSGz7+v0x/KIFyp1o6Pon 5SQopvisT1huUfwYNKgzewjauX+Oq35Sdg/cU+iCFtE9ToLr0KnRr0enKct8JXUDgVm0 9vNg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051819; x=1774656619; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=XfElTO9TcWC97/JAeIaxbpPcvqCq+qJTPgscQo4VRkQ=; b=Do0KH/ITdBAKYK6LWdp0FCCXwSLZxXxOW6Nc09NKPYqocmaQm728K8RgCGTVJ+gza5 43jQ9E+GdUAxJDIWyb/ICD4epQQMWxKiR6Tzxc3PFIfHypEkovxOnTyrVIk7A/US85RQ P94wsFuNAnPv785hb3hbwTvOxrOvBvXFYWlNOsYw8/NlAt4O9ACwQLxRFKSOMMLpJkhs beJFi99uQ9VfgIncjtm75TEFU2KK45agCHP9AcxivOxSMUayJNQ9v/Xtk89liHRpK23J GuanbhbNhadWyD+N88LCXarM+1ubX7OxvgEbizkGeAQ6jReMNsGI1Yn6u88Zk8u/+jAe JrXQ== X-Gm-Message-State: AOJu0Yz2S5BH/bnM367eyzDkv7C6exli3rgGdxmAnnWmJLrV6ahBVsaI eyv0tFqNp1HC71Yl9oTvha7tqr6tdcOspwYvJeZNFI2xhS+xQYrbMndSWplQP0ZCACRTbP66MYw w2zkrtUX8UT05upKxmY/HJKgGx4NASBlG5YNs9AokToZC7mKlLKFW6dAWkrBDgTbsjudacnDw4b sA90QJL8YLDBde+KmoOVgEFPndDeriJpmY3TlH5vL9v0e9hTdsKw== X-Gm-Gg: ATEYQzxLnsEBEQpblbyoz34izznyWcXnFxeJzxUdGVln/CmDJmKxMbH6AE8aalqJk3P 10NGKNzZks6vBWjrjRZU38plfPtKveiYbEwY7/DClNJNHOm87yYck8zR8ocgmeM6T9f08zasvS+ Kg3uLA3SR9eB7i4pN+TXCvQNPQPW6p8oci6QOnTa6eTdLWOSsyZqGuxroaxP6yrS71YKkfcYfv4 ejEgf9OGZpGQnkDjw4CsTg01mqN2hUqTexDtCXYCHJ2qOSs9CF+S+BfK9B+IRKgNSahE4JX7Bgp Dpe5uv5wiroirFdX7le0BCDht2tpzhlq3anWpxfNxSj2LWfObVCfPt570GpkGBmP9UAVyoryo80 fRSsDZEpGjXAeV31ZBvfCaGcphUuV89KdXVYanZK8pN3JI9lwvEBlmqDEVQ0Xx3Td+5rCWJZNVc gE/HtQt4vyl/tECQ0a6eZTIMGg X-Received: by 2002:a05:600c:3554:b0:486:fc4a:2951 with SMTP id 5b1f17b1804b1-486ff01d7f3mr68805585e9.28.1774051819387; Fri, 20 Mar 2026 17:10:19 -0700 (PDT) X-Received: by 2002:a05:600c:3554:b0:486:fc4a:2951 with SMTP id 5b1f17b1804b1-486ff01d7f3mr68805235e9.28.1774051818841; Fri, 20 Mar 2026 17:10:18 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486ff1c2026sm26071725e9.27.2026.03.20.17.10.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:16 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 17/22] KVM: x86/mmu: introduce cpu_role bit for availability of PFEC.I/D Date: Sat, 21 Mar 2026 01:09:26 +0100 Message-ID: <20260321000931.1947084-18-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" While GMET looks a lot like SMEP, it has several annoying differences. The main one is that the availability of the I/D bit in the page fault error code still depends on the host CR4.SMEP and EFER.NXE bits. If the base.cr4_smep bit of the cpu_role is (ab)used to enable GMET, there needs to be another place where the host CR4.SMEP is read from; just merge it with EFER.NXE into a new cpu_role bit that tells paging_tmpl.h whether to set the I/D bit at all. Signed-off-by: Paolo Bonzini --- arch/x86/include/asm/kvm_host.h | 7 +++++++ arch/x86/kvm/mmu/mmu.c | 8 ++++++++ arch/x86/kvm/mmu/paging_tmpl.h | 2 +- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 0d6d20ab48dd..3162414186f0 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -403,6 +403,13 @@ union kvm_mmu_extended_role { unsigned int cr4_smap:1; unsigned int cr4_la57:1; unsigned int efer_lma:1; + + /* + * True if either CR4.SMEP or EFER.NXE are set. For AMD NPT + * this is the "real" host CR4.SMEP whereas cr4_smep is + * actually GMET. + */ + unsigned int has_pferr_fetch:1; }; }; =20 diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 647dffb69d85..1788620e6dfc 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -234,6 +234,11 @@ BUILD_MMU_ROLE_ACCESSOR(ext, cr4, la57); BUILD_MMU_ROLE_ACCESSOR(base, efer, nx); BUILD_MMU_ROLE_ACCESSOR(ext, efer, lma); =20 +static inline bool has_pferr_fetch(struct kvm_mmu *mmu) +{ + return mmu->cpu_role.ext.has_pferr_fetch; +} + static inline bool is_cr0_pg(struct kvm_mmu *mmu) { return mmu->cpu_role.base.level > 0; @@ -5672,6 +5677,8 @@ static union kvm_cpu_role kvm_calc_cpu_role(struct kv= m_vcpu *vcpu, role.ext.cr4_pke =3D ____is_efer_lma(regs) && ____is_cr4_pke(regs); role.ext.cr4_la57 =3D ____is_efer_lma(regs) && ____is_cr4_la57(regs); role.ext.efer_lma =3D ____is_efer_lma(regs); + + role.ext.has_pferr_fetch =3D role.base.efer_nx | role.base.cr4_smep; return role; } =20 @@ -5825,6 +5832,7 @@ void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, u= nsigned long cr0, =20 /* NPT requires CR0.PG=3D1. */ WARN_ON_ONCE(cpu_role.base.direct || !cpu_role.base.guest_mode); + cpu_role.base.cr4_smep =3D false; =20 root_role =3D cpu_role.base; root_role.level =3D kvm_mmu_get_tdp_level(vcpu); diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index d50085308506..bc6b0a1a1c8a 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -486,7 +486,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, =20 error: errcode |=3D write_fault | user_fault; - if (fetch_fault && (is_efer_nx(mmu) || is_cr4_smep(mmu))) + if (fetch_fault && has_pferr_fetch(mmu)) errcode |=3D PFERR_FETCH_MASK; =20 walker->fault.vector =3D PF_VECTOR; --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA7DE2494F0 for ; Sat, 21 Mar 2026 00:10:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051829; cv=none; b=mMtiSEMXezZMHtZ+kzN9DCtZrUFPAwNOanqjOTzFYrOx8GCHONsRQwturXjdrEFSHJxohBIHaLSe3Q87SKEwj7cZ0ERyBVLBtW41MS911q1RuPV2rm7ljPzJt10ORjjKUPJhXX5j5XF1zqEX/aBhv5sYDvSrxP80mYcQDJGExA4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051829; c=relaxed/simple; bh=lPKKspzfSofsN1QCipZepB+gFS9lQMHHN27fmiJ6Yxs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=MUX1Ve0X34ntSonmgzKRMISy9YMSHeo6Z5zDtUXJbSs+7IRRS0vwlsfHYiu39wDOiasS+2ALsQ181JDghGtzgWyOTkQsFKASrbwdY30rz2o6kHg3j9GUhi9fR+MwKVkh8nygScIpsRzkE4bo7a87HfWU3p2nqDp6Au5apYvnFFk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=KLNjuX47; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=EWTz5egh; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="KLNjuX47"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="EWTz5egh" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051827; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dY59s6Dld+8zthkUpJxvKSdoBN1IRmLu6DOr1vsJ15A=; b=KLNjuX47fe4Qfp3JLyLEuXJdVz5G1Kw7aN3H2im7L+6kOaKSPNsjCNPMtN04qGPrIQCRVp eLDIzmmUi5A4i9OchW+pA4DapVj7h6rYYZWF6NKJlj5Jd6d5to42sbnDDp/N/PUydZCveO U5KNDtRbx6Y7fma50D0x+TGbGg0dOco= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-564-KBHjnb4WNPy4DJN8GTC6uA-1; Fri, 20 Mar 2026 20:10:25 -0400 X-MC-Unique: KBHjnb4WNPy4DJN8GTC6uA-1 X-Mimecast-MFC-AGG-ID: KBHjnb4WNPy4DJN8GTC6uA_1774051825 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-439bcec86dfso1672708f8f.3 for ; Fri, 20 Mar 2026 17:10:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051824; x=1774656624; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=dY59s6Dld+8zthkUpJxvKSdoBN1IRmLu6DOr1vsJ15A=; b=EWTz5egh3GfXE0kz3lzlxSTRQ2x351ePbmnn8uR1351Lcr5eZqToGyWVy2+ohr3RS9 HEwmTPJJeInyFXRfwfl9TiZqeZvi1X5uU4Gw6mv+AdSGBbk3r9N0Rec1dhQZAUfN2rin C8fR77z1Has8qViG4N8zsv3stpVnjUq/gZd0bCnt6ntRv0KaWtJ9xN/XFnFk2jc1rbo5 PXCsfIyF48lfvy1p/wvwRY/9tMWwUmp8/GNbY+1Nn9+lEJ1RredkQ6mtP2rFAGE62Vfa w5nAy7PvxEQfZ5dJupuj7K4js9iGwbEIoei7swn69+Hiax3ZrbL4rh/ybgjUWNxweY9Y 86dg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051824; x=1774656624; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=dY59s6Dld+8zthkUpJxvKSdoBN1IRmLu6DOr1vsJ15A=; b=LxXz20AFyCrOyftyvuUcIJiT7MYl+ahdQn5YJvAN/ebBxME5kbFdHc3hSPswFztY55 Uned5WDPu31xSrydRrCj6dBOVoKd0jwjppvXE6XZCLyKXUrhKPlx4uHpkh93+tuYhoA+ tUv+eqYGa4OQoo2hdDuSazu36WjC2xhqpvZFoLDiEaL0f5ch7rLVxqTvD7Gs+pxWNdHt fO0gcUm8Ix6CxBNWB/C4bOYRuBERbHs7zES5pmvS82d+fuUNZ691brz+h/K1c5UAofxv ihO/6iuiCXEjTffUKhtODk6ZyrICoRF5jFpze4yJ7n7X8akjCEkfLFKywBclh6GtOJmi LkLQ== X-Gm-Message-State: AOJu0YxiU5+GdO1orwtL0MiACRWHE6GXaXMMRA9TClz2H8or4e22B0Tb 7X3+yjKjchc4L2mPP9dISbJeyRc7NrQ6HLgffVZRkizIpoNZ3s5wLkHqpI4hALs8Y34WpYeym3m Mf+GbYSkBHqfZ+0hdY5wTTzAMv2W9/0GOuZO5z+529piQkaXpI1E9dOByEnsINJL7TJgKfOgucd sQ2GXZZf2EX1EtCa10IlCykGSyLNrFEkv1Doa314Cmy8qZ2y1eKQ== X-Gm-Gg: ATEYQzyaLYVSJQGomav0EKtANmT0ErsB2Tgm7GlUHlGEQkgmm3+mHZf8jv/fHuQ8u7k mrnogv6Q9oDgYFOACaCbjK4fFphNb3CnLyHY4M3WDOfYwMhW63RMa2LMp9tVJRkc5SwHJOte1Cs KhZA/Bi0ID1Ud0q9hH9hNZl25GjjQtEA5s/5K59ZXe88FNs3Y5x1X6c4mkRRjoIP7/2TLP72bK9 BX4MSHdcnVMKLsOZGC/1QSIS6tzxQ2JKJp2haLqEx9fPEIJQZgzMlF+uLsLPv9o+gFRQzkNyhOw QrQczBGLdTCwBFe5UY+UOa3B0Ncj6B1iFyLiNdY8eMrXe1fTdQAY8bObO24T7y+PrA038UIUZjC aoaCnoacZgx3VF1fmq+uKFfp3YkMJk5nr7HtWH/rf7pgVmJbOEjmBZ72U7nJxUBF5LMh66TmJV2 1h9f1g2T9ErFMRlnVO/YB/NKCV X-Received: by 2002:a05:6000:4283:b0:43b:6320:d937 with SMTP id ffacd0b85a97d-43b6423a2e7mr8303047f8f.19.1774051824246; Fri, 20 Mar 2026 17:10:24 -0700 (PDT) X-Received: by 2002:a05:6000:4283:b0:43b:6320:d937 with SMTP id ffacd0b85a97d-43b6423a2e7mr8303011f8f.19.1774051823732; Fri, 20 Mar 2026 17:10:23 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b647177e8sm10573531f8f.34.2026.03.20.17.10.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:19 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson , "Borislav Petkov (AMD)" Subject: [PATCH 18/22] KVM: SVM: add GMET bit definitions Date: Sat, 21 Mar 2026 01:09:27 +0100 Message-ID: <20260321000931.1947084-19-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" GMET (Guest Mode Execute Trap) is an AMD virtualization feature, essentially the nested paging version of SMEP. Hyper-V uses it; add it in preparation for making it available to hypervisors running under KVM. Cc: Borislav Petkov (AMD) Signed-off-by: Paolo Bonzini Acked-by: Borislav Petkov (AMD) --- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/svm.h | 1 + 2 files changed, 2 insertions(+) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpuf= eatures.h index 123c023fe42c..95469c7d357f 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -382,6 +382,7 @@ #define X86_FEATURE_AVIC (15*32+13) /* "avic" Virtual Interrupt Controlle= r */ #define X86_FEATURE_V_VMSAVE_VMLOAD (15*32+15) /* "v_vmsave_vmload" Virtua= l VMSAVE VMLOAD */ #define X86_FEATURE_VGIF (15*32+16) /* "vgif" Virtual GIF */ +#define X86_FEATURE_GMET (15*32+17) /* "gmet" Guest Mode Execution Trap */ #define X86_FEATURE_X2AVIC (15*32+18) /* "x2avic" Virtual x2apic */ #define X86_FEATURE_V_SPEC_CTRL (15*32+20) /* "v_spec_ctrl" Virtual SPEC_= CTRL */ #define X86_FEATURE_VNMI (15*32+25) /* "vnmi" Virtual NMI */ diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index e2a29e1144a7..47353bef947c 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -239,6 +239,7 @@ struct __attribute__ ((__packed__)) vmcb_control_area { #define SVM_NESTED_CTL_NP_ENABLE BIT(0) #define SVM_NESTED_CTL_SEV_ENABLE BIT(1) #define SVM_NESTED_CTL_SEV_ES_ENABLE BIT(2) +#define SVM_NESTED_CTL_GMET_ENABLE BIT(3) =20 =20 #define SVM_TSC_RATIO_RSVD 0xffffff0000000000ULL --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 499372F6911 for ; Sat, 21 Mar 2026 00:10:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051834; cv=none; b=gkH5hjVGTpFiVPWqwML3W4HAMMDpMqMzzojQ79AAKE6uiVhHcekgWZ5mPzEi02HhwJtihAl2ajpXg+EURMiW/mS3xiKVPmF3eJisLO0s7MvXSsWBmc+JgBJhUKNHmPox/VYEEr5jHICFVh6Yz4QbaR9tOHQNLb7YDsnQR4ReQcM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051834; c=relaxed/simple; bh=+ahruIUPnKlfxKy2o5ecEv12yn318QXZMDxIk0hlFag=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=fit/G2pcbjKmyqKQ/f2UCTYpsa/ehkj2xEKZs22MHuY2Oq08Zb9aO1D3U+l2kUCvZs27jSliwyCcxpExVf1YLWojO9DUUzisNbGUvJ05DkVKt41vn76weZIuprgFehOfuXxrYb/h7Pj2n0fDjPvtBNgezIQiFICM4286uvEmsJo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=VFGGRr9B; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=HAgrRRod; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="VFGGRr9B"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="HAgrRRod" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051832; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QKk6jKe/ZOTufFbEyG3fogFhPhiv78Ux0FHciYJwilU=; b=VFGGRr9By6OM0IpJlkfOzvMYRsV5x+Wak3tIKD74kSJknVWWfRazOwnCYK0uqmkZExdYtU 3SamfRxPUkYiAeUPcsHKuexNkkHzkbsMDkJqXhLjQg3FZZ7FfopNNe/4OG771HZLoa+pCI I9Z/g5hlRzrZazGnHStzXEULhibwe64= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-453-ANPcttDZNaCWqr8ISYpZWQ-1; Fri, 20 Mar 2026 20:10:31 -0400 X-MC-Unique: ANPcttDZNaCWqr8ISYpZWQ-1 X-Mimecast-MFC-AGG-ID: ANPcttDZNaCWqr8ISYpZWQ_1774051830 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-43b41d45be4so2498264f8f.0 for ; Fri, 20 Mar 2026 17:10:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051827; x=1774656627; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=QKk6jKe/ZOTufFbEyG3fogFhPhiv78Ux0FHciYJwilU=; b=HAgrRRodh6lTTEBubsrFk97RcWaAIczvDqZHS29GHPu52RO4fB0A/YrcZtTUbGzM5k 4pvBYeBvUlYHC2MHVUU+Fatj28C+ph3Hxc/ceEWyId/7GYVdLigLb6KN93ClnMwwQpxI RPZwpbQchh1qkVYa+jnbdMBePYtR+hvLUBHlVj3nR3gRpM1IEuthNM9TfFIqqc6K4o4o S3oQJpR23mzErPkQ8sGec0OjmW+aE8UTSQMrxlpnos5NZSz/jxRgoHnSkPsjKqNEE68U IbI0TDAJPvvLUpv+R38CItQLpSTPwlOuQ0Bk5r8xV3gr1n8syNhU1I1JVe9q+G3llluu G9Ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051827; x=1774656627; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=QKk6jKe/ZOTufFbEyG3fogFhPhiv78Ux0FHciYJwilU=; b=M2nxqHdGrB4wrwgZFVrALNwKBFyc83ky8YBzdzsHSSPNK42WyZ1OeYELvxDpy+wsuz I2sEcF5OShhP0JYeW+zdE7JgdlqPfU/E8tC3sSjswT2h3hB1g50VPi5O+d8rw8rvQiEX wmE0YlGw/gfUB3Nyyi2eLnJna5yPI9B0Mm9oiSJIHrwS4KBdCL+xBcgOX1oftV2S6SHU czaucc5KleLtV9QYUZMu9X6RxAEepzmDAdXOE+QfLetFE4eoW38e3LpN4Nh/npCgfp4Q DJnKAg19a/udvO6lXy9GU8BKBoXJTKFrVwebQKuS+gmJ0ef2nbAMJQl/sz/+ItOJ7LGJ /9Tg== X-Gm-Message-State: AOJu0Yz+NvvedsDRXjtQ0jHg9BIZ7M6M1v/kCDEDl7g22yygnJPUgL3N gA73V8kZncFKL5oLZvCUITTSRtyH0brJDlSQBwCwOsdOWa1Y9tJ9tQmCnVh/CuNnSpGYYBV74KI 0uPnGxoLgcGn8rh3nmSafMm9XA0AKBsAxq9lqqogEcTg/eEe3izPjihu3owPNeYU4eKO/v4iroC ncdh2rhpaiB5Hp1Razz8GxZrPgRD+XKU/FOVL0HsVWFgzghPj2Jw== X-Gm-Gg: ATEYQzyD1q4HL/i0O6CYWhKXaEeH+WiGRmpLlId40L3jGckw+N5czL+FPug4BxZKNBG dbeu/rup//fs+eq+keVC6UMjO5ckN+iWRM8TOHWsXWY4jPUJTQgv4ygrhAsYLLT/yTBVq6sr1uS /vc5cZSDerHragpdsUTITKTYTHgOjWpgRVfPt8eS7OdCbIYAyzY8VzAN1GOJlSY72PpYEFHYVgE +2/N3+UNz58wAlVNHmzGnE90hvWt5MB6+t3IuYDs6y1nxmaVnxvXTdif2PHJvzSKxcYqEUCdTot VCRuBzC9xxr9h8F5Kde6U+ErZOTqDkjQfjPazgg+hT2RS274GkqSj5hgiRwrDELGedqXOeTNWtL Sgag8Rsn7vVWlDviC+A6VeIg/SF53GljT4+lt9Cs/H3bRbkdnCtxUXYw65D0BWEx/2WafqFxOr8 YaS36wah2xCl3VdIggh27I9IuT X-Received: by 2002:a5d:452b:0:b0:439:d0ac:8a8f with SMTP id ffacd0b85a97d-43b576e6efbmr10619735f8f.1.1774051826902; Fri, 20 Mar 2026 17:10:26 -0700 (PDT) X-Received: by 2002:a5d:452b:0:b0:439:d0ac:8a8f with SMTP id ffacd0b85a97d-43b576e6efbmr10619707f8f.1.1774051826317; Fri, 20 Mar 2026 17:10:26 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b6471a27csm10888724f8f.36.2026.03.20.17.10.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:24 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 19/22] KVM: x86/mmu: add support for NPT GMET Date: Sat, 21 Mar 2026 01:09:28 +0100 Message-ID: <20260321000931.1947084-20-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" GMET allows page table entries to be created with U=3D0 in NPT. However, when GMET=3D1 U=3D0 only affects execution, not reads or writes. Ignore user faults on non-fetch accesses for NPT GMET. Signed-off-by: Paolo Bonzini --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/mmu.h | 3 ++- arch/x86/kvm/mmu/mmu.c | 19 +++++++++++++------ arch/x86/kvm/svm/nested.c | 3 ++- 4 files changed, 19 insertions(+), 8 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 3162414186f0..5016a4569746 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -359,6 +359,8 @@ union kvm_mmu_page_role { * cr4_smep is also set for EPT MBEC. Because it affects * which pages are considered non-present (bit 10 additionally * must be zero if MBEC is on) it has to be in the base role. + * It also has to be in the base role for AMD GMET because + * kernel-executable pages need to have U=3D0 with GMET enabled. */ unsigned cr4_smep:1; =20 diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 035244ccbb5e..b03a5f4d9f04 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -90,7 +90,8 @@ void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_mbe= c); =20 void kvm_init_mmu(struct kvm_vcpu *vcpu); void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0, - unsigned long cr4, u64 efer, gpa_t nested_cr3); + unsigned long cr4, u64 efer, gpa_t nested_cr3, + u64 nested_ctl); void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, bool execonly, int huge_page_level, bool accessed_dirty, bool mbec, gpa_t new_eptp); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 1788620e6dfc..eeb8667a283f 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -55,6 +55,7 @@ #include #include #include +#include #include =20 #include "trace.h" @@ -5451,7 +5452,7 @@ reset_ept_shadow_zero_bits_mask(struct kvm_mmu *conte= xt, bool execonly) (14 & (access) ? 1 << 14 : 0) | \ (15 & (access) ? 1 << 15 : 0)) =20 -static void update_permission_bitmask(struct kvm_mmu *mmu, bool ept) +static void update_permission_bitmask(struct kvm_mmu *mmu, bool tdp, bool = ept) { unsigned byte; =20 @@ -5512,7 +5513,12 @@ static void update_permission_bitmask(struct kvm_mmu= *mmu, bool ept) /* Faults from kernel mode accesses to user pages */ u16 kf =3D (pfec & PFERR_USER_MASK) ? 0 : u; =20 - uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; + /* + * For NPT GMET, U=3D0 does not affect reads and writes. Fetches + * are handled below via cr4_smep. + */ + if (!(tdp && cr4_smep)) + uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; =20 if (efer_nx) ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; @@ -5623,7 +5629,7 @@ static void reset_guest_paging_metadata(struct kvm_vc= pu *vcpu, return; =20 reset_guest_rsvds_bits_mask(vcpu, mmu); - update_permission_bitmask(mmu, false); + update_permission_bitmask(mmu, mmu =3D=3D &vcpu->arch.guest_mmu, false); update_pkru_bitmask(mmu); } =20 @@ -5819,7 +5825,8 @@ static void kvm_init_shadow_mmu(struct kvm_vcpu *vcpu, } =20 void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0, - unsigned long cr4, u64 efer, gpa_t nested_cr3) + unsigned long cr4, u64 efer, gpa_t nested_cr3, + u64 nested_ctl) { struct kvm_mmu *context =3D &vcpu->arch.guest_mmu; struct kvm_mmu_role_regs regs =3D { @@ -5832,7 +5839,7 @@ void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, u= nsigned long cr0, =20 /* NPT requires CR0.PG=3D1. */ WARN_ON_ONCE(cpu_role.base.direct || !cpu_role.base.guest_mode); - cpu_role.base.cr4_smep =3D false; + cpu_role.base.cr4_smep =3D (nested_ctl & SVM_NESTED_CTL_GMET_ENABLE) !=3D= 0; =20 root_role =3D cpu_role.base; root_role.level =3D kvm_mmu_get_tdp_level(vcpu); @@ -5890,7 +5897,7 @@ void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, b= ool execonly, context->gva_to_gpa =3D ept_gva_to_gpa; context->sync_spte =3D ept_sync_spte; =20 - update_permission_bitmask(context, true); + update_permission_bitmask(context, true, true); context->pkru_mask =3D 0; reset_rsvds_bits_mask_ept(vcpu, context, execonly, huge_page_level); reset_ept_shadow_zero_bits_mask(context, execonly); diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index b7fd2e869998..617052c98365 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -96,7 +96,8 @@ static void nested_svm_init_mmu_context(struct kvm_vcpu *= vcpu) */ kvm_init_shadow_npt_mmu(vcpu, X86_CR0_PG, svm->vmcb01.ptr->save.cr4, svm->vmcb01.ptr->save.efer, - svm->nested.ctl.nested_cr3); + svm->nested.ctl.nested_cr3, + svm->nested.ctl.nested_ctl); vcpu->arch.mmu->get_guest_pgd =3D nested_svm_get_tdp_cr3; vcpu->arch.mmu->get_pdptr =3D nested_svm_get_tdp_pdptr; vcpu->arch.mmu->inject_page_fault =3D nested_svm_inject_npf_exit; --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5D9FE288C34 for ; Sat, 21 Mar 2026 00:10:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051837; cv=none; b=MLW0eKdDhUdyX3n9bIxh0j7MoBkoRDXZS/HaO26vwL7VyGNq70aHrA65VnPKJqvCtk28PEDubXxv32sm/Db81cUm2Ov6PrseBWXf038ZVfVcyEzSjWewIkfJGluFOUc4yYn+1M2FBfAmRFD2rONK425nIhhXgiw81nd5XVRxdNw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051837; c=relaxed/simple; bh=hR6ikdWuhI2qG+icGaUmLS04/GWkH1r6O8oArtk4uzs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=oYWVqkvHcdMMo1piQawZp68epMsKrL0dUr7I28moQW4f1p6ylizXJL5+hLwJ5+BWHKAjTgJ7Hy1I3/VUrEcQfycuye9iFm8VjN/vCKQZWKW454KTwixvMnp6QIogyW5G1XWB2hPxk0Ehj2/fMU1rxms9KwbLustumAGcVMImvFg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=h0/CW4nR; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=cLEmIy9i; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="h0/CW4nR"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="cLEmIy9i" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051835; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dMltVXI0rnLkVBMnchf5NfLX7cwXpJxqWzPAkjBf7Ao=; b=h0/CW4nRKd3Jux9g0lt1GKp9CGFN5+RIHUwUJfUaQdMk/Fftjccqp91rTMNZrxsvwkwqbv i0K1puZVA4uameJPhgwDD01F7slRSNfZpYxoqkV76yWvPUyBeJX86IVDGwiF51VDDt3ACz qazrzkUpvVHygI0e5qbDEFfO6W76QaA= Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-606-1S6RW8M9Py2MtIE20Lgpyg-1; Fri, 20 Mar 2026 20:10:33 -0400 X-MC-Unique: 1S6RW8M9Py2MtIE20Lgpyg-1 X-Mimecast-MFC-AGG-ID: 1S6RW8M9Py2MtIE20Lgpyg_1774051833 Received: by mail-wr1-f71.google.com with SMTP id ffacd0b85a97d-43b41d45be4so2498277f8f.0 for ; Fri, 20 Mar 2026 17:10:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051832; x=1774656632; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=dMltVXI0rnLkVBMnchf5NfLX7cwXpJxqWzPAkjBf7Ao=; b=cLEmIy9iSI0GmWxz4PlRNzDh7R/Dvw8Q/037acIQKFqNWOfO3mgvmLpBXoFQd/REhk Al186fQw+u1aJOgTn2qCPmTOCk9Jn2mSUAI4ys2Vb1ATES5yiAWRpMDH2OjcBXuwnNDS OMN1PR6izNcowtAu7KgLX5p7W2K5GERvTKh6i24LiglVLoxDLWefNqSbR+5hkUcYScOi hXUsKBRdVUzGp4GPBwtue2csgwfE6iVD9KMesdsMvkB9JZaYaiWv4ifUQtyMKVh3T5dN tNPcLksAtW1Nqm73YkEyDNcV3ZPklbRkXgrl52AVe+jO8zAZECtBZmU/frh2hDooH/Dy DyxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051832; x=1774656632; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=dMltVXI0rnLkVBMnchf5NfLX7cwXpJxqWzPAkjBf7Ao=; b=P2t/xpS4B8/NcBuds9tUBDowuTXoZEH0QZODmhR5zoEJiBDqnPvXV9fQ6ALAzD3DW5 0SQVs90PkjKv5W2U4+jpa05v4Ui0o+kWxnqS5+F+oh7z98OSGK9FQXJwJA13fiIaU48g R9Ga4xvF4K5PP5vsb8YVmBjwHTHirgKiNwqOk5Mdf3u86jMPzunrUYpFq0PB1X3Fm6XH rEBqt5xqLUjsDJOSrLubda6rLB5qKYHDvCVmEMmP5f7yf6Ip8vDsGlig4a5z4HVe1YUC T3mr/QR/vsUNpEpOb5NG/PQEj9tcZ1RGumfjSa3MMZqRK+gKyANM0cEiQq57n0g6MIyd JfEw== X-Gm-Message-State: AOJu0Yz/LOOHeEyymdMQl89/GVeYmCL2dUpmCiew1Wmp9V38dB5iMIyD KLl+Zqi7vIbPTPLClrsL3S1DT4pxgfWPVeoPnWZCj9d2XAB8kgdh3DsYMwiiCnef9jTMDfMI/Qb esWjKjgixzNPeWwMUicS3jMe9UMxvdSJuU/ifgJjxM+wolMGnApCofZpnhAx+uPa2KTD5o7Uz+O txK9T3xWsSGsqdyEGcBDBltcVuKHrWlVdtN59571aEkLA/6m/q3A== X-Gm-Gg: ATEYQzzFonBozVvIu3TmSrTiE60EjeZa+W+1bGUkTBgHdwpNuJKwykQPLj3/Di08LTT /89e1WchfDXUwxh8s/XrIdODwKUwGB+Yb0EbJhqIxlrF1NB85cN2xkhTm13FVMvqibxlS9/kRrs fjarvNDubngwwayKzNkD82tjmRl8eBy1iYQTU//rtc97Qbn1UpV20YUoj3JkEUBP6HwjQ5Ccxdv s60eIhtfzFZvAk+T5o9C4rWmo7JWU4KLESmkOSvaeGZyKyRcdG8yLAjb07O6q/AiZxsT7mGpTA9 fMuDEDa7jGBcfftWBI6FUbIgY+VOWz0V4AT5yky4aRWTmbxwIf24RTudeVp1dtn3VZwJYrENsTz 5ijcqS0rtElhI9TzEtb0NC92upwyeF2TTh25ITBalf70nZfcUDJ2rrOwG3gpyvL12B3zPRfbmVS +L3C4Din+y6ypOjyVlcpisWwjY X-Received: by 2002:a05:6000:2b10:b0:43b:3c53:283d with SMTP id ffacd0b85a97d-43b57729855mr9903528f8f.21.1774051831880; Fri, 20 Mar 2026 17:10:31 -0700 (PDT) X-Received: by 2002:a05:6000:2b10:b0:43b:3c53:283d with SMTP id ffacd0b85a97d-43b57729855mr9903503f8f.21.1774051831384; Fri, 20 Mar 2026 17:10:31 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b64703650sm9497992f8f.20.2026.03.20.17.10.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:27 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 20/22] KVM: SVM: enable GMET and set it in MMU role Date: Sat, 21 Mar 2026 01:09:29 +0100 Message-ID: <20260321000931.1947084-21-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Set the GMET bit in the nested control field. This has effectively no impact as long as NPT page tables are changed to have U=3D0. Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu/mmu.c | 6 +++++- arch/x86/kvm/svm/nested.c | 2 ++ arch/x86/kvm/svm/svm.c | 16 ++++++++++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index eeb8667a283f..06289b2d4f96 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5734,7 +5734,6 @@ kvm_calc_tdp_mmu_root_page_role(struct kvm_vcpu *vcpu, { union kvm_mmu_page_role role =3D {0}; =20 - role.access =3D ACC_ALL; role.cr0_wp =3D true; role.cr4_smep =3D kvm_x86_call(tdp_has_smep)(vcpu->kvm); role.efer_nx =3D true; @@ -5745,6 +5744,11 @@ kvm_calc_tdp_mmu_root_page_role(struct kvm_vcpu *vcp= u, role.direct =3D true; role.has_4_byte_gpte =3D false; =20 + /* All TDP pages are supervisor-executable */ + role.access =3D ACC_ALL; + if (role.cr4_smep && shadow_user_mask) + role.access &=3D ~ACC_USER_MASK; + return role; } =20 diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 617052c98365..d69bcf52f948 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -773,6 +773,8 @@ static void nested_vmcb02_prepare_control(struct vcpu_s= vm *svm, else vmcb02->control.bus_lock_counter =3D 0; =20 + vmcb02->control.nested_ctl &=3D ~SVM_NESTED_CTL_GMET_ENABLE; + /* Done at vmrun: asid. */ =20 /* Also overwritten later if necessary. */ diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 23cb4beea886..4a4f663b2bd2 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -134,6 +134,9 @@ module_param(pause_filter_count_max, ushort, 0444); bool npt_enabled =3D true; module_param_named(npt, npt_enabled, bool, 0444); =20 +bool gmet_enabled =3D true; +module_param_named(gmet, gmet_enabled, bool, 0444); + /* allow nested virtualization in KVM/SVM */ static int nested =3D true; module_param(nested, int, 0444); @@ -1184,6 +1187,10 @@ static void init_vmcb(struct kvm_vcpu *vcpu) save->g_pat =3D vcpu->arch.pat; save->cr3 =3D 0; } + + if (gmet_enabled) + control->nested_ctl |=3D SVM_NESTED_CTL_GMET_ENABLE; + svm->current_vmcb->asid_generation =3D 0; svm->asid =3D 0; =20 @@ -4423,6 +4430,11 @@ svm_patch_hypercall(struct kvm_vcpu *vcpu, unsigned = char *hypercall) hypercall[2] =3D 0xd9; } =20 +static bool svm_tdp_has_smep(struct kvm *kvm) +{ + return gmet_enabled; +} + /* * The kvm parameter can be NULL (module initialization, or invocation bef= ore * VM creation). Be sure to check the kvm parameter before using it. @@ -5147,6 +5159,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D { .write_tsc_multiplier =3D svm_write_tsc_multiplier, =20 .load_mmu_pgd =3D svm_load_mmu_pgd, + .tdp_has_smep =3D svm_tdp_has_smep, =20 .check_intercept =3D svm_check_intercept, .handle_exit_irqoff =3D svm_handle_exit_irqoff, @@ -5377,6 +5390,9 @@ static __init int svm_hardware_setup(void) if (!boot_cpu_has(X86_FEATURE_NPT)) npt_enabled =3D false; =20 + if (!npt_enabled || !boot_cpu_has(X86_FEATURE_GMET)) + gmet_enabled =3D false; + /* Force VM NPT level equal to the host's paging level */ kvm_configure_mmu(npt_enabled, get_npt_level(), get_npt_level(), PG_LEVEL_1G); --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1BFA02E7631 for ; Sat, 21 Mar 2026 00:10:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051840; cv=none; b=OeV/bLrplCJjVuzEkIv8lBw/d5rhMeQEgJHGtjQwTkn389oWwVkzWWqXz+/GtIMJ3DNk6XZ5ZZTHbAYMaz9auqBGzVV6dOl3LtfWdMYDcVOpn30BHm9Tqx0Nw6O4gGCECwC3CAlsjeZ/YxE1xQTsRxXiMEoyETxHS6/UQu357oY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051840; c=relaxed/simple; bh=RwPqlGeNkb18wMTEDlE8OJyCiSTO793BGluw/5D5YaI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=P9iGoOIDHpsH8VPTfg8aOzUFoPQPzwAjz51xE7R7xWAy6XVG07OEEKGMdY1VLz4KxRIVGjYw/TiaGJA6/feA6uqHt+S5OjLRC5mARMKnx29f6Uh6l2JhEg5KMTHPrnMTcRqWbE0btGdaDjTd5F3PauwPoroZcRccjSXtfWNkmFA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=RfMkx8DW; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=qHJ7wcAp; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="RfMkx8DW"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="qHJ7wcAp" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051838; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+lwADGhzFduFsZYKsBEke3PE8WrGRHNnzI5qm22SisE=; b=RfMkx8DWE9jv7OOZ7M9UXFpq6JoMFyUW0iqt4DqaxdKR1CwDvRkUP6dThYLuJOm0puUlyj pcv16IxZkRaNob95advVj/MJQIqXmaYudsVAsfh+DWsGyCV5ttjYFPUzRZCqoNCfhR013l mWBejT6JTdEEb4FLcpkX+YriDazPQrE= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-452-ej8H0_5XN0ikNUiZvQPRyA-1; Fri, 20 Mar 2026 20:10:36 -0400 X-MC-Unique: ej8H0_5XN0ikNUiZvQPRyA-1 X-Mimecast-MFC-AGG-ID: ej8H0_5XN0ikNUiZvQPRyA_1774051834 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-48531e6012bso38454045e9.1 for ; Fri, 20 Mar 2026 17:10:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051834; x=1774656634; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+lwADGhzFduFsZYKsBEke3PE8WrGRHNnzI5qm22SisE=; b=qHJ7wcApFET/cqpNbOAXs4ZWtaFPdnbOx07KYgMmUyrOhdwcN+Rr3KRfNCZtYCMOL6 w0NVeYJ6wHl3S+dv4mLwcud82lar+nBda+Y6j2Nq1Fxn7wk7tuNf2UoUaEITW8pyLEq7 YMKyb/725eGijUImIgAXgT/cDe4PIncqPM3HNrz+230MnQQLBA7rwF1+Iz6kQa7ccSYa zFAghGvO9kmrf0QM0Io16w2n7NkAoYP+9l4ZnsGpENoGFyrlVHzwnE9qADA6B8DDHTdF 4e7kBl4ibpiXTx2Ak6fSl63vH2hC4zQFEbQva2eqlzwe+jA7p8zOxUTVuEQxzcJ9rEJX 1Cpg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051834; x=1774656634; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=+lwADGhzFduFsZYKsBEke3PE8WrGRHNnzI5qm22SisE=; b=VIkawYFdfevo56gDR3qUdjGw5Mr55F300rOc5DE7qxP2mgdRtqZxfjdoYOKpDou5zl /9Bm2ZB28Mk6MftFNyuJfGjJfHDoLcwMupHO201NedvEyPV6qm7IeY9IPd1XKELdJaW6 Ug/8hc5M2oORoWDWSM5DeXTSCRDXiWi4ZQh8Hi8EXm7hYw+QACqdF13M/yRyL3exCuxC GoBn3R6jK5wVDRBvrRVK83ir37JU36wlZ8IGDxx7KkcJiTq+Mj7JavZtnF6ffXeswyhL A2x9Xvd9k6QVpoIVnkGQTXgsTebGdMaq/0OE3sQwhgdgsgDngS3o1kOj5Gwpo6x0kgNY UtuA== X-Gm-Message-State: AOJu0Yy/qFP2s/hDlh4Zki3di6CvMsibZpOwWqjwK7YMrxRYkvC7JjLr gqETZAyKVV27vt3fqvOqWaTE1/yWKjjzfUboAc6kWBoL7eg69tejgqUc9mUSNSASffdVU9rRz0n su6n2bx1oG2OaivWYJfjkT64YmA0YcMebmAhj++M4/QwPRzUHVq8Zu1/SmLA7+aN+QKC7av/mJV 1mph97/+Eak89/mtOWexJf83npNK9E/hgF796xWA+llRNsJG7k6w== X-Gm-Gg: ATEYQzyikVyBs3Q49D1/+U5WnU2QDcfJPk/SgvsjSQyoM6g38HEoviLvuSn1hGhmgI+ tHvwj5lFsaE8vXaST5cvJhfqezQEBjkN6x3u6UUCTu12VThKaCpXBSNFng08NE+t6y8I4VmbtpE LoOjx7MB60X66jkUEgv5aeqlxXYGsJSXS330sbPlycW/l8j7+eYDuUHJD4JJ/8pAbh84A3akcnI mZU5A4EStFCAVvbAMJSoFRRRDGJjOK1Y6hPJY0a0ahTi1Tn6l+9uryxBSYy4NMOQQRr9qIKxXs0 qAoK3KOxnTXaaGlsnqEHNQiLZHK3aYFs1ZkbA0JDAcojnaY7UnoyUNzwAuGQx1iWpB1R6MtGWJr 9VxqyAfB7jA/xakL1uIAEsV6M+m2gmHbKJLd+zkp22/c6TN87a1BGEM6RM/T5g7l+6k26PfcVzx H3fycRiXeg1CFoR/IUTV+L848Y X-Received: by 2002:a05:600c:8b45:b0:486:fbe1:2499 with SMTP id 5b1f17b1804b1-486fee0d6ebmr66590035e9.22.1774051833915; Fri, 20 Mar 2026 17:10:33 -0700 (PDT) X-Received: by 2002:a05:600c:8b45:b0:486:fbe1:2499 with SMTP id 5b1f17b1804b1-486fee0d6ebmr66589665e9.22.1774051833456; Fri, 20 Mar 2026 17:10:33 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-486fe82ae69sm91545145e9.9.2026.03.20.17.10.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:32 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 21/22] KVM: SVM: work around errata 1218 Date: Sat, 21 Mar 2026 01:09:30 +0100 Message-ID: <20260321000931.1947084-22-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" According to AMD, the hypervisor may not be able to determine whether a fault was a GMET fault or an NX fault based on EXITINFO1, and software "must read the relevant VMCB to determine whether a fault was a GMET fault or an NX fault". The APM further details that they meant the CPL field. KVM uses the page fault error code to distinguish the causes of a nested page fault, so recalculate the PFERR_USER_MASK bit of the vmexit information. Only do it for fetches and only if GMET is in use, because KVM does not differentiate based on PFERR_USER_MASK for other nested NPT page faults. Signed-off-by: Paolo Bonzini --- arch/x86/kvm/svm/svm.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 4a4f663b2bd2..d3b69eb3242b 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1955,6 +1955,17 @@ static int npf_interception(struct kvm_vcpu *vcpu) if (WARN_ON_ONCE(error_code & PFERR_SYNTHETIC_MASK)) error_code &=3D ~PFERR_SYNTHETIC_MASK; =20 + if ((svm->vmcb->control.nested_ctl & SVM_NESTED_CTL_GMET_ENABLE) && + (error_code & PFERR_FETCH_MASK)) { + /* + * Work around errata 1218: EXITINFO1[2] May Be Incorrectly Set + * When GMET (Guest Mode Execute Trap extension) is Enabled + */ + error_code |=3D PFERR_USER_MASK; + if (svm_get_cpl(vcpu) =3D=3D 0) + error_code &=3D ~PFERR_USER_MASK; + } + if (sev_snp_guest(vcpu->kvm) && (error_code & PFERR_GUEST_ENC_MASK)) error_code |=3D PFERR_PRIVATE_ACCESS; =20 --=20 2.52.0 From nobody Sat Apr 4 01:50:14 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7771E33ADB3 for ; Sat, 21 Mar 2026 00:10:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051845; cv=none; b=pS5XOZdoD7C8d3rKa21J2Mv8OilZC8uBB+iSBCbxPbtfMUyRU3dUGPZ/XQ6VHAR2GMwpWRWhuBzcmqDFGfjr5Z/73m9WLTt089R/xuEgo+IRIU4ELpMhXUZTgMKflYU2eTF+07iEkE8zmDrhZVRqHRFRJ/crL7AcEkrvRCKuwV4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774051845; c=relaxed/simple; bh=Loq38pc2FyCTTkUH2qMFtWu6mBPZyloNiwBME48/IOA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=FJpQh482LTlx9toaZKG8RoD8/3IOfAYB0as9hfJyhOpHvXRZFJWX5NGA92Ti5NsdEWeppzkqTNVpFbnoCf4KHz1LawTfEsjPezi0hR2AvgJuMZ4SkCda04st26YQH9a3cBSUZotRns3jfTdHGbhnoc0oyDTEUtVYfaQ9EjU9wus= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=cIVkMir8; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=j9Jv7ZNm; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="cIVkMir8"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="j9Jv7ZNm" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774051842; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=oK7Mm/ibwQ8WVpy8saAqcL4LBF/TxI9WNZ7MQXytY1w=; b=cIVkMir8p26XeliqQhhmh+pR+xArH53Q3mFzRCIlYRABEVhZxLCpAwIXD1JE3wfHdPRL9o xmvqrQ5KI2XGzZDn86ldHNzRvTudaHaocP+5Cf+b/XLfgZuy/10tKsKWzOYxNC7JqHmaT9 y6d7dLmiFdPNjTldn0e/rCyjGnAD/os= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-222-wsqMJTtgOGy9ig_YE_CZVg-1; Fri, 20 Mar 2026 20:10:40 -0400 X-MC-Unique: wsqMJTtgOGy9ig_YE_CZVg-1 X-Mimecast-MFC-AGG-ID: wsqMJTtgOGy9ig_YE_CZVg_1774051840 Received: by mail-wr1-f69.google.com with SMTP id ffacd0b85a97d-439bab2d095so1811787f8f.3 for ; Fri, 20 Mar 2026 17:10:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774051839; x=1774656639; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=oK7Mm/ibwQ8WVpy8saAqcL4LBF/TxI9WNZ7MQXytY1w=; b=j9Jv7ZNm2Exhw5oDy5X3zBc2y2mG6Vrvgfx9b4aoZKOqeQYR13cZpOzZDsXd3+wC9Z Djt/tB7VTlIHp+k4A7+AyVBODeHnU5dq4wfZKCjJA33xEJXc/leSOv2gbId2yrOfMj3g rm2MFTrnJSyGrzMZ0OwDZZEVhsDrfbHbTmhlRCVCUXIaNVQm/zq2fYv1iuVa3nYEYmR2 s29UMt86PfxYmc/uUb72QpSti5JC5i22ZhgjakwTNkAfb73z6nrmifNHZUEWrZnSLo3X IsQ187w+riUWdROTXq9g8t1J4Ra/de8Ez39hRrL+cfqzfovSWHl9ZwuS9FFrUlJt58W8 rIfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774051839; x=1774656639; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=oK7Mm/ibwQ8WVpy8saAqcL4LBF/TxI9WNZ7MQXytY1w=; b=isjHU5rfrt2NtrYtTvhqqlivQdlATGH1WaHqwumgIxa89dLb6ETRfZ8Pi4kWpMVzF+ 5sOwJN3zpbGXXRvmGV9kv3NODWbFE/KNkf74wozjpiw3EYTj2Ec/uio2ytXXkwAHZHqX mUC8nKhj2JUfLP0PRUqFTvgp1f80kLdilVifFq8YKEDk0F6UhuLPDFZn9nJrH6JMrCo+ 7ZXsYKjd5gteCirI01jQwWmdI1PVXUyb2pTx6Rpsg6JVitvKpkEuFt9dK+27Ax7HoL84 vgA/ijuLbGxXOI6yfeNrneGHI71nQxlmCFWar2tQH9tRprj2wrM2I98ji+IIz4kwQDMH H+Uw== X-Gm-Message-State: AOJu0YwsHq6Jbbwzf/38FtjVgPqurm+JkjQHL80/vVBWDM/sOLZ3CZln FsEIdy3cRypmcDTE3x8/xs4mKJHvveVQ52/1kxYUkQ+ORxvUZo7Fs7dYidfbHoS3bhxRYuP2Rh3 JUWSH2DkxxqkJhqcSLFMFoh7LkGi+/G9rCewmVg06s7IqKCY0kNZAAG3wX6/HiDQxdg8fzCwCQO 38Xtr7OkWqVbWcLa5VoxTUhnJCsg2tRjHzc5geBz1nBPXQXmhNHQ== X-Gm-Gg: ATEYQzx7ldtXLgKH0lhhFjmHHdnrKbRp7r4cirICEA+Jh31h91d50Is90sQaRaVmWRQ YaQz/qCK2/zEJT+q8yyzl6VgEK4OuVLcxWxrm6BceCvZ0Jvf9vEyz7zTQcTXdMH7/ZJqDCvGqBo RjHCYakCAxW5rKEV+qeIJeTgAYaixLnlziU0o/PRc10g4PEo4WI9zr1yo0VIYlbIMV1hNjGpD06 Z6UWRD1Sh+NiB/tifHe7fRKAXbJRvcC3wMEwjxqDoGe/d+dwLYr/BjP3PZ6SLdrRZ2ceciKcIiP BrbEkepOmw7/1A4yZnfkQOWg7d9X8YOXNURGVxg8WK0drLVe09SeeY4jSavse8l1DZSmiAab6Y9 obYdospHB9VC0RAaemxTGHRPwyM8/W25+wk/cKC/kuSlmrGQVo6TQ+mYPX19InHJ8CRy40BCmiO 6yDnG+avHbSnos7gHp6B68JLaZ X-Received: by 2002:a05:6000:609:b0:439:c14b:2100 with SMTP id ffacd0b85a97d-43b64243dc6mr8340207f8f.12.1774051837320; Fri, 20 Mar 2026 17:10:37 -0700 (PDT) X-Received: by 2002:a05:6000:609:b0:439:c14b:2100 with SMTP id ffacd0b85a97d-43b64243dc6mr8340171f8f.12.1774051836821; Fri, 20 Mar 2026 17:10:36 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b644bd923sm12022594f8f.12.2026.03.20.17.10.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Mar 2026 17:10:34 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Marcelo Tosatti , Nikunj A Dadhania , Amit Shah , Sean Christopherson Subject: [PATCH 22/22] KVM: nSVM: enable GMET for guests Date: Sat, 21 Mar 2026 01:09:31 +0100 Message-ID: <20260321000931.1947084-23-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321000931.1947084-1-pbonzini@redhat.com> References: <20260321000931.1947084-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" All that needs to be done is moving the GMET bit from vmcs12 to vmcs02. Signed-off-by: Paolo Bonzini --- arch/x86/kvm/svm/nested.c | 3 +++ arch/x86/kvm/svm/svm.c | 3 +++ 2 files changed, 6 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index d69bcf52f948..397e9afecb78 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -774,6 +774,9 @@ static void nested_vmcb02_prepare_control(struct vcpu_s= vm *svm, vmcb02->control.bus_lock_counter =3D 0; =20 vmcb02->control.nested_ctl &=3D ~SVM_NESTED_CTL_GMET_ENABLE; + if (guest_cpu_cap_has(vcpu, X86_FEATURE_GMET)) + vmcb02->control.nested_ctl |=3D + (svm->nested.ctl.nested_ctl & SVM_NESTED_CTL_GMET_ENABLE); =20 /* Done at vmrun: asid. */ =20 diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d3b69eb3242b..4a0d97e70dc2 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5294,6 +5294,9 @@ static __init void svm_set_cpu_caps(void) if (boot_cpu_has(X86_FEATURE_PFTHRESHOLD)) kvm_cpu_cap_set(X86_FEATURE_PFTHRESHOLD); =20 + if (boot_cpu_has(X86_FEATURE_GMET)) + kvm_cpu_cap_set(X86_FEATURE_GMET); + if (vgif) kvm_cpu_cap_set(X86_FEATURE_VGIF); =20 --=20 2.52.0