From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BA15C3A1A58 for ; Thu, 26 Mar 2026 18:17:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549055; cv=none; b=WwRd6Rhd8nlma7D5B+3rV75wOtmdvYWlRtmdhiQ9njURzWz7oG98rT2hWL7B4iJLvPLSNS14ne/4T1O0uXTlxExvL+fjY/YETJIeiPs3e2BMmwc3sCA33/OQYqeuHv/QSVMq9bcPAtZhwOFJJ9u2GfXJM0+vNc+POpJJ9o4kg8M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549055; c=relaxed/simple; bh=/hgPA8ofUfgPut6kjk1EiKMkvUvqj4HcFOe/kxoKD5U=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=RmimshJ85Oidv/OP788jRCSwvIr2yn/x0Idb2SBlcgZ43+qAxOGnJNEuRuJ4NbowVEJiP0F44n2rBKFFtbhyn8kbzyzz8ns9RdbwW0x8Sm9SGLMG8U6NEEC9W6DfifIpml7MfEzMllshah7BP+mQE++JsHdJU0eqcc4hKStixJk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=fnEfgenV; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=i9RoY2bM; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="fnEfgenV"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="i9RoY2bM" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549052; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WDapCol8DB+8Onsizv1MMEQf+Ju0eOGDbqoSTr6KUVY=; b=fnEfgenV3Zbm+30x+QylL2KciQzotj5fsmOPXHsDC5brcxKIp7XfIuxfzM6axnV9isbWCm FVnUSQriRvQizDAk8rL1yVkEZ5IzYGPoU2pnJ5iFNs9N/IVoajNDFG3G0FWx9q/I+JVtW/ urkzZut3Ln3PalG3mxVHyQ7uYbSwoxc= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-353-ogNs68ERNlOX75dG9Qvu9Q-1; Thu, 26 Mar 2026 14:17:31 -0400 X-MC-Unique: ogNs68ERNlOX75dG9Qvu9Q-1 X-Mimecast-MFC-AGG-ID: ogNs68ERNlOX75dG9Qvu9Q_1774549050 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-4362197d1easo842415f8f.2 for ; Thu, 26 Mar 2026 11:17:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549049; x=1775153849; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WDapCol8DB+8Onsizv1MMEQf+Ju0eOGDbqoSTr6KUVY=; b=i9RoY2bMJWiDNAhtB064Er8wZviqeEtFxYXU57iHddcxP7SAecRiyOTMD+xphFtUGM gFw4wRAsfmYFF5VKDCNyon/gm8EJT2gF6muWuO+wlRB7Cv5LX342xuz7zXKVfdJb5oTB cqkV7UU/fQUF1gbY5AzTp5MYUPzPgsm4j42SVGwEOpe7NbNn/m9SgV47rRd4gtWSOrb2 lrcVaXtaJ4QGPYALnpo9F/t2UnVj6U0xywAl3+++Kqm3Xsm1Q+2KdCs5tm5b7DYeg47x r0UD+zum/ZJa4s1TXnfzeplAAHPHlz8mjZRtO50bnTrWaEEE6w5SuroJCNMDwx7buzLT KVXA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549049; x=1775153849; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=WDapCol8DB+8Onsizv1MMEQf+Ju0eOGDbqoSTr6KUVY=; b=sUiAwjf/NhqI5FHo1+LVzmj4KCV7yQr1NyAH65ebMetC2Jj+cT4N/0D3c6h/FJd2k+ xqcGpcVuIal5t9tpG//AYH1aPBVXEVH4NYcapwA6C9Q2pMJm5m3eg1+M71F3b9VABzF6 lsQbh32BJ6dEr5QhF44+cz6Y6gb6M2RG2bOcyGGgZBtV4rd+JZT/aBo80NiEXeFomFtw 2iKn1ZdEMKAQM9DP8Y4U7T3QtjU+V0+lwbnQYBnV5Fdk9w3NWuVbxgzSu4lGZZRzyMZ2 EUSFSUURHPnKfEkLisRQ7e8zJ8v170Dcet3m6g8hP8vnizu3MVNgR4DMmifWxdE/nTB7 JsCA== X-Gm-Message-State: AOJu0YzKt2NehQMoOu63++/dvglsP8X+sF2HYJwH83ryIBziO0G5vwpk dn5vAwMp+KXSt1o6hmALAm/3C22q4B+AX2/YwXPjQl4sXvPXKJrNaCeQ/hbIKdQAGvUIN14mfAM 6DzoCNkth9JmrKquDxugNXG5yLu4G0WEcuvUCDTLCoiwYYXN0Bp6qPSaOWAPFutzgg5VezsyHwf tpMoHrA1jTGjKElJyCTthIM3E6n08sFwvc/6Duu6fjPuAeUxheLw== X-Gm-Gg: ATEYQzwouUvbNpa/E57jgqd3CKt4scTTa6rzZmiwRQ8hgLu+mAVBQIMogQgFhbNsyCo D62116mxeJxLovB4RPMWQXPiylmmpqpXuh4sXK4hGJYLAQAXg/5xw2RCDPiXCx9LtYLDj6hwR3G ah3vnZH9inOPT+JJDgmgAQJYFaQquXBrLq2CZxyVesHncSeGRNnTSdP6AeAtIUZ4C6dqbWEXM0M VU8Y5okZDVpA1+TX/2djyD6VRUOXS89o8HRBwBAS3pjopahXeVgR2vuR4ukSZuGYJgFZcFKhJFt gvDOAYKVFEAFTz4Hk0RTfu8rbL5p6SQ2qOPdHEJgT9Y++NyajMBwBUlGwyg/u7P+pNrcENtvz77 b+nGwh+AHB6JFXRUgYxuIg/SK0HTQRAvbleNXZoVwm9BuHFiPuBb4lsHDARmwgrvXApm/1UEAOF L6S51oSM/ag6DDDXRbXoKt4iA2 X-Received: by 2002:a05:6000:2c06:b0:43b:5762:2999 with SMTP id ffacd0b85a97d-43b88a8e8ffmr12921636f8f.37.1774549049188; Thu, 26 Mar 2026 11:17:29 -0700 (PDT) X-Received: by 2002:a05:6000:2c06:b0:43b:5762:2999 with SMTP id ffacd0b85a97d-43b88a8e8ffmr12921578f8f.37.1774549048681; Thu, 26 Mar 2026 11:17:28 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b919e7111sm9492066f8f.37.2026.03.26.11.17.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:27 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 01/24] KVM: TDX/VMX: rework EPT_VIOLATION_EXEC_FOR_RING3_LIN into PROT_MASK Date: Thu, 26 Mar 2026 19:16:59 +0100 Message-ID: <20260326181723.218115-2-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jon Kohler EPT exit qualification bit 6 is used when mode-based execute control is enabled, and reflects user executable addresses. Rework name to reflect the intention and add to EPT_VIOLATION_PROT_MASK, which allows simplifying the return evaluation in tdx_is_sept_violation_unexpected_pending a pinch. Rework handling in __vmx_handle_ept_violation to unconditionally clear EPT_VIOLATION_PROT_USER_EXEC until MBEC is implemented, as suggested by Sean [1]. Note: Intel SDM Table 29-7 defines bit 6 as: If the "mode-based execute control" VM-execution control is 0, the value of this bit is undefined. If that control is 1, this bit is the logical-AND of bit 10 in the EPT paging-structure entries used to translate the guest-physical address of the access causing the EPT violation. In this case, it indicates whether the guest-physical address was executable for user-mode linear addresses. [1] https://lore.kernel.org/all/aCJDzU1p_SFNRIJd@google.com/ Suggested-by: Sean Christopherson Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-2-jon@nutanix.com> Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/include/asm/vmx.h | 5 +++-- arch/x86/kvm/vmx/common.h | 9 +++++++-- arch/x86/kvm/vmx/tdx.c | 2 +- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index b92ff87e3560..7fdc6b787d70 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -597,10 +597,11 @@ enum vm_entry_failure_code { #define EPT_VIOLATION_PROT_READ BIT(3) #define EPT_VIOLATION_PROT_WRITE BIT(4) #define EPT_VIOLATION_PROT_EXEC BIT(5) -#define EPT_VIOLATION_EXEC_FOR_RING3_LIN BIT(6) +#define EPT_VIOLATION_PROT_USER_EXEC BIT(6) #define EPT_VIOLATION_PROT_MASK (EPT_VIOLATION_PROT_READ | \ EPT_VIOLATION_PROT_WRITE | \ - EPT_VIOLATION_PROT_EXEC) + EPT_VIOLATION_PROT_EXEC | \ + EPT_VIOLATION_PROT_USER_EXEC) #define EPT_VIOLATION_GVA_IS_VALID BIT(7) #define EPT_VIOLATION_GVA_TRANSLATED BIT(8) =20 diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h index 412d0829d7a2..adf925500b9e 100644 --- a/arch/x86/kvm/vmx/common.h +++ b/arch/x86/kvm/vmx/common.h @@ -94,8 +94,13 @@ static inline int __vmx_handle_ept_violation(struct kvm_= vcpu *vcpu, gpa_t gpa, /* Is it a fetch fault? */ error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_INSTR) ? PFERR_FETCH_MASK : 0; - /* ept page table entry is present? */ - error_code |=3D (exit_qualification & EPT_VIOLATION_PROT_MASK) + /* + * ept page table entry is present? + * note: unconditionally clear USER_EXEC until mode-based + * execute control is implemented + */ + error_code |=3D (exit_qualification & + (EPT_VIOLATION_PROT_MASK & ~EPT_VIOLATION_PROT_USER_EXEC)) ? PFERR_PRESENT_MASK : 0; =20 if (exit_qualification & EPT_VIOLATION_GVA_IS_VALID) diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index c5065f84b78b..fa740f70ee75 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -1855,7 +1855,7 @@ static inline bool tdx_is_sept_violation_unexpected_p= ending(struct kvm_vcpu *vcp if (eeq_type !=3D TDX_EXT_EXIT_QUAL_TYPE_PENDING_EPT_VIOLATION) return false; =20 - return !(eq & EPT_VIOLATION_PROT_MASK) && !(eq & EPT_VIOLATION_EXEC_FOR_R= ING3_LIN); + return !(eq & EPT_VIOLATION_PROT_MASK); } =20 static int tdx_handle_ept_violation(struct kvm_vcpu *vcpu) --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2A9273A1A3D for ; Thu, 26 Mar 2026 18:17:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549058; cv=none; b=jniTa/+2EBCutvWgFtYKcJqDaioFsg87LF4st91GRqyAfNnuPoKsgO7/7NASwLAm/EbRbIgyMsjOyYxB5ziJRut1cBLq1KVNplz5rCjEVgud5W7Y9S/q9jQJ0Ii8Gfns5wMOIqTW21z8M03qD+l46G7fy6+PSg79IKk2LyKMps8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549058; c=relaxed/simple; bh=+XRLjOpS4v+IUj8Epgk8vsqlWWWhFf+iPFdKVLl6SyA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=nxzwb03kSqD8aSx91/358BswbGSFtYuMp3477yF3eky6vN0OOscyW6SySYzFi31TuyVT2P+caFZbtsbiOkUoJvoTu+xL28ov7veoxKfE0ABTZK8+RtmOxcZYuXD5CBtXq57BkG/CHW75sLGKc00t0p68sC4R2QJrUOX+IwztHGk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=R0xAP3CF; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=Ppq93EGH; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="R0xAP3CF"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="Ppq93EGH" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549055; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NZNDRdV67MUP45bmnySAtmpJD5gxz3701J4cRjhnqB0=; b=R0xAP3CFlapPh7xquX8z+YInKOnoWgb7eu/UY3xV/Uzs76Bf08Whre9v3rlcboQBZ6VVLg bmw7a/DiAXLArFOlfxtzPUptlcp+ySyhE2qP8UuI67STwO81BmuFIAYHq7AWl+GIfJ/ukQ i7LvS7q+QGPD0eGSkSQaRqnVnQTNq3Q= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-582-DxVWBZH8Nw2_JvEEYV5NIA-1; Thu, 26 Mar 2026 14:17:34 -0400 X-MC-Unique: DxVWBZH8Nw2_JvEEYV5NIA-1 X-Mimecast-MFC-AGG-ID: DxVWBZH8Nw2_JvEEYV5NIA_1774549053 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-486fb142205so17973635e9.1 for ; Thu, 26 Mar 2026 11:17:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549052; x=1775153852; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NZNDRdV67MUP45bmnySAtmpJD5gxz3701J4cRjhnqB0=; b=Ppq93EGHnaFYB0wuR6HlipR53JmjRrUyUU31fXBE7zWLUZO+ZDV2Ln1K68B9ZeDrDY 2CbNWubRZfhtWdiU3LeNfcNO/hFI8okWDIEC6DcW9eGuu+LLyX8kLi5GsFuLQKp8PrZ9 hQ9L+HsMWaet+4YB7Ye3Z9e4vDD3dMFD5p91XsHmai6YsCd2yUazDH5HGMHHLWT8d2GJ tgamg8WYsIB6GLcwFwu1Xnojyuhtiui6Vu+OuDpzzD6FB9x0T2sjatz9CihZ+UkJrU0q j82TMnnT9a08MW4k6rfZYHQH5uwR+n4PZ6SJDtjB0PZEg6Eh/bC/gKjWid9ugYD9AbPd pN+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549052; x=1775153852; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=NZNDRdV67MUP45bmnySAtmpJD5gxz3701J4cRjhnqB0=; b=bIFzDFd/F9RuYqGjq19e7I21t8c62Pm722NLd0HW/znzBcCpAIO5BQ9r8cNuZxsL9e 0/rOEfy9rv9O5gtQ7tcCHzGZFo+oFvRpR8lvCccHxocBIrmnqWWGe/exXD20jXBlV4JI QbiIVTFs9fcqYrYGy4m9HsFVggC/RP1ECB26sazOc1q92QJVLSTy+vnevDGm+XY7zGGI 5I7G7bvC2NqrHGKsjci9YgZOTeFg1rANys1GGyDw0NDtS11mmY1KT8mnKLiDvGz0hu0+ UOYjpJ4uZX1qHAOaDBCk1fmzJeg27zU+38IagNQD+/rCprUmaqlWCP19V2R/uoIXe9Ba ezEA== X-Gm-Message-State: AOJu0YwbGodCvrHiBdxl3ovzzLZ9i9NkMEod3onIrCZPQhVr6HId9R4l OQtPY12Svvr/Xme4Qauh/9+2JkMC0kt1amo9WJaaT/Z1O9MpENVwIHC25W5eG1whmbioLDXfAlQ 9FYQ0Q+mhRUY9bSB556wFXkD1pWn+F3kYK00wKgv/1hjrUZN57wlicLuk2XeAzh+52+hbtalaNQ 6QUlrTuXvr0sI1KCnXbjD6PCKkYLWK0QrBLUU5RGzZw+sQcKbFgw== X-Gm-Gg: ATEYQzwgow20BUAku7vHFQuuipMAjuAPAwJPkEvyY7ICKVwfbxefSn43FrigANJp73c qTypaHusS2edytG8AtPJPCXTQGooX8KCXk2AFjD67Igo1rKVX3UYO8jEM+6O39aSyjeGdgcVIbW recmRUfyZLmc5ix+GzXbBGau72VSDigjy2GAry+LfWcTVZlELMIM29xDd3MCnF+5SQEUoYAwMvl NL+2OeWJp58+VROtmLyq7dRtviiMa2dp+tattMidDL95AlbKVl18tj6jmaWZODieFArnkOQWaSa 59msLEfHyYyz0/FqrzYVewWcanYpmRhvncC7TI0LLslT6H8QLwKCFmmK+ODjrgxNvFY7+r9nXH/ nhVsrhEuOhw8m7y2+EdNG9yDP79XRMeM8Ty2fgp9RgUgJVPNXXAPEK88hCNbQs1eS/wQapYmDaJ mRG4NItPIP9Ey3H676LDMqiP2j X-Received: by 2002:a05:600c:8b53:b0:485:33ad:3c9f with SMTP id 5b1f17b1804b1-48716071d0bmr131990875e9.25.1774549051832; Thu, 26 Mar 2026 11:17:31 -0700 (PDT) X-Received: by 2002:a05:600c:8b53:b0:485:33ad:3c9f with SMTP id 5b1f17b1804b1-48716071d0bmr131990135e9.25.1774549051290; Thu, 26 Mar 2026 11:17:31 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722d23679sm97827235e9.9.2026.03.26.11.17.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:29 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 02/24] KVM: x86/mmu: remove SPTE_PERM_MASK Date: Thu, 26 Mar 2026 19:17:00 +0100 Message-ID: <20260326181723.218115-3-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jon Kohler SPTE_PERM_MASK is no longer referenced by anything in the kernel. Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-3-jon@nutanix.com> Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/spte.h | 3 --- 1 file changed, 3 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 91ce29fd6f1b..28086fa86fe0 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -42,9 +42,6 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); #define SPTE_BASE_ADDR_MASK (((1ULL << 52) - 1) & ~(u64)(PAGE_SIZE-1)) #endif =20 -#define SPTE_PERM_MASK (PT_PRESENT_MASK | PT_WRITABLE_MASK | shadow_user_m= ask \ - | shadow_x_mask | shadow_nx_mask | shadow_me_mask) - #define ACC_EXEC_MASK 1 #define ACC_WRITE_MASK PT_WRITABLE_MASK #define ACC_USER_MASK PT_USER_MASK --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 742FE3A0E99 for ; Thu, 26 Mar 2026 18:17:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549060; cv=none; b=nPjw7kgKVVUTFvbg6oFp2z555Jb/7Va+UqmJiQs1L3z8NjpCNF/Wu32asDyQ5N+JZCefGeiHajXSpNmFjJe60XcfaofUN9Zer44s6yZFVEfrBItw52OQhiMB3UM+HOJc3GvddPa0sGw219bZdIdfDvR2j2D8JhLwicyfJTFzPm4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549060; c=relaxed/simple; bh=7JemvNNoOufT8khf9NIwCsgFBjTJIPEeSZZYRInFR38=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hSEtSEhPmjbgvBmyz13pkPzWeQGfWGS/Tcuuw2E9MzkziEpNIAfvy/P6UcdCyR4Qg4Xg7wK56jJ+Vgvyo2+ZGQ4nSofxW3jhgk4i7kDAhK8WDb6hDO1Gw+IjFXd5vBt7y/UK6dKIjnAMiSseBWFXLO1K6+XBqPfGqgFHTXqf5Tc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=harqfMUo; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=EEtcTRgQ; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="harqfMUo"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="EEtcTRgQ" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549057; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=wIHJPa1WNIV5ql1TvVIKEU7DKhOmL9oCEIdtc3rKxnQ=; b=harqfMUoJ5H62n5uw0PSH/McPo1bo3+3uPS6eKIgXpNzKdhtNTcHR/CcVeDtcbeXwpJO9g /Iau90lWHGXgFUWiAtF9KXuSjHT2lN1+0z1pBgr1Ck+3BwMcIicxD5sajI5kBu+Gp2SvoF 3+4DJbdjljNmcboQljPkRV/kwZrKqhA= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-636-uGl9zYUFPtmEvtJG8XFp5w-1; Thu, 26 Mar 2026 14:17:36 -0400 X-MC-Unique: uGl9zYUFPtmEvtJG8XFp5w-1 X-Mimecast-MFC-AGG-ID: uGl9zYUFPtmEvtJG8XFp5w_1774549055 Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-43b86de58d9so1042207f8f.0 for ; Thu, 26 Mar 2026 11:17:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549054; x=1775153854; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wIHJPa1WNIV5ql1TvVIKEU7DKhOmL9oCEIdtc3rKxnQ=; b=EEtcTRgQpDXVYuAf9xFIglvbUt+LmlAFW/UvthUkj6zZbQqiSpsCDIRx40dT5fGvT3 kUc7/osjXa+bYuiPqeVhopqjAp1TuJOKn0sdTtsVe9umGDTMRJlTpZkB46507NcUtZEM SAqIlbBp70EaBVrUflkw5+F8Tn1TOISGDOEPRCCtZny9PQad8LyApqSTL5IVZxz50825 b3uqZhBSfivOkvYqYwZ/RyJkX8lcdpJR5puv0S3so4hNFrtwzMrYAg1qlrfvc1CQCoyQ 5yUf4tYI5CoAmwmR2UNgdq6zyGYEXnoIUi1O6NPGzClhIfI6VJW2XFu3DoELMXkpWzV2 SPBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549054; x=1775153854; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=wIHJPa1WNIV5ql1TvVIKEU7DKhOmL9oCEIdtc3rKxnQ=; b=FJZY2TR5Cde6MT/nb6xfwCqIChmj8Hz/X6wE6cmrvCiWll84KYr4FCH7DlcS27hgEz AG6bgHNvlfawNZSUwqalrJ8ufajkl14UwgPgBGWNt8B1h1YK4gYal9elOPV96jqg2T73 9ZA3blgKd862e40PvGhm/7d+x423vDFcv0mm904qNV/ETAAucOa9ml7GLw4qQaGnC+J7 TAezoqbglJ/wn9IojiFF6kRLpFfZyTSoHG3Ui3R1YBURZ2Nkw2aO4lRzkZU0WHfy+TVs yx9Oh9wdv7m+Rx670jyrlrR66XBy6mSZD6Hrn25uE4CXsJL1CokDVVM1bQtCUKstKp8X ffxA== X-Gm-Message-State: AOJu0YwrvO8y/1OYLuEjE9EqHxxNKKdr+V77bpKzySq/YKCFFZroRawr gk9hrWACLkbnsNoM4AvpS670AC4ojqz5PBxGB2drGgrQGe2SeiMAcSe77MfgzuvJx1Z0EJCnEaH g1ufmRKiZNjVW/fgaFnvpstROT3T6rV8ouLItjbVF59P9rb08ZzfogZQ5OfQtvpcoQrwgr2EWXu N1h885f7F/BCRAia3YTRxbUA+PXizJgtHuM976145Ddgp80La75w== X-Gm-Gg: ATEYQzxetaGeUyJnwp4Th9byzm1IDUnBJN3ggZC5cV/0gqhoUjteu5dn6GRDGBC83BG FD+yZnwWbcYziCb1yqWwcRsDDVivZP2ewH+FDm84PVPdn+u11N0qoa302mUq7NBxWzXg3zdQTMF mkn9MorEpfV9Vtzq+JuzEuACLDBqaDjNU67y626GCLgxFSW+CzmgIMHoD5DJxpzeTZU5b+zwAWH f8u9CG/Wl7lpP8yURkLLPAOs5dSkz8+9DXtzc70YjBuitGTxwPOsmNr7u3eluhh9/9/CRRD1ZoQ UGfvcWauC2SyzGY19zh/fyEB0IKBlpRrU6jl7R5khv1XlDW/fNaKd4fxt3bIIvhn2YkBpn6oIys EG7uG/WrZiswtmScci3EOIv47yxmSgVUf7oKaIU0coeQF8R+ZsGEEmzc2RNKZieRC89+VeV+pWF x+7QpPYObKNqBT22Bcfm+WK9k4 X-Received: by 2002:a05:6000:220b:b0:43b:8023:8b2 with SMTP id ffacd0b85a97d-43b88a25a22mr13537251f8f.45.1774549054324; Thu, 26 Mar 2026 11:17:34 -0700 (PDT) X-Received: by 2002:a05:6000:220b:b0:43b:8023:8b2 with SMTP id ffacd0b85a97d-43b88a25a22mr13537159f8f.45.1774549053644; Thu, 26 Mar 2026 11:17:33 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b91942e52sm9561389f8f.9.2026.03.26.11.17.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:32 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti , Kai Huang Subject: [PATCH 03/24] KVM: x86/mmu: free up bit 10 of PTEs in preparation for MBEC Date: Thu, 26 Mar 2026 19:17:01 +0100 Message-ID: <20260326181723.218115-4-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jon Kohler Update SPTE_MMIO_ALLOWED_MASK to allow EPT user executable (bit 10) to be treated like EPT RWX bit2:0, as when mode-based execute control is enabled, bit 10 can act like a "present" bit. Likewise do not include it in FROZEN_SPTE. No functional changes intended, other than the reduction of the maximum MMIO generation that is stored in page tables. Cc: Kai Huang Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-4-jon@nutanix.com> Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/include/asm/vmx.h | 2 ++ arch/x86/kvm/mmu/spte.h | 20 +++++++++++--------- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index 7fdc6b787d70..59e3b095a315 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -549,10 +549,12 @@ enum vmcs_field { #define VMX_EPT_ACCESS_BIT (1ull << 8) #define VMX_EPT_DIRTY_BIT (1ull << 9) #define VMX_EPT_SUPPRESS_VE_BIT (1ull << 63) + #define VMX_EPT_RWX_MASK (VMX_EPT_READABLE_MASK | = \ VMX_EPT_WRITABLE_MASK | \ VMX_EPT_EXECUTABLE_MASK) #define VMX_EPT_MT_MASK (7ull << VMX_EPT_MT_EPTE_SHIFT) +#define VMX_EPT_USER_EXECUTABLE_MASK (1ull << 10) =20 static inline u8 vmx_eptp_page_walk_level(u64 eptp) { diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 28086fa86fe0..4283cea3e66c 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -96,11 +96,11 @@ static_assert(!(EPT_SPTE_MMU_WRITABLE & SHADOW_ACC_TRAC= K_SAVED_MASK)); #undef SHADOW_ACC_TRACK_SAVED_MASK =20 /* - * Due to limited space in PTEs, the MMIO generation is a 19 bit subset of + * Due to limited space in PTEs, the MMIO generation is an 18 bit subset of * the memslots generation and is derived as follows: * - * Bits 0-7 of the MMIO generation are propagated to spte bits 3-10 - * Bits 8-18 of the MMIO generation are propagated to spte bits 52-62 + * Bits 0-6 of the MMIO generation are propagated to spte bits 3-9 + * Bits 7-17 of the MMIO generation are propagated to spte bits 52-62 * * The KVM_MEMSLOT_GEN_UPDATE_IN_PROGRESS flag is intentionally not includ= ed in * the MMIO generation number, as doing so would require stealing a bit fr= om @@ -111,7 +111,7 @@ static_assert(!(EPT_SPTE_MMU_WRITABLE & SHADOW_ACC_TRAC= K_SAVED_MASK)); */ =20 #define MMIO_SPTE_GEN_LOW_START 3 -#define MMIO_SPTE_GEN_LOW_END 10 +#define MMIO_SPTE_GEN_LOW_END 9 =20 #define MMIO_SPTE_GEN_HIGH_START 52 #define MMIO_SPTE_GEN_HIGH_END 62 @@ -133,7 +133,8 @@ static_assert(!(SPTE_MMU_PRESENT_MASK & * and so they're off-limits for generation; additional checks ensure the = mask * doesn't overlap legal PA bits), and bit 63 (carved out for future usage= ). */ -#define SPTE_MMIO_ALLOWED_MASK (BIT_ULL(63) | GENMASK_ULL(51, 12) | GENMAS= K_ULL(2, 0)) +#define SPTE_MMIO_ALLOWED_MASK (BIT_ULL(63) | GENMASK_ULL(51, 12) | \ + BIT_ULL(10) | GENMASK_ULL(2, 0)) static_assert(!(SPTE_MMIO_ALLOWED_MASK & (SPTE_MMU_PRESENT_MASK | MMIO_SPTE_GEN_LOW_MASK | MMIO_SPTE_GEN_HIGH_MAS= K))); =20 @@ -141,7 +142,7 @@ static_assert(!(SPTE_MMIO_ALLOWED_MASK & #define MMIO_SPTE_GEN_HIGH_BITS (MMIO_SPTE_GEN_HIGH_END - MMIO_SPTE_GEN_H= IGH_START + 1) =20 /* remember to adjust the comment above as well if you change these */ -static_assert(MMIO_SPTE_GEN_LOW_BITS =3D=3D 8 && MMIO_SPTE_GEN_HIGH_BITS = =3D=3D 11); +static_assert(MMIO_SPTE_GEN_LOW_BITS =3D=3D 7 && MMIO_SPTE_GEN_HIGH_BITS = =3D=3D 11); =20 #define MMIO_SPTE_GEN_LOW_SHIFT (MMIO_SPTE_GEN_LOW_START - 0) #define MMIO_SPTE_GEN_HIGH_SHIFT (MMIO_SPTE_GEN_HIGH_START - MMIO_SPTE_GEN= _LOW_BITS) @@ -217,10 +218,11 @@ extern u64 __read_mostly shadow_nonpresent_or_rsvd_ma= sk; * * Only used by the TDP MMU. */ -#define FROZEN_SPTE (SHADOW_NONPRESENT_VALUE | 0x5a0ULL) +#define FROZEN_SPTE (SHADOW_NONPRESENT_VALUE | 0x1a0ULL) =20 -/* Frozen SPTEs must not be misconstrued as shadow present PTEs. */ -static_assert(!(FROZEN_SPTE & SPTE_MMU_PRESENT_MASK)); +/* Frozen SPTEs must not be misconstrued as shadow or MMU present PTEs. */ +static_assert(!(FROZEN_SPTE & (SPTE_MMU_PRESENT_MASK | + VMX_EPT_RWX_MASK | VMX_EPT_USER_EXECUTABLE_MASK))); =20 static inline bool is_frozen_spte(u64 spte) { --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 214BB3A3E67 for ; Thu, 26 Mar 2026 18:17:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549063; cv=none; b=pnlSYbUamSav/AbkI4FMwxydkGiNBY+Qh8xM5ffPIa9+467OBZx/soIOVrsUmxIFblF/vVDUy/kLwE/Ds3bTCMfNIrApjU8wR/Xog3LneZceSynZMj34Tp3kXBk7RkkQsD7wbHQV9BwL0KS4AyT6Xz/mnHGc7BbDQntAa6ihL9U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549063; c=relaxed/simple; bh=EHbcGD+CliNxFdwTD/e44sSeACaNU52lZoDEYih1YMU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=G4z9UatBXtEg5wFXCRdJXtUAG215XNKy4thJV9ylECYg6MG7brRTKOQBEE/n/Py5jxWV59M5BgkZw8a1OiL+SyN38CtgvVp47HBcV3BLQ8K6ulU36xWdUQmVkOrG9DZsDftxlEAHplN8OVyLVtWseCwm+jLZSxoqhW5fzGk8cVc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=Yx7ZQZQq; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=O9fl+JBc; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Yx7ZQZQq"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="O9fl+JBc" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549060; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=K+PRAD6ImQakVlkZ0yBf7cjYkcmyWuSTP98TeOw2OH0=; b=Yx7ZQZQqVPErckvtwe6od/09xd9qJaXr8WS+1v6+/tQGvMvXu7QDMo7rW1vv/nMATDzBfA 33a+rzUIf4ugs2xzvzyt483p1fnoZIZGJWt8Vk0L8QQ6SbGIV0CcVdQdM56T7DZFBGB0G2 hzhs0pTT/BHzRUvQIs7/2qlyeZv+y3I= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-275-I-FVj7MbMyaS72TNGianGA-1; Thu, 26 Mar 2026 14:17:38 -0400 X-MC-Unique: I-FVj7MbMyaS72TNGianGA-1 X-Mimecast-MFC-AGG-ID: I-FVj7MbMyaS72TNGianGA_1774549058 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-486fa35b005so15652615e9.2 for ; Thu, 26 Mar 2026 11:17:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549057; x=1775153857; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=K+PRAD6ImQakVlkZ0yBf7cjYkcmyWuSTP98TeOw2OH0=; b=O9fl+JBc8qaGRVAb/5g0o2E/lEeNCJOVXQS9nDxaKPuTiDL5+lKLOcd7DYH6MroT/9 obiZg+jpq0a1HzGzw8ffu9pP5FuCBUh/XQWhQC1RC1UceABRZFhwLc/n+RqRXee2ckzA bF4yUK+2TAMzyj8MQeaWXxnk61e9XSdBSHbgV6oP8vWrClgvYg0+HNNQPANzB0ChDMDt ZPVvIc46C/Kav/T8o2eNGKW5QiZiiwyMPEfCZIBOxLQiSA7gQoPJSbSOlWkTdZ8YBDgH eLJEjDguxD4qacYcT+xPfSJXjnuTXBsP6GTN1HR8CAXOh30MGNAtPLKcM+vDSzQOB9Wg b7SQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549057; x=1775153857; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=K+PRAD6ImQakVlkZ0yBf7cjYkcmyWuSTP98TeOw2OH0=; b=UD7ilXSKnj50E1D7JI6jG8suRtw2p9qqWvXKECN3rjZvfJUPsqIoiL6Ib6mqZc//3y 5cvIeOv8XNrPlmjFd9mXINxhqPjv/9w/PiOBYH9Zqk7iNhUxr8VVX8wvOFe8n262wT7c NHfak1T3aYR02lSl21O6bOHWwVjqNVhUkDRZFE5GyCsG4cuNbafxh4ljjiPMQBBfdJ+G jxhMdCdqO5O8HcjpqZ+RhTl2ljKPqJtAIk5c4m4VQlFY83jcaK2JpuPHDgFuL2oSZQOo KpwWE0ISsbqx2yqbHduMwAx34id1f04qarNDmXrrA1qzODV2LkgNhjS6l5dx/6sLYC4y Ah9Q== X-Gm-Message-State: AOJu0Yx4tnxXZ948173qoYQeIIvm40BpHnhr8GrFX/+Vw9/HC/XZw72X Fe3sYqr8CuaHypWyunmV8n9hvfsmwibi4p+69MroUdQtSpFj2Qo0xl/khfpBH42aNkNWNV0fF6F xZLIsav0+Z4m2lm7R9Tp8XGe70mx7ZFKu22taiYtCCjY5UWifI0r2sb5a7l4Tjxc2DmKKqLf25u aGF44x1T5ioAY+DQHA4XlqToQM6oW2wYkvUMEopDukfC9HYL2wEw== X-Gm-Gg: ATEYQzy+jJ7r6hEH5cz2KS+D3dzuPUPMHN6FCyfCrxr0FunSp28NK5+ZuH9j67Lz/mi gepHle3aruZUvNKjORC0hs95VxbouHuN1twx+WmiXhmUGSSSZPr1maF9IkCdr2RNhHTtJDTFpfW ry2ghUeBtxuF6sAv7/6Rq0pjHzfUqSCVzqRUon1I5ug1QBpljFqNqXSHWBliPlH+dQH5nYyde0x p20x5ClXGoqaiPX9dhSNtFv9MdLtiA9xW7tEjJuSszVoceNEm5X2sOH3mRM1kGjUAp2vaRILr75 e7yn58cmv5uD+dkBfjZfZycUZyEj2t0N9imY8GkO+gaQMWXPIoWxfAYfckBsZQEl2IyFLzUHtW3 x5U32T1d9FHRwlpO1mC17gUzTdax6WJSgH/QxSROefLtZsWDYPWC0K/1WRM1essLxuluwxw+t8e 3dIulOS4G+gXB6ySpeZZiQgC/N X-Received: by 2002:a05:600c:a15:b0:486:fc46:be9e with SMTP id 5b1f17b1804b1-4871606c911mr152137535e9.24.1774549056579; Thu, 26 Mar 2026 11:17:36 -0700 (PDT) X-Received: by 2002:a05:600c:a15:b0:486:fc46:be9e with SMTP id 5b1f17b1804b1-4871606c911mr152136755e9.24.1774549056026; Thu, 26 Mar 2026 11:17:36 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722d2366dsm42436215e9.10.2026.03.26.11.17.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:35 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 04/24] KVM: x86/mmu: shuffle high bits of SPTEs in preparation for MBEC Date: Thu, 26 Mar 2026 19:17:02 +0100 Message-ID: <20260326181723.218115-5-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Access tracking will need to save bit 10 when MBEC is enabled. Right now it is simply shifting the R and X bits into bits 54 and 56, but bit 10 would not fit with the same scheme. Reorganize the high bits so that access tracking will use bits 52, 54 and 62. As a side effect, the free bits are compacted slightly, with 56-59 still unused. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/spte.h | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 4283cea3e66c..317b9cd1537c 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -17,10 +17,20 @@ */ #define SPTE_MMU_PRESENT_MASK BIT_ULL(11) =20 +/* + * The ignored high bits are allocated as follows: + * - bits 52, 54: saved X-R bits for access tracking when EPT does not hav= e A/D + * - bits 53 (EPT only): host writable + * - bits 55 (EPT only): MMU-writable + * - bits 56-59: unused + * - bits 60-61: type of A/D tracking + * - bits 62: unused + */ + /* * TDP SPTES (more specifically, EPT SPTEs) may not have A/D bits, and may= also * be restricted to using write-protection (for L2 when CPU dirty logging,= i.e. - * PML, is enabled). Use bits 52 and 53 to hold the type of A/D tracking = that + * PML, is enabled). Use bits 60 and 61 to hold the type of A/D tracking = that * is must be employed for a given TDP SPTE. * * Note, the "enabled" mask must be '0', as bits 62:52 are _reserved_ for = PAE @@ -29,7 +39,7 @@ * TDP with CPU dirty logging (PML). If NPT ever gains PML-like support, = it * must be restricted to 64-bit KVM. */ -#define SPTE_TDP_AD_SHIFT 52 +#define SPTE_TDP_AD_SHIFT 60 #define SPTE_TDP_AD_MASK (3ULL << SPTE_TDP_AD_SHIFT) #define SPTE_TDP_AD_ENABLED (0ULL << SPTE_TDP_AD_SHIFT) #define SPTE_TDP_AD_DISABLED (1ULL << SPTE_TDP_AD_SHIFT) @@ -65,7 +75,7 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); */ #define SHADOW_ACC_TRACK_SAVED_BITS_MASK (SPTE_EPT_READABLE_MASK | \ SPTE_EPT_EXECUTABLE_MASK) -#define SHADOW_ACC_TRACK_SAVED_BITS_SHIFT 54 +#define SHADOW_ACC_TRACK_SAVED_BITS_SHIFT 52 #define SHADOW_ACC_TRACK_SAVED_MASK (SHADOW_ACC_TRACK_SAVED_BITS_MASK << \ SHADOW_ACC_TRACK_SAVED_BITS_SHIFT) static_assert(!(SPTE_TDP_AD_MASK & SHADOW_ACC_TRACK_SAVED_MASK)); @@ -84,8 +94,8 @@ static_assert(!(SPTE_TDP_AD_MASK & SHADOW_ACC_TRACK_SAVED= _MASK)); * to not overlap the A/D type mask or the saved access bits of access-tra= cked * SPTEs when A/D bits are disabled. */ -#define EPT_SPTE_HOST_WRITABLE BIT_ULL(57) -#define EPT_SPTE_MMU_WRITABLE BIT_ULL(58) +#define EPT_SPTE_HOST_WRITABLE BIT_ULL(53) +#define EPT_SPTE_MMU_WRITABLE BIT_ULL(55) =20 static_assert(!(EPT_SPTE_HOST_WRITABLE & SPTE_TDP_AD_MASK)); static_assert(!(EPT_SPTE_MMU_WRITABLE & SPTE_TDP_AD_MASK)); --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 748683A3E8C for ; Thu, 26 Mar 2026 18:17:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549066; cv=none; b=NqIYUxaqNVj9XamzZuqmTd7PEAHyCQQaX5mtHp6lHITy6Ct1s3HDnAhlBgKFsuwMcoPG7+qsScu38XWAG3sp5LsITQtDSqT3cP7whhAQZwFsPQVzSMdVq6g82ey79r9TsTVhQ77M49GKR+hPhy5kMeU3SEwJ78lsod9DIfT6cbE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549066; c=relaxed/simple; bh=iJv4u2gP/0w7Xz+XPS2FaVjCIGqX4eOerJ4APtquhpY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=e/edXvEYPfTqsgBP0FYCGV0AwPy3rZ7p3+asd2VhJD34Ub0UPS3Q8n01IcK39oGOh5c1M4KjGlOkrQtH5Y/hP3FiNRY5TXRtHSfCaIpyxBohtb0t7IDNLkuS9JllSNMciRV+rEciwuxdiohqJrYqYIM5f0LBC8Ak6f/D7oE0V+Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=I8J0sJ3n; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=ZRqR4RJI; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="I8J0sJ3n"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="ZRqR4RJI" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549062; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=U+d/5ZfgFOgdPVxm3QEllNN5baFtrT2ZFLK18Vxtrwg=; b=I8J0sJ3nADDCCEnBF/B1dAmXB+M4N17f/g/AnG2yEAFADfeCU83XJDQGXHP2rG0SE7CfPF 5+ZU4O9HVWFc1AxN6mbFDdFU9z9iN3RkRiDBSeF6GOqla24Ej0REhkPZhEsn+HdaFTM+Mg eS6lXCOKTWU47EWkcrqIETEuJMN1lrU= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-395-HI3u-OIXOkeLlgQwY_YjWQ-1; Thu, 26 Mar 2026 14:17:41 -0400 X-MC-Unique: HI3u-OIXOkeLlgQwY_YjWQ-1 X-Mimecast-MFC-AGG-ID: HI3u-OIXOkeLlgQwY_YjWQ_1774549060 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-43b3a675316so77459f8f.0 for ; Thu, 26 Mar 2026 11:17:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549059; x=1775153859; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=U+d/5ZfgFOgdPVxm3QEllNN5baFtrT2ZFLK18Vxtrwg=; b=ZRqR4RJIcOnbJABWw+8/ppMqDqlzg1I86Az4QquVZXgRDugczEiZW3jSrQDidyfB/o ceG+5kd48cElv1DGiKZ4AVW1wAkScyPd+xnGaL5fO+n+fDDWq8EIgP5Abz+D8w6METqZ IuPAIBSteOgoICFSlVdOstyjh5yam8ATW2Ia2v4K474DPSQDyZULOjb0gPDFpyXOu8xo TlQJf+Xy0kUlDUg6EbfkDzts1aABSuWCXdqrxmjXXWucPVLjli9Ldr9zO9lGUbwcVUCi rf3FcMhygwxB8P9FxDtMKigOav9+1TBKPfsAuWNv9wdLrEts5oArYuvaFAwn5wKB6NOQ 4K0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549059; x=1775153859; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=U+d/5ZfgFOgdPVxm3QEllNN5baFtrT2ZFLK18Vxtrwg=; b=TZyoPGbSBVRxx0ZOQ/5lFTKhZFrSURfzJGk3nAtyXPwL3r655R/U6ZpyOF9x5+bSxb 2oMGrl056Inb4nSN8MdRtzm8pIr4fhUNY2JRjUPiSK4xrZjXcphI/l5JYsMAvHM9QEqb j+pjuU+UrirBmZiFCDeeCaBHW3yLjEl1EowNCOxyGMo4tA0rjZJ7eRQ1n2Z370e1lo6w toX7uubrkUwWkk6gkv/z1UaWGMzkCvRWQ7Rryk540P/DajJKxIXiWaHzUiqi/EsVhoUy FZqIRi+PHBe2JKX0qQwHeRC6mzV0oe4NB20jbRjxsiuMS7douUjUW/UXN+Zv58wjdzDf Gl9w== X-Gm-Message-State: AOJu0YxG8Fv0xVAeSg+Mi+gmd1PlBpf+kXZ2uPMR0gUfyJZYHclEgPLp BaH4dbfBSxt1jRsW0CXzyyZszDPMLglxNQ1r2k4WnPhOFwH+EsjE2ZNJ1GMPoCYwGZrlh+9apMR JVGMZxTzWRjLONIIEFuGSTOP31D+5Lww3GyV7c/Dg0R80mVL9KeAlIqwtmS1TGejWClv/qv65Aq wg2m2ygObCVzY/naYxgz+pj0tt0pWdlwAnN2UuzLFu0cTg8WHPUA== X-Gm-Gg: ATEYQzwbaBY1uIhuDkr2HTGomONBSgDne+p3NwX3LJeU1Ci7EXeMimUhWnEMjALnbia lhgZX3xgqEeVZ1VxhlWN/72HMXYSMUR6bmdhRVQzOIVfS+ISi+V7ABXR0Pi8D3COS77HtEhS9Ho UNY7DN64jO/mRMzXq//7CIplnj1OXClJy/cszAV0/LjRAoj6lTwxiT6JAogrVfb9WDpXfOxB/DN 6u3uO6TcOP++c9jbkq/ZA52nTPQ6ydEflbfOfCI/qvCGbMCv9A3CHVaHHqE7OZbyQsMDfIVMVS9 5Jt5o+yvxWyadHT8ItF9A3rTmTCu6vJQr03Zkumvc3nUip/4SrMl9EUgntWwSVM2gZbZrGikj4s SHTe7pQfGybN3Yn+VTuvliZdgTlVdy53nFBPdv0ce7QEJ151RgUGvNoamZwF12u/yomaN135xdE ABkGuzKwmD4onSG2d6JZAmYOmR X-Received: by 2002:a05:600c:4685:b0:483:6a8d:b2f9 with SMTP id 5b1f17b1804b1-48715fc3994mr129347845e9.5.1774549059140; Thu, 26 Mar 2026 11:17:39 -0700 (PDT) X-Received: by 2002:a05:600c:4685:b0:483:6a8d:b2f9 with SMTP id 5b1f17b1804b1-48715fc3994mr129347175e9.5.1774549058635; Thu, 26 Mar 2026 11:17:38 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722c6b4d0sm45963845e9.3.2026.03.26.11.17.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:36 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 05/24] KVM: x86/mmu: remove SPTE_EPT_* Date: Thu, 26 Mar 2026 19:17:03 +0100 Message-ID: <20260326181723.218115-6-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" spte.h is already including vmx.h, use the constants it defines. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/spte.h | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 317b9cd1537c..bc02a2e89a31 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -57,10 +57,6 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); #define ACC_USER_MASK PT_USER_MASK #define ACC_ALL (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK) =20 -/* The mask for the R/X bits in EPT PTEs */ -#define SPTE_EPT_READABLE_MASK 0x1ull -#define SPTE_EPT_EXECUTABLE_MASK 0x4ull - #define SPTE_LEVEL_BITS 9 #define SPTE_LEVEL_SHIFT(level) __PT_LEVEL_SHIFT(level, SPTE_LEVEL_BITS) #define SPTE_INDEX(address, level) __PT_INDEX(address, level, SPTE_LEVEL_B= ITS) @@ -73,8 +69,8 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); * restored only when a write is attempted to the page. This mask obvious= ly * must not overlap the A/D type mask. */ -#define SHADOW_ACC_TRACK_SAVED_BITS_MASK (SPTE_EPT_READABLE_MASK | \ - SPTE_EPT_EXECUTABLE_MASK) +#define SHADOW_ACC_TRACK_SAVED_BITS_MASK (VMX_EPT_READABLE_MASK | \ + VMX_EPT_EXECUTABLE_MASK) #define SHADOW_ACC_TRACK_SAVED_BITS_SHIFT 52 #define SHADOW_ACC_TRACK_SAVED_MASK (SHADOW_ACC_TRACK_SAVED_BITS_MASK << \ SHADOW_ACC_TRACK_SAVED_BITS_SHIFT) --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3B53D3A5E6C for ; Thu, 26 Mar 2026 18:17:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549068; cv=none; b=AruEETm+pCxph1O/gLblnv5X010bEqLsi1pGEfQSYpOJkYCoIMqLlG2iyupqkaRiGVpQqKaKQUniiHyIl/CEGCsJRMnNMjrtpH6OwUQ6lu7Lx798c3RIT5Y7gpFkiGdkD3Q+7GoHFfHn1BKFT6NQGUugBXjThitu3M6TNsXBXXA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549068; c=relaxed/simple; bh=C3056jeL2T8VZuCnAsJAFXdeOS+u5HTlm+hZkzVz0xw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UEcBThUkBBEo6ArCoKpEr+cc28MkgQck+dKSfQJdXnJ4AaU5umhLQrY2Be90ZyQ01RdpuCg/Lysl7LunT76GXFThj1sUPms6aLEoAImZcOeYOZJ7q8+g7jide7emwpSIav8jvYoQ8IvtJDACAZcVAJuZvVns8DgRpSoz4zbVygs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=DLhkZrYV; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=I1qcyjcR; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="DLhkZrYV"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="I1qcyjcR" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549064; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=U1aF2Xc1/2U0HH4M9V6/k6D1Qk02VU2RtFjLbY3oaWo=; b=DLhkZrYVzFN7FCPVY7arXS43Yt2Sit9oQ5HANuOMCcIXmNwowk9lQyrk/TrKCfJg3+SfCN IQgjgm9IClfEyDh83V0lzm3ZR/fxePGetBjyXQSo0GfqBeQTq85PWaNBzd6AQs/mzYIzDo 2bGzdpswOx8LqomxfcqXYGZq9wCDVUg= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-205-Lda1gOZWP-WebV-pO7Zv-A-1; Thu, 26 Mar 2026 14:17:43 -0400 X-MC-Unique: Lda1gOZWP-WebV-pO7Zv-A-1 X-Mimecast-MFC-AGG-ID: Lda1gOZWP-WebV-pO7Zv-A_1774549062 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-48535f4d5e1so16565345e9.0 for ; Thu, 26 Mar 2026 11:17:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549062; x=1775153862; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=U1aF2Xc1/2U0HH4M9V6/k6D1Qk02VU2RtFjLbY3oaWo=; b=I1qcyjcRLlMoRW/Xfzzch6JWpeA0ljlVgGIRNKosqyfdpw5I+ExD2XR2q4nRLgvN58 AiS7DbzRxes+AH1oqWjk9PtuIxPwK4Cc2dkrp92xLjOjEgWHl1aM/+Go6RppDfqfITb9 r5LbCbuYhyRr3iZA9L1xVO48irUK6PxbE7ZCvqTxJdHqWWe4Js+A3oym3otbDpWUgSSV j8SarEO4+OofAn+7sx5VviPDTzUr7iRJz5Y8toXNBcgCHDnJHPIz9LUuGJsDhcDXmO/C Ncf9TP7UcMY0SWRMx9VmoFbzS/wt3FoMVMc54Ouor0fYpCcTKE5I3whUuWngDldf3YI7 UcNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549062; x=1775153862; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=U1aF2Xc1/2U0HH4M9V6/k6D1Qk02VU2RtFjLbY3oaWo=; b=LkAW5F4p0USYr3w3ojngY6bvYYlI7/mJ0YMLD6MalSChRo4us1+VHk+rPrPyM8WZ4S ZUIOFmhhknMfEnSVeneYSRFTozL1BaDluv99Oh/QQJ/i+JSKMvTZ87Hrqme4PQh0mh5N pzdTE2uuTP3ZjoujDpUxddeAqXNN+Y/VYDmiYbHnvj84ia5K+T4uSYiXLn9OTQUHClVP myGL8vRM3v2D54GVHNOiBkXcorh/c877Zqgl2bB/rQ1ceBQY1QSh6/DSOIbHM+IFtjWc dgdSgv1uuxPszOym3npbRc1EUbzEGGKvsejutxytgXNJX5hGYIVluV++G2/0FcotpcNd bKEg== X-Gm-Message-State: AOJu0Yws0nZPrp9VR6rFmm7J44Tsz+I9dM/BL9TrAIK9UbB+vW8t3JIU s76JrjkPvoK3mj1liY5QTN5X+I2I2X2KhRht5CBjBx0C0Ma6yEzZuHtEMyHT+mhMzxxevcjPpcJ dO6rv/VNOBvIbYN4cBkqn/tPA2pkhSVhnGSwB1Hh/NQjGEFoLhYJcrtoAN42lkilPBor0VCrRA8 6C5ejGik/duYycZTR6bcYGnamOUfjXzyK1kuhdSQ2XA3UA7Q3hMw== X-Gm-Gg: ATEYQzzuQRXxiDTwsQbncM6qIdKYB5KTUQy/2y87Rr6/aNExfQvzzdVvxBdz6vhDz5/ EkS3DDEcnXyqpulo1bo5i1bLDw/jt1xTKus3cDxBJHXSoC+x4itkPZMjnr/g8cAsjP9uE/t1GJ7 jmvlUbFfrl7I+3zjZfbyEDPAV7wtiJB7CIgk9QBIqprGj5oObbJN/TcQOBRJ9pNW5VPZ4HGLTs7 RF3uuEPGx1HuI/NM3VccV/891ntO1ttIPwiew6BARrdtHqt6+N7nbuzWVAiocRA6iXXGTr2q8A5 WEvBWGUXNa8L1+Ip5tn40fthh1RaaJX7k3vlxP9QWih+UJoq12LzZxQC8TshI/hwda7SfRIWXSB Yy5RFo96nRwbL72UybAG3Ll0HINsvFNKFZZiSbawfoCF507lTDujKv3rMHqJGiuSWBD9H1rmHSJ kTnsNfmJBh9s1Tkfu1s8JMg8yn X-Received: by 2002:a05:600c:a408:b0:485:3f58:d9f with SMTP id 5b1f17b1804b1-487160a24e2mr98477155e9.30.1774549061913; Thu, 26 Mar 2026 11:17:41 -0700 (PDT) X-Received: by 2002:a05:600c:a408:b0:485:3f58:d9f with SMTP id 5b1f17b1804b1-487160a24e2mr98476755e9.30.1774549061407; Thu, 26 Mar 2026 11:17:41 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722c9f58fsm75854345e9.11.2026.03.26.11.17.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:39 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 06/24] KVM: x86/mmu: merge make_spte_{non,}executable Date: Thu, 26 Mar 2026 19:17:04 +0100 Message-ID: <20260326181723.218115-7-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" As the logic will become more complicated with the introduction of MBEC, at least write it only once. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/spte.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index 85a0473809b0..e9dc0ae44274 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -317,14 +317,16 @@ static u64 modify_spte_protections(u64 spte, u64 set,= u64 clear) return spte; } =20 -static u64 make_spte_executable(u64 spte) +static u64 make_spte_executable(u64 spte, u8 access) { - return modify_spte_protections(spte, shadow_x_mask, shadow_nx_mask); -} + u64 set, clear; =20 -static u64 make_spte_nonexecutable(u64 spte) -{ - return modify_spte_protections(spte, shadow_nx_mask, shadow_x_mask); + if (access & ACC_EXEC_MASK) + set =3D shadow_x_mask; + else + set =3D shadow_nx_mask; + clear =3D set ^ (shadow_nx_mask | shadow_x_mask); + return modify_spte_protections(spte, set, clear); } =20 /* @@ -356,8 +358,8 @@ u64 make_small_spte(struct kvm *kvm, u64 huge_spte, * the page executable as the NX hugepage mitigation no longer * applies. */ - if ((role.access & ACC_EXEC_MASK) && is_nx_huge_page_enabled(kvm)) - child_spte =3D make_spte_executable(child_spte); + if (is_nx_huge_page_enabled(kvm)) + child_spte =3D make_spte_executable(child_spte, role.access); } =20 return child_spte; @@ -379,7 +381,7 @@ u64 make_huge_spte(struct kvm *kvm, u64 small_spte, int= level) huge_spte &=3D KVM_HPAGE_MASK(level) | ~PAGE_MASK; =20 if (is_nx_huge_page_enabled(kvm)) - huge_spte =3D make_spte_nonexecutable(huge_spte); + huge_spte =3D make_spte_executable(huge_spte, 0); =20 return huge_spte; } --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D7BC33A9002 for ; Thu, 26 Mar 2026 18:17:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549074; cv=none; b=CUK+mvCmZ64HhiZL1YOQch91WI5yY51ZtJusBJtK6OSvoRUAP5+n5EKKdebUSHUzBDApePYBXdnc0MjnRwqmW+O9bXyZI6WuCHlXyXCsTChbLPa5C6jLLICdry6NF8hz58wXgg4J/rtmO5lkkAMolnLnZBr8giC8yhdTqBlYgkw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549074; c=relaxed/simple; bh=DmwSj31cAqA8fbZFdzkQEEIbD8DZuAQfK9Iu7JvJLPI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LzAQUCaUP0QxhoL4YbiNWJ2MBSGVr4bGUG4+nCIPUgiAlKSWQ2gOVaFfGjArwEY3QhzGs1a5e6su2dg8jQ0ht1WX2iSGaElVpy8ZWwWYP78UTUYQ4r+0HEgicAUmJG5B0AN6ayyd2Wit/i8ZPEGDRYqfFXjtSjs7jXEwoEu4+Dw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=ODH0o7lI; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=CADiJYEG; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="ODH0o7lI"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="CADiJYEG" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549068; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=piO1nL/pS5Yr4rvE1o1jj+wOaY1ORSkY1ednhzkEqCo=; b=ODH0o7lIzpQ6DEXeR61GZlUyqO50Su2fal0BMJEx6ODLFK/3GrgRXERwWMDhtMsZu8q0Mt psGsc6NVagN7bnb0KDG7AGvULWUNuIL9S1iFks02ckMRI9RmyU3NH3zvw/sUBAvW26du/W dpeQEVLV9sRk8zaLqVangf+2hQmOKrU= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-231-JGXSWQraNF2t3Z5V2ww97A-1; Thu, 26 Mar 2026 14:17:47 -0400 X-MC-Unique: JGXSWQraNF2t3Z5V2ww97A-1 X-Mimecast-MFC-AGG-ID: JGXSWQraNF2t3Z5V2ww97A_1774549066 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-4836abfc742so10050205e9.0 for ; Thu, 26 Mar 2026 11:17:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549065; x=1775153865; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=piO1nL/pS5Yr4rvE1o1jj+wOaY1ORSkY1ednhzkEqCo=; b=CADiJYEGAzoys8nmTekiDrMuOMRExeF9Zz/83VjrdihvVgokndZEXaAk3yiUMXciuv 909brPO/j63dU5K/no7mG0k9gd70FpNgVbmHt+kf6oXFskyCPStgUzrZw6u7JIJ8kfhL gap9G7kvB+1gGz0B2LPMohABKE/XjR1Msc31G263MqfTwpl8WNK7YE5aCrpu15serXj1 SJt/64yBbAe5OMrwqTbPBmQ43xqOkc99RzE8EjoKRTYkEc5Tl9WDUjH3o7fULHqeJzsE icmv6xYQDFVQnKtVD4+CnzKrYCXlT3pia3mY9KpdY8QclvSN5ZEX1h6wL7QhcMD/Xl7Q y7TA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549065; x=1775153865; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=piO1nL/pS5Yr4rvE1o1jj+wOaY1ORSkY1ednhzkEqCo=; b=lQqPdwi0bOm0u3AVTJVxIDxK2X8ZCoRxtXBKjSsBtf8u60B6KVhtMg5bsb6yCUj1ey /sVBZXRjU7okL9hi4n3hqh7jrZhH1lPGUh8wg8KGhKezU1aHmBJzcj4bh7ws855T2XY4 oJz1Btfy07fImpqdfxd26qtyQDG1zs/5lE6ngf/pCSLUsrq42fSXzaiQVAp0ldPaRx/L Wsj0f6cNhwJj7Wo32rrBjEQmlYxqWCAgTknnyx6OHGokxENhrKYr2Dbc6eVWgSqoxsb5 WLIiMeQT6aRaYRd6sdmWVu5M1HmKhz5QMRsm4gcNhoyTR1eCaH91LYwLfb5izPIj4oH9 SsCQ== X-Gm-Message-State: AOJu0YzGo37AIpfuNdBKvrmRfBXeMkZZQpjxouS5jhfEhNVvynEKd5uC 5RT67Z1Fv6CnfnES7zqVG1Y5yKH8VLHbkRRJ+4snS22eC74FPHQaxbFS8AzDXZwVK/o6n/AjLJP wTi1qTJcS73N/c5VLXNhADorZygNR2NjX8z1xR0Bkf4x4mUAs0ot/r/iN8A734QIdhlyZolPoHS RBCgov7xTz5a4nTIujFif/iUjZFX6Jn2udBc1/n9NyCUxgUNbEHA== X-Gm-Gg: ATEYQzzwLwlG1c/cjaxORxqakikENsbdLwjcrvO/pfghBnjiT6Ddrh3C+Vcl56+53Pv t1KZjjUco+xUP4zzWUj86948QnwYbeEzLR/tblB9kEyvCaUqZJWXRCYesTcOH95OELhkUe8+5r3 ONc89dCv18Cfpt9m1fF24B/9Rgi/lTTEiWMCWXSSW8SBANcSRXwyPrFNv+UCp+Kefm8sooLTnWG WsDI/fhW+tmAg2AJPkU9swnICWITQYXNOe860z63V+RFnP9dRJNkAaMdVotBulIGL5q5mn048BM 8x+LUn3bxNn+bwckD7RnccJ/9RptEVqnlboSp7DZ9eGNjIAggwIj0t9StVDxVZNRFIJ8KozWEPb qC+4eVkQbCAJF4C2gu30fxna6NAFkpQiKgEh1f62hdCdPSrDKNrO6Vv79/pGE1qHfkDGzj2ak8u FXVhRsXoe+koIhhsNZi/TqWPN/ X-Received: by 2002:a05:600c:4254:b0:487:2092:b2e0 with SMTP id 5b1f17b1804b1-4872092b38bmr32523225e9.1.1774549064808; Thu, 26 Mar 2026 11:17:44 -0700 (PDT) X-Received: by 2002:a05:600c:4254:b0:487:2092:b2e0 with SMTP id 5b1f17b1804b1-4872092b38bmr32522575e9.1.1774549063983; Thu, 26 Mar 2026 11:17:43 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722c9f58fsm75858805e9.11.2026.03.26.11.17.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:42 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 07/24] KVM: x86/mmu: rename and clarify BYTE_MASK Date: Thu, 26 Mar 2026 19:17:05 +0100 Message-ID: <20260326181723.218115-8-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The BYTE_MASK macro is the central point of the black magic in update_permission_bitmask(). Rename it to something that relates to how it is used, and add a comment explaining how it works. Using shifts instead of powers of two was actually suggested by David Hildenbrand back in 2017 for clarity[1] but I evidently forgot his suggestion when applying to kvm.git. [1] https://lore.kernel.org/kvm/e4b5df86-31ae-2f4e-0666-393753e256df@redhat= .com/ Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/mmu.c | 55 ++++++++++++++++++++++++++++++------------ 1 file changed, 39 insertions(+), 16 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index b922a8b00057..170952a840db 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5517,29 +5517,53 @@ reset_ept_shadow_zero_bits_mask(struct kvm_mmu *con= text, bool execonly) max_huge_page_level); } =20 -#define BYTE_MASK(access) \ - ((1 & (access) ? 2 : 0) | \ - (2 & (access) ? 4 : 0) | \ - (3 & (access) ? 8 : 0) | \ - (4 & (access) ? 16 : 0) | \ - (5 & (access) ? 32 : 0) | \ - (6 & (access) ? 64 : 0) | \ - (7 & (access) ? 128 : 0)) - +/* + * Build a mask with all combinations of PTE access rights that + * include the given access bit. The mask can be queried with + * "mask & (1 << access)", where access is a combination of + * ACC_* bits. + * + * By mixing and matching multiple masks returned by ACC_BITS_MASK, + * update_permission_bitmask() builds what is effectively a + * two-dimensional array of bools. The second dimension is + * provided by individual bits of permissions[pfec >> 1], and + * logical &, | and ~ operations operate on all the 8 possible + * combinations of ACC_* bits. + */ +#define ACC_BITS_MASK(access) \ + ((1 & (access) ? 1 << 1 : 0) | \ + (2 & (access) ? 1 << 2 : 0) | \ + (3 & (access) ? 1 << 3 : 0) | \ + (4 & (access) ? 1 << 4 : 0) | \ + (5 & (access) ? 1 << 5 : 0) | \ + (6 & (access) ? 1 << 6 : 0) | \ + (7 & (access) ? 1 << 7 : 0)) =20 static void update_permission_bitmask(struct kvm_mmu *mmu, bool ept) { unsigned byte; =20 - const u8 x =3D BYTE_MASK(ACC_EXEC_MASK); - const u8 w =3D BYTE_MASK(ACC_WRITE_MASK); - const u8 u =3D BYTE_MASK(ACC_USER_MASK); + const u8 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); + const u8 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); + const u8 u =3D ACC_BITS_MASK(ACC_USER_MASK); =20 bool cr4_smep =3D is_cr4_smep(mmu); bool cr4_smap =3D is_cr4_smap(mmu); bool cr0_wp =3D is_cr0_wp(mmu); bool efer_nx =3D is_efer_nx(mmu); =20 + /* + * In hardware, page fault error codes are generated (as the name + * suggests) on any kind of page fault. permission_fault() and + * paging_tmpl.h already use the same bits after a successful page + * table walk, to indicate the kind of access being performed. + * + * However, PFERR_PRESENT_MASK and PFERR_RSVD_MASK are never set here, + * exactly because the page walk is successful. PFERR_PRESENT_MASK is + * removed by the shift, while PFERR_RSVD_MASK is repurposed in + * permission_fault() to indicate accesses that are *not* subject to + * SMAP restrictions. + */ for (byte =3D 0; byte < ARRAY_SIZE(mmu->permissions); ++byte) { unsigned pfec =3D byte << 1; =20 @@ -5586,10 +5610,9 @@ static void update_permission_bitmask(struct kvm_mmu= *mmu, bool ept) * - The access is supervisor mode * - If implicit supervisor access or X86_EFLAGS_AC is clear * - * Here, we cover the first four conditions. - * The fifth is computed dynamically in permission_fault(); - * PFERR_RSVD_MASK bit will be set in PFEC if the access is - * *not* subject to SMAP restrictions. + * Here, we cover the first four conditions. The fifth + * is computed dynamically in permission_fault() and + * communicated by setting PFERR_RSVD_MASK. */ if (cr4_smap) smapf =3D (pfec & (PFERR_RSVD_MASK|PFERR_FETCH_MASK)) ? 0 : kf; --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E9AAF3A8741 for ; Thu, 26 Mar 2026 18:17:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549077; cv=none; b=M2jLZOfGcwAR5Lirwx0+Cnr7KSLeKJvcNooaR1XXtEcQuaVysx3iezMJ7fl5bQh65YlL+eQ4MsgfzoI7AfgpylfluaGGGu7O7Ydt2AHlWGfIC2QKO9smfXk2tTWNwDc3v01YDPLn+NIQ+F7QdjdhInpDNn+BDbVR2DN9gQlAFjo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549077; c=relaxed/simple; bh=V/j0bLtLOQJRuJo1v2hvbWXQwZPcKv+m9rMFbbyuUo0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=DNai7iNEclgDvgDgUWMe5tk6DLK3pw3mgz7HGGhTE64nqOaPXrDHiTrRBvUzbXxV1phSHHCqj1A4nONFW5P4jVJ0tuftVsHpxfpHp3rQOgFDeiX9stCcnJeQM6cPnqQxV6BnJPF1xFxDWok858mYvc3AxkwVhFeHofQ9ZAT7KPA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=GVfPtb+U; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=P4VQIWvM; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="GVfPtb+U"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="P4VQIWvM" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549071; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0LD9F/oJ5sRufl5xgAEZXqtBZxVR/nArSRHajjH786M=; b=GVfPtb+Ub3VUQSIu5pyeZ266JlUHpl32kRJzzIjDoseWowI27wls8ICYFHTomvYxMoFh0z xp87o5DL75vM8MuBZW98qOPORzMO6hd/FLRi7cZ2hvXcaiyafqIdziIq5Pauvz02rUuSIQ VaBOI5C+d13OnOCRFJxu4aEhUOo5Udk= Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-537-cRlBkD80OLKydE4Zm6Woow-1; Thu, 26 Mar 2026 14:17:50 -0400 X-MC-Unique: cRlBkD80OLKydE4Zm6Woow-1 X-Mimecast-MFC-AGG-ID: cRlBkD80OLKydE4Zm6Woow_1774549068 Received: by mail-wr1-f71.google.com with SMTP id ffacd0b85a97d-43b42eee946so1799582f8f.1 for ; Thu, 26 Mar 2026 11:17:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549067; x=1775153867; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0LD9F/oJ5sRufl5xgAEZXqtBZxVR/nArSRHajjH786M=; b=P4VQIWvMthmWzk+/Dzwf8teLT8DpPe7rNwkaeH3+aa6+IaAzdSovNFaxuhR0L3HxRc xgwM9viROgxAIvWa7kNBhzrDKNfvy4YH1bLAMwZrBlvt43GxcRYheen/I8F49qRwuh2i aR2dR0rYAPE0MwYpJhrjZYHjehO2OtYtQ04/uV0K6a2qi8BB2iXhc1MEc5a+xj/PC7kB sOw4xnc5O0mz0orT4b/I+0omNVfAudjH2TV8wlfQd+0KVC/IEm6DNzqhDo8qgJKliPAI zZQuLMuZWi+k4J/1IBh27IunY8b4+mCudPel+h84tE/8+Xi59BfqjFoC8h16mO+OulPQ CWtg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549067; x=1775153867; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=0LD9F/oJ5sRufl5xgAEZXqtBZxVR/nArSRHajjH786M=; b=o7Eee7jez6kIAO3MV62hZU9kE/ns2wTWXLmWt4HtCS/xKdFhV7yvdsjZK9woj8Hjfi bl8QyI3d+Se5iFmzc+i3Tc0JlncUD4Bve6UHWsX4gYhZxxq8OtKxHZxb0KwKfBRs8juF C1nOIMCoZxME9AI9o4lOgrm1SQ2kUd4VErj+bxx0onyaS0fab5ucWVc8fIfDp65einuP TawLYMXROZToRoahZTC8LPHEFHwGTh9yJyJCCXL/uSTGS5uB6cW+DJuc3TnREPV+/84F JNVcekcjiW9o2XJPRICB6iwKWyo1BrdShdNAWAoJtIC7n6GWpiyWjX8ugZ4p+brohArO NjGw== X-Gm-Message-State: AOJu0YxHe5nyg6RONzFKFSVlNeGlIzaEOYUrUHlNS8fW9wGhwA327yIz ISeK/CInojUp83+6VG5O2XiKXC4bi0g5NsvJgwmj4+jQ4mnBDq23jpf4HWXt0w6UqT2VdZJsuXd j/R9LPlDYqpGq2e9AuXnhoCGDfQPNScMAubnn33euKWo+DkL59zQaGADSv+ngVSkH9dHn3oU0ci dIAdxEfpXhyirRBzHwMhauyGR+2vishvVxdlwHDAsSxcvgfxw0EQ== X-Gm-Gg: ATEYQzzkD/oGJeo/hqrB730NHV3Y8Shfeoat5hv5GMokT6S/6SUTlLF3otj1/yppBVV pwauPB+GAYni16buppn7Fg1DqzovZVRrMLx9QxtWBAbmeO4c8qULTV0DWZnxEdQAkFLQ0Ppct1q SHQioCQzg4RZ7Migk7J0YFhjUXfcv5bpv0pO9iG3AHlm/cZpRF3PZu07GEYe8fen+utpkEVuQlb nICnR9ionPVOAU3unCW9jkCIFKPMegis5SpWrKGoTkHfFU0BpI2LT0UiWAP9YFa1bd3I+E+PQ12 T/oxCDCZns39Q7aowgk0jWUxauOvdYM3/EtxhJkYY6a2DYsKVS1qv6FiU81lyTHo/AghFolIhXV wPi7/skRYAZcaUqExKDQ9CcAvS5pwi6yIWU9JdSt8wLH2wEGB7QzdmvQ9Hk3hjyfUGyuIAr+Mgp +9vuVlcX4R5wzDs8S++iMMoT92 X-Received: by 2002:a05:6000:1786:b0:43b:945c:e557 with SMTP id ffacd0b85a97d-43b97a1f474mr5123384f8f.11.1774549066334; Thu, 26 Mar 2026 11:17:46 -0700 (PDT) X-Received: by 2002:a05:6000:1786:b0:43b:945c:e557 with SMTP id ffacd0b85a97d-43b97a1f474mr5123279f8f.11.1774549065524; Thu, 26 Mar 2026 11:17:45 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b919cf2c8sm9012428f8f.20.2026.03.26.11.17.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:44 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 08/24] KVM: x86/mmu: introduce ACC_READ_MASK Date: Thu, 26 Mar 2026 19:17:06 +0100 Message-ID: <20260326181723.218115-9-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Read permissions so far were only needed for EPT, which does not need ACC_USER_MASK. Therefore, for EPT page tables ACC_USER_MASK was repurposed as a read permission bit. In order to implement nested MBEC, EPT will genuinely have four kinds of accesses, and there will be no room for such hacks; bite the bullet at last, enlarging ACC_ALL to four bits and permissions[] to 2^4 bits (u16). The new code does not enforce that the XWR bits on non-execonly processors have their R bit set, even when running nested: none of the shadow_*_mask values have bit 0 set, and make_spte() genuinely relies on ACC_READ_MASK being requested! This works becase, if execonly is not supported by the processor, shadow EPT will generate an EPT misconfig vmexit if the XWR bits represent a non-readable page, and therefore the pte_access argument to make_spte() will also always have ACC_READ_MASK set. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/include/asm/kvm_host.h | 12 +++++----- arch/x86/kvm/mmu.h | 2 +- arch/x86/kvm/mmu/mmu.c | 39 +++++++++++++++++++++------------ arch/x86/kvm/mmu/mmutrace.h | 3 ++- arch/x86/kvm/mmu/paging_tmpl.h | 35 +++++++++++++++++------------ arch/x86/kvm/mmu/spte.c | 18 ++++++--------- arch/x86/kvm/mmu/spte.h | 5 +++-- arch/x86/kvm/vmx/capabilities.h | 5 ----- arch/x86/kvm/vmx/common.h | 5 +---- arch/x86/kvm/vmx/vmx.c | 3 +-- 10 files changed, 67 insertions(+), 60 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 6e4e3ef9b8c7..65671d3769f0 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -327,11 +327,11 @@ struct kvm_kernel_irq_routing_entry; * the number of unique SPs that can theoretically be created is 2^n, wher= e n * is the number of bits that are used to compute the role. * - * But, even though there are 20 bits in the mask below, not all combinati= ons + * But, even though there are 21 bits in the mask below, not all combinati= ons * of modes and flags are possible: * * - invalid shadow pages are not accounted, mirror pages are not shadow= ed, - * so the bits are effectively 18. + * so the bits are effectively 19. * * - quadrant will only be used if has_4_byte_gpte=3D1 (non-PAE paging); * execonly and ad_disabled are only used for nested EPT which has @@ -346,7 +346,7 @@ struct kvm_kernel_irq_routing_entry; * cr0_wp=3D0, therefore these three bits only give rise to 5 possibil= ities. * * Therefore, the maximum number of possible upper-level shadow pages for a - * single gfn is a bit less than 2^13. + * single gfn is a bit less than 2^14. */ union kvm_mmu_page_role { u32 word; @@ -355,7 +355,7 @@ union kvm_mmu_page_role { unsigned has_4_byte_gpte:1; unsigned quadrant:2; unsigned direct:1; - unsigned access:3; + unsigned access:4; unsigned invalid:1; unsigned efer_nx:1; unsigned cr0_wp:1; @@ -365,7 +365,7 @@ union kvm_mmu_page_role { unsigned guest_mode:1; unsigned passthrough:1; unsigned is_mirror:1; - unsigned :4; + unsigned:3; =20 /* * This is left at the top of the word so that @@ -491,7 +491,7 @@ struct kvm_mmu { * Byte index: page fault error code [4:1] * Bit index: pte permissions in ACC_* format */ - u8 permissions[16]; + u16 permissions[16]; =20 u64 *pae_root; u64 *pml4_root; diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 830f46145692..23f37535c0ce 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -81,7 +81,7 @@ u8 kvm_mmu_get_max_tdp_level(void); void kvm_mmu_set_mmio_spte_mask(u64 mmio_value, u64 mmio_mask, u64 access_= mask); void kvm_mmu_set_mmio_spte_value(struct kvm *kvm, u64 mmio_value); void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_mask); -void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_exec_only); +void kvm_mmu_set_ept_masks(bool has_ad_bits); =20 void kvm_init_mmu(struct kvm_vcpu *vcpu); void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0, diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 170952a840db..5f578435b5ad 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -2033,7 +2033,7 @@ static bool kvm_sync_page_check(struct kvm_vcpu *vcpu= , struct kvm_mmu_page *sp) */ const union kvm_mmu_page_role sync_role_ign =3D { .level =3D 0xf, - .access =3D 0x7, + .access =3D ACC_ALL, .quadrant =3D 0x3, .passthrough =3D 0x1, }; @@ -5527,7 +5527,7 @@ reset_ept_shadow_zero_bits_mask(struct kvm_mmu *conte= xt, bool execonly) * update_permission_bitmask() builds what is effectively a * two-dimensional array of bools. The second dimension is * provided by individual bits of permissions[pfec >> 1], and - * logical &, | and ~ operations operate on all the 8 possible + * logical &, | and ~ operations operate on all the 16 possible * combinations of ACC_* bits. */ #define ACC_BITS_MASK(access) \ @@ -5537,15 +5537,24 @@ reset_ept_shadow_zero_bits_mask(struct kvm_mmu *con= text, bool execonly) (4 & (access) ? 1 << 4 : 0) | \ (5 & (access) ? 1 << 5 : 0) | \ (6 & (access) ? 1 << 6 : 0) | \ - (7 & (access) ? 1 << 7 : 0)) + (7 & (access) ? 1 << 7 : 0) | \ + (8 & (access) ? 1 << 8 : 0) | \ + (9 & (access) ? 1 << 9 : 0) | \ + (10 & (access) ? 1 << 10 : 0) | \ + (11 & (access) ? 1 << 11 : 0) | \ + (12 & (access) ? 1 << 12 : 0) | \ + (13 & (access) ? 1 << 13 : 0) | \ + (14 & (access) ? 1 << 14 : 0) | \ + (15 & (access) ? 1 << 15 : 0)) =20 static void update_permission_bitmask(struct kvm_mmu *mmu, bool ept) { unsigned byte; =20 - const u8 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); - const u8 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); - const u8 u =3D ACC_BITS_MASK(ACC_USER_MASK); + const u16 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); + const u16 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); + const u16 u =3D ACC_BITS_MASK(ACC_USER_MASK); + const u16 r =3D ACC_BITS_MASK(ACC_READ_MASK); =20 bool cr4_smep =3D is_cr4_smep(mmu); bool cr4_smap =3D is_cr4_smap(mmu); @@ -5568,24 +5577,26 @@ static void update_permission_bitmask(struct kvm_mm= u *mmu, bool ept) unsigned pfec =3D byte << 1; =20 /* - * Each "*f" variable has a 1 bit for each UWX value + * Each "*f" variable has a 1 bit for each ACC_* combo * that causes a fault with the given PFEC. */ =20 + /* Faults from reads to non-readable pages */ + u16 rf =3D (pfec & (PFERR_WRITE_MASK|PFERR_FETCH_MASK)) ? 0 : (u16)~r; /* Faults from writes to non-writable pages */ - u8 wf =3D (pfec & PFERR_WRITE_MASK) ? (u8)~w : 0; + u16 wf =3D (pfec & PFERR_WRITE_MASK) ? (u16)~w : 0; /* Faults from user mode accesses to supervisor pages */ - u8 uf =3D (pfec & PFERR_USER_MASK) ? (u8)~u : 0; + u16 uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; /* Faults from fetches of non-executable pages*/ - u8 ff =3D (pfec & PFERR_FETCH_MASK) ? (u8)~x : 0; + u16 ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; /* Faults from kernel mode fetches of user pages */ - u8 smepf =3D 0; + u16 smepf =3D 0; /* Faults from kernel mode accesses of user pages */ - u8 smapf =3D 0; + u16 smapf =3D 0; =20 if (!ept) { /* Faults from kernel mode accesses to user pages */ - u8 kf =3D (pfec & PFERR_USER_MASK) ? 0 : u; + u16 kf =3D (pfec & PFERR_USER_MASK) ? 0 : u; =20 /* Not really needed: !nx will cause pte.nx to fault */ if (!efer_nx) @@ -5618,7 +5629,7 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) smapf =3D (pfec & (PFERR_RSVD_MASK|PFERR_FETCH_MASK)) ? 0 : kf; } =20 - mmu->permissions[byte] =3D ff | uf | wf | smepf | smapf; + mmu->permissions[byte] =3D ff | uf | wf | rf | smepf | smapf; } } =20 diff --git a/arch/x86/kvm/mmu/mmutrace.h b/arch/x86/kvm/mmu/mmutrace.h index 764e3015d021..dcfdfedfc4e9 100644 --- a/arch/x86/kvm/mmu/mmutrace.h +++ b/arch/x86/kvm/mmu/mmutrace.h @@ -25,7 +25,8 @@ #define KVM_MMU_PAGE_PRINTK() ({ \ const char *saved_ptr =3D trace_seq_buffer_ptr(p); \ static const char *access_str[] =3D { \ - "---", "--x", "w--", "w-x", "-u-", "-ux", "wu-", "wux" \ + "----", "r---", "-w--", "rw--", "--u-", "r-u-", "-wu-", "rwu-", \ + "---x", "r--x", "-w-x", "rw-x", "--ux", "r-ux", "-wux", "rwux" \ }; \ union kvm_mmu_page_role role; \ \ diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index 901cd2bd40b8..fb1b5d8b23e5 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -170,25 +170,24 @@ static bool FNAME(prefetch_invalid_gpte)(struct kvm_v= cpu *vcpu, return true; } =20 -/* - * For PTTYPE_EPT, a page table can be executable but not readable - * on supported processors. Therefore, set_spte does not automatically - * set bit 0 if execute only is supported. Here, we repurpose ACC_USER_MASK - * to signify readability since it isn't used in the EPT case - */ static inline unsigned FNAME(gpte_access)(u64 gpte) { unsigned access; #if PTTYPE =3D=3D PTTYPE_EPT access =3D ((gpte & VMX_EPT_WRITABLE_MASK) ? ACC_WRITE_MASK : 0) | ((gpte & VMX_EPT_EXECUTABLE_MASK) ? ACC_EXEC_MASK : 0) | - ((gpte & VMX_EPT_READABLE_MASK) ? ACC_USER_MASK : 0); + ((gpte & VMX_EPT_READABLE_MASK) ? ACC_READ_MASK : 0); #else - BUILD_BUG_ON(ACC_EXEC_MASK !=3D PT_PRESENT_MASK); - BUILD_BUG_ON(ACC_EXEC_MASK !=3D 1); + /* + * P is set here, so the page is always readable and W/U/!NX represent + * allowed accesses. + */ + BUILD_BUG_ON(ACC_READ_MASK !=3D PT_PRESENT_MASK); + BUILD_BUG_ON(ACC_WRITE_MASK !=3D PT_WRITABLE_MASK); + BUILD_BUG_ON(ACC_USER_MASK !=3D PT_USER_MASK); + BUILD_BUG_ON(ACC_EXEC_MASK & (PT_WRITABLE_MASK | PT_USER_MASK | PT_PRESEN= T_MASK)); access =3D gpte & (PT_WRITABLE_MASK | PT_USER_MASK | PT_PRESENT_MASK); - /* Combine NX with P (which is set here) to get ACC_EXEC_MASK. */ - access ^=3D (gpte >> PT64_NX_SHIFT); + access |=3D gpte & PT64_NX_MASK ? 0 : ACC_EXEC_MASK; #endif =20 return access; @@ -501,10 +500,18 @@ static int FNAME(walk_addr_generic)(struct guest_walk= er *walker, =20 if (write_fault) walker->fault.exit_qualification |=3D EPT_VIOLATION_ACC_WRITE; - if (user_fault) - walker->fault.exit_qualification |=3D EPT_VIOLATION_ACC_READ; - if (fetch_fault) + else if (fetch_fault) walker->fault.exit_qualification |=3D EPT_VIOLATION_ACC_INSTR; + else + walker->fault.exit_qualification |=3D EPT_VIOLATION_ACC_READ; + + /* + * Accesses to guest paging structures are either "reads" or + * "read+write" accesses, so consider them the latter if write_fault + * is true. + */ + if (access & PFERR_GUEST_PAGE_MASK) + walker->fault.exit_qualification |=3D EPT_VIOLATION_ACC_READ; =20 /* * Note, pte_access holds the raw RWX bits from the EPTE, not diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index e9dc0ae44274..7b5f118ae211 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -194,12 +194,6 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_p= age *sp, int is_host_mmio =3D -1; bool wrprot =3D false; =20 - /* - * For the EPT case, shadow_present_mask has no RWX bits set if - * exec-only page table entries are supported. In that case, - * ACC_USER_MASK and shadow_user_mask are used to represent - * read access. See FNAME(gpte_access) in paging_tmpl.h. - */ WARN_ON_ONCE((pte_access | shadow_present_mask) =3D=3D SHADOW_NONPRESENT_= VALUE); =20 if (sp->role.ad_disabled) @@ -228,6 +222,9 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_pa= ge *sp, pte_access &=3D ~ACC_EXEC_MASK; } =20 + if (pte_access & ACC_READ_MASK) + spte |=3D PT_PRESENT_MASK; /* or VMX_EPT_READABLE_MASK */ + if (pte_access & ACC_EXEC_MASK) spte |=3D shadow_x_mask; else @@ -391,6 +388,7 @@ u64 make_nonleaf_spte(u64 *child_pt, bool ad_disabled) u64 spte =3D SPTE_MMU_PRESENT_MASK; =20 spte |=3D __pa(child_pt) | shadow_present_mask | PT_WRITABLE_MASK | + PT_PRESENT_MASK /* or VMX_EPT_READABLE_MASK */ | shadow_user_mask | shadow_x_mask | shadow_me_value; =20 if (ad_disabled) @@ -491,18 +489,16 @@ void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_ma= sk) } EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_mmu_set_me_spte_mask); =20 -void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_exec_only) +void kvm_mmu_set_ept_masks(bool has_ad_bits) { kvm_ad_enabled =3D has_ad_bits; =20 - shadow_user_mask =3D VMX_EPT_READABLE_MASK; + shadow_user_mask =3D 0; shadow_accessed_mask =3D VMX_EPT_ACCESS_BIT; shadow_dirty_mask =3D VMX_EPT_DIRTY_BIT; shadow_nx_mask =3D 0ull; shadow_x_mask =3D VMX_EPT_EXECUTABLE_MASK; - /* VMX_EPT_SUPPRESS_VE_BIT is needed for W or X violation. */ - shadow_present_mask =3D - (has_exec_only ? 0ull : VMX_EPT_READABLE_MASK) | VMX_EPT_SUPPRESS_VE_BIT; + shadow_present_mask =3D VMX_EPT_SUPPRESS_VE_BIT; =20 shadow_acc_track_mask =3D VMX_EPT_RWX_MASK; shadow_host_writable_mask =3D EPT_SPTE_HOST_WRITABLE; diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index bc02a2e89a31..121bfb2217e8 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -52,10 +52,11 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); #define SPTE_BASE_ADDR_MASK (((1ULL << 52) - 1) & ~(u64)(PAGE_SIZE-1)) #endif =20 -#define ACC_EXEC_MASK 1 +#define ACC_READ_MASK PT_PRESENT_MASK #define ACC_WRITE_MASK PT_WRITABLE_MASK #define ACC_USER_MASK PT_USER_MASK -#define ACC_ALL (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK) +#define ACC_EXEC_MASK 8 +#define ACC_ALL (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK |= ACC_READ_MASK) =20 #define SPTE_LEVEL_BITS 9 #define SPTE_LEVEL_SHIFT(level) __PT_LEVEL_SHIFT(level, SPTE_LEVEL_BITS) diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilitie= s.h index 4e371c93ae16..609477f190e8 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -300,11 +300,6 @@ static inline bool cpu_has_vmx_flexpriority(void) cpu_has_vmx_virtualize_apic_accesses(); } =20 -static inline bool cpu_has_vmx_ept_execute_only(void) -{ - return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT; -} - static inline bool cpu_has_vmx_ept_4levels(void) { return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT; diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h index adf925500b9e..1afbf272efae 100644 --- a/arch/x86/kvm/vmx/common.h +++ b/arch/x86/kvm/vmx/common.h @@ -85,11 +85,8 @@ static inline int __vmx_handle_ept_violation(struct kvm_= vcpu *vcpu, gpa_t gpa, { u64 error_code; =20 - /* Is it a read fault? */ - error_code =3D (exit_qualification & EPT_VIOLATION_ACC_READ) - ? PFERR_USER_MASK : 0; /* Is it a write fault? */ - error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_WRITE) + error_code =3D (exit_qualification & EPT_VIOLATION_ACC_WRITE) ? PFERR_WRITE_MASK : 0; /* Is it a fetch fault? */ error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_INSTR) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 8b24e682535b..e27868fa4eb7 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -8798,8 +8798,7 @@ __init int vmx_hardware_setup(void) set_bit(0, vmx_vpid_bitmap); /* 0 is reserved for host */ =20 if (enable_ept) - kvm_mmu_set_ept_masks(enable_ept_ad_bits, - cpu_has_vmx_ept_execute_only()); + kvm_mmu_set_ept_masks(enable_ept_ad_bits); else vt_x86_ops.get_mt_mask =3D NULL; =20 --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A5CCF3ACEFE for ; Thu, 26 Mar 2026 18:17:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549078; cv=none; b=Uo47+ebFCNMTMC+YjCwoMtFexP2gI7SBXHELiCPOJGvB8CLlZSkHKxG8BBeWubQ9eBcT4+/bNbIxLIMwAMbpNXSqQWcKIc2D49yYLJzvFHSxRI7Qbe4Y6CdXqiEvC7IHJXWRrX0znJ7wkRcQwCVtpCrOI3vbmwm+rnAjYtOwryI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549078; c=relaxed/simple; bh=vTy9O5IsDlG6v8B6glBVPqw3VYt2VMRG16l4ZUpy0Nk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Lyl5mur5eVvZnosvpIMe/ipuNXvEPOMjiJWqhjIyJRMkMHyLGlV7AcYayi9JLORFUDllxmFtBibOwH/gkx/YIqy8m7T0fCHSMVjWjueHMkE6Yp3xN9iZbGpRhqCljWpIc1BSzc/pwWYVH/Bp2i843hoAwCIrY1lsbT6XWkyj/+0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=bsrwoVuo; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=mG6eZKcy; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="bsrwoVuo"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="mG6eZKcy" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549072; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PcMqJJGPCLK+VRPcw/NPeynhXQGvPO9SUzIgJSMzXxQ=; b=bsrwoVuoyn4/ZHOnmOrS05emEVE+RX6X8N0/r5fAvy4K6Fflp4F4PrCQpo+ourKP7wmohL 7wMUBy1TIteRyic4oe81lM0KGPmZXx/7SyrLDG1ecCt4/tWC2ZKw/huQHA9nDEwrviG/hK O74oTBXjMMnxZRiLaVzZhQUhZjxyvLg= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-627-HjZoWjPCMeGBUMIXOZDrLQ-1; Thu, 26 Mar 2026 14:17:51 -0400 X-MC-Unique: HjZoWjPCMeGBUMIXOZDrLQ-1 X-Mimecast-MFC-AGG-ID: HjZoWjPCMeGBUMIXOZDrLQ_1774549070 Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-439a85832c0so81276f8f.2 for ; Thu, 26 Mar 2026 11:17:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549070; x=1775153870; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=PcMqJJGPCLK+VRPcw/NPeynhXQGvPO9SUzIgJSMzXxQ=; b=mG6eZKcyzthQv+cEEXcHKzy48vo2Os9/l16Lj1agQOaD5NUCKQpJu/z+f1RlGKJmQA FAM2j5JDWAcYefN+LQdZ+KXkX6pVZASuLyr3WpT/F5B8MXDnP1i/ed+/CWg1E69MI/9p +vHL+WTTYLVYsnRmIBaV9/qO0zsFRd5tHeDpnRyWyHM1+FZEg0dspm67Fs3UHCi1BjKk nUXy+UQipNsurKc+9kpRMs02L71hOhQNL5H+08YOMds8Ueq/fXmfdXsnpXlHViaHI9d/ dV+U2EKmQ+8gMVx5qOaIoqtQGBGvfGerBO4NGASyjL8Uhcp3mr9M/W+TwB8DTv0LgeDb Elhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549070; x=1775153870; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=PcMqJJGPCLK+VRPcw/NPeynhXQGvPO9SUzIgJSMzXxQ=; b=afdLGqD4kCMRB8V4RCgxplSF8dhJuLxdLg8qf9lmDgA6Rax+BC2OnRcO0/5PQPS+qh xjJHsomhyBEapZFb4QH9r2rNKlEYJuegJC1ILX7X5y+UwsH3DKqZQQeAcI7AgExUu4+Z dsZx9Zbp6ivzSTOLqeS1X85Ki7rcIFsOF9K4fXNFRjNKpoSum0OdMu5RckwIbSHWY5+t fsVM+UevNhd8msdvRTrJof0p64whRmg4xDmhKwTvhEib1BhD8+0NYsIuN0OSW6c6WiIK r8sGKnl76/wNehr0IDE4QP8jTtfH0BPwLj4vZBzEhvYfTwz4C9Tz3sbo6Fl/wj7MKP6J JecQ== X-Gm-Message-State: AOJu0YyuN59NAh8tNNWNC4BkMPj3wt6aWsAysAb0Yo8ASJiqJFKznbVI BwyGi8iOb7XLazKLNkt4ABMcOXDnios8mFsL6cO4Of6CYj66Bja5s9ptOlUP3yOhOQ7VdhcYmeT We/fECS6egPPxXhnQgfPER9FhvxDttAq5bv+5Ck5s8yFWRjkSs7KNRJVdtjchZ6qTlu3ODu5ACi BKSxQ7tILfKjgU4IewLTOutd6Yg2J1/q3tZjgbbv9Oc0YvAmepKw== X-Gm-Gg: ATEYQzzi6EyKm1G2PFDxFgpXmZhvwDk/vjixVU4/CK11eK0AjGkQoLvbfmR1e5tr/Ja f5dIzyT+XpR0kkYvqGF4CcOAucBPYhBw0E1JT32banqtEpFj5DNsX5MhgQFkAaQDuowftAWO858 Z2JHUJ/t45r9yL20lvAFRBbOKDZHz1NylLHNvf8SjU+PE/uHI+aabxiZ+lrBTGVhxhQt094rRpv CTERBOZ2bJ82SX081bOccfbNHJ6PNPZZ4BjjhYUIRXnaLoEib8/W5QJ1C8aXlTBFnz0iEFXwAH1 C39TTjTlq7M8yr7K+I50HZYlVchQSWfUdyuofFiRqACy2r4rXcfB1xE7oALHzzMBrTfT6+pMFWZ xEBYILv0Y03zQdOyoULLOQSdxI5iwUNYC5vAfipc6E1hReekmKPgpSvE4eMqzTiQYDWss2U2BGg 9iQjLp+MCrsN86gcEF5z9gQ+np X-Received: by 2002:a05:6000:60f:b0:43b:3c06:c30a with SMTP id ffacd0b85a97d-43b889b2542mr13985149f8f.18.1774549069723; Thu, 26 Mar 2026 11:17:49 -0700 (PDT) X-Received: by 2002:a05:6000:60f:b0:43b:3c06:c30a with SMTP id ffacd0b85a97d-43b889b2542mr13985075f8f.18.1774549069217; Thu, 26 Mar 2026 11:17:49 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b91942f24sm10449273f8f.11.2026.03.26.11.17.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:46 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 09/24] KVM: x86/mmu: separate more EPT/non-EPT permission_fault() Date: Thu, 26 Mar 2026 19:17:07 +0100 Message-ID: <20260326181723.218115-10-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that EPT is not abusing anymore ACC_USER_MASK, move its handling entirely in the !ept branch. Merge smepf and ff into a single variable because EPT's "SMEP" (actually MBEC) is defined differently. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/mmu.c | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 5f578435b5ad..dd5419a1f891 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5553,7 +5553,6 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) =20 const u16 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); const u16 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); - const u16 u =3D ACC_BITS_MASK(ACC_USER_MASK); const u16 r =3D ACC_BITS_MASK(ACC_READ_MASK); =20 bool cr4_smep =3D is_cr4_smep(mmu); @@ -5586,21 +5585,24 @@ static void update_permission_bitmask(struct kvm_mm= u *mmu, bool ept) /* Faults from writes to non-writable pages */ u16 wf =3D (pfec & PFERR_WRITE_MASK) ? (u16)~w : 0; /* Faults from user mode accesses to supervisor pages */ - u16 uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; - /* Faults from fetches of non-executable pages*/ - u16 ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; - /* Faults from kernel mode fetches of user pages */ - u16 smepf =3D 0; + u16 uf =3D 0; + /* Faults from fetches of non-executable pages */ + u16 ff =3D 0; /* Faults from kernel mode accesses of user pages */ u16 smapf =3D 0; =20 - if (!ept) { + if (ept) { + ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; + } else { + const u16 u =3D ACC_BITS_MASK(ACC_USER_MASK); + /* Faults from kernel mode accesses to user pages */ u16 kf =3D (pfec & PFERR_USER_MASK) ? 0 : u; =20 - /* Not really needed: !nx will cause pte.nx to fault */ - if (!efer_nx) - ff =3D 0; + uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; + + if (efer_nx) + ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; =20 /* Allow supervisor writes if !cr0.wp */ if (!cr0_wp) @@ -5608,7 +5610,7 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) =20 /* Disallow supervisor fetches of user code if cr4.smep */ if (cr4_smep) - smepf =3D (pfec & PFERR_FETCH_MASK) ? kf : 0; + ff |=3D (pfec & PFERR_FETCH_MASK) ? kf : 0; =20 /* * SMAP:kernel-mode data accesses from user-mode @@ -5629,7 +5631,7 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) smapf =3D (pfec & (PFERR_RSVD_MASK|PFERR_FETCH_MASK)) ? 0 : kf; } =20 - mmu->permissions[byte] =3D ff | uf | wf | rf | smepf | smapf; + mmu->permissions[byte] =3D ff | uf | wf | rf | smapf; } } =20 --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D672B3A8745 for ; Thu, 26 Mar 2026 18:17:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549083; cv=none; b=I4I563Q9X3lyuV1y+Oie6thAZzvQZ6JiDrHNQ3pyceFkx9xr+dgva2N7c8YY1oevt+NQDlQ2lmXVM0rkjN/9jmjuEo/IHrP1dXmjHojckFrnECl5XpDDB6SbQkd1Q+ZNXjjkcPxPvW/5bl2F2Ez8afuLgSE0CT6MSO9Ew4iXauE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549083; c=relaxed/simple; bh=pS1J8W8fO4+3tnDj88CZnxAyKm0FKvsBhMP+n0FPrMc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=lyI6ZYiVODcagX7LQGhqO/PFrulZeLl4DptL9XA0/V32XV3DG8YmTluO/Qoekkgz5SvycBoRp6/q1ACVfayyVTsX50PDm4+izna80fgO0SoXh4a5bVQkuYTsRQCfM18YsuqUuFCMmkkiXroeaBbv2J4c1r7OBOPOSF8K19iU2T4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=YhZrWOiY; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=pv76CWUR; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="YhZrWOiY"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="pv76CWUR" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549077; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=K8T8CyELIjmZrSOM7uiAWDk5u4n6lA2+sMqy1wRdzGU=; b=YhZrWOiYYno3XYTv/ymgJLJs3hwT5ACbhIag7+1kh4Gn+UJV7HY3PXuRlHVKVJLZuEEAYw bam0pt2ydJNBS4zK0NpbLROJc/rAkG2N3BwDr2h5kvKrQB477j6/7BVekAR+HkwI/3yJCO PGCpIn6Hw0VQfgfWz4VcnsW65S7G7rg= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-644-EwdQNFTsMR-KnIeYg47Rhw-1; Thu, 26 Mar 2026 14:17:54 -0400 X-MC-Unique: EwdQNFTsMR-KnIeYg47Rhw-1 X-Mimecast-MFC-AGG-ID: EwdQNFTsMR-KnIeYg47Rhw_1774549073 Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-43b8f23bdc7so94116f8f.3 for ; Thu, 26 Mar 2026 11:17:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549072; x=1775153872; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=K8T8CyELIjmZrSOM7uiAWDk5u4n6lA2+sMqy1wRdzGU=; b=pv76CWUR+uVQiJITEeL8bO/xrA/ZgiMrciFb7w8oQiRuZjtQqLgK3VW4oqwyZuepdS enfDCJhdhKiKdJdCsBzaenxKQs7iA3T0T2z/FfMv2E4evMxIutVUh3vOtxjACry8wZT7 MysqHU86lo2VgR0g5YWgzm/Um4oI9L7yHlEJcmipIzcgFlFspodJaQbCCiuV9Y19n1H7 NafDZxct59bQrfRyyk0SBah65N3O4//XmVRrk5wsydeWEnz22f8B9s/ls/DlmAO+fguo 357jxcgzwFwbmxEgTQPztqE9V/17YzysDZkwqurYdgzcu/gXiIbc+7Rp1Qx54fjilhy/ yFnA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549072; x=1775153872; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=K8T8CyELIjmZrSOM7uiAWDk5u4n6lA2+sMqy1wRdzGU=; b=FxpDyhS4Hj6cHcTlgDddye/p/R60CSkQ9jgAaiady0lJaq7X/wbRHcRCqykmKfC3pW h2Wm1pzB5XQBIcUjI6IYglFxjXmKxttsEYpevGmm+L/nY0TiOUk3GP2cQnmL16wn+3oK 1Pz3YltLWU4t+zjsYOHQaivjcOC973azz8LDD/P6F3k5w8fOSJsIIUmRLxylmuOqaeD2 pu1Nl5oi58m75KVy+rn4kLq3qNNkKdMuxrQ2kiWGltZfhewA9RJ/zf1zv8DR3lpVbjDW OQYLzl0NXqZhb2uYD7cCGPXcfQIRkJUFe5NzNkdSsmuyXNHf1UBv2wX1XfMhPYLU6cwq NpOg== X-Gm-Message-State: AOJu0Yx5JlC2ijqESH6VTSXozDUBmkQ4w27PAypTwwbSsOfv0r0YTFZX Wx8LrnPmQx4XTVaDFaELLgz+oo40d1VgtHH6f/sqttsot8o6m8i4zgzOBjbd7qjDayfkLgx3NyZ WQ5fW8gZHSqnqYgsDFDI4+/yKofjpJUgHLFwPLaLL6H5JNzhtkK/LXK5tW+kUc0qPR/ZIl+Qrnw HAi/C2mjJocxCZYshrjGOmH0E8f5iGcN+wl8j6+Ury+8sssFwDuQ== X-Gm-Gg: ATEYQzzAlaJwvfc3beF6mKbjArJQYMO9g5tNu65u6WE+995fkMzKPws7La3QJ7rzIoN 36OUFmpZHSDaEs3xjMJcFuaSYj3sAmVXwERKEzjsfo1VUmZ1rvhvQg+zZYd5xGsEOsYVZ6lmK1w 2dtRzVmZRjl6sD/iekkoORpaSCXY7OOV7zJyjcGc71Yi7dBi9q9uUc1NG410pp5TbL2BGdegRK/ ghupNk8ad25VvtNURpu8Lgin1AFfodS4nXxUy4xJcAh65OoFBYhOHi8nQmt0Mi6wfzSTrwjFvoa usfVbS36Z2YP5x2DetDmU3zn30MXsn33e0Royka2ezYeUdlUGLHZDnMZWWm35Qcj9VMJ9vNT9BP t3bXaeqdR1U3kNvutnn0dsvoS2fsgRJ2PTesQQV4h1ad9PwcG7bIApJdGKAh2dlCRy3FfFm2nzn 5zo1h6jw+jpsWsEyb0bqW5nCrN X-Received: by 2002:a05:6000:220b:b0:43b:43ae:8c25 with SMTP id ffacd0b85a97d-43b88a44842mr13657638f8f.52.1774549072132; Thu, 26 Mar 2026 11:17:52 -0700 (PDT) X-Received: by 2002:a05:6000:220b:b0:43b:43ae:8c25 with SMTP id ffacd0b85a97d-43b88a44842mr13657569f8f.52.1774549071543; Thu, 26 Mar 2026 11:17:51 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b9192e3f9sm10324620f8f.7.2026.03.26.11.17.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:50 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 10/24] KVM: x86/mmu: split XS/XU bits for EPT Date: Thu, 26 Mar 2026 19:17:08 +0100 Message-ID: <20260326181723.218115-11-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When EPT is in use, replace ACC_USER_MASK with ACC_USER_EXEC_MASK, so that supervisor and user-mode execution can be controlled independently (ACC_USER_MASK would not allow a setting similar to XU=3D0 XS=3D1 W=3D1 R=3D1). Replace shadow_x_mask with shadow_xs_mask/shadow_xu_mask, to allow setting XS and XU bits separately in EPT entries. Note that ACC_USER_EXEC_MASK is already set through ACC_ALL in the kvm_mmu_page roles, but it does not propagate to the XU bit because shadow_xs_mask =3D=3D shadow_xu_mask. On the other hand, access tracking for eptad=3D0 does take it into account when saving/restoring page permissions. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/mmu.c | 2 +- arch/x86/kvm/mmu/mmutrace.h | 6 ++--- arch/x86/kvm/mmu/spte.c | 49 +++++++++++++++++++++++-------------- arch/x86/kvm/mmu/spte.h | 8 +++--- 4 files changed, 40 insertions(+), 25 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index dd5419a1f891..a6ee467ad838 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5472,7 +5472,7 @@ static void reset_shadow_zero_bits_mask(struct kvm_vc= pu *vcpu, static inline bool boot_cpu_is_amd(void) { WARN_ON_ONCE(!tdp_enabled); - return shadow_x_mask =3D=3D 0; + return shadow_xs_mask =3D=3D 0; } =20 /* diff --git a/arch/x86/kvm/mmu/mmutrace.h b/arch/x86/kvm/mmu/mmutrace.h index dcfdfedfc4e9..3429c1413f42 100644 --- a/arch/x86/kvm/mmu/mmutrace.h +++ b/arch/x86/kvm/mmu/mmutrace.h @@ -357,8 +357,8 @@ TRACE_EVENT( __entry->sptep =3D virt_to_phys(sptep); __entry->level =3D level; __entry->r =3D shadow_present_mask || (__entry->spte & PT_PRESENT_MASK); - __entry->x =3D is_executable_pte(__entry->spte); - __entry->u =3D shadow_user_mask ? !!(__entry->spte & shadow_user_mask) := -1; + __entry->x =3D (__entry->spte & (shadow_xs_mask | shadow_nx_mask)) =3D= =3D shadow_xs_mask; + __entry->u =3D !!(__entry->spte & (shadow_xu_mask | shadow_user_mask)); ), =20 TP_printk("gfn %llx spte %llx (%s%s%s%s) level %d at %llx", @@ -366,7 +366,7 @@ TRACE_EVENT( __entry->r ? "r" : "-", __entry->spte & PT_WRITABLE_MASK ? "w" : "-", __entry->x ? "x" : "-", - __entry->u =3D=3D -1 ? "" : (__entry->u ? "u" : "-"), + __entry->u ? "u" : "-", __entry->level, __entry->sptep ) ); diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index 7b5f118ae211..fc7eb73476f6 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -29,8 +29,9 @@ bool __read_mostly kvm_ad_enabled; u64 __read_mostly shadow_host_writable_mask; u64 __read_mostly shadow_mmu_writable_mask; u64 __read_mostly shadow_nx_mask; -u64 __read_mostly shadow_x_mask; /* mutual exclusive with nx_mask */ u64 __read_mostly shadow_user_mask; +u64 __read_mostly shadow_xs_mask; /* mutual exclusive with nx_mask and use= r_mask */ +u64 __read_mostly shadow_xu_mask; /* mutual exclusive with nx_mask and use= r_mask */ u64 __read_mostly shadow_accessed_mask; u64 __read_mostly shadow_dirty_mask; u64 __read_mostly shadow_mmio_value; @@ -216,22 +217,30 @@ bool make_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_= page *sp, * when CR0.PG is toggled, but leveraging that to ignore the mitigation * would tie make_spte() further to vCPU/MMU state, and add complexity * just to optimize a mode that is anything but performance critical. + * + * Use ACC_USER_EXEC_MASK here assuming only Intel processors (EPT) + * are affected by the NX huge page erratum. */ - if (level > PG_LEVEL_4K && (pte_access & ACC_EXEC_MASK) && + if (level > PG_LEVEL_4K && + (pte_access & (ACC_EXEC_MASK | ACC_USER_EXEC_MASK)) && is_nx_huge_page_enabled(vcpu->kvm)) { - pte_access &=3D ~ACC_EXEC_MASK; + pte_access &=3D ~(ACC_EXEC_MASK | ACC_USER_EXEC_MASK); } =20 if (pte_access & ACC_READ_MASK) spte |=3D PT_PRESENT_MASK; /* or VMX_EPT_READABLE_MASK */ =20 - if (pte_access & ACC_EXEC_MASK) - spte |=3D shadow_x_mask; - else - spte |=3D shadow_nx_mask; - - if (pte_access & ACC_USER_MASK) - spte |=3D shadow_user_mask; + if (shadow_nx_mask) { + if (!(pte_access & ACC_EXEC_MASK)) + spte |=3D shadow_nx_mask; + if (pte_access & ACC_USER_MASK) + spte |=3D shadow_user_mask; + } else { + if (pte_access & ACC_EXEC_MASK) + spte |=3D shadow_xs_mask; + if (pte_access & ACC_USER_EXEC_MASK) + spte |=3D shadow_xu_mask; + } =20 if (level > PG_LEVEL_4K) spte |=3D PT_PAGE_SIZE_MASK; @@ -318,11 +327,13 @@ static u64 make_spte_executable(u64 spte, u8 access) { u64 set, clear; =20 - if (access & ACC_EXEC_MASK) - set =3D shadow_x_mask; + if (shadow_nx_mask) + set =3D (access & ACC_EXEC_MASK) ? 0 : shadow_nx_mask; else - set =3D shadow_nx_mask; - clear =3D set ^ (shadow_nx_mask | shadow_x_mask); + set =3D + (access & ACC_EXEC_MASK ? shadow_xs_mask : 0) | + (access & ACC_USER_EXEC_MASK ? shadow_xu_mask : 0); + clear =3D set ^ (shadow_nx_mask | shadow_xs_mask | shadow_xu_mask); return modify_spte_protections(spte, set, clear); } =20 @@ -389,7 +400,7 @@ u64 make_nonleaf_spte(u64 *child_pt, bool ad_disabled) =20 spte |=3D __pa(child_pt) | shadow_present_mask | PT_WRITABLE_MASK | PT_PRESENT_MASK /* or VMX_EPT_READABLE_MASK */ | - shadow_user_mask | shadow_x_mask | shadow_me_value; + shadow_user_mask | shadow_xs_mask | shadow_xu_mask | shadow_me_value; =20 if (ad_disabled) spte |=3D SPTE_TDP_AD_DISABLED; @@ -497,10 +508,11 @@ void kvm_mmu_set_ept_masks(bool has_ad_bits) shadow_accessed_mask =3D VMX_EPT_ACCESS_BIT; shadow_dirty_mask =3D VMX_EPT_DIRTY_BIT; shadow_nx_mask =3D 0ull; - shadow_x_mask =3D VMX_EPT_EXECUTABLE_MASK; + shadow_xs_mask =3D VMX_EPT_EXECUTABLE_MASK; + shadow_xu_mask =3D VMX_EPT_EXECUTABLE_MASK; shadow_present_mask =3D VMX_EPT_SUPPRESS_VE_BIT; =20 - shadow_acc_track_mask =3D VMX_EPT_RWX_MASK; + shadow_acc_track_mask =3D VMX_EPT_RWX_MASK | VMX_EPT_USER_EXECUTABLE_MASK; shadow_host_writable_mask =3D EPT_SPTE_HOST_WRITABLE; shadow_mmu_writable_mask =3D EPT_SPTE_MMU_WRITABLE; =20 @@ -548,7 +560,8 @@ void kvm_mmu_reset_all_pte_masks(void) shadow_accessed_mask =3D PT_ACCESSED_MASK; shadow_dirty_mask =3D PT_DIRTY_MASK; shadow_nx_mask =3D PT64_NX_MASK; - shadow_x_mask =3D 0; + shadow_xs_mask =3D 0; + shadow_xu_mask =3D 0; shadow_present_mask =3D PT_PRESENT_MASK; =20 shadow_acc_track_mask =3D 0; diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 121bfb2217e8..204f16aaf4e5 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -54,7 +54,8 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); =20 #define ACC_READ_MASK PT_PRESENT_MASK #define ACC_WRITE_MASK PT_WRITABLE_MASK -#define ACC_USER_MASK PT_USER_MASK +#define ACC_USER_MASK PT_USER_MASK /* non EPT */ +#define ACC_USER_EXEC_MASK ACC_USER_MASK /* EPT only */ #define ACC_EXEC_MASK 8 #define ACC_ALL (ACC_EXEC_MASK | ACC_WRITE_MASK | ACC_USER_MASK |= ACC_READ_MASK) =20 @@ -184,8 +185,9 @@ extern bool __read_mostly kvm_ad_enabled; extern u64 __read_mostly shadow_host_writable_mask; extern u64 __read_mostly shadow_mmu_writable_mask; extern u64 __read_mostly shadow_nx_mask; -extern u64 __read_mostly shadow_x_mask; /* mutual exclusive with nx_mask */ extern u64 __read_mostly shadow_user_mask; +extern u64 __read_mostly shadow_xs_mask; /* mutual exclusive with nx_mask = and user_mask */ +extern u64 __read_mostly shadow_xu_mask; /* mutual exclusive with nx_mask = and user_mask */ extern u64 __read_mostly shadow_accessed_mask; extern u64 __read_mostly shadow_dirty_mask; extern u64 __read_mostly shadow_mmio_value; @@ -363,7 +365,7 @@ static inline bool is_last_spte(u64 pte, int level) =20 static inline bool is_executable_pte(u64 spte) { - return (spte & (shadow_x_mask | shadow_nx_mask)) =3D=3D shadow_x_mask; + return (spte & (shadow_xs_mask | shadow_xu_mask | shadow_nx_mask)) !=3D s= hadow_nx_mask; } =20 static inline kvm_pfn_t spte_to_pfn(u64 pte) --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5E96F410D38 for ; Thu, 26 Mar 2026 18:18:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549086; cv=none; b=PP1c4YTP3ZI4ivRlB/pp8aWzwy6XicSg4i2YxSVSWADKGS6FImjFIPH6AHQ3Dph+Cm2BhJMkPYMdSwSlCfuuQ8PGXVjb6MTGZ07453pmnZAud+LaVQ4YiCqPqSSq435wZRcud5ZFfTgD0f7NvR6UJ2tLDKjx1C0s1ysQQgC+z4I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549086; c=relaxed/simple; bh=kV5YnC97ln5+DVsaOb883H58Ze7qwkIsim21YHCrnRQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=NdWBC5lh7yjz8P9ly8HMpxCNN8a0EtcGkqOd25Ccd7fY3SQSyLZYuJXDjuWZzokV1Q+/2NNvyedtvrgba2WIU6c/wugFTZKDz+kb1x9Taob8J3+UnA9KQ+cve9mzey6DfSwibOsw5ezAdnL64fQFVmVPn1tbQgIBMs+VyNDX814= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=HdRhKtXa; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=eVLAVCfv; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="HdRhKtXa"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="eVLAVCfv" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549078; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ys9YR6CdTMd5WSS5mBv+iUvUa9v1KcPcwFdGEo7dT2o=; b=HdRhKtXa/omSuln094mL5z2JmbJyUsqTdfpj+4Ymy34gu8ieE6xbVxRsiZ8ArmFxJKbYYg zvuYT3vshjC+TsZsDCC7inFRVpj9eZjvf3ZiDckMM4Y9bhsvqFhZsPwTm1+m12Y1Fn/4PK BeN4cGh6eny03JMwukqfk3vOms2utF4= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-201-6J5tSXoyPQu66eiTdp5JOw-1; Thu, 26 Mar 2026 14:17:56 -0400 X-MC-Unique: 6J5tSXoyPQu66eiTdp5JOw-1 X-Mimecast-MFC-AGG-ID: 6J5tSXoyPQu66eiTdp5JOw_1774549076 Received: by mail-wr1-f69.google.com with SMTP id ffacd0b85a97d-439bcec86dfso1304662f8f.3 for ; Thu, 26 Mar 2026 11:17:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549075; x=1775153875; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ys9YR6CdTMd5WSS5mBv+iUvUa9v1KcPcwFdGEo7dT2o=; b=eVLAVCfvgV/96ymIetRJaJ+nYiognZrool41FFlNySC8t+pXe0nDlScW8E2MOCn5Fh bgPVZI9I9OnwUQJXRaKO2Yja1rBcps50hjsMHLWIvzl2plQVD3yXPFBrUOLaxYIve1j4 /QOQEs1EmaMXPiMHIBSNSbLdHm9gmwAe1QkV9Y0r8hRrgl2vK+Bhiofx3Q6rAPNkslgC r5ypFpwc1RLTE07y9nYbh3A/T/JOMQhqgPzeBxAnS3zdJ5UkGNPGiWadTJE8mtP/CA7j SaepI0ofFS51s4EAtTkULxngpCTdMfwMGiPbM8eZqgmK0vEnMHCAJLq61/htNDEEY4uw E6NA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549075; x=1775153875; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=ys9YR6CdTMd5WSS5mBv+iUvUa9v1KcPcwFdGEo7dT2o=; b=Yny1IoQY92mmFUCx28p1LWMVKBTZC+NwWUcHxIeTruzah7VohTr8MPRvpQEdxC5SjK N/lrUycxHvnIxSXiTXLxou3VOfJivWELrjLEV9u5l59kPP6rZGrpwqbQWklDQST1jzPz R//aSOANgSLRSct4hMn6Vx87Ufl9ewDNWOjiPO3pZxMkjagaayfy5XVX8dqM3pkbwSnj MnwXLONF3eW4U7Obbhy6wEZ2+mGjH9YmSAp+a6MgQJmuMeF1pOqhSH8Z/nf9dL/e/6P9 28Q/lhsyfXhDsHZNOyDhyLN8Y+x87U0NbjRt7mv5zOgVJFKHlXBIZpiQq3vB4n1WpiVQ REgQ== X-Gm-Message-State: AOJu0Yy9EOEfb1etUALodfW+SVMsJuJPGQfGJmKnVSIG2EHYzGpq8GuM 3UI/MIdpa4kdgGtTSWO50q6XFMC+SJ5xVXv00idQe+jn4hl/AaBbRAejWhhFwZxSJEC9KvXkgoB IGKedeFMJ8XVlDfSVjpg9Kx18sVPyOlU1FFvsSuL9Hz/JbNFs93+O7f6RPpDvo350AFAdOuq25T B9eLP/8gzvduLDX1aQyn56W6fl340Pj6KVvy2YhLWQq4RCClSALg== X-Gm-Gg: ATEYQzzX5aj1gFJIgt/J9FUe+7aYJNJmd509vcVYWgvu/WmBDC8FvnBNYS0Cu/srxE5 x+WyPlXkGjZG0ZwS4Ysle0sDtfJmqG0K54cNN6jRTQi4QzLWJZspXpGhoMGTsgw0rqawmtyHAbX HRytNVaQZC+YAc2Il5wf42ATEG96cetoNjeeHTZdCtS5DaQZuYJOcydkUk5B1jrU6eVQoXoRwve 7aFodCFwaBZ2UyrrRbCBFeMOocL9Ie19Zfv/x+tza9x3w201V1y0GN3dnByolS9oLj+EGM3yzWe Ykqm/5eCCZOZEtr8RFtCEnqlL3pm+KUp9yDdkXmSD5CR/odZZBg2E9gFtlH10CPMqH9i51XSKuo qKHbZO2rbWJ50dD066ehEOKs6UO3ULNjRKOHvx/NhHnOQuYjlZXt4HHC2BR9zV6dKUUTTde0yDp fs+xl7jh3MX5HFJFAmHw4HV5si X-Received: by 2002:a05:6000:1ac7:b0:439:b440:b8b0 with SMTP id ffacd0b85a97d-43b889f5ae2mr13531520f8f.45.1774549075055; Thu, 26 Mar 2026 11:17:55 -0700 (PDT) X-Received: by 2002:a05:6000:1ac7:b0:439:b440:b8b0 with SMTP id ffacd0b85a97d-43b889f5ae2mr13531444f8f.45.1774549074443; Thu, 26 Mar 2026 11:17:54 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b919cf1c4sm9612818f8f.23.2026.03.26.11.17.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:52 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 11/24] KVM: x86/mmu: move cr4_smep to base role Date: Thu, 26 Mar 2026 19:17:09 +0100 Message-ID: <20260326181723.218115-12-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Guest page tables can be reused independent of the value of CR4.SMEP (at least if WP=3D1). However, this is not true of EPT MBEC pages, because presence of EPT entries is signaled by bits 0-2 when MBEC is off, and bits 0-2 + bit 10 when MBEC is on. In preparation for enabling MBEC, move cr4_smep to the base role. This makes the smep_andnot_wp bit redundant, so remove it. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- Documentation/virt/kvm/x86/mmu.rst | 10 ++++------ arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 23 +++++++++++++++-------- arch/x86/kvm/mmu/mmu.c | 6 +++--- 4 files changed, 23 insertions(+), 17 deletions(-) diff --git a/Documentation/virt/kvm/x86/mmu.rst b/Documentation/virt/kvm/x8= 6/mmu.rst index 2b3b6d442302..666aa179601a 100644 --- a/Documentation/virt/kvm/x86/mmu.rst +++ b/Documentation/virt/kvm/x86/mmu.rst @@ -184,10 +184,8 @@ Shadow pages contain the following information: Contains the value of efer.nx for which the page is valid. role.cr0_wp: Contains the value of cr0.wp for which the page is valid. - role.smep_andnot_wp: - Contains the value of cr4.smep && !cr0.wp for which the page is valid - (pages for which this is true are different from other pages; see the - treatment of cr0.wp=3D0 below). + role.cr4_smep: + Contains the value of cr4.smep for which the page is valid. role.smap_andnot_wp: Contains the value of cr4.smap && !cr0.wp for which the page is valid (pages for which this is true are different from other pages; see the @@ -435,8 +433,8 @@ from being written by the kernel after cr0.wp has chang= ed to 1, we make the value of cr0.wp part of the page role. This means that an spte created with one value of cr0.wp cannot be used when cr0.wp has a different value - it will simply be missed by the shadow page lookup code. A similar issue -exists when an spte created with cr0.wp=3D0 and cr4.smep=3D0 is used after -changing cr4.smep to 1. To avoid this, the value of !cr0.wp && cr4.smep +exists when an spte created with cr0.wp=3D0 and cr4.smap=3D0 is used after +changing cr4.smap to 1. To avoid this, the value of !cr0.wp && cr4.smap is also made a part of the page role. =20 Large pages diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-= x86-ops.h index de709fb5bd76..a02b486cc6fe 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -93,6 +93,7 @@ KVM_X86_OP_OPTIONAL(sync_pir_to_irr) KVM_X86_OP_OPTIONAL_RET0(set_tss_addr) KVM_X86_OP_OPTIONAL_RET0(set_identity_map_addr) KVM_X86_OP_OPTIONAL_RET0(get_mt_mask) +KVM_X86_OP_OPTIONAL_RET0(tdp_has_smep) KVM_X86_OP(load_mmu_pgd) KVM_X86_OP_OPTIONAL(link_external_spt) KVM_X86_OP_OPTIONAL(set_external_spte) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 65671d3769f0..50a941ff61d1 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -342,8 +342,8 @@ struct kvm_kernel_irq_routing_entry; * paging has exactly one upper level, making level completely redunda= nt * when has_4_byte_gpte=3D1. * - * - on top of this, smep_andnot_wp and smap_andnot_wp are only set if - * cr0_wp=3D0, therefore these three bits only give rise to 5 possibil= ities. + * - on top of this, smap_andnot_wp is only set if cr0_wp=3D0, + * therefore these two bits only give rise to 3 possibilities. * * Therefore, the maximum number of possible upper-level shadow pages for a * single gfn is a bit less than 2^14. @@ -359,12 +359,19 @@ union kvm_mmu_page_role { unsigned invalid:1; unsigned efer_nx:1; unsigned cr0_wp:1; - unsigned smep_andnot_wp:1; unsigned smap_andnot_wp:1; unsigned ad_disabled:1; unsigned guest_mode:1; unsigned passthrough:1; unsigned is_mirror:1; + + /* + * cr4_smep is also set for EPT MBEC. Because it affects + * which pages are considered non-present (bit 10 additionally + * must be zero if MBEC is on) it has to be in the base role. + */ + unsigned cr4_smep:1; + unsigned:3; =20 /* @@ -391,10 +398,10 @@ union kvm_mmu_page_role { * tables (because KVM doesn't support Protection Keys with shadow paging)= , and * CR0.PG, CR4.PAE, and CR4.PSE are indirectly reflected in role.level. * - * Note, SMEP and SMAP are not redundant with sm*p_andnot_wp in the page r= ole. - * If CR0.WP=3D1, KVM can reuse shadow pages for the guest regardless of S= MEP and - * SMAP, but the MMU's permission checks for software walks need to be SME= P and - * SMAP aware regardless of CR0.WP. + * Note, SMAP is not redundant with smap_andnot_wp in the page role. If + * CR0.WP=3D1, KVM can reuse shadow pages for the guest regardless of SMAP, + * but the MMU's permission checks for software walks need to be SMAP + * aware regardless of CR0.WP. */ union kvm_mmu_extended_role { u32 word; @@ -404,7 +411,6 @@ union kvm_mmu_extended_role { unsigned int cr4_pse:1; unsigned int cr4_pke:1; unsigned int cr4_smap:1; - unsigned int cr4_smep:1; unsigned int cr4_la57:1; unsigned int efer_lma:1; }; @@ -1856,6 +1862,7 @@ struct kvm_x86_ops { int (*set_tss_addr)(struct kvm *kvm, unsigned int addr); int (*set_identity_map_addr)(struct kvm *kvm, u64 ident_addr); u8 (*get_mt_mask)(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio); + bool (*tdp_has_smep)(struct kvm *kvm); =20 void (*load_mmu_pgd)(struct kvm_vcpu *vcpu, hpa_t root_hpa, int root_level); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index a6ee467ad838..e768aeb05886 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -227,7 +227,7 @@ static inline bool __maybe_unused is_##reg##_##name(str= uct kvm_mmu *mmu) \ } BUILD_MMU_ROLE_ACCESSOR(base, cr0, wp); BUILD_MMU_ROLE_ACCESSOR(ext, cr4, pse); -BUILD_MMU_ROLE_ACCESSOR(ext, cr4, smep); +BUILD_MMU_ROLE_ACCESSOR(base, cr4, smep); BUILD_MMU_ROLE_ACCESSOR(ext, cr4, smap); BUILD_MMU_ROLE_ACCESSOR(ext, cr4, pke); BUILD_MMU_ROLE_ACCESSOR(ext, cr4, la57); @@ -5745,7 +5745,7 @@ static union kvm_cpu_role kvm_calc_cpu_role(struct kv= m_vcpu *vcpu, =20 role.base.efer_nx =3D ____is_efer_nx(regs); role.base.cr0_wp =3D ____is_cr0_wp(regs); - role.base.smep_andnot_wp =3D ____is_cr4_smep(regs) && !____is_cr0_wp(regs= ); + role.base.cr4_smep =3D ____is_cr4_smep(regs); role.base.smap_andnot_wp =3D ____is_cr4_smap(regs) && !____is_cr0_wp(regs= ); role.base.has_4_byte_gpte =3D !____is_cr4_pae(regs); =20 @@ -5757,7 +5757,6 @@ static union kvm_cpu_role kvm_calc_cpu_role(struct kv= m_vcpu *vcpu, else role.base.level =3D PT32_ROOT_LEVEL; =20 - role.ext.cr4_smep =3D ____is_cr4_smep(regs); role.ext.cr4_smap =3D ____is_cr4_smap(regs); role.ext.cr4_pse =3D ____is_cr4_pse(regs); =20 @@ -5816,6 +5815,7 @@ kvm_calc_tdp_mmu_root_page_role(struct kvm_vcpu *vcpu, =20 role.access =3D ACC_ALL; role.cr0_wp =3D true; + role.cr4_smep =3D kvm_x86_call(tdp_has_smep)(vcpu->kvm); role.efer_nx =3D true; role.smm =3D cpu_role.base.smm; role.guest_mode =3D cpu_role.base.guest_mode; --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 809FE4219E9 for ; Thu, 26 Mar 2026 18:18:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549087; cv=none; b=TKPCYCUwY2+c95bb71lnPqqKJxH8OzXgpHtdSU/VuNfxFoaIFWb8itDpUnPuMNCUsnRHhWqPIu7HivWVYlm4rsgmLvkwIVWqF8Wj4iZKqvlUw51uFO8o+5dOw2bbNYZHpoNQLSyDlJBAkBfZIj8Y6YqO1ohlCREqLGGbQ8KAakY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549087; c=relaxed/simple; bh=rmmDTWNI2csLB7Fsm+M8YXbjAe4qJjlzII/1MO7+SpI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=d/qCwgPaE66Tsb+8D5NbujJAwxY/nMmbsBaacBXNvZ9s80nuCAO3f7Z8GRQK+ckQR4Owx2usiMcratIJVfhAxBkaY9CRnPx6b3lw2lWW7Y8tp4bXgED1cAxAI/E0Ii9cEPfiu8S8H9c731HceQwLp+JWYX23t5tIY8V/T9ssHAw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=Gy+nvqga; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=Ql+yIMOK; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Gy+nvqga"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="Ql+yIMOK" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549081; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Vn07vXd3BZeS5TPNHyl5bqg59EBGf9mb+7OUrd5QUvI=; b=Gy+nvqgaGerqVHNMQeEJI7erYVC6+QsdW6lYywHJo+LBrqeMFNldwLG85KyRPN/1lxqbOw +2voq0Uz1QKTM84XJP3ZspVI/5RxgWuziFgkHD4DlhA/7Q5wz4YJPg7qNUxeYAUebl6F4z jd5LH4FRSKRJjFEod7pUbAijS0gU9lE= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-681-OAYpHsOTPdW7ZzRWdrIzbQ-1; Thu, 26 Mar 2026 14:17:59 -0400 X-MC-Unique: OAYpHsOTPdW7ZzRWdrIzbQ-1 X-Mimecast-MFC-AGG-ID: OAYpHsOTPdW7ZzRWdrIzbQ_1774549079 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-48531e6012bso13563565e9.1 for ; Thu, 26 Mar 2026 11:17:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549078; x=1775153878; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Vn07vXd3BZeS5TPNHyl5bqg59EBGf9mb+7OUrd5QUvI=; b=Ql+yIMOKOwc2KmIxXjBfu7cXcThjtBrIjSYKCIN5k9OLaJZvw3wSuqtjHjVPBF3Ilt RTK88taf1/lEmar035n+MJBxPcTqckV2VOnWp4ulp9hyHW0AXsETnrvtDIV33UgM01ZF 51Oc/m6LoaHEhVDNbLL2gfAloGbPWM9nKEEJ8uw77wn80liJSg5JxCPP7NkNT3gPzSMr Mkeiuzhb36HqP0qVTsfZGIOC6QFWqiSqZOqV5OjQiA7KQ+ianvaR+hLsc7S7QFdLglkT HurEXD09IeHtFCgZrrzhcMqqsn5rCZ0mIVkY4+Ms+zVJHUoWNnrHwv8G1M3BU3WzD//d kAPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549078; x=1775153878; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Vn07vXd3BZeS5TPNHyl5bqg59EBGf9mb+7OUrd5QUvI=; b=LA+YpI1G4n/CCLcvUn6+FhtEu8T/Q5nUN/54hHhZ1Svy9n8n8EVs3QK35ExUTRz70R U66ZQbkHc538HTDlvp+4A+2XvSxIQ3YfX2ODUSeWwNMWocIkIM57Wx7T8eM9xbkrixqt Objh3ovc2XF59dpCsubKEicazh864G+X2Mp9pi+PYvgLhEQ4szRtmT4JtLH6/arpZ9mt nhpV2WuY13/W4ETS7iCBMX1+M7is/fZkYukiZReYXJ+Usvy/p2AmI62owrTGz6PgylWw WRhnX8YfsBFBfONRAp/bPUfyBwPcgJbg82/ESDUQ84Ya+QelKuqDwLviqWJ78MfvNmY5 Dpmg== X-Gm-Message-State: AOJu0YzNhsFSbcCuVwrcCKmOq0C1JHBqX2sFaucqs6ScZJU2JZxYOX5k fh0N9Sw3I95VvB+fWyd5Nk9wbXzrjBPLUP0PMOQve/bGCB1lDeIqxFSAH9X0uqP24C3hdp0vYO8 ZHUdTG0q2ptQbP2qaaDjij1++nxi/8G+Hq9RLJdVFBx01Tm9d3AQ/iVVCEsGwum591T/UI2yk2p /zYCk8eNPPDRq0KG22wlGnnO/C+P2eTwaQnV7Oc9WHt+AN6i1KPQ== X-Gm-Gg: ATEYQzw9/ZZ0fYqb+p06nza3l9oQIFxuKWRMfX1acwJYULkyGlvL/cFMqVTg8msmy96 me3XB4LvEQlMKLjH8hMMEJPtOoY2ABRJ9RlZAX2KNFeY8ikbLg0ffJgKTRxGxLDZDHsajD8fEFQ 3U187RbqyDTiW3KqtOYKhWpeIaWUwyQbhTWQ+nwt1Vzc/5/QQOC9ful18j8WlyN6wGgBtFva3vm dvxAY8ZfdI8Wnt9jb1p3OX4Jl1oXuja551X9dTV48CiN7aSY0ColjOdgPbokQ5gQPODbX2pp0se lq3xe15qtSC7SEFcdJ2SwX6MVBicOfXlcIfZ4zFGI5MJ6/Vbed/833fcMbEqAEgVOtqy1t/zarO 95KO3B0VKyrUxdFJ4UoMgHUS6E1sJD9NlbR6zKHsW26T2xW8EFVz7i4Nxd7OFaE8Bm0OGnf3Qty fpmY35QSxbmjnMGdDh7eVO0bID X-Received: by 2002:a05:600c:5296:b0:487:13d:4e77 with SMTP id 5b1f17b1804b1-48716067315mr130193605e9.27.1774549077704; Thu, 26 Mar 2026 11:17:57 -0700 (PDT) X-Received: by 2002:a05:600c:5296:b0:487:13d:4e77 with SMTP id 5b1f17b1804b1-48716067315mr130192935e9.27.1774549077151; Thu, 26 Mar 2026 11:17:57 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722be47a4sm65099425e9.0.2026.03.26.11.17.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:55 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 12/24] KVM: VMX: enable use of MBEC Date: Thu, 26 Mar 2026 19:17:10 +0100 Message-ID: <20260326181723.218115-13-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" If available, set SECONDARY_EXEC_MODE_BASED_EPT_EXEC in the secondary execution controls and configure XS and XU separately (even if they are always used together). Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/include/asm/vmx.h | 3 +++ arch/x86/kvm/mmu.h | 7 ++++++- arch/x86/kvm/mmu/spte.c | 4 ++-- arch/x86/kvm/mmu/spte.h | 5 +++-- arch/x86/kvm/vmx/capabilities.h | 6 ++++++ arch/x86/kvm/vmx/common.h | 10 +++++----- arch/x86/kvm/vmx/main.c | 9 +++++++++ arch/x86/kvm/vmx/nested.c | 1 + arch/x86/kvm/vmx/vmx.c | 16 +++++++++++++++- arch/x86/kvm/vmx/vmx.h | 1 + arch/x86/kvm/vmx/x86_ops.h | 1 + 11 files changed, 52 insertions(+), 11 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index 59e3b095a315..2b449a3948d3 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -608,9 +608,12 @@ enum vm_entry_failure_code { #define EPT_VIOLATION_GVA_TRANSLATED BIT(8) =20 #define EPT_VIOLATION_RWX_TO_PROT(__epte) (((__epte) & VMX_EPT_RWX_MASK) <= < 3) +#define EPT_VIOLATION_USER_EXEC_TO_PROT(__epte) (((__epte) & VMX_EPT_USER_= EXECUTABLE_MASK) >> 4) =20 static_assert(EPT_VIOLATION_RWX_TO_PROT(VMX_EPT_RWX_MASK) =3D=3D (EPT_VIOLATION_PROT_READ | EPT_VIOLATION_PROT_WRITE | EPT_VIOLATION= _PROT_EXEC)); +static_assert(EPT_VIOLATION_USER_EXEC_TO_PROT(VMX_EPT_USER_EXECUTABLE_MASK= ) =3D=3D + (EPT_VIOLATION_PROT_USER_EXEC)); =20 /* * Exit Qualifications for NOTIFY VM EXIT diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 23f37535c0ce..678ce021991f 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -76,12 +76,17 @@ static inline gfn_t kvm_mmu_max_gfn(void) return (1ULL << (max_gpa_bits - PAGE_SHIFT)) - 1; } =20 +static inline bool mmu_has_mbec(struct kvm_mmu *mmu) +{ + return mmu->root_role.cr4_smep; +} + u8 kvm_mmu_get_max_tdp_level(void); =20 void kvm_mmu_set_mmio_spte_mask(u64 mmio_value, u64 mmio_mask, u64 access_= mask); void kvm_mmu_set_mmio_spte_value(struct kvm *kvm, u64 mmio_value); void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_mask); -void kvm_mmu_set_ept_masks(bool has_ad_bits); +void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_mbec); =20 void kvm_init_mmu(struct kvm_vcpu *vcpu); void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0, diff --git a/arch/x86/kvm/mmu/spte.c b/arch/x86/kvm/mmu/spte.c index fc7eb73476f6..800312e46d0a 100644 --- a/arch/x86/kvm/mmu/spte.c +++ b/arch/x86/kvm/mmu/spte.c @@ -500,7 +500,7 @@ void kvm_mmu_set_me_spte_mask(u64 me_value, u64 me_mask) } EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_mmu_set_me_spte_mask); =20 -void kvm_mmu_set_ept_masks(bool has_ad_bits) +void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_mbec) { kvm_ad_enabled =3D has_ad_bits; =20 @@ -509,7 +509,7 @@ void kvm_mmu_set_ept_masks(bool has_ad_bits) shadow_dirty_mask =3D VMX_EPT_DIRTY_BIT; shadow_nx_mask =3D 0ull; shadow_xs_mask =3D VMX_EPT_EXECUTABLE_MASK; - shadow_xu_mask =3D VMX_EPT_EXECUTABLE_MASK; + shadow_xu_mask =3D has_mbec ? VMX_EPT_USER_EXECUTABLE_MASK : VMX_EPT_EXE= CUTABLE_MASK; shadow_present_mask =3D VMX_EPT_SUPPRESS_VE_BIT; =20 shadow_acc_track_mask =3D VMX_EPT_RWX_MASK | VMX_EPT_USER_EXECUTABLE_MASK; diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h index 204f16aaf4e5..6c514194a513 100644 --- a/arch/x86/kvm/mmu/spte.h +++ b/arch/x86/kvm/mmu/spte.h @@ -24,7 +24,7 @@ * - bits 55 (EPT only): MMU-writable * - bits 56-59: unused * - bits 60-61: type of A/D tracking - * - bits 62: unused + * - bits 62 (EPT only): saved XU bit for disabled AD */ =20 /* @@ -72,7 +72,8 @@ static_assert(SPTE_TDP_AD_ENABLED =3D=3D 0); * must not overlap the A/D type mask. */ #define SHADOW_ACC_TRACK_SAVED_BITS_MASK (VMX_EPT_READABLE_MASK | \ - VMX_EPT_EXECUTABLE_MASK) + VMX_EPT_EXECUTABLE_MASK | \ + VMX_EPT_USER_EXECUTABLE_MASK) #define SHADOW_ACC_TRACK_SAVED_BITS_SHIFT 52 #define SHADOW_ACC_TRACK_SAVED_MASK (SHADOW_ACC_TRACK_SAVED_BITS_MASK << \ SHADOW_ACC_TRACK_SAVED_BITS_SHIFT) diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilitie= s.h index 609477f190e8..90c0bb4b7216 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -406,4 +406,10 @@ static inline bool cpu_has_notify_vmexit(void) SECONDARY_EXEC_NOTIFY_VM_EXITING; } =20 +static inline bool cpu_has_ept_mbec(void) +{ + return vmcs_config.cpu_based_2nd_exec_ctrl & + SECONDARY_EXEC_MODE_BASED_EPT_EXEC; +} + #endif /* __KVM_X86_VMX_CAPS_H */ diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h index 1afbf272efae..40fa72f31fc7 100644 --- a/arch/x86/kvm/vmx/common.h +++ b/arch/x86/kvm/vmx/common.h @@ -91,15 +91,15 @@ static inline int __vmx_handle_ept_violation(struct kvm= _vcpu *vcpu, gpa_t gpa, /* Is it a fetch fault? */ error_code |=3D (exit_qualification & EPT_VIOLATION_ACC_INSTR) ? PFERR_FETCH_MASK : 0; - /* - * ept page table entry is present? - * note: unconditionally clear USER_EXEC until mode-based - * execute control is implemented - */ + /* ept page table entry is present? */ error_code |=3D (exit_qualification & (EPT_VIOLATION_PROT_MASK & ~EPT_VIOLATION_PROT_USER_EXEC)) ? PFERR_PRESENT_MASK : 0; =20 + if (mmu_has_mbec(vcpu->arch.mmu)) + error_code |=3D (exit_qualification & EPT_VIOLATION_PROT_USER_EXEC) + ? PFERR_PRESENT_MASK : 0; + if (exit_qualification & EPT_VIOLATION_GVA_IS_VALID) error_code |=3D (exit_qualification & EPT_VIOLATION_GVA_TRANSLATED) ? PFERR_GUEST_FINAL_MASK : PFERR_GUEST_PAGE_MASK; diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index a46ccd670785..c0dd506bed64 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -750,6 +750,14 @@ static int vt_set_identity_map_addr(struct kvm *kvm, u= 64 ident_addr) return vmx_set_identity_map_addr(kvm, ident_addr); } =20 +static bool vt_tdp_has_smep(struct kvm *kvm) +{ + if (is_td(kvm)) + return false; + + return vmx_tdp_has_smep(kvm); +} + static u64 vt_get_l2_tsc_offset(struct kvm_vcpu *vcpu) { /* TDX doesn't support L2 guest at the moment. */ @@ -961,6 +969,7 @@ struct kvm_x86_ops vt_x86_ops __initdata =3D { .set_tss_addr =3D vt_op(set_tss_addr), .set_identity_map_addr =3D vt_op(set_identity_map_addr), .get_mt_mask =3D vmx_get_mt_mask, + .tdp_has_smep =3D vt_op(tdp_has_smep), =20 .get_exit_info =3D vt_op(get_exit_info), .get_entry_info =3D vt_op(get_entry_info), diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 937aeb474af7..adeb5a29169f 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2440,6 +2440,7 @@ static void prepare_vmcs02_early(struct vcpu_vmx *vmx= , struct loaded_vmcs *vmcs0 SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | SECONDARY_EXEC_APIC_REGISTER_VIRT | SECONDARY_EXEC_ENABLE_VMFUNC | + SECONDARY_EXEC_MODE_BASED_EPT_EXEC | SECONDARY_EXEC_DESC); =20 if (nested_cpu_has(vmcs12, diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index e27868fa4eb7..0c25c6865f91 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -113,6 +113,9 @@ module_param(emulate_invalid_guest_state, bool, 0444); static bool __read_mostly fasteoi =3D 1; module_param(fasteoi, bool, 0444); =20 +static bool __read_mostly enable_mbec =3D 1; +module_param_named(mbec, enable_mbec, bool, 0444); + module_param(enable_apicv, bool, 0444); module_param(enable_ipiv, bool, 0444); =20 @@ -2809,6 +2812,7 @@ static int setup_vmcs_config(struct vmcs_config *vmcs= _conf, return -EIO; =20 vmx_cap->ept =3D 0; + _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_MODE_BASED_EPT_EXEC; _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_EPT_VIOLATION_VE; } if (!(_cpu_based_2nd_exec_control & SECONDARY_EXEC_ENABLE_VPID) && @@ -4844,6 +4848,9 @@ static u32 vmx_secondary_exec_control(struct vcpu_vmx= *vmx) */ exec_control &=3D ~SECONDARY_EXEC_ENABLE_VMFUNC; =20 + if (!enable_mbec) + exec_control &=3D ~SECONDARY_EXEC_MODE_BASED_EPT_EXEC; + /* SECONDARY_EXEC_DESC is enabled/disabled on writes to CR4.UMIP, * in vmx_set_cr4. */ exec_control &=3D ~SECONDARY_EXEC_DESC; @@ -7932,6 +7939,11 @@ u8 vmx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn,= bool is_mmio) return (MTRR_TYPE_WRBACK << VMX_EPT_MT_EPTE_SHIFT); } =20 +bool vmx_tdp_has_smep(struct kvm *kvm) +{ + return enable_mbec; +} + static void vmcs_set_secondary_exec_control(struct vcpu_vmx *vmx, u32 new_= ctl) { /* @@ -8779,6 +8791,8 @@ __init int vmx_hardware_setup(void) ple_window_shrink =3D 0; } =20 + if (!cpu_has_ept_mbec()) + enable_mbec =3D 0; if (!cpu_has_vmx_apicv()) enable_apicv =3D 0; if (!enable_apicv) @@ -8798,7 +8812,7 @@ __init int vmx_hardware_setup(void) set_bit(0, vmx_vpid_bitmap); /* 0 is reserved for host */ =20 if (enable_ept) - kvm_mmu_set_ept_masks(enable_ept_ad_bits); + kvm_mmu_set_ept_masks(enable_ept_ad_bits, enable_mbec); else vt_x86_ops.get_mt_mask =3D NULL; =20 diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 70bfe81dea54..594717e619d9 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -570,6 +570,7 @@ static inline u8 vmx_get_rvi(void) SECONDARY_EXEC_ENABLE_VMFUNC | \ SECONDARY_EXEC_BUS_LOCK_DETECTION | \ SECONDARY_EXEC_NOTIFY_VM_EXITING | \ + SECONDARY_EXEC_MODE_BASED_EPT_EXEC | \ SECONDARY_EXEC_ENCLS_EXITING | \ SECONDARY_EXEC_EPT_VIOLATION_VE) =20 diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index d09abeac2b56..69cf276be88e 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -103,6 +103,7 @@ void vmx_load_eoi_exitmap(struct kvm_vcpu *vcpu, u64 *e= oi_exit_bitmap); int vmx_set_tss_addr(struct kvm *kvm, unsigned int addr); int vmx_set_identity_map_addr(struct kvm *kvm, u64 ident_addr); u8 vmx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio); +bool vmx_tdp_has_smep(struct kvm *kvm); =20 void vmx_get_exit_info(struct kvm_vcpu *vcpu, u32 *reason, u64 *info1, u64 *info2, u32 *intr_info, u32 *error_code); --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9797F3A1E6D for ; Thu, 26 Mar 2026 18:18:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549092; cv=none; b=I0bEAQqRFkD40L3Z/jscxT5YM3Ad7dnVLs6nzq/q7QbBwt/7FXw07uPYa9p4VF3hd4vwRClX+dHDSjR3G3uZDEFBTKwaYKGqD9tZYSnJ4AwQwbnpuIk2vkcWFqhEHVs6gNfEWCSHTVHF1Bk1zQjN+TzXbctb8G/14mKcxZHU/vI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549092; c=relaxed/simple; bh=vRU527ooK61F8J/EBmObXyVR1fL0SuQzz0JB5ca4i3s=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Q1wfiYiVvkjixN0+aX4R6vtgOCC4ZOo00msFmLCotvjEpnZXDNv5eDlsy9+i5iJ1fwQYpSeyc/4CfDHxLLXE2Pb0r+msilxGlEVVAp0A9ePmbuepUbS8d4wqE4ldJKx82taOAx56n6iRO6kNlJhQbXOVKJEN1j2qrd6xPvgXyxA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=CeQheFJ4; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=rZEAr2Ff; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="CeQheFJ4"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="rZEAr2Ff" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549085; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=z3max8On1ZuAYoYMSIpCEX64J8cd14WUWIyCVRHJcuY=; b=CeQheFJ4699WVcTCr/mnFeopc0y3P9PEs28tRCqtOLpQVJsdDo4mhIz4Z8eTc8LdD39UkP HxhuwJ+uSyA+a9D0kayWCk1HcjVSP8vfKr62Jal0813HpFzmcV4yTSxK58gFu/WYV62yh5 G+amK1uESSIX/JGVG4D6dCuvrfT5QcY= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-161-ZMw08yFPPvmCpCfUPvYHaw-1; Thu, 26 Mar 2026 14:18:03 -0400 X-MC-Unique: ZMw08yFPPvmCpCfUPvYHaw-1 X-Mimecast-MFC-AGG-ID: ZMw08yFPPvmCpCfUPvYHaw_1774549083 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-43b99add7f3so318473f8f.1 for ; Thu, 26 Mar 2026 11:18:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549081; x=1775153881; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=z3max8On1ZuAYoYMSIpCEX64J8cd14WUWIyCVRHJcuY=; b=rZEAr2FfBQNJ1bfJ32ZMoYs5Qc3hrRqi+JoTUlgZPrvcghj8pw+yk37WEixZZL65LA oT+n6EH9YDl7YkY5gRtFaw1e3UEcMHOnmCHh3zhwY0BV0DHoAHGQFTmhk2PIH6wbZ2M8 ykg1s29Ysfp6FUarjBib/6oSY7AFoA+EsxVUC4S0fvNFh8vngVrtq/4ISvQgb9NhA4C0 deEB7eoZPTO+8C3WoH//Guu7+HhuCKmXtK936UmP4AqIRInvhHzNV+Fyyaph91iZwQet ZQa9zxrzKfwo6HgYaswMc7pGMwS5fS7BLVOtnl6ZeNlrKCD1S+tcUnVHpmnrYNW/p3qp pFVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549081; x=1775153881; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=z3max8On1ZuAYoYMSIpCEX64J8cd14WUWIyCVRHJcuY=; b=bS8dT4MYESYTWgRgmQTuu4LFs0HXMNFcneXt0NI6dBSnPtg/REfSyHYIR4j4KB67XI kayll+sO5HfYsMLtZS9dOWAfTgzJ+z+afpCzrwhIBc8mm7ODnvTIQsWNNvUagrH8Gn+g McLQ3fwkc5CIevFUvSc5yOrwrmzqTlMoVWLZFJBq+eU9NsNwRYQEGBKH31CyQAHF34PG jjNEdrXvCpFOMGMRdsKfDWuSCzhZ/1STuuNLNg5Q+USs6kIweOVpcNjOPil6u5M/k0gh i15XEPmXZrLpNTfWXgYrdPG8Sgdo4aBThvXaJiER/oRiVegs/HbzpJrFmKfykc+D4kV6 7OjQ== X-Gm-Message-State: AOJu0YyWbb7xEIqaBkGAZw1cT816dLXhZnevzdWYpCwVjLZ9AXL6GE4P nVK9d7dm0Vog9Vqdvcpa/8yXfUbLqUjqr2PDa+TtyCunZJgkEEvl68zIXnDYq3Sem4+3Tp57bMX EUx+MeYcw9cphAPpfzAeAb4QSw8h7haGjjgH5Qgmq6XrqtAQUCU421YUjH8ZzujEUNBwgL3W7Cd Y2hi0bTB2845aXQ7ImEbLGmQFJvH1oRQnNIdMZJKsp7yRI2zQf4w== X-Gm-Gg: ATEYQzynQMMz10DraGTZ1XC2DELglpfrfyNxCitthWUrhqYDiejs13Hxuujg8NTbr7O WF184RrJlZ9GMcnL7sJgMOd8DQTKR3//N6WnbmZRkNIun3to7GQrRPtoVjaHcQ4U/lM4w5kiOxj 3yn2md7V/lzaaerNGa0IBYugEIGNHtf3A3wm0L7W+KF2fvOk3VDYtJJXEZJOXL0rGjSNuD+nE+/ EOoSDnteOah50NZfPd78h+nYy2YdAdvF/xJw9DneFbqZxu/V0yrfeNyEvyfalL5/llOeT48PZkH fvAVOkN3zkLGlMUml0X2hileH7BIN4WeqLvB41v2gEUsNtmg65Lv2M1+kJtdLlD/SneSPy7g+wE BA4jN3sUHg/FpWUCjvUQ+IfumOd2YZJDrJiWai0jhU7OOeVqUPaNUxjBDuUDQoKMjKqJnBBmrmL vYhibK96/y0WTKZdjTViILhYpB X-Received: by 2002:a05:6000:2901:b0:43b:4967:2898 with SMTP id ffacd0b85a97d-43b97a2cdc1mr5218495f8f.22.1774549081444; Thu, 26 Mar 2026 11:18:01 -0700 (PDT) X-Received: by 2002:a05:6000:2901:b0:43b:4967:2898 with SMTP id ffacd0b85a97d-43b97a2cdc1mr5218274f8f.22.1774549079750; Thu, 26 Mar 2026 11:17:59 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b9192e3e8sm10797961f8f.5.2026.03.26.11.17.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:17:58 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 13/24] KVM: nVMX: pass advanced EPT violation vmexit info to guest Date: Thu, 26 Mar 2026 19:17:11 +0100 Message-ID: <20260326181723.218115-14-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" KVM will use advanced vmexit information for EPT violations to virtualize MBEC. Pass it to the guest since it is easy and allows testing nested nested. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/include/asm/vmx.h | 4 ++++ arch/x86/kvm/mmu/paging_tmpl.h | 2 +- arch/x86/kvm/vmx/nested.c | 13 +++++++++---- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index 2b449a3948d3..fcd623719334 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -524,6 +524,7 @@ enum vmcs_field { #define VMX_EPT_1GB_PAGE_BIT (1ull << 17) #define VMX_EPT_INVEPT_BIT (1ull << 20) #define VMX_EPT_AD_BIT (1ull << 21) +#define VMX_EPT_ADVANCED_VMEXIT_INFO_BIT (1ull << 22) #define VMX_EPT_EXTENT_CONTEXT_BIT (1ull << 25) #define VMX_EPT_EXTENT_GLOBAL_BIT (1ull << 26) =20 @@ -606,6 +607,9 @@ enum vm_entry_failure_code { EPT_VIOLATION_PROT_USER_EXEC) #define EPT_VIOLATION_GVA_IS_VALID BIT(7) #define EPT_VIOLATION_GVA_TRANSLATED BIT(8) +#define EPT_VIOLATION_GVA_USER BIT(9) +#define EPT_VIOLATION_GVA_WRITABLE BIT(10) +#define EPT_VIOLATION_GVA_NX BIT(11) =20 #define EPT_VIOLATION_RWX_TO_PROT(__epte) (((__epte) & VMX_EPT_RWX_MASK) <= < 3) #define EPT_VIOLATION_USER_EXEC_TO_PROT(__epte) (((__epte) & VMX_EPT_USER_= EXECUTABLE_MASK) >> 4) diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index fb1b5d8b23e5..09e2e630d4b6 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -491,7 +491,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, * [2:0] - Derive from the access bits. The exit_qualification might be * out of date if it is serving an EPT misconfiguration. * [5:3] - Calculated by the page walk of the guest EPT page tables - * [7:8] - Derived from [7:8] of real exit_qualification + * [7:11] - Derived from [7:11] of real exit_qualification * * The other bits are set to 0. */ diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index adeb5a29169f..4b742a19bfde 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -443,10 +443,14 @@ static void nested_ept_inject_page_fault(struct kvm_v= cpu *vcpu, vm_exit_reason =3D EXIT_REASON_EPT_MISCONFIG; exit_qualification =3D 0; } else { + u64 mask =3D EPT_VIOLATION_GVA_IS_VALID | + EPT_VIOLATION_GVA_TRANSLATED; + if (vmx->nested.msrs.ept_caps & VMX_EPT_ADVANCED_VMEXIT_INFO_BIT) + mask |=3D EPT_VIOLATION_GVA_USER | + EPT_VIOLATION_GVA_WRITABLE | + EPT_VIOLATION_GVA_NX; exit_qualification =3D fault->exit_qualification; - exit_qualification |=3D vmx_get_exit_qual(vcpu) & - (EPT_VIOLATION_GVA_IS_VALID | - EPT_VIOLATION_GVA_TRANSLATED); + exit_qualification |=3D vmx_get_exit_qual(vcpu) & mask; vm_exit_reason =3D EXIT_REASON_EPT_VIOLATION; } =20 @@ -7238,7 +7242,8 @@ static void nested_vmx_setup_secondary_ctls(u32 ept_c= aps, VMX_EPT_PAGE_WALK_5_BIT | VMX_EPTP_WB_BIT | VMX_EPT_INVEPT_BIT | - VMX_EPT_EXECUTE_ONLY_BIT; + VMX_EPT_EXECUTE_ONLY_BIT | + VMX_EPT_ADVANCED_VMEXIT_INFO_BIT; =20 msrs->ept_caps &=3D ept_caps; msrs->ept_caps |=3D VMX_EPT_EXTENT_GLOBAL_BIT | --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 157FF423A9A for ; Thu, 26 Mar 2026 18:18:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549093; cv=none; b=VRcNogVkH8GBNJrAnlTCMzUzB44+ySSHe70K3l1Fcjj5T1gg+HjnoE7SbqEQ3JyQel/wH8Th4gpG4Q0NVJTCou1UZ5gl2hr/eOI2RfoVgz8pRjQTha/ZyCM71QdFd2UB3BwuRMwEYE+Htb0pUXYIsh27lI91B6Qlw79UllAz0gQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549093; c=relaxed/simple; bh=iqpR+ue8PSAxYdmD9sNdud7LYdT3dwh4I8hHcO4//yk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=f+LHo23p9xaPNsXU6WjeUfvIkCSAM9dlhIMwomdAN4R4VZaC4SFdYEgR4POz3GvRtpbwLSF/wxckPNbJddRfR8oCG0S+A0aq2hddwyOKMrNV8/Sdov/X7zKNaqWbfWU7XbEa9C5pXA8Q+gSqVLthpniU8kTjyW5NWdXWUzrs41s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=ElKZCmwe; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=KrHLaaMV; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="ElKZCmwe"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="KrHLaaMV" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549087; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=iMmfmDl/+uM6tnVT+23fk4z+uPIH04GvDwC4CoL1dMo=; b=ElKZCmweDtw4T9/3ClRPCDhpEkkUvV5HC0ZBSVuTjs/T+6rPGndUFVcK4CoKJnNPA34/px mMTqZs7FwkKx4nKhFsuKrYiEwXGv+BezRknP6Cmz3t3e5wgfUoITyoVJdsKxdMV8GNvIfI 7Q7Eo48QKfa37u5H/4nzjTz/PNzLsV8= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-255-pRye-_CKPvGUsAiVJn3RpA-1; Thu, 26 Mar 2026 14:18:06 -0400 X-MC-Unique: pRye-_CKPvGUsAiVJn3RpA-1 X-Mimecast-MFC-AGG-ID: pRye-_CKPvGUsAiVJn3RpA_1774549085 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-486fcc05b20so7803325e9.3 for ; Thu, 26 Mar 2026 11:18:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549084; x=1775153884; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=iMmfmDl/+uM6tnVT+23fk4z+uPIH04GvDwC4CoL1dMo=; b=KrHLaaMVKWZaTuPGtPlejqAT2wQeKNDk4jpcrEf+OuyyuxvWyByFRgm6DQROKCw9TB EUB8a1BdIVibqe+Trq6akvPcw1VXjkX00EuWssttY18vW0dglf41na0fD5R2jzYOpjUx XiIpaHOgnZLwr/ICB24bvMiR7J+xwaNoWd5A7tKZJWt/Vbqe924BpHI8fps6eZhu0dwf 62cuFy1BgCQ2HUQZLAZOnUfXJpIQxZZuPRHfdqYAkCKYYZhex3W8BlIXPKC0o9PhoEtA epPSgGb8z/8orSZ/lJmr2Exj8yCic5zPwWqPBjfX5WTILu/BstAXX/hMZjUW32QDhLXb VYqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549084; x=1775153884; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=iMmfmDl/+uM6tnVT+23fk4z+uPIH04GvDwC4CoL1dMo=; b=ase7SBJcvG0CJOjBwCFisSS57W41fU0RVS+/u0Dt9Qq7teiFoumLfFSsdzlci+gZr9 4Uh6xJce/rdevy3NUFup7NAjfkOaC+du5IioT5gh47Ve0QdRlBAZRyyjMgqWqp8qhbmp uhsFwHdQva1YeUaaNylySINZxrMiHramKIf9/jenUFyIGPrltxJlMcN7b9Mkh1uIpf3w Eo4uP+ZQtABhtO1cCxt+ZDw0kJKLMFdmMgfCHj9ynuqMwWD8WECxH/1gUYkSSFuGAwJd hAH4Gq+X3q7aAsPg3CpC4ysVdpqM5l7xItqNrA0EGFhPjMlJq5xiq5XghLGurISotFom +pfA== X-Gm-Message-State: AOJu0Yxf6HIDoVhBB18I9dtIWDjalo0jW5F4jOXPk4s5YgvqyABLIuz6 FoN/tTmYmRvENm/WBtKaz7nVyiUIGoYhrOZFP39HOLZPk+laLkx0y3+wWGSBqT5uVDB9GOs0h9a 2vx9qOg8y6ATPNWYXWyDaFL9k4usDcdkrlUOmfNMsDtMKWoLl0Iu7g/Aj7cXDbakYyY28uxHBcz ClRADCcN5n2xDsisGDdr5eoZm2ysLBfyUOblE4JxegC+El3GJ+tA== X-Gm-Gg: ATEYQzzgexU4tJdrA0IzOtp096aL+NqgDilC2UjMQZdUBSQzg2yYNmPdCXYzaYtW6tm r/HcpIZhr1N5LUHRDJAaiLXhcT7v597mkeU18T/6husZ1ctLeiToGQi6R7CcVon/xfC9tmLjdCP 46jHm0KVu8ey1iPuSNlixbnqe9QPoN+9g0Wtv4ajG7kIVXAlh3MEGGwYdQa0Ydi4MvGKwqWAxR5 FroCYTAM8Nxbbag/JdYW3rxrvPqL7Yfkz81K2vlHAUxnasNgjOkE6Y60uWb81Q1J3WBqC51w92g KadFDdErb1CP/LD+0hP2vRktGvhoaQlSpMnyh+OINYX90d7ng+r/rTVfFBJXXKE11b9vgZrTnsy jjUenxrMlO4DW4mQeXerzQWgeXsIP0LTyyiQA9eMUKFuuBoVQiqLRkzPDjskS/xlOJPd4O+KcBC B8c6XRSVZX9Efnt5A00naVzkby X-Received: by 2002:a05:600c:3516:b0:485:3bc7:a231 with SMTP id 5b1f17b1804b1-48716084829mr139187265e9.29.1774549084391; Thu, 26 Mar 2026 11:18:04 -0700 (PDT) X-Received: by 2002:a05:600c:3516:b0:485:3bc7:a231 with SMTP id 5b1f17b1804b1-48716084829mr139186425e9.29.1774549083697; Thu, 26 Mar 2026 11:18:03 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722d2366dsm42456935e9.10.2026.03.26.11.18.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:01 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 14/24] KVM: nVMX: pass PFERR_USER_MASK to MMU on EPT violations Date: Thu, 26 Mar 2026 19:17:12 +0100 Message-ID: <20260326181723.218115-15-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" For EPT, PFERR_USER_MASK refers not to the CPL of the guest, but to the AND of the U bits encountered while walking guest page tables; this is consistent with how MBEC differentiates between XS and XU. This is available through the "advanced vmexit information for EPT violations" feature. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/vmx/common.h | 6 +++++- arch/x86/kvm/vmx/vmx.c | 10 ++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/vmx/common.h b/arch/x86/kvm/vmx/common.h index 40fa72f31fc7..48520fa1c8e8 100644 --- a/arch/x86/kvm/vmx/common.h +++ b/arch/x86/kvm/vmx/common.h @@ -100,9 +100,13 @@ static inline int __vmx_handle_ept_violation(struct kv= m_vcpu *vcpu, gpa_t gpa, error_code |=3D (exit_qualification & EPT_VIOLATION_PROT_USER_EXEC) ? PFERR_PRESENT_MASK : 0; =20 - if (exit_qualification & EPT_VIOLATION_GVA_IS_VALID) + if (exit_qualification & EPT_VIOLATION_GVA_IS_VALID) { error_code |=3D (exit_qualification & EPT_VIOLATION_GVA_TRANSLATED) ? PFERR_GUEST_FINAL_MASK : PFERR_GUEST_PAGE_MASK; + if ((exit_qualification & (EPT_VIOLATION_GVA_TRANSLATED|EPT_VIOLATION_GV= A_USER)) + =3D=3D (EPT_VIOLATION_GVA_TRANSLATED|EPT_VIOLATION_GVA_USER)) + error_code |=3D PFERR_USER_MASK; + } =20 if (vt_is_tdx_private_gpa(vcpu->kvm, gpa)) error_code |=3D PFERR_PRIVATE_ACCESS; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 0c25c6865f91..65892dc6f478 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2826,6 +2826,16 @@ static int setup_vmcs_config(struct vmcs_config *vmc= s_conf, vmx_cap->vpid =3D 0; } =20 + /* + * Virtualizing MBEC requires advanced vmexit information in order to + * distinguish supervisor and user accesses. For simplicity and clarity + * disable MBEC entirely if advanced vmexit information is not available, + * this way mbec=3D1 in the kvm_intel module parameters implies availabil= ity + * to nested guests as well. + */ + if (!(vmx_cap->ept & VMX_EPT_ADVANCED_VMEXIT_INFO_BIT)) + _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_MODE_BASED_EPT_EXEC; + if (!cpu_has_sgx()) _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_ENCLS_EXITING; =20 --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B0E633A5E6C for ; Thu, 26 Mar 2026 18:18:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549095; cv=none; b=OG8OiwIPiyragpCWuElNEyGGT0ROKJrv64jq2Y3wvkNhZaKwMzVUglCwr/dxZjHuhUothfNuvFUOOnUcz4kxO6B5BcNfnGLhDEC01m9uKS5yxORHUrHg7w0NVbNCcNE/ZrGNaRH87pGvfPG7rB1Oll8DWEnFsXYDAYgp3pCdi3Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549095; c=relaxed/simple; bh=8jc9qasPQEJtjMNrB6TSw8n8P34GibmcgRAgDSNYJZg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Iji+85ggWlcCKB5HIzo/5aZzhhxmATOD1WuHfS4zUCex41WhNNfq66ZAht1cA6MolW16V2MWyaAD+9EnHLJgFaJCKUHv+MxRyywi4vmN1xONFMaBsXe4R83wZjlGiLFGc+EkEVf1W9ERPrji13QGHDm7UztgH/3geymgh77S5yk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=Dz//aLTW; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=OL0V3ZKy; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Dz//aLTW"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="OL0V3ZKy" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549091; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=oSdMfPXfsmtQMuSqhfU0sdTptN3/E4detZ+Ck4ZdAzw=; b=Dz//aLTWylRMYt0hqobaDh1YyftU5wFONNQNQubsssL6DY0BCcfqpw+8DKiFgf7VNDrVj1 L09iKqPqTyiB6g2rDxnJYyank3EaLYo4aF2uJ3upWUwwep0euMIlkVJx91/dUi5+jYM31I LpSZePv/+1bI5tUEyerhLveNmAhTwvE= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-479-fHW_yB_aOjiSrIXjwppULw-1; Thu, 26 Mar 2026 14:18:09 -0400 X-MC-Unique: fHW_yB_aOjiSrIXjwppULw-1 X-Mimecast-MFC-AGG-ID: fHW_yB_aOjiSrIXjwppULw_1774549088 Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-43b9b8e3af6so112765f8f.0 for ; Thu, 26 Mar 2026 11:18:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549087; x=1775153887; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=oSdMfPXfsmtQMuSqhfU0sdTptN3/E4detZ+Ck4ZdAzw=; b=OL0V3ZKyGV+o46L0eE99uQLNClKT1O9pQEQpSPvFEo78uzj2szx48NUxDy4+2DGZou EZFatAlg2P91EDbESq/RMbQrorMIqcn4MqUpNIlNgsHXGgo6+cWg5oJ2BHmKX4Yav2aN QBXoNt2PnSthvH0TdCaPWFZnCVCbfIfWwQssTr10UDujxB2M6DNM7r3r+t9rbQMpHs/O j739Ca3YwDGtxLKOcDNnayX2PPbQ6AaPM9kLPbeDU3x8ZrC9s16nh45rNdW3dsgxyBTy vDvmSDVSniMiBB84ZUEqRNwM/unolsfR1F6Nr4F7Bs+foRiWFlFszNAx2zgdmNH0uJIr 1vog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549087; x=1775153887; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=oSdMfPXfsmtQMuSqhfU0sdTptN3/E4detZ+Ck4ZdAzw=; b=FEnI99xyDGONZCncBzQ9w3pjFQEtwdbiZwHoukz4SJHGXmDzG/3xaEmkkHXqGZCJnk gYODd/sH7YQPkBdDXASDQOXEOmwvsA46pbXPqdvchB1Ugpf9l6VPsxSzYKLa74e+fikM ryKBDkGOhFw9BizBya6Lk7jCLxWUIpv8gyiL/uHPfcKJlnvnJZINX5VopO9yscnCPcV9 feSlfud6UpSO7JgzBnCXD98dzSEyRnJNZExquk6sn7tUv7D2lbkhoCIXPg9oK7OE4Mxh EkSErvlZ1BnLxmAkd7VWX/SBL0iijQPzCUHAhX1j4fZj4Xm+3uj/McNB6yNjIDB0A/37 y1Yw== X-Gm-Message-State: AOJu0YwecLYLAwvs2TR8GngAE+WShTLPrNCLCnXeDltGAv/9/qDxBb0Q wyc/rumVPVaRaFOO2lLfso1B9fa6ow1JrRlKtvVwFp95Z/cRNpqYuzCQjj7hz7QJWRtU5gOP/+G IHgzzVzvego6Mr97HTHW1XFLa1sMJONzSZ1EX0rSvteJndVky/pPVQGZ3Dmf5QsO/lO1jDIy/L9 XIRcOszt78THI7mhhczVSOB9LfW0u2gi61KJ8ZA4DD2Zs9IABv6A== X-Gm-Gg: ATEYQzzaJr97lxA8kd80RZb5tAwZFqYw1BH1r8+ORKiwbXOg0xkIDaxZOnBhTQczd+t 7//OZj2F8YGtA4MEdoANWx2TS1xjAxJYDSezdCl7sNdq25HJTPDcaVAoGYgJ8qO1TRD5MpV5QGs xIyN9F4NJDik7XFhg+8H93g89rO+krGlbodK3JhoewUSINx2hFLNnj9m2xzy3kGr+qzk6OBBtxg 2N0EHJ3PsTCreizBmaFEiVAJHuxus/s/MozC2vpxsHaNwZbghhtmBqEDEyrROYx8utc/6/qx2mY tKSB1+0jdB0WaVqwkIO7FV1gbNkKodruKyln7AA0+E+DsyM0ZeMrjggnF3pY4DR6vUjDP6o0DeG s/vzX/E2F4Gak6AMzz3pLiY6nCOxuEv8w84XRUklMrS9jxECVsL53Fye5s99N5Y50Ql/qehL58q crNaOGUy4LcbNBYA7YEuqLLcw8 X-Received: by 2002:a05:6000:40cd:b0:43b:4aba:8f38 with SMTP id ffacd0b85a97d-43b88a956b7mr13404586f8f.47.1774549086905; Thu, 26 Mar 2026 11:18:06 -0700 (PDT) X-Received: by 2002:a05:6000:40cd:b0:43b:4aba:8f38 with SMTP id ffacd0b85a97d-43b88a956b7mr13404514f8f.47.1774549086254; Thu, 26 Mar 2026 11:18:06 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b919dfb54sm9816606f8f.31.2026.03.26.11.18.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:04 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 15/24] KVM: x86/mmu: add support for MBEC to EPT page table walks Date: Thu, 26 Mar 2026 19:17:13 +0100 Message-ID: <20260326181723.218115-16-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Extend the page walker to support moving bit 10 of the PTEs into ACC_USER_EXEC_MASK and bit 6 of the exit qualification of EPT violation VM exits. Note that while mmu_has_mbec()/cr4_smep affect the interpretation of ACC_USER_EXEC_MASK and add bit 10 as a "present bit" in guest EPT page table entries, they do not affect how KVM operates on SPTEs. That's because the MMU uses explicit ACC_USER_EXEC_MASK/shadow_xu_mask even for the non-nested EPT; the only difference is that ACC_USER_EXEC_MASK and ACC_EXEC_MASK will always be set in tandem outside the nested scenario. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/mmu.c | 13 +++++++++++-- arch/x86/kvm/mmu/paging_tmpl.h | 27 +++++++++++++++++++++------ 2 files changed, 32 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index e768aeb05886..cd2418fe8708 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5551,7 +5551,6 @@ static void update_permission_bitmask(struct kvm_mmu = *mmu, bool ept) { unsigned byte; =20 - const u16 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); const u16 w =3D ACC_BITS_MASK(ACC_WRITE_MASK); const u16 r =3D ACC_BITS_MASK(ACC_READ_MASK); =20 @@ -5592,8 +5591,18 @@ static void update_permission_bitmask(struct kvm_mmu= *mmu, bool ept) u16 smapf =3D 0; =20 if (ept) { - ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; + const u16 xs =3D ACC_BITS_MASK(ACC_EXEC_MASK); + const u16 xu =3D ACC_BITS_MASK(ACC_USER_EXEC_MASK); + + if (pfec & PFERR_FETCH_MASK) { + /* Ignore XU unless MBEC is enabled. */ + if (cr4_smep) + ff =3D pfec & PFERR_USER_MASK ? (u16)~xu : (u16)~xs; + else + ff =3D (u16)~xs; + } } else { + const u16 x =3D ACC_BITS_MASK(ACC_EXEC_MASK); const u16 u =3D ACC_BITS_MASK(ACC_USER_MASK); =20 /* Faults from kernel mode accesses to user pages */ diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index 09e2e630d4b6..95aa1b4fc327 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -124,12 +124,17 @@ static inline void FNAME(protect_clean_gpte)(struct k= vm_mmu *mmu, unsigned *acce *access &=3D mask; } =20 -static inline int FNAME(is_present_gpte)(unsigned long pte) +static inline int FNAME(is_present_gpte)(struct kvm_mmu *mmu, + unsigned long pte) { #if PTTYPE !=3D PTTYPE_EPT return pte & PT_PRESENT_MASK; #else - return pte & 7; + /* + * For EPT, an entry is present if any of bits 2:0 are set. + * With mode-based execute control, bit 10 also indicates presence. + */ + return pte & (7 | (mmu_has_mbec(mmu) ? VMX_EPT_USER_EXECUTABLE_MASK : 0)); #endif } =20 @@ -152,7 +157,7 @@ static bool FNAME(prefetch_invalid_gpte)(struct kvm_vcp= u *vcpu, struct kvm_mmu_page *sp, u64 *spte, u64 gpte) { - if (!FNAME(is_present_gpte)(gpte)) + if (!FNAME(is_present_gpte)(vcpu->arch.mmu, gpte)) goto no_present; =20 /* Prefetch only accessed entries (unless A/D bits are disabled). */ @@ -173,10 +178,17 @@ static bool FNAME(prefetch_invalid_gpte)(struct kvm_v= cpu *vcpu, static inline unsigned FNAME(gpte_access)(u64 gpte) { unsigned access; + /* + * Set bits in ACC_*_MASK even if they might not be used in the + * actual checks. For example, if EFER.NX is clear permission_fault() + * will ignore ACC_EXEC_MASK, and if MBEC is disabled it will + * ignore ACC_USER_EXEC_MASK. + */ #if PTTYPE =3D=3D PTTYPE_EPT access =3D ((gpte & VMX_EPT_WRITABLE_MASK) ? ACC_WRITE_MASK : 0) | ((gpte & VMX_EPT_EXECUTABLE_MASK) ? ACC_EXEC_MASK : 0) | - ((gpte & VMX_EPT_READABLE_MASK) ? ACC_READ_MASK : 0); + ((gpte & VMX_EPT_READABLE_MASK) ? ACC_READ_MASK : 0) | + ((gpte & VMX_EPT_USER_EXECUTABLE_MASK) ? ACC_USER_EXEC_MASK : 0); #else /* * P is set here, so the page is always readable and W/U/!NX represent @@ -331,7 +343,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, if (walker->level =3D=3D PT32E_ROOT_LEVEL) { pte =3D mmu->get_pdptr(vcpu, (addr >> 30) & 3); trace_kvm_mmu_paging_element(pte, walker->level); - if (!FNAME(is_present_gpte)(pte)) + if (!FNAME(is_present_gpte)(mmu, pte)) goto error; --walker->level; } @@ -413,7 +425,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, */ pte_access =3D pt_access & (pte ^ walk_nx_mask); =20 - if (unlikely(!FNAME(is_present_gpte)(pte))) + if (unlikely(!FNAME(is_present_gpte)(mmu, pte))) goto error; =20 if (unlikely(FNAME(is_rsvd_bits_set)(mmu, pte, walker->level))) { @@ -518,6 +530,9 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, * ACC_*_MASK flags! */ walker->fault.exit_qualification |=3D EPT_VIOLATION_RWX_TO_PROT(pte_acce= ss); + if (mmu_has_mbec(mmu)) + walker->fault.exit_qualification |=3D + EPT_VIOLATION_USER_EXEC_TO_PROT(pte_access); } #endif walker->fault.address =3D addr; --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5361C426D16 for ; Thu, 26 Mar 2026 18:18:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549096; cv=none; b=rjkJl3miECeNbbqpVFe8MYOVrO8PQ7NUHoBCeZuf6KS5yMMg2WdS4LZG0f3bIOY97kShgOGLCI6qJdQnz/tZtOLfTVyecoUb0r5W6HZ1b2Fey+HQg3MQcBE1sgsH/4zfv3JgU4iV/hstfABNMyWgDvyDPGmt11TRFunAoi7Jhiw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549096; c=relaxed/simple; bh=5gpuzpBc3Bpn9SAXMiqC3JXeJEFjr6zURoeZIrXOkY8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=NnYTKkZeDFLglCFzeTWmKJ8WG0p99RWD9GK3RZ9aTde55ASVrxVzAA83Pw+eH5dqyVAw+/GbjsqDCgSHTye0bJpCNn7DQDb5we1d0fI4IgA2eyhPjwFkfDFnC+l34AJvZjt/j56XIKZXAOczbEyfBwZalSVV7QzbynQqIO/krpM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=SChjKFn/; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=UyBNexFh; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="SChjKFn/"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="UyBNexFh" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549093; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=40gLkqvYyhKvnAeiPGvS0laQA/Arm+OR7E3p28AiBGA=; b=SChjKFn/dGkiJdtpye/0sKBdQqNqDQGfgbB4ev/TpwX1Xbmpd2aWJ/pHCDZStKcagKPEsv w1Wvg6MHTYgt+mUwd/DoyT0UIZ0/Uh6Pveu9rB0U1HlnFFCXOu4a2s0fBF5Uu+37PshQri WlqVNfetufdqUnVfYGDzL56IqGXkLZM= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-534-qZ5UTYuDM-mLYu_ma_oQhA-1; Thu, 26 Mar 2026 14:18:11 -0400 X-MC-Unique: qZ5UTYuDM-mLYu_ma_oQhA-1 X-Mimecast-MFC-AGG-ID: qZ5UTYuDM-mLYu_ma_oQhA_1774549090 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-485c45885e6so9424935e9.0 for ; Thu, 26 Mar 2026 11:18:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549089; x=1775153889; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=40gLkqvYyhKvnAeiPGvS0laQA/Arm+OR7E3p28AiBGA=; b=UyBNexFh/SjBFfVcqbVJ1MPIOytQtHbzskaflP+m4oTwESrpM27Ll5OrAdYTKJ5xfb BPQyN7Be1JE0Mc9o6kXhMIR9YNkfd7Bki0iYwwnz7v0rkeuZoYChcPv5FrnjR8/aXcb2 34UHCG32+rrtbo54+beb3dnsOG0o1OqveYEnWStD0nyo2hxoJEbFTUkh6MRhV1YRddH7 iCoLNW3KiW+Q0P4PmS7A09IHqu1fFFUZtCAgIPLb8FjeHX5SBYoT6Tma1klSPkATgrGK 2u9ppz2IqdYM8ZjtfYCGtqZiP6Bxj83WqwYVyVjuUxZIRoTBjAVlJ824/fTn7c0m7xdc xq9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549089; x=1775153889; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=40gLkqvYyhKvnAeiPGvS0laQA/Arm+OR7E3p28AiBGA=; b=lbkgQmvfKZlmyegyYJtlRa/BU8v1B3CIW599YSosFxhFxpRrDMwOi9U5OfdjJZTpIe agBQyB4+xd3+XmSEbLFtaNVeQbG/SBWJr6kj2PstPSzbPJfdj7KjqBpO5llUudttCupb 9TgkTNjPlvbdNrJMQ3e0aXFact2gKa3ysWnfGXeGj1RXrt8dfqofF2KEZQzGyHBpzaxF rLGmRL4LhclfcsgnmUcYSzwIlE3GfLPC/y4cpLjzhUpwBoo94CIeYXMFOC2HtY4NBYA8 Q6RqNmKMvtJpmEugn996ZeiCurrxt1fU9ndbbYj28Xc83VHWZeHX4PH8U8DbENwXIsPb O31Q== X-Gm-Message-State: AOJu0Yye0HY00SecEFItf931na2gomXh4Q+gQovjqnJO4/ZmBDJ2fPQl bJUintyOZowPBywEi0AU3LbFLQFR4YRrEcS/L+oSqUKeI4MWNhhr/1w1WboJvX0FRBotz6d0C8a gjnOv9SfkyRzeRpwlubZfDPV77FOID+djoFJK3OF4hzDpz1Rz2qaqjEE19iC38J2KrmMVmtApHo Kl8WKw6zJWYFWz4KHkjuz8vxpxFKSRM7kGW0cFbL1WHPD6T9sr8A== X-Gm-Gg: ATEYQzy+j4KS0Aw/NAggxFRhhNVSWW4gLO95ri4MM5Kx8l68FHYIrELCwBSR7TEWizD +u7v9F+FWlBo3ZdauJYc4maHaZVxH3u84rCUStnivXNfAH3rX2JTsq8roXVDG5Zq+cYq0T+WSpR tPPDRSNMSK/O1USHEfCYZeJJyOMSOsGP9EfFYzQLn5x/Mb4ePhN4imbrzP4bB+Isw1QvuoU4Uwl KO71VPV0299dIl6GpGtW8htMtVoB+cE/ZfasIHljxv9KLEL9Dzkyouvo+PXSyG77P8nVsKlpBqf Vg/fA18G3NcPzAsvJDD1P4poe2vXtHCg+G8+hG3b6RgGAqn9rS4WWzuh11U836U/k8ZchQqpVei 0vUE0eSRoU32jv2Kp5iEnkcI4WpsDB+tzXMXdac9d0UxzQgftXTsDCPPacd+J2P2wOEOoUeSkFD L5dOgfZtSM/uK0lLypQDQQyjdG X-Received: by 2002:a05:600c:1d0e:b0:486:fc95:1a91 with SMTP id 5b1f17b1804b1-48715fef618mr126829395e9.12.1774549089469; Thu, 26 Mar 2026 11:18:09 -0700 (PDT) X-Received: by 2002:a05:600c:1d0e:b0:486:fc95:1a91 with SMTP id 5b1f17b1804b1-48715fef618mr126828805e9.12.1774549088943; Thu, 26 Mar 2026 11:18:08 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48725d9fdffsm2929365e9.5.2026.03.26.11.18.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:07 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 16/24] KVM: nVMX: advertise MBEC to nested guests Date: Thu, 26 Mar 2026 19:17:14 +0100 Message-ID: <20260326181723.218115-17-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jon Kohler Advertise SECONDARY_EXEC_MODE_BASED_EPT_EXEC (MBEC) to userspace, which allows userspace to expose and advertise the feature to the guest. When MBEC is enabled by the guest, it is passed to the MMU via cr4_smep, and to the processor by the merging of vmcs12->secondary_vm_exec_control into the VMCS02's secondary VM execution controls. Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-9-jon@nutanix.com> Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu.h | 2 +- arch/x86/kvm/mmu/mmu.c | 7 ++++--- arch/x86/kvm/vmx/nested.c | 11 +++++++++++ 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 678ce021991f..fa1942b126fb 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -93,7 +93,7 @@ void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsig= ned long cr0, unsigned long cr4, u64 efer, gpa_t nested_cr3); void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, bool execonly, int huge_page_level, bool accessed_dirty, - gpa_t new_eptp); + bool mbec, gpa_t new_eptp); bool kvm_can_do_async_pf(struct kvm_vcpu *vcpu); int kvm_handle_page_fault(struct kvm_vcpu *vcpu, u64 error_code, u64 fault_address, char *insn, int insn_len); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index cd2418fe8708..442cbaeaf547 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5940,7 +5940,7 @@ EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_init_shadow_npt_mm= u); =20 static union kvm_cpu_role kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu *vcpu, bool accessed_di= rty, - bool execonly, u8 level) + bool execonly, u8 level, bool mbec) { union kvm_cpu_role role =3D {0}; =20 @@ -5950,6 +5950,7 @@ kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu *v= cpu, bool accessed_dirty, */ WARN_ON_ONCE(is_smm(vcpu)); role.base.level =3D level; + role.base.cr4_smep =3D mbec; role.base.has_4_byte_gpte =3D false; role.base.direct =3D false; role.base.ad_disabled =3D !accessed_dirty; @@ -5965,13 +5966,13 @@ kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu = *vcpu, bool accessed_dirty, =20 void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, bool execonly, int huge_page_level, bool accessed_dirty, - gpa_t new_eptp) + bool mbec, gpa_t new_eptp) { struct kvm_mmu *context =3D &vcpu->arch.guest_mmu; u8 level =3D vmx_eptp_page_walk_level(new_eptp); union kvm_cpu_role new_mode =3D kvm_calc_shadow_ept_root_page_role(vcpu, accessed_dirty, - execonly, level); + execonly, level, mbec); =20 if (new_mode.as_u64 !=3D context->cpu_role.as_u64) { /* EPT, and thus nested EPT, does not consume CR0, CR4, nor EFER. */ diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 4b742a19bfde..1e84ca353cec 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -469,6 +469,13 @@ static void nested_ept_inject_page_fault(struct kvm_vc= pu *vcpu, vmcs12->guest_physical_address =3D fault->address; } =20 +static inline bool nested_ept_mbec_enabled(struct kvm_vcpu *vcpu) +{ + struct vmcs12 *vmcs12 =3D get_vmcs12(vcpu); + + return nested_cpu_has2(vmcs12, SECONDARY_EXEC_MODE_BASED_EPT_EXEC); +} + static void nested_ept_new_eptp(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); @@ -477,6 +484,7 @@ static void nested_ept_new_eptp(struct kvm_vcpu *vcpu) =20 kvm_init_shadow_ept_mmu(vcpu, execonly, ept_lpage_level, nested_ept_ad_enabled(vcpu), + nested_ept_mbec_enabled(vcpu), nested_ept_get_eptp(vcpu)); } =20 @@ -7255,6 +7263,9 @@ static void nested_vmx_setup_secondary_ctls(u32 ept_c= aps, msrs->ept_caps |=3D VMX_EPT_AD_BIT; } =20 + if (cpu_has_ept_mbec()) + msrs->secondary_ctls_high |=3D + SECONDARY_EXEC_MODE_BASED_EPT_EXEC; /* * Advertise EPTP switching irrespective of hardware support, * KVM emulates it in software so long as VMFUNC is supported. --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9F5A342882F for ; Thu, 26 Mar 2026 18:18:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549102; cv=none; b=RGV1huF8IJ9dhmcIgQwlJdMyoJ80YgCqFNwfmImjpK3QXKz5My1jm4+G7rEHLSUXrj1Gr6piP18uUOtxqc0OrbS1EuDeNH5Bhd06+3zLIcTHpclbbcYbjMn+5E9FbpOuxdKD1FxkMc4+vuvk9ZBI5CCQpz+Nr7MJkdIXETuetPk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549102; c=relaxed/simple; bh=xKUgHxugBoabM3fxRuQQHWI7f4LSHWH/O9NGxy6QQUY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Q0Fd46mNb+VwN89wUN/24bIjhvPbsdS+ACn2iM0mBpyJNpazhDy5vncRN7vUFIKIv+02GaXvplYyJCD6wz7bhPsW/MFHr4e8VxdJPThxXCUGfeyLSEvSjpaXiCdCIFN9DtgsX6WXHLWkOem0ffZT8dr3uknWKJD5zf0GTGX7TsE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=Wlh/NP3D; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=IB5QlVKT; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Wlh/NP3D"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="IB5QlVKT" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549097; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WfiNNSEjHN6RC7jg/KmpV4mpRSoDFEjBNWlKFZH7iQI=; b=Wlh/NP3Dz1S/447YOH1TNIoJgoynzgtF14etsyNb/GE/xs7ieMp5Xju2DPSgkPae59Fkrc nKJAHyb/HDnHYC9U5pE0UxGOylsB4ubblCmLGp3DYmzV8pnbjz7zpRSDTSTQrXUAq2VCi5 /QJcSv58EJeTim0VNRqiT593SYzBAvc= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-486-Uh5iJGMLMkqdUKpwtyhNwg-1; Thu, 26 Mar 2026 14:18:14 -0400 X-MC-Unique: Uh5iJGMLMkqdUKpwtyhNwg-1 X-Mimecast-MFC-AGG-ID: Uh5iJGMLMkqdUKpwtyhNwg_1774549093 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-48544725bdeso21039835e9.2 for ; Thu, 26 Mar 2026 11:18:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549092; x=1775153892; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WfiNNSEjHN6RC7jg/KmpV4mpRSoDFEjBNWlKFZH7iQI=; b=IB5QlVKTu1D7q8C2qjcGgR7SDCRJDdMuTjKcmcVhX+8i0utlGQxK09no5NPU2HNQ3a msFLIizggc9IbUfwIRkuZlsYxMZyQJyBunFyoD3v+Bbg0Z87k+tMwuJ/4X+lB2Ff2RiF yh3V67NiODLL9ZlsjCg5LcVgajGnJnfz8f2GfWNY9XHdGoDGr1cx+AeVAOETDEoYJWpC DhZPfu6/sFhqzEZRBstNmBvr8lTLTZy15lq9Ctz+4ZHOX+zLHK1M1UCgIzNtzXr8/u1q h79xpiN3AVmwuvfiAv/SoNUCJUe2Wk/cSwNg+1Qn5+ZSCBYTBnzvQWE5lmxyCR92bqzn wg4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549092; x=1775153892; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=WfiNNSEjHN6RC7jg/KmpV4mpRSoDFEjBNWlKFZH7iQI=; b=J8hRLMBVwzpX/ce7Jy2Bz9N8v9PBthHMsAYqx3rHcpBX933sfF+YgIroO6uSfI4dxz IanesRGq00Ah/SzeZwK1gbSfEKD7EOETuiGZCCozq+UgDVYsANP0sCvGQnKE8URrF3cR 4gftTf3UutEGhbKUn3u7KzPBRDW3/KO0k5yBIj8QGKNfqKabiFThXgBmxIPGIXFlybu1 V5Xj2GdK4N9z1w1MzBtgJmvtA7anqiHFDMigfRPLWTVpwSYnUNmGwGivd4FuN0Whilsf mMg0BiqddkbmszdP+LEaHAcjGFN8OoX5vdewMsqeVLlqra8MQ3W/QQsSzSAqMafpbWdg esKw== X-Gm-Message-State: AOJu0YwUJnSa/5zrydYolmYTuhOnTPJ3JBzrJzb02ajEvQ079S92xvD4 Q5VsRU/lTjlKWExD46GRuZR6f6tyagaKEic0ylO5gwxGLERSIFIzbgGyD6I/4fKGdPw/3YF7SC4 +YXyeRRT5/Jv8pn4oogYF8DSsEc5hVuKMKZSk9eHGRPnVpJIARDmmWZNIU/R2ljZ+N2w4hyJXYv 0S0v5RisL4oIWpF1asOUYqlT31ioIQXiya1ctdibFkBLRDvkexZw== X-Gm-Gg: ATEYQzzHBQgVX2WRm6o5vUHpkGHQkONJKJTtlCINC6JCBqzDuPG1ExroIuums150nOw 38xJw5NvONEfCU1EwI6D2nUSurzMawbc9dcgv8+tEvN89Ag1yliK+tWLPJJ5STFmjLDOZa3lPvP z12DKi+UuT1H57IjspBIrnDj0A++IL5eM52iLG3xhQmsYhouhOcMa3Vwba7ivBhgHgNfljvYmo5 a6/mXW9JS++46tz1GSFxTjf++peMEwpsBV5kXQI7pIavZpXLfK/nHh3rBXFFGRG5us7UnjLbmB6 AptFYo83OhatjguoG4ikeRVe9Dqd6X2O1z+Ct9iUI+0k/sKquEjlXR+KN0+zOJcPBHyYiX2qegP 2HzBPazxiVVh3jcIL3cSFJbZ/9uF92jDzpRDQ01gh7rNzUvbyIoP/29AjfZk7jTsDzEatVmi/sX mf/voHbjgXVntoHe1K3Ql6tNHO X-Received: by 2002:a05:600c:4685:b0:485:2ce2:4c87 with SMTP id 5b1f17b1804b1-48715fc3562mr140300185e9.4.1774549091935; Thu, 26 Mar 2026 11:18:11 -0700 (PDT) X-Received: by 2002:a05:600c:4685:b0:485:2ce2:4c87 with SMTP id 5b1f17b1804b1-48715fc3562mr140299445e9.4.1774549091379; Thu, 26 Mar 2026 11:18:11 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b919cefd7sm9662731f8f.17.2026.03.26.11.18.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:09 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 17/24] KVM: nVMX: allow MBEC with EVMCS Date: Thu, 26 Mar 2026 19:17:15 +0100 Message-ID: <20260326181723.218115-18-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jon Kohler Extend EVMCS1_SUPPORTED_2NDEXEC to allow MBEC and EVMCS to coexist. Presenting both EVMCS and MBEC simultaneously causes KVM to filter out MBEC and not present it as a supported control to the guest, preventing performance gains from MBEC when Windows HVCI is enabled. The guest may choose not to use MBEC (e.g., if the admin does not enable Windows HVCI / Memory Integrity), but if they use traditional nested virt (Hyper-V, WSL2, etc.), having EVMCS exposed is important for improving nested guest performance. IOW allowing MBEC and EVMCS to coexist provides maximum optionality to Windows users without overcomplicating VM administration. Signed-off-by: Jon Kohler Message-ID: <20251223054806.1611168-8-jon@nutanix.com> Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/vmx/hyperv_evmcs.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/vmx/hyperv_evmcs.h b/arch/x86/kvm/vmx/hyperv_evmc= s.h index fc7c4e7bd1bf..bc08fe40590e 100644 --- a/arch/x86/kvm/vmx/hyperv_evmcs.h +++ b/arch/x86/kvm/vmx/hyperv_evmcs.h @@ -87,6 +87,7 @@ SECONDARY_EXEC_PT_CONCEAL_VMX | \ SECONDARY_EXEC_BUS_LOCK_DETECTION | \ SECONDARY_EXEC_NOTIFY_VM_EXITING | \ + SECONDARY_EXEC_MODE_BASED_EPT_EXEC | \ SECONDARY_EXEC_ENCLS_EXITING) =20 #define EVMCS1_SUPPORTED_3RDEXEC (0ULL) --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9F89B428831 for ; Thu, 26 Mar 2026 18:18:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549100; cv=none; b=mqrCIbOD14Tavea9Lfn7sbr8ZdbnxDjoixfJCMoMWp/IFN2KhQal6i6EDliOxkaoRlkVBW3SSbia3tN6IYJrDwwOOvLoGLThAOzGUBntXFXQ1fGuxrRd9AfQP6X/MBFdbGlB9ls1Y4JuS8ZoMvJRizXAH06k0qgS4Qo373VyJvE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549100; c=relaxed/simple; bh=6k32YUNUSwEOl5Wx728jUQLxcFj6v2Ju0u6Kg3rAbFw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=OfE7cdgIXEQzo4rpPxBrvGnVmD4t9EA1LqfT7Oq9uCloyTNOdrOcASYOQvIpSmOfS/pxob12srBAyCY5/xTqsxzwd8Ci5xaaIn9IigyFVEgv86AGN0dJq/6lrq7/8CWuFZlaxAkWUfQSSDAUls1iLLT44Zn52uEaIKxB23u7TmA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=PaoMqwCJ; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=gWFB3qOQ; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="PaoMqwCJ"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="gWFB3qOQ" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549097; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TuJVFKLmxdWFj1feiyagFVXOI8YBNvyO4c8mQRfVXAg=; b=PaoMqwCJmnMWp18dITSr5WPwB8FLcOJfFJniHsVmCQ1No34Yi/nJQXWA+qJ458nhRPj2Wr i5UKUjA2DN+PpMfjVQ+LVvnW+lVojyEGWySVXFeo8NWHKJY3mi+tOGw78tKCIp9hWOIVET GIAeTr9DNB+6Y/6QN7KGI41EELCYv1A= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-70-AH1Ou0PhNhy9GUFv_gS0ZA-1; Thu, 26 Mar 2026 14:18:16 -0400 X-MC-Unique: AH1Ou0PhNhy9GUFv_gS0ZA-1 X-Mimecast-MFC-AGG-ID: AH1Ou0PhNhy9GUFv_gS0ZA_1774549095 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-485345e2fdfso7370185e9.2 for ; Thu, 26 Mar 2026 11:18:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549094; x=1775153894; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=TuJVFKLmxdWFj1feiyagFVXOI8YBNvyO4c8mQRfVXAg=; b=gWFB3qOQdlD3XPErqU0Hzg4XlEe+WfmG9bcD5GgYZgdPVwYEFJN2Q2I+OsD1KUBbuk JXui+Ez535OCd4/oge69N0bkcq//SDszPf2xtoFXqPtkFC1QYvKjZjWE2IUyYJrqtag2 f8/Q13pXBZrc5gbZiPuBdFabBSVNR620l6GP3iRViGQBOoppY6D3F7EallxaSI3y5BMz jUTD3i3QWSUn8qQPvFJwDVwWQa2kihwGApCr8hz4OBpO/+6y/PIPJljC7IphJ2RhzsTZ xktdIG4faw6fnxjPsBafuVm+fPEoTZz5Y+y5aQiuUZopV1JL2q3W+TMwT6nfH80ukHnj YadA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549094; x=1775153894; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=TuJVFKLmxdWFj1feiyagFVXOI8YBNvyO4c8mQRfVXAg=; b=nK0UekPU9JD0Zr9ZfWrbvCrq6bCXGvQFuSxi+0ioMBeRm8PdtBQA8Y3y/IzauQgN90 xV7bul+lC0TYGTMol0LbOnHmwJqwdorcslmw8y90v1bGubPeA6kUCTfqnzEMU/o5ybQr HxZ1qGLbXGecQ2cfwprQZV6CKsVgddyNJCAG5Y+b8WMmZUPGH4107sDBwUjxac9LDNZ7 9P0er1CrYNouaTmmRFowwycRsdQKCGzbj3+2fr1erhFxfOsHjnrW4ul+AyS67mLOsHrC BCq139EB8lKEI/MKpSOuejPP+4JHvsLEQK4ysP449Zwje2U9Z2vTON+Fof13W/7YQ/oM zD6g== X-Gm-Message-State: AOJu0Yz6fhuJ+9mOULrcY+UdLOH6bWXzIwcTRLNPuaDpNLdzIX/xHpCh MG+EEL/O5eRz2jmKQlNIblaT7Sh4woOb4wp+APqZ0ZH8WLKt6MexXCXdPOsRYyFEqQ6+AxGEhv2 lK/V87zE1Nk3M0n2BK4/gLlLwaxVulHfagAAvEw/uTE+Y7mxLRajlODyVFt9Gj6CszYIQj+Dy+R PStZsIhxoRGiC1xLzEmKmGUVvIjGrDnYZr4Q1QGUXzdxiw54RUMA== X-Gm-Gg: ATEYQzzL5TV05iNkC62zTeJcPZeeMd8duMDe/Vgrc2Ot1dIuU8nKNTtZcUzJj4dVYnM KP7OxwMSZ9Hk/XvoDnDtOE+YSY8T1b5YrvGT7QxLq8mMijQWP+sm+EdzWXkFntkRF1UeGVLkSEy rmM4zQlbpSuqytiryDQTi/1RQTCff3YXjJ+MV1m6Wat8dLS0ZyzGOCZMPsvJxFpfSJbFu0ZMRWe eVXopWt7DK3q7cj9rFKevTjcF+SdeOiY49VjVmx/Jmm+3JJa4qR9um6fy8LGx4o13EvbxoZM/Fv 5ESn2wDX0qpdBpzkmY2EBcs4zGiH3PDFCPFBoLB/iOBm7ZWmA1Xbk3n+HCfhQYwMDJmXDEU/+Y1 DrHlGmxSiHOk8pNo9h4X2j981MUzMao67jFsDXwAM657/R13M6I9pklkRZ2DJesnRnuEXE4Kojs Jq2sb7PPaPIiyCBHxdz/p9G/Z/ X-Received: by 2002:a05:600c:4705:b0:486:fc4a:2951 with SMTP id 5b1f17b1804b1-48716083231mr135600865e9.28.1774549094346; Thu, 26 Mar 2026 11:18:14 -0700 (PDT) X-Received: by 2002:a05:600c:4705:b0:486:fc4a:2951 with SMTP id 5b1f17b1804b1-48716083231mr135600185e9.28.1774549093815; Thu, 26 Mar 2026 11:18:13 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722c6b495sm102046575e9.2.2026.03.26.11.18.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:12 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 18/24] KVM: x86/mmu: propagate access mask from root pages down Date: Thu, 26 Mar 2026 19:17:16 +0100 Message-ID: <20260326181723.218115-19-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Until now, all SPTEs have had all kinds of access allowed; however, for GMET to be enabled all the pages have to have ACC_USER_MASK disabled. By marking them as supervisor pages, the processor allows execution from either user or supervisor mode (unlike for normal paging, NPT ignores the U bit for reads and writes). That will mean that the root page's role has ACC_USER_MASK cleared and that has to be propagated down through the kvm_mmu_page tree. Do that, and pass the required access to the kvm_mmu_spte_requested tracepoint since it's not ACC_ALL anymore. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/mmu.c | 9 +++++---- arch/x86/kvm/mmu/mmutrace.h | 10 ++++++---- arch/x86/kvm/mmu/paging_tmpl.h | 2 +- arch/x86/kvm/mmu/tdp_mmu.c | 6 +++--- 4 files changed, 15 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 442cbaeaf547..834ba9c0c809 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -3434,12 +3434,13 @@ static int direct_map(struct kvm_vcpu *vcpu, struct= kvm_page_fault *fault) { struct kvm_shadow_walk_iterator it; struct kvm_mmu_page *sp; - int ret; + int ret, access; gfn_t base_gfn =3D fault->gfn; =20 kvm_mmu_hugepage_adjust(vcpu, fault); =20 - trace_kvm_mmu_spte_requested(fault); + access =3D vcpu->arch.mmu->root_role.access; + trace_kvm_mmu_spte_requested(fault, access); for_each_shadow_entry(vcpu, fault->addr, it) { /* * We cannot overwrite existing page tables with an NX @@ -3452,7 +3453,7 @@ static int direct_map(struct kvm_vcpu *vcpu, struct k= vm_page_fault *fault) if (it.level =3D=3D fault->goal_level) break; =20 - sp =3D kvm_mmu_get_child_sp(vcpu, it.sptep, base_gfn, true, ACC_ALL); + sp =3D kvm_mmu_get_child_sp(vcpu, it.sptep, base_gfn, true, access); if (sp =3D=3D ERR_PTR(-EEXIST)) continue; =20 @@ -3465,7 +3466,7 @@ static int direct_map(struct kvm_vcpu *vcpu, struct k= vm_page_fault *fault) if (WARN_ON_ONCE(it.level !=3D fault->goal_level)) return -EFAULT; =20 - ret =3D mmu_set_spte(vcpu, fault->slot, it.sptep, ACC_ALL, + ret =3D mmu_set_spte(vcpu, fault->slot, it.sptep, access, base_gfn, fault->pfn, fault); if (ret =3D=3D RET_PF_SPURIOUS) return ret; diff --git a/arch/x86/kvm/mmu/mmutrace.h b/arch/x86/kvm/mmu/mmutrace.h index 3429c1413f42..fa01719baf8d 100644 --- a/arch/x86/kvm/mmu/mmutrace.h +++ b/arch/x86/kvm/mmu/mmutrace.h @@ -373,23 +373,25 @@ TRACE_EVENT( =20 TRACE_EVENT( kvm_mmu_spte_requested, - TP_PROTO(struct kvm_page_fault *fault), - TP_ARGS(fault), + TP_PROTO(struct kvm_page_fault *fault, u8 access), + TP_ARGS(fault, access), =20 TP_STRUCT__entry( __field(u64, gfn) __field(u64, pfn) __field(u8, level) + __field(u8, access) ), =20 TP_fast_assign( __entry->gfn =3D fault->gfn; __entry->pfn =3D fault->pfn | (fault->gfn & (KVM_PAGES_PER_HPAGE(fault->= goal_level) - 1)); __entry->level =3D fault->goal_level; + __entry->access =3D access; ), =20 - TP_printk("gfn %llx pfn %llx level %d", - __entry->gfn, __entry->pfn, __entry->level + TP_printk("gfn %llx pfn %llx level %d access %x", + __entry->gfn, __entry->pfn, __entry->level, __entry->access ) ); =20 diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index 95aa1b4fc327..31331fe10723 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -731,7 +731,7 @@ static int FNAME(fetch)(struct kvm_vcpu *vcpu, struct k= vm_page_fault *fault, */ kvm_mmu_hugepage_adjust(vcpu, fault); =20 - trace_kvm_mmu_spte_requested(fault); + trace_kvm_mmu_spte_requested(fault, gw->pte_access); =20 for (; shadow_walk_okay(&it); shadow_walk_next(&it)) { /* diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c index 9c26038f6b77..25e557de99d6 100644 --- a/arch/x86/kvm/mmu/tdp_mmu.c +++ b/arch/x86/kvm/mmu/tdp_mmu.c @@ -1185,9 +1185,9 @@ static int tdp_mmu_map_handle_target_level(struct kvm= _vcpu *vcpu, } =20 if (unlikely(!fault->slot)) - new_spte =3D make_mmio_spte(vcpu, iter->gfn, ACC_ALL); + new_spte =3D make_mmio_spte(vcpu, iter->gfn, sp->role.access); else - wrprot =3D make_spte(vcpu, sp, fault->slot, ACC_ALL, iter->gfn, + wrprot =3D make_spte(vcpu, sp, fault->slot, sp->role.access, iter->gfn, fault->pfn, iter->old_spte, fault->prefetch, false, fault->map_writable, &new_spte); =20 @@ -1272,7 +1272,7 @@ int kvm_tdp_mmu_map(struct kvm_vcpu *vcpu, struct kvm= _page_fault *fault) =20 kvm_mmu_hugepage_adjust(vcpu, fault); =20 - trace_kvm_mmu_spte_requested(fault); + trace_kvm_mmu_spte_requested(fault, root->role.access); =20 rcu_read_lock(); =20 --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2D6E93A383D for ; Thu, 26 Mar 2026 18:18:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549102; cv=none; b=mH1SgkGT0f/QgYklil5rqdbDqGXu6pRBPND4ncu/Th4W5LJ+wrvV3LiEke/gMuGohmOGIXZs5VU8X4Nwc8vgaYFQM4hNIACtma2hB3g4RtbLubHlTl4cYVkRB6NiSayShiQR4y7KzYyoyXVD18qhSwIyDKlNWPsMPD5KTgch/0U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549102; c=relaxed/simple; bh=wxUwamF/IKNL7Kc70Ut3PK/5eglbJ9lwMhvIc1yQTt4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VR6zMJ7MXCV5dvQJ79Gnr6QqF5ZYVOzrEDtmJ6RZ6FkHbPytbdq6sLY4XHycOpQmmNaWdnEmkMooNLdz8OYz+zGRmZvJ7vKdHTNlhe3N0yh7rqcs0fGNy1syby4o/FQH010kbRCfkI9+112zoKrRiBRpoBdtqhZt8XmvEautIlc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=P1Y48QjT; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=b5o8Qn+R; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="P1Y48QjT"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="b5o8Qn+R" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549100; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1WDpr0IL4SQV6RsU7jl8CHh1K80JMh2v894DAgZmmvE=; b=P1Y48QjTx6v7O6Fx72IhOZ2553lQQ6s4f5DX3/zTb96spsf40SWkK0ugkBityUa8EVYBZ3 t1m2euz03dIkxFnFVnT4EfH06GG2hSpFfiVal1jp7U/1YM2PN5CGKg2/5YItghQS+S+snK CsqrYi6jgtzatLF0iLX7ADM+jdNuIwE= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-203-v7YrPQjWM1y_KUYH_A8yeg-1; Thu, 26 Mar 2026 14:18:18 -0400 X-MC-Unique: v7YrPQjWM1y_KUYH_A8yeg-1 X-Mimecast-MFC-AGG-ID: v7YrPQjWM1y_KUYH_A8yeg_1774549098 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-48532df52c5so11941845e9.1 for ; Thu, 26 Mar 2026 11:18:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549097; x=1775153897; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1WDpr0IL4SQV6RsU7jl8CHh1K80JMh2v894DAgZmmvE=; b=b5o8Qn+Ros+ONr/IP91QUHizDB2mL3w5+ma4DGgiPc11Rq/AL258vLQRIEoOXpKaj9 Ot9oaL0Cl+N8Xgu97PC1tj5GCtVuKArMqknTjK1iqpfluw5CJxjsUSgc47CkSMophkA2 czzaYxAdqrQ9H03Ypo3AUbAD1vta7jdI4VSLchzV2519/jsry/FbZ0AbI9kzBPT/PrKD TG6WremUFLm6Shz8DFIOeq2UkpBumeNUI1w2VRpfsLivHDbFc6j+h2PjmL6HWezfkpBw ZSLvigA8lpWEEcnlB+ON2I8vR4L8hQLi2JGCsSzclZQFJyJTmTq+9Av1h4pPDqeHPZSQ cLpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549097; x=1775153897; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=1WDpr0IL4SQV6RsU7jl8CHh1K80JMh2v894DAgZmmvE=; b=VvKUG4QFuSp/97c8PtK2OTQxpwa+NOp18nGpN/oNTrsBLVLRe656i4iv7suDM22X/A hnQCLpYfBb7UTkdcBEXJQZLMcd3nDNLQG8a0q4gbZTosG85RA6zYV8dX/dSMRS9SkK4O CjQgz7nnwOF+/MHF2NIsFsvoGrhEcJv1Jh7KKsSIkjVugERuSmTC+1kBxpj7MPZparmw la6jxmfrzkCoa+Qivuex+MvSrmWMDHZgB5cENBRjJTu9VhvcAVgkc+epqx83JUEIB3ml FXNSX2GYcnmGNSyvR3wHqjQdIoSE+BUnXTOz4Q9GnjRRnNo8SfbCGwBxNSgIV+d9n9sV E2XA== X-Gm-Message-State: AOJu0Yw31LYJZgeOK4j43KFHmH0192UnpfJFAtBCuCVGoQvZ91Mpsz2O 8epy6WgX6lwRMvCndgpw19p5dazRqo/+bCMP519qgu2Ntcsaq1RkNr8TIrsoGCSb3IS6o2H/W++ uiNgsnfMoEWs040Csg4DTSEQ2kr07SFaDcxP03l+08aIIaFUVJiOGGl+Qm3Cp+3jy1mR+G5WhQD IMt9y68O2Z4lbmaTQAz+SRf05PAMz424ptp6hNR+Rcvbw2k9dMSg== X-Gm-Gg: ATEYQzxxvmoHIGPZeKH3Jy+vJcham27cA10omwmJE5LcQ/yoAq/7MvZeVIIZJ/Ykdyl 7HQU5TJZRQU1bIPjvkM70q3Jnng7AxaIelAU4PaUh+wBfUAXUxLY8MMMg1poJjOeavmvrmcr0hz MdZzisqMNKzGHBUXrjEb2Yrlj9ptxmVuqRxRpssAL2lUrulQmm5J7DUIeTzKQ4hvsd85WHbcXEk nYrUtsfAGWQD7GsrMVI3EXj3LjEkvqYC2YqRjsPVU9NDzA4tD/kv0aVqMjtAzW5QP/R+ZPWNZ26 fhPpqi3+9LMccO7B8EHY3Fb/QjYrrsXYjGb5Z12GqLzLFi4WMVCjLnrga3i5utluoGC/mt9lGyR kRmFPitGc1ydBzwDNwCqfWVI9pLMkg1VRMqunybowMdMaHmXAl7aBQ57gzXfQvjCT7QgxuzFneH 8hlABJdpZjMzawuERsemD5smlw X-Received: by 2002:a05:600c:34c1:b0:485:3c66:e21d with SMTP id 5b1f17b1804b1-48715fd47a5mr121812935e9.2.1774549097165; Thu, 26 Mar 2026 11:18:17 -0700 (PDT) X-Received: by 2002:a05:600c:34c1:b0:485:3c66:e21d with SMTP id 5b1f17b1804b1-48715fd47a5mr121812375e9.2.1774549096577; Thu, 26 Mar 2026 11:18:16 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48725d38f52sm10686885e9.0.2026.03.26.11.18.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:14 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 19/24] KVM: x86/mmu: introduce cpu_role bit for availability of PFEC.I/D Date: Thu, 26 Mar 2026 19:17:17 +0100 Message-ID: <20260326181723.218115-20-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" While GMET looks a lot like SMEP, it has several annoying differences. The main one is that the availability of the I/D bit in the page fault error code still depends on the host CR4.SMEP and EFER.NXE bits. If the base.cr4_smep bit of the cpu_role is (ab)used to enable GMET, there needs to be another place where the host CR4.SMEP is read from; just merge it with EFER.NXE into a new cpu_role bit that tells paging_tmpl.h whether to set the I/D bit at all. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/include/asm/kvm_host.h | 7 +++++++ arch/x86/kvm/mmu/mmu.c | 8 ++++++++ arch/x86/kvm/mmu/paging_tmpl.h | 2 +- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 50a941ff61d1..df46ee605b9b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -413,6 +413,13 @@ union kvm_mmu_extended_role { unsigned int cr4_smap:1; unsigned int cr4_la57:1; unsigned int efer_lma:1; + + /* + * True if either CR4.SMEP or EFER.NXE are set. For AMD NPT + * this is the "real" host CR4.SMEP whereas cr4_smep is + * actually GMET. + */ + unsigned int has_pferr_fetch:1; }; }; =20 diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 834ba9c0c809..94d7e39a9417 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -234,6 +234,11 @@ BUILD_MMU_ROLE_ACCESSOR(ext, cr4, la57); BUILD_MMU_ROLE_ACCESSOR(base, efer, nx); BUILD_MMU_ROLE_ACCESSOR(ext, efer, lma); =20 +static inline bool has_pferr_fetch(struct kvm_mmu *mmu) +{ + return mmu->cpu_role.ext.has_pferr_fetch; +} + static inline bool is_cr0_pg(struct kvm_mmu *mmu) { return mmu->cpu_role.base.level > 0; @@ -5774,6 +5779,8 @@ static union kvm_cpu_role kvm_calc_cpu_role(struct kv= m_vcpu *vcpu, role.ext.cr4_pke =3D ____is_efer_lma(regs) && ____is_cr4_pke(regs); role.ext.cr4_la57 =3D ____is_efer_lma(regs) && ____is_cr4_la57(regs); role.ext.efer_lma =3D ____is_efer_lma(regs); + + role.ext.has_pferr_fetch =3D role.base.efer_nx | role.base.cr4_smep; return role; } =20 @@ -5927,6 +5934,7 @@ void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, u= nsigned long cr0, =20 /* NPT requires CR0.PG=3D1. */ WARN_ON_ONCE(cpu_role.base.direct || !cpu_role.base.guest_mode); + cpu_role.base.cr4_smep =3D false; =20 root_role =3D cpu_role.base; root_role.level =3D kvm_mmu_get_tdp_level(vcpu); diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index 31331fe10723..8ea248e1918b 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -486,7 +486,7 @@ static int FNAME(walk_addr_generic)(struct guest_walker= *walker, =20 error: errcode |=3D write_fault | user_fault; - if (fetch_fault && (is_efer_nx(mmu) || is_cr4_smep(mmu))) + if (fetch_fault && has_pferr_fetch(mmu)) errcode |=3D PFERR_FETCH_MASK; =20 walker->fault.vector =3D PF_VECTOR; --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 64C4C429830 for ; Thu, 26 Mar 2026 18:18:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549104; cv=none; b=VF1LJsk6R3r1GqyShKK3GMVAL3Wnvctu+uW0e5Y44OhrjIPdORCKxuh4rGjKNOOAAlRAEaMEEBfZ7YEOgysuoXVlEtT8iVx2qmPdmoi1by7vrec+loc/nr+Okq2wlv2oa9Zi4GrbP3PqclIp/+iXm2zvF8V0SEfhbmCLnVrh1k8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549104; c=relaxed/simple; bh=2D2EQk2bLthISoFaweOxLF4/yTYZ7pD8jLqVulmh/fE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=W9bdEZAV2yIZKcI738SWpbm/dGdP2yfBiddiISj9r1A51Dj8e9QGpYSKV/pMlaiaPtmSN+PIOx2TzfzNuugG42rscwQZ5RgU4AI9Zepf6zui5LuCtsETgHFW8BZFTP9IK1WQrmziDssFodJdlGFTt0lY68DK0lGupZ0W6mtWHgs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=XczXcJ43; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=MuEGzXcz; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="XczXcJ43"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="MuEGzXcz" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549102; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=A3UgqXdB1yN5qlE9l9MfdSS3raCgHzxdYSeSXyVGn9c=; b=XczXcJ43W8WfCiSKsiMCaexF1IJKAfnyhFL2Wun50dBtvYELjMUH6HW44OZGRRj2AgGcFh dtkIgL+s19/BBghfO21adhmHVKgs9buN1YOdb5ucGFe1RP0P2/50vKuCNsuInpabTiUJn1 R7rxWOlE9DuCRuDG9Kyxe2sL0AwJl0o= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-49-6cXGkJKbM6S8rrhv9ewi5Q-1; Thu, 26 Mar 2026 14:18:21 -0400 X-MC-Unique: 6cXGkJKbM6S8rrhv9ewi5Q-1 X-Mimecast-MFC-AGG-ID: 6cXGkJKbM6S8rrhv9ewi5Q_1774549100 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-48544725bdeso21040465e9.2 for ; Thu, 26 Mar 2026 11:18:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549099; x=1775153899; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=A3UgqXdB1yN5qlE9l9MfdSS3raCgHzxdYSeSXyVGn9c=; b=MuEGzXczE4QncYzS6mmwepAOG9MUu+Jc9Ygad+mjzToRSg/EcAm/2W5ChTRvvMpV2u PAfNjbkN4fO3hLJVGqKf02ijdfvs4MzIguvA0dWk2jOYYYtHhsTSs+Z84+72OGG9vQMi yDv+Kf7P6ADAp/4+tGLbThAuqWFRm0IzFfjzg9NAAdTG2Lzb0rFQilHM/j2ReWNslYbU YJuVV3CEtyuUIU5GsKHLOTTs8a6nDJJ/n6FPc6d8ztQmvoDOgNEvu4IRrmTuYJp6f2ER v0v7aYs0aLmndfL8efKSRj0OW2S/n0Wg/9e5Q8g6369L8rSLSL6CKfPw8/kouzD7uLIy E93Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549099; x=1775153899; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=A3UgqXdB1yN5qlE9l9MfdSS3raCgHzxdYSeSXyVGn9c=; b=VSQ2WBM8YTNcIU3XzvFWHfWs58+viQNKcx0mMQY3DpEyas75Ozza1l21GGh0YXMqD9 X7F991PRtXz06wU9vdOHCxjYLSus/cVUiiIG11mOgbnlMIi3EP+JgyGNT8DhvhI6mzT8 G/qrAd/g43P5dyCDvm1bAtOoe7Vg7opryI5XDWs6uate1PP5c/32+ogKKF/wjKDLRLsy f1ZIO59cT0FgE2+1o2DTXTX5fBciI+usi96MtO7RpAZ9LEZJCeoEQFCGR8rfYsdNvGsq 7HLtYFLkLDEVcG8PsiR/SNR3CuiQEp+ENZbr+Rz4KCAyaVI79a/LZ/kUycDf9ckyD8XP EJIw== X-Gm-Message-State: AOJu0YwA3TWw0szQ9F5t/gK1Xyv3xU2hoEHizCyZPizbejWtD1pkM560 nZI46ip4FZ7m+6ZHIFu+7z8UivqztUyrd+M0hH6+KfT0THr8RPZLOQNGxtS3bOsrjm4IDGnyK9Q 5f/HJh/g9OPqy9wQWiztL7c0uhz/uyebgBUVzRsCB4Saq28ntE/mxfklP4ZI12kSUHsn9puVHMX AVfEEwQkTUToLEumh+RvSmCJ4w6yfla363WoI/pHiLH3jqI0iW0A== X-Gm-Gg: ATEYQzxk5Tigk/Dr8zGdl8mlfs9EzK0v6xe/c9v/S/k/qizqqLyzhRtqfQXR+PubyM9 o4nCM0xrI8TP4xI5zjJqJH3CcU7/iLOZ/C80ZMc6JxY8c3I23d1o68LzuLokzlOwIue+BC5MeQL fDVY0YsLrYQIcOkZSLmST893ZIKkEsC3rhQK9cSHf9J18kU+Xa2QCSOrWuzLkeI3rloPBRQMLpG DNWKKmWdQjN23Rw3zpEeNS1dE2d733ALJ/nYl14NuETGdYfaol/+HGCww4jgSHhMoWD+J0V/0kA enqsooRp+5f8TMASV2iMGyLo8v1YexNYKPIC3TrdDgbiSLRuICuU1ZT3dkM6djOg/xf+MBlvSTY UZWwWAMmYnykIWsPpOLtUv2YZnEGcsvTUMPXdrZXmHa5GFKbO2oqqa85mgf27mv4Gm+08Zk736n ruN26FbvBKb4nj76VDr8wWkZLw X-Received: by 2002:a05:600c:8b2a:b0:486:ff92:63e5 with SMTP id 5b1f17b1804b1-48715fc32admr129513615e9.6.1774549099567; Thu, 26 Mar 2026 11:18:19 -0700 (PDT) X-Received: by 2002:a05:600c:8b2a:b0:486:ff92:63e5 with SMTP id 5b1f17b1804b1-48715fc32admr129513005e9.6.1774549099053; Thu, 26 Mar 2026 11:18:19 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-487209378e2sm18783295e9.31.2026.03.26.11.18.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:18 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti , "Borislav Petkov (AMD)" Subject: [PATCH 20/24] KVM: SVM: add GMET bit definitions Date: Thu, 26 Mar 2026 19:17:18 +0100 Message-ID: <20260326181723.218115-21-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" GMET (Guest Mode Execute Trap) is an AMD virtualization feature, essentially the nested paging version of SMEP. Hyper-V uses it; add it in preparation for making it available to hypervisors running under KVM. Acked-by: Borislav Petkov (AMD) Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/svm.h | 1 + 2 files changed, 2 insertions(+) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpuf= eatures.h index dbe104df339b..9f876fbdcc3a 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -379,6 +379,7 @@ #define X86_FEATURE_AVIC (15*32+13) /* "avic" Virtual Interrupt Controlle= r */ #define X86_FEATURE_V_VMSAVE_VMLOAD (15*32+15) /* "v_vmsave_vmload" Virtua= l VMSAVE VMLOAD */ #define X86_FEATURE_VGIF (15*32+16) /* "vgif" Virtual GIF */ +#define X86_FEATURE_GMET (15*32+17) /* Guest Mode Execution Trap */ #define X86_FEATURE_X2AVIC (15*32+18) /* "x2avic" Virtual x2apic */ #define X86_FEATURE_V_SPEC_CTRL (15*32+20) /* "v_spec_ctrl" Virtual SPEC_= CTRL */ #define X86_FEATURE_VNMI (15*32+25) /* "vnmi" Virtual NMI */ diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index edde36097ddc..03e9e0112b10 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -242,6 +242,7 @@ struct __attribute__ ((__packed__)) vmcb_control_area { #define SVM_NESTED_CTL_NP_ENABLE BIT(0) #define SVM_NESTED_CTL_SEV_ENABLE BIT(1) #define SVM_NESTED_CTL_SEV_ES_ENABLE BIT(2) +#define SVM_NESTED_CTL_GMET_ENABLE BIT(3) =20 =20 #define SVM_TSC_RATIO_RSVD 0xffffff0000000000ULL --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D83943A0EB3 for ; Thu, 26 Mar 2026 18:18:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549108; cv=none; b=tWh42JDAyEhwfVLI+xIu/Jrpbhy4zMraZckfK4nCcy3TUodSu1IE/sOqM7Dkqb2tfS47gCyJuAdaeNTD+B8NWP+JcsToX40X2g4f9i4ZVPW7TCsJfqQMKae175n6daAkmqsX04Go+DktfItfVxFrq94C43Xq3NIRMFORNn0IjCU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549108; c=relaxed/simple; bh=SGJyEL+g3PK8q99YNoRrWIpj0f8lp2CxdOfUmoS4uIY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Dzb4OIrN+HQeoMaph008SywlV1nT8fYCzYYspz9CKNDNCgvVg15IyRLaEUMtQA64AaPZDjNe8R+oclHdN0mw2ijbsRkC5JlWj3FmFFOxQ0TCgGNh+NOT6qyBmgAoXHyYKlJcjfklXRyBEl36vDtqw5B9YmntIL3xPEYCku/DJd8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=C8FFfCE3; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=RbcOJ4pJ; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="C8FFfCE3"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="RbcOJ4pJ" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549106; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dNZdUK8Qyt6OMDJgqqvESaDgnX6+IknpbbC3gSjOCX8=; b=C8FFfCE33jU0TqJZi9tc7duDp5hZZADxupFYC9IKAI7S77SdqWrMyvYoC0SnL6GSxxrIQP U7Q3dUIc1fIq33FCwajC3LjOgVqivMgE0fAEtwT+JD/HU/bVX/0GcDPHnc8pO2vFS0E2e+ MdxJoEUDavl6Aaj4W9MPM+UnopdlCZ8= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-587-Tv99tVUuPp6fu8wDf2zWaQ-1; Thu, 26 Mar 2026 14:18:24 -0400 X-MC-Unique: Tv99tVUuPp6fu8wDf2zWaQ-1 X-Mimecast-MFC-AGG-ID: Tv99tVUuPp6fu8wDf2zWaQ_1774549103 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-48544725bdeso21040985e9.2 for ; Thu, 26 Mar 2026 11:18:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549103; x=1775153903; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=dNZdUK8Qyt6OMDJgqqvESaDgnX6+IknpbbC3gSjOCX8=; b=RbcOJ4pJbTMLEHYCGEKxUwyq3U2gd9/2CSLJHZtsl0jKyiAxi2uHf5f1CNcu8tik2Q S7DCOnfUmEzaQq/aeWy8ymL6Hu8S/csPyHglizFQAua3h2I1ReV5g5AOzwW3MDNtQFce LmB+JpP39b/O8tC4HqwYaWkO/VHx7qdXZ1Gcm6G/MK5Zule/ndCajubTVOTzY17tGMHx Eu/mbNDEUPIi4HD+DK9DCoqRV7EJApwijFHMsBQWOTjtbxiRSKBTFtixfv9x94/j0kb5 rAcoONVBFr2u5YPX2LeRiDiUa9N04tkchzUyxCvoCWTaSwzGqPd/aUbc5JQe3uSjrlKo culg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549103; x=1775153903; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=dNZdUK8Qyt6OMDJgqqvESaDgnX6+IknpbbC3gSjOCX8=; b=swPGBJR+L2CqSx96MJhXV2Iv9/t25vqH5qmbpn2eqx9uZaxQwXqlGqUC90nQ+vqA0q q7Si3Wl3vxNBEuk3hLcSJJvMSf+ALEVPHVSGT6vb2Gi2sNHXoa8Hd2vVS/EBd8UmzwlR scGV5MM7VGscuYxdXpK6l1AvwpTUQ4fjraiKmTAP3apPMFm04GK+iFe/TruHmwBP6kuw 7Tn1/K/2POeedWyErrPrrG4hNUOdBPODBeun/aOe9X/ZpQ4bkp67jNvb9vX8qe3A057N EaIpBaSV3Ce5U8qHP9vbkUe8+TLiqPl4haUQQqfdzo7/205i7BYkRNxNuDQxQgXlDM0O u3hg== X-Gm-Message-State: AOJu0Yz9otw6KvSmDO5iuKs96d4GXGfVGI/xDcsFOYLYPrnfJJ/4R76V 7WJjOp+2AvsrTUQMD7wJA8cDJ7XAEZT69MZS4pF84CLb7lZD+ncpw+O+oBYhNr/b+htdjS3vuFz hKMvTOGEQ1/a/hUPh24BLZHYRqEvB3+eGlfoDeRgscwY50Jry1hzZNAzJnAjoUMlE68HOoQtwpO X2KcHlEde+gHaSnhCAIbJxF8ZqPazViEv7t0Jw2Gd2CMmdbdU0Pg== X-Gm-Gg: ATEYQzxTR/i7flOSLHRzX7RECWQkpTx0YNdqDddhyUub3cZ8BZR/jS5FBg+NcmAlSP0 /VjYOBmeU8F4pFrGRZB3YzxhnGIQoxVqbPzvQN7hk05jFt+YwHR8sTGydHDjkDLM1chlnowZVZT zC1fP/vws1jc70JuLDaYMePis7NOYIuKEYL4tmBt7zE9Dt27UJX+vUp5cvvqq1eO4mVCEAtlZNH YoXNfWv5Wc1u4bsGI4bZ4ffNOIKzrWKNngbUyMSmYs7732uqPhlCbuahc5hx5fxjR5Ycr1sDLDb u1AFEMATNmONyWSYqs6llC5Kq8IESoJE+is6T0qwmsOJrlTQjtZyKBMAtHCgKGVGEGIRpYeBz0P ORbXSUhxaI683LXEWazgH9BSlAkW+ZCyOwtETV5PCZBoEysZRmOEObcf3lDclnVSghB3GoZTaCD /9NFUm9kAPZsJ59/QxpiIDzHmU X-Received: by 2002:a05:600c:5296:b0:483:8062:b43 with SMTP id 5b1f17b1804b1-4871605a92dmr127516045e9.19.1774549102487; Thu, 26 Mar 2026 11:18:22 -0700 (PDT) X-Received: by 2002:a05:600c:5296:b0:483:8062:b43 with SMTP id 5b1f17b1804b1-4871605a92dmr127515465e9.19.1774549102000; Thu, 26 Mar 2026 11:18:22 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722be608bsm58241325e9.0.2026.03.26.11.18.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:20 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 21/24] KVM: x86/mmu: add support for GMET to NPT page table walks Date: Thu, 26 Mar 2026 19:17:19 +0100 Message-ID: <20260326181723.218115-22-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" GMET allows page table entries to be created with U=3D0 in NPT. However, when GMET=3D1 U=3D0 only affects execution, not reads or writes. Ignore user faults on non-fetch accesses for NPT GMET. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/mmu.h | 3 ++- arch/x86/kvm/mmu/mmu.c | 19 +++++++++++++------ arch/x86/kvm/svm/nested.c | 3 ++- 4 files changed, 19 insertions(+), 8 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index df46ee605b9b..2a26c8fe3f4b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -369,6 +369,8 @@ union kvm_mmu_page_role { * cr4_smep is also set for EPT MBEC. Because it affects * which pages are considered non-present (bit 10 additionally * must be zero if MBEC is on) it has to be in the base role. + * It also has to be in the base role for AMD GMET because + * kernel-executable pages need to have U=3D0 with GMET enabled. */ unsigned cr4_smep:1; =20 diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index fa1942b126fb..ddca3e3e4eb2 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -90,7 +90,8 @@ void kvm_mmu_set_ept_masks(bool has_ad_bits, bool has_mbe= c); =20 void kvm_init_mmu(struct kvm_vcpu *vcpu); void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0, - unsigned long cr4, u64 efer, gpa_t nested_cr3); + unsigned long cr4, u64 efer, gpa_t nested_cr3, + u64 nested_ctl); void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, bool execonly, int huge_page_level, bool accessed_dirty, bool mbec, gpa_t new_eptp); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 94d7e39a9417..d9eb059d24de 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -55,6 +55,7 @@ #include #include #include +#include #include =20 #include "trace.h" @@ -5553,7 +5554,7 @@ reset_ept_shadow_zero_bits_mask(struct kvm_mmu *conte= xt, bool execonly) (14 & (access) ? 1 << 14 : 0) | \ (15 & (access) ? 1 << 15 : 0)) =20 -static void update_permission_bitmask(struct kvm_mmu *mmu, bool ept) +static void update_permission_bitmask(struct kvm_mmu *mmu, bool tdp, bool = ept) { unsigned byte; =20 @@ -5614,7 +5615,12 @@ static void update_permission_bitmask(struct kvm_mmu= *mmu, bool ept) /* Faults from kernel mode accesses to user pages */ u16 kf =3D (pfec & PFERR_USER_MASK) ? 0 : u; =20 - uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; + /* + * For NPT GMET, U=3D0 does not affect reads and writes. Fetches + * are handled below via cr4_smep. + */ + if (!(tdp && cr4_smep)) + uf =3D (pfec & PFERR_USER_MASK) ? (u16)~u : 0; =20 if (efer_nx) ff =3D (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0; @@ -5725,7 +5731,7 @@ static void reset_guest_paging_metadata(struct kvm_vc= pu *vcpu, return; =20 reset_guest_rsvds_bits_mask(vcpu, mmu); - update_permission_bitmask(mmu, false); + update_permission_bitmask(mmu, mmu =3D=3D &vcpu->arch.guest_mmu, false); update_pkru_bitmask(mmu); } =20 @@ -5921,7 +5927,8 @@ static void kvm_init_shadow_mmu(struct kvm_vcpu *vcpu, } =20 void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, unsigned long cr0, - unsigned long cr4, u64 efer, gpa_t nested_cr3) + unsigned long cr4, u64 efer, gpa_t nested_cr3, + u64 nested_ctl) { struct kvm_mmu *context =3D &vcpu->arch.guest_mmu; struct kvm_mmu_role_regs regs =3D { @@ -5934,7 +5941,7 @@ void kvm_init_shadow_npt_mmu(struct kvm_vcpu *vcpu, u= nsigned long cr0, =20 /* NPT requires CR0.PG=3D1. */ WARN_ON_ONCE(cpu_role.base.direct || !cpu_role.base.guest_mode); - cpu_role.base.cr4_smep =3D false; + cpu_role.base.cr4_smep =3D (nested_ctl & SVM_NESTED_CTL_GMET_ENABLE) !=3D= 0; =20 root_role =3D cpu_role.base; root_role.level =3D kvm_mmu_get_tdp_level(vcpu); @@ -5992,7 +5999,7 @@ void kvm_init_shadow_ept_mmu(struct kvm_vcpu *vcpu, b= ool execonly, context->gva_to_gpa =3D ept_gva_to_gpa; context->sync_spte =3D ept_sync_spte; =20 - update_permission_bitmask(context, true); + update_permission_bitmask(context, true, true); context->pkru_mask =3D 0; reset_rsvds_bits_mask_ept(vcpu, context, execonly, huge_page_level); reset_ept_shadow_zero_bits_mask(context, execonly); diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index b36c33255bed..99edcca7ee64 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -95,7 +95,8 @@ static void nested_svm_init_mmu_context(struct kvm_vcpu *= vcpu) */ kvm_init_shadow_npt_mmu(vcpu, X86_CR0_PG, svm->vmcb01.ptr->save.cr4, svm->vmcb01.ptr->save.efer, - svm->nested.ctl.nested_cr3); + svm->nested.ctl.nested_cr3, + svm->nested.ctl.nested_ctl); vcpu->arch.mmu->get_guest_pgd =3D nested_svm_get_tdp_cr3; vcpu->arch.mmu->get_pdptr =3D nested_svm_get_tdp_pdptr; vcpu->arch.mmu->inject_page_fault =3D nested_svm_inject_npf_exit; --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C0D293A6416 for ; Thu, 26 Mar 2026 18:18:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549112; cv=none; b=mDYCF5ANfuE+ovSBDQrSwDoWk1+PeZBuPmO8mfL7PTOQl9z6YAs6jCbpbVbsK/r6Wh6iIJuLpggdeBsvmErAibE8Ep5+Vz19UOA6h05EGQYoCsd+72LshTTaYnotBN/iywRiksDJgMg7KOFB7byu0V294fHTVW5T7Q2qw5IHdcE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549112; c=relaxed/simple; bh=qRhFsWjjq1QHV4ESmJrlgg2iUUx+Ynq+/rCxF1atDMs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hsJFi6FD7c6MiP8heQx19lS+cf3MyxsgzweriBu1CohsRTvEWk2MZ91SeDgt33nYPRCYeLU1zPTufuLp8cGhk4oG4eocjoCCKq3G+qZIWIo78UKXrDdnIl5sEGvSsSFPpSh3Uk4rRc8trDjppEbhLkR40uTUr17+0baWGGz0HX4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=f/wfCaL3; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=p5HrN07O; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="f/wfCaL3"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="p5HrN07O" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549109; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NsBEtpThqUJXE21zAYs9X1eFe9CQW/ThT95VzOz+wKU=; b=f/wfCaL3FE0NH4FaH1aovFkvmUrB1oWBML7ZYubPSRpuvtyXxhflYrm3esCDNIqN590ALX d28Owg8Y56fXddven7so6321OMq5LvoalI6OdDYFftZXLBeMBAsdcqGp6bQ6Z98oP2DRxA BrNA5hs03N9b5HH2Z0Q9+PxV8sZ2HV0= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-562-YbWwW8IPMYOMjsoSygVHvQ-1; Thu, 26 Mar 2026 14:18:27 -0400 X-MC-Unique: YbWwW8IPMYOMjsoSygVHvQ-1 X-Mimecast-MFC-AGG-ID: YbWwW8IPMYOMjsoSygVHvQ_1774549106 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-48532df52c5so11942695e9.1 for ; Thu, 26 Mar 2026 11:18:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549105; x=1775153905; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NsBEtpThqUJXE21zAYs9X1eFe9CQW/ThT95VzOz+wKU=; b=p5HrN07O0RWfOWRCHl0quHrLxOzOv/5IyG2h4HLVQiziCWRmgCYbaN8ny/ylb7UYA3 Zg5dZ+m5i7etH9WOoUDQ3a/1P+kLCziKRHAHop9KeyKsW7p2ZkcZXouFqcC0zDDatLcS oN81ktMZZfYC08HeVNwRIVD9erD3mMQDo/g7oE03PrhbDKpDZYd0Ad5isiBsEMTOXAeX DlGHTPsZV7n46Ys8+sPXgn1XzgQp6b1EMgfjbL6yEH3o6PYeogQWUDmV7oinCXarPEKV +2sC2+It0t/m1GplNRpxjI0gy701meGwPiFE2IvS9KeAuPreUW+aJivbQ7+4P8broWvD 9GQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549105; x=1775153905; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=NsBEtpThqUJXE21zAYs9X1eFe9CQW/ThT95VzOz+wKU=; b=kYkOnbUHf7loypBzG7OhcDKvecGlZfc9zi83VF/u6sPflAlbjEr3IvOhvH4li8hk3l qiXw/66PKDh/8acr00YG6rw5yBT+oubYic2Ex+EeDkf56oGHrkbb8W7WyS0VgIzbBxxc kjzuOMpZmSLn8h6MkseOQWMiJHi3lsv5wWLscE7zJZNid7oHh/md5Ut8SFleD+l5u6+f 39pGMW47BS8VK4DrNBttXITPXfyDQJdVe8/BUSJVCqPtn22DPlEv2ydI8zQHdNDTSXsM QrQlf2F0ANzU1ft0OH4P5NWfB0aPoL+xfyAxS2qQIN5y+JbPym9mDI4xYmGlRkaBkTJ8 UeLw== X-Gm-Message-State: AOJu0YyaHnsiaTj+Rzj9ROd86qzDgksGLdeEbSi9YP7o5ioo7jRjEdbA tZXACee2UrlZ/Q3SSbFKFWCLVM4SvlULMERPWqVCcKCgRNQOQywvM1D2xXAhHOSWOxC1U6UMj7+ T84s7PXDL1xmiVbvnQ3s1FWNoslzRyG+sBnciGLVW4BtLqWWrxSlDTdpy2bzVOlRflopNRsllNC TtgNRkmujFxiSWm/wsMaebtEiUIA8+rRXuYEnmRjBB8pPtHqCwNw== X-Gm-Gg: ATEYQzwOBN8pQZoPPIxDiB5jfRoDlgB+AjBHirLoxzBvCQyJ89HMt2fLxlvv21Uro6Q g4og5ytTEuBW6cxS0jr/7PeBwSqIIkDpcsH+wYBaMIQPE8iR9OcOdeu+aCh8c1+/iGvgkKzyXLM 4rXztj8kVYHuCnFpXtStfyvER9n+xgEbtfrMjozdLq0zakxjLyQBbhxkkb+uYSbxJXCPwQOH+0F t7oK/GYsFKRSadGp88BevEMak6QMmAZx67/bIFbs7c4GdWPMfge+hAxv3g3hEIOADERF5Q9m58A Pv0pr/S4i7MnwbZt55bZ0MaN/QHIX6UGFuW/VBm+9Gz0vWAjN+PvW97IIFobxISEXAQ+Q39NJdJ Ql9vOwshwxRWc7aL1WhYemZZpBo5F74APGf7sGtwPCjGz1/3RLuEftWIfNCOv5VhJ2hB+8M6up6 xwgdR/wO1l0K4bEYT3XlPDaWG5 X-Received: by 2002:a05:600c:37cc:b0:483:9139:4c1d with SMTP id 5b1f17b1804b1-48715ffc221mr140191855e9.14.1774549104885; Thu, 26 Mar 2026 11:18:24 -0700 (PDT) X-Received: by 2002:a05:600c:37cc:b0:483:9139:4c1d with SMTP id 5b1f17b1804b1-48715ffc221mr140191135e9.14.1774549104332; Thu, 26 Mar 2026 11:18:24 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722be608bsm58243545e9.0.2026.03.26.11.18.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:23 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 22/24] KVM: SVM: enable GMET and set it in MMU role Date: Thu, 26 Mar 2026 19:17:20 +0100 Message-ID: <20260326181723.218115-23-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Set the GMET bit in the nested control field. This has effectively no impact as long as NPT page tables are changed to have U=3D0. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/mmu/mmu.c | 6 +++++- arch/x86/kvm/svm/nested.c | 7 +++++-- arch/x86/kvm/svm/svm.c | 16 ++++++++++++++++ arch/x86/kvm/svm/svm.h | 1 + 4 files changed, 27 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index d9eb059d24de..51eb3e69f3a8 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5836,7 +5836,6 @@ kvm_calc_tdp_mmu_root_page_role(struct kvm_vcpu *vcpu, { union kvm_mmu_page_role role =3D {0}; =20 - role.access =3D ACC_ALL; role.cr0_wp =3D true; role.cr4_smep =3D kvm_x86_call(tdp_has_smep)(vcpu->kvm); role.efer_nx =3D true; @@ -5847,6 +5846,11 @@ kvm_calc_tdp_mmu_root_page_role(struct kvm_vcpu *vcp= u, role.direct =3D true; role.has_4_byte_gpte =3D false; =20 + /* All TDP pages are supervisor-executable */ + role.access =3D ACC_ALL; + if (role.cr4_smep && shadow_user_mask) + role.access &=3D ~ACC_USER_MASK; + return role; } =20 diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 99edcca7ee64..4c7bc0e7f908 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -829,9 +829,12 @@ static void nested_vmcb02_prepare_control(struct vcpu_= svm *svm, /* Also overwritten later if necessary. */ vmcb02->control.tlb_ctl =3D TLB_CONTROL_DO_NOTHING; =20 - /* nested_cr3. */ - if (nested_npt_enabled(svm)) + /* Use vmcb01 MMU and format if guest does not use nNPT */ + if (nested_npt_enabled(svm)) { + vmcb02->control.nested_ctl &=3D ~SVM_NESTED_CTL_GMET_ENABLE; + nested_svm_init_mmu_context(vcpu); + } =20 vcpu->arch.tsc_offset =3D kvm_calc_nested_tsc_offset( vcpu->arch.l1_tsc_offset, diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index e6477affac9a..1705e3cafcb0 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -135,6 +135,9 @@ module_param(pause_filter_count_max, ushort, 0444); bool npt_enabled =3D true; module_param_named(npt, npt_enabled, bool, 0444); =20 +bool gmet_enabled =3D true; +module_param_named(gmet, gmet_enabled, bool, 0444); + /* allow nested virtualization in KVM/SVM */ static int nested =3D true; module_param(nested, int, 0444); @@ -1170,6 +1173,10 @@ static void init_vmcb(struct kvm_vcpu *vcpu, bool in= it_event) save->g_pat =3D vcpu->arch.pat; save->cr3 =3D 0; } + + if (gmet_enabled) + control->nested_ctl |=3D SVM_NESTED_CTL_GMET_ENABLE; + svm->current_vmcb->asid_generation =3D 0; svm->asid =3D 0; =20 @@ -4475,6 +4482,11 @@ svm_patch_hypercall(struct kvm_vcpu *vcpu, unsigned = char *hypercall) hypercall[2] =3D 0xd9; } =20 +static bool svm_tdp_has_smep(struct kvm *kvm) +{ + return gmet_enabled; +} + /* * The kvm parameter can be NULL (module initialization, or invocation bef= ore * VM creation). Be sure to check the kvm parameter before using it. @@ -5224,6 +5236,7 @@ struct kvm_x86_ops svm_x86_ops __initdata =3D { .write_tsc_multiplier =3D svm_write_tsc_multiplier, =20 .load_mmu_pgd =3D svm_load_mmu_pgd, + .tdp_has_smep =3D svm_tdp_has_smep, =20 .check_intercept =3D svm_check_intercept, .handle_exit_irqoff =3D svm_handle_exit_irqoff, @@ -5464,6 +5477,9 @@ static __init int svm_hardware_setup(void) if (!boot_cpu_has(X86_FEATURE_NPT)) npt_enabled =3D false; =20 + if (!npt_enabled || !boot_cpu_has(X86_FEATURE_GMET)) + gmet_enabled =3D false; + /* Force VM NPT level equal to the host's paging level */ kvm_configure_mmu(npt_enabled, get_npt_level(), get_npt_level(), PG_LEVEL_1G); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 6942e6b0eda6..41042379aa48 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -44,6 +44,7 @@ static inline struct page *__sme_pa_to_page(unsigned long= pa) #define IOPM_SIZE PAGE_SIZE * 3 #define MSRPM_SIZE PAGE_SIZE * 2 =20 +extern bool gmet_enabled; extern bool npt_enabled; extern int nrips; extern int vgif; --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 29B543A0EB3 for ; Thu, 26 Mar 2026 18:18:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549113; cv=none; b=B0DFvT1dr6SyPFiuXyeg4iqrRe+KrHYSRlt9QF/NzBo4HW2un9JgnI8rCmr5szW1DPz8wPAd6YoXG5KMzrBM6mnlQDnOp+Y6pb+uhHz3+DhLyMaHOq+BAyT514YuO8lmTtajKP7HJ1zoyQOhsJ6LqxIYB1bTmQbNaNHDLqKuG4U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549113; c=relaxed/simple; bh=bCeunf4aD6VnWOdwN1AXGMHgrohJ0mEw507F8rqPwnQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UDVFLoHlJNBCjiIKu2YD82HF+0AI45O/1fKfqeSka4sUg1xg05qKKtTv8Nxq8enZ4mZGBCx3KyUZatq3jzI2dJ6FdMotK3kOpuYzQp7F8yQSohUyG+b/ie22RpSJqCjVxvycgLI7dILmh9/+APK+C91ry/p88i04pitH57jRTWA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=E7NB6JwC; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=gNLlGdq1; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="E7NB6JwC"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="gNLlGdq1" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549111; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jHVbX3hFS+vC3v0LRpnVDXrZsOhD+5Tu40Fbv1jZAKo=; b=E7NB6JwCqAGS1QeJYA1H3x3px9yf+HnmXA/DPkGfHTf18SDdAyTExP2sQLRiCZVGfGaOTB 6oMGkqBXvl+lTgHhYmMriGL0jGVVyb0J8VCj74E0/YpF7ytA1iKydi6p42nUdfdwWQ4n01 o7tSCW6zaoiJ9lbD/uMqxsMAYiCUq04= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-404-LJhUIt1APxiVzsRtmHF-BQ-1; Thu, 26 Mar 2026 14:18:29 -0400 X-MC-Unique: LJhUIt1APxiVzsRtmHF-BQ-1 X-Mimecast-MFC-AGG-ID: LJhUIt1APxiVzsRtmHF-BQ_1774549108 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-487219e0800so7522705e9.2 for ; Thu, 26 Mar 2026 11:18:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549107; x=1775153907; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jHVbX3hFS+vC3v0LRpnVDXrZsOhD+5Tu40Fbv1jZAKo=; b=gNLlGdq14vkHCZDf0OQc3n2ai2oBwqTF/2hXUMIkPrXnS7m9Uih1UGFp5ftC1QJqHK mT98vbmsYbMD55IHqTjpZNk+6IBN363FtxPZ1rmiqv1xJYdbELD6cbngGFm70qynVR+/ mO37MCbQMOf91zXp9s62CXidiP/V7Wwl31cMrCMt+0gHycsRUJRquyqdfGdsxU7zA1Dh o3HzillrCwYXRYjkerDK1nxVcfQFYkaXVQ3wNACnacalHVLmRDxyVOp0nGxLoOMNXuR6 +yG9fgJ9wZhiVCUcXA3U5MaVayCpPzp0sxxC/hylZXHEPSImnj5mu++q3+Wh1BHXDrXX ojkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549107; x=1775153907; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=jHVbX3hFS+vC3v0LRpnVDXrZsOhD+5Tu40Fbv1jZAKo=; b=MnE0Z3GG1K+z3XNuktwhQiJiJL9I5/5MatB8qIB1lcBJKjcN6J/NuN7gIpSjagLHvR 0yq/lA6Fv5B0/IA5rupMvakOxYgn60Z4tqEnektfQxY5NhZKw5N2Lr5RbapLc+FjOpy2 +R3tgtKGBwPKKAEQRLyHQFGLJYLUxJ3YGJg88zDYZnf+s4tNNmIMtGhYPC0sCY13epVt FKE6REjJoia4tfPSs5AZHrpoXxTv2Yp9woxuJqt+x2oDJ5TUo2fTBpXM81r7dFjsQKvD TvrWR/2SCwguxpR1DF8qgQMW8K0wqVkZgxSVI73YLR513c63Ol3bnD7vnEprrMhe6kzc snrg== X-Gm-Message-State: AOJu0YxxkfdB/q510p9JbBeTiJ0JMFsch16NlfGne2PZ3dKcvEdip53u NtAnnn/zJ3zP9c7dDk3LMe/KoYIA2ty9KMN9NWHJuaJgVf+ueaTO5n8UkticnvwlBwNQGgfNJYE tImoH84bMmI+Ti0uDBr/+YS/7sjz7FWhk06978ji2ErqKSiQpT9obL49+TvawB6CwZ41TGG+EdQ dONIrOdJP08EbQAyDu1p5tQ273SgoAEI0LJdLbymHg2Q7eA0MTXQ== X-Gm-Gg: ATEYQzwoytn5Hw0fwggcUmeWJTPfDNY6+vfq8wpNMawrQ7MAeLLCxu8qQXjzJB+/RSh pEA2Zjt7YS/fptwyTMmEGwEB5KsdrXrSrhNTWraJWjvYObAY6FO7S8gt4bRuh10mARJmApPx+fU 0CGfcqYBxu3dpaGLIgrESfDNghLZSMQSll1GJAEFIRJ3nidCBzlVc/mdGa9JojAmVWPOiYV/Dw4 LLt2YLMfmeem2d7YNosVhYzPKvI/1LasgZpC4JZ2TS5sswAtds/tmiRaxFFCKphLAb3+x8DqMMV KfGnBeXFDsuLf9naQedPl60Kijh3Emw7qBUm3pMg86aYZABX2fnkkNWJWdE9XCQqQxZasPA2SEF CpCCsTrZPuSifh0Y2lwhTZnkkGMeFMNopzB00sSm1ljDrku7eQH0QvKfrUl1hlUZ4KigleooSqb T6qUpLUDW3veUezlVaOtUspHaJ X-Received: by 2002:a05:600c:a010:b0:487:4cb:2fe4 with SMTP id 5b1f17b1804b1-487160bccf1mr136109075e9.33.1774549107349; Thu, 26 Mar 2026 11:18:27 -0700 (PDT) X-Received: by 2002:a05:600c:a010:b0:487:4cb:2fe4 with SMTP id 5b1f17b1804b1-487160bccf1mr136108355e9.33.1774549106779; Thu, 26 Mar 2026 11:18:26 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722c6b105sm87552805e9.1.2026.03.26.11.18.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:25 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 23/24] KVM: SVM: work around errata 1218 Date: Thu, 26 Mar 2026 19:17:21 +0100 Message-ID: <20260326181723.218115-24-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" According to AMD, the hypervisor may not be able to determine whether a fault was a GMET fault or an NX fault based on EXITINFO1, and software "must read the relevant VMCB to determine whether a fault was a GMET fault or an NX fault". The APM further details that they meant the CPL field. KVM uses the page fault error code to distinguish the causes of a nested page fault, so recalculate the PFERR_USER_MASK bit of the vmexit information. Only do it for fetches and only if GMET is in use, because KVM does not differentiate based on PFERR_USER_MASK for other nested NPT page faults. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/svm/svm.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 1705e3cafcb0..700090c3408c 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1957,6 +1957,17 @@ static int npf_interception(struct kvm_vcpu *vcpu) } } =20 + if ((svm->vmcb->control.nested_ctl & SVM_NESTED_CTL_GMET_ENABLE) && + (error_code & PFERR_FETCH_MASK)) { + /* + * Work around errata 1218: EXITINFO1[2] May Be Incorrectly Set + * When GMET (Guest Mode Execute Trap extension) is Enabled + */ + error_code |=3D PFERR_USER_MASK; + if (svm_get_cpl(vcpu) =3D=3D 0) + error_code &=3D ~PFERR_USER_MASK; + } + if (sev_snp_guest(vcpu->kvm) && (error_code & PFERR_GUEST_ENC_MASK)) error_code |=3D PFERR_PRIVATE_ACCESS; =20 --=20 2.53.0 From nobody Thu Apr 2 18:47:36 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8044C42EEB4 for ; Thu, 26 Mar 2026 18:18:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549114; cv=none; b=VGABmwZ+G/Rlfqwou4qqnGYAw2MWUJIjyxHR+H2PYFmD0cBaO4uLhOIxARMoRD3F+OCg4cuxmbSUlOwjJOc0mNsNXCRYujDfjIHMjHf4FYHfVIGJZLx9YYHZx3sx5ZmW5S8nQeHaFXRBYkMb42sn2gKpNM1RH00urfYASQKCsCk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549114; c=relaxed/simple; bh=KyJghWuDVBsbgkhZkBaY+oSIj/LbtZ/LGaEKZV/V7ZQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=oeCOpI4ubp3GkC4+gdZvSLU7XRgExNZTE7bQO7v+yJxEfHhEoXAgzWMlUZoNzCKVqrvjnTsdBuVPJoRvU3X/X0zasfoNjVv9doa4vpT8LGOZD0e9pfXiyh/WyheZfho0HqABeGDSDbkOxaxhMstwrobLUSJwg8UmlghWZQpGMAc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=E7x7R6Np; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=Ltb3BX/x; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="E7x7R6Np"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="Ltb3BX/x" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549112; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EJv4bFxkGZXT+fQXF05wmQFYDvr/WaoBBgiyg84ew/A=; b=E7x7R6NpyY7GFdXGD/uUUSKZ1zgCn4QK7MJOTv1gcyLxkKNlp1By8qXieP95ZuloAMKm+B Us1DRaK2TZuruV3qrIqpyRokiHPR3gomD70ZqdcUXFJ0zZtaHZGaA238AnnFmD0ZXMu0eM CZl0J4LjQlD4+dMIx1nNCfRnp2aE9ys= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-689-N9yk59omOWOPebe4PgK68A-1; Thu, 26 Mar 2026 14:18:31 -0400 X-MC-Unique: N9yk59omOWOPebe4PgK68A-1 X-Mimecast-MFC-AGG-ID: N9yk59omOWOPebe4PgK68A_1774549110 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-486f830f4e4so833765e9.1 for ; Thu, 26 Mar 2026 11:18:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549110; x=1775153910; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=EJv4bFxkGZXT+fQXF05wmQFYDvr/WaoBBgiyg84ew/A=; b=Ltb3BX/xa0mGZtjv0sXsj56ix2jvd4VAM1ItB4z8W7g9/YDIXLrIl/8Iub+s0jtk7d VdldVAJVuRphPc236uu+f+BdjgOf5psgTTS0tuOD34vlDG3xiRZMkeKv/qVHIwmx2jQH LVj0xpYnFj+2Sv1PqUufHP23vbDzytTAsb5zWivWbMyCv09OJGR9XEHjseB9A3wWWc7M lilnhNwNwPKcqVjhR5nDDunuene2byBjVqwfKl12lBizxzGpRkJRrZv+sV91J2tuCIPD jhd14u6vM5Kc54gWczdokeM7pkWp+6Ad/UFHYgR7Kzo5F0ruMJqo/JkNDDWr1SNaPagi sLWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549110; x=1775153910; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=EJv4bFxkGZXT+fQXF05wmQFYDvr/WaoBBgiyg84ew/A=; b=PZjMIpKe2hp3JI88e+o5ZbmNqtEaxQU6Qhze0VycRldCp5laJKNHlSeyE0AzTeMPar XTboR7tTkGW5W4YdheYcygOpSrG4PtOGcEw5zSN/KDn5Xs2ftv+IzMswCcehLyHYBiD0 tBb+S90IEsuqJjw1q95reeib4l/JA5l/86LyBTPkxy3CxJnRmJWGwGgrQAM6WIuK5b5o oBsVS4lKLCwosREnAF8IQXJUzKUgFJBweS4wk+ZGnCYrsAKXWhetUWMF6CdWQl1BVdCK yHfsOTuFjq20PbP0eKmKLVHfFFgMK7wly5cPsLAkNM7OnbFaH3J0mCc84XMaeuqh3qeh U6WA== X-Gm-Message-State: AOJu0Yz45mWoWQsQ7vmK4kQqT8GB56mJW4Wb8DuFyYEJ60V8WIY7yKux APSTXJ1fqYK6+mFwbY5AHCcQyyZNbjja/Sz2BQp1ROU7JiWR29I9utpRlHCDsptiw5jX8ZsBbgl ZCq/8/V8KgsYT82Y1k+QIQ/5cOfmXR8T4U4EtnsANlCEWp7F82I/PDccrrhYAKoEk+YTIXYP1DD Wk2WeUuY5OYrOMBV7dTU5WcwwV5S9/zMXtbIl4l3FtMPbX7oHQWw== X-Gm-Gg: ATEYQzygq+2Aqh21p2cWfjRavMLqOQoPJL8qOtH9Sfs3Pva9KoLM+wtuWkt218AkAzW uYAoZIeV1rLvuhDGImnNyNInvAXrdNtXvG+I+T3OExNyv85zBECg3pXO/aGWXR4EYz5M3eH3a0R MS3PZNef/U6SlSqXZVYR/rAuB8sb7Mx+dX3w7rq26wO3kTLGi5km4j60GLX0pLQ6SdJ03VKYD44 dP6qMHKi8YdJ+OlmpEp2xT3uLO1+vrb9b3imafdLeZxHQ0pB3YssAomdNEGPzGgewENBHNe1Hdk 0uz2OpnMbfGszL5pz/fxzl5Qb2HLHWhvdkOdzGIk1OW/l+ojN4+HVOsy/zjIr2qOZAkSNrsoduh DNJKkPuFy5xbCO1MZ5ueZWI+YdBT59wpYngsPzCnXyEFqU0Oj7wMrHPqCdDWeaOhq8IchF/Yfkl xZuz92i4IbX1nMYU1a8Pa6EU0g X-Received: by 2002:a05:600c:4685:b0:483:6a8d:b2f9 with SMTP id 5b1f17b1804b1-48715fc3994mr129405795e9.5.1774549109949; Thu, 26 Mar 2026 11:18:29 -0700 (PDT) X-Received: by 2002:a05:600c:4685:b0:483:6a8d:b2f9 with SMTP id 5b1f17b1804b1-48715fc3994mr129405095e9.5.1774549109381; Thu, 26 Mar 2026 11:18:29 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48722c6b495sm102069845e9.2.2026.03.26.11.18.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:28 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 24/24] KVM: nSVM: enable GMET for guests Date: Thu, 26 Mar 2026 19:17:22 +0100 Message-ID: <20260326181723.218115-25-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" All that needs to be done is moving the GMET bit from vmcs12 to vmcs02. The only new thing is that __nested_svm_check_controls now ensures that ignored-if-unavailable bits are zero in svm->nested.ctl. Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/kvm/svm/nested.c | 6 ++++++ arch/x86/kvm/svm/svm.c | 3 +++ 2 files changed, 9 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 4c7bc0e7f908..235477bac7e7 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -343,6 +343,8 @@ static bool nested_svm_check_bitmap_pa(struct kvm_vcpu = *vcpu, u64 pa, u32 size) static bool __nested_vmcb_check_controls(struct kvm_vcpu *vcpu, struct vmcb_ctrl_area_cached *control) { + struct vcpu_svm *svm =3D to_svm(vcpu); + if (CC(!vmcb12_is_intercept(control, INTERCEPT_VMRUN))) return false; =20 @@ -364,6 +366,9 @@ static bool __nested_vmcb_check_controls(struct kvm_vcp= u *vcpu, return false; } =20 + if (!gmet_enabled || !guest_cpu_cap_has(vcpu, X86_FEATURE_GMET)) + svm->nested.ctl.nested_ctl &=3D ~SVM_NESTED_CTL_GMET_ENABLE; + return true; } =20 @@ -832,6 +837,7 @@ static void nested_vmcb02_prepare_control(struct vcpu_s= vm *svm, /* Use vmcb01 MMU and format if guest does not use nNPT */ if (nested_npt_enabled(svm)) { vmcb02->control.nested_ctl &=3D ~SVM_NESTED_CTL_GMET_ENABLE; + vmcb02->control.nested_ctl |=3D (svm->nested.ctl.nested_ctl & SVM_NESTED= _CTL_GMET_ENABLE); =20 nested_svm_init_mmu_context(vcpu); } diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 700090c3408c..430e4f4ef55b 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5372,6 +5372,9 @@ static __init void svm_set_cpu_caps(void) if (boot_cpu_has(X86_FEATURE_PFTHRESHOLD)) kvm_cpu_cap_set(X86_FEATURE_PFTHRESHOLD); =20 + if (boot_cpu_has(X86_FEATURE_GMET)) + kvm_cpu_cap_set(X86_FEATURE_GMET); + if (vgif) kvm_cpu_cap_set(X86_FEATURE_VGIF); =20 --=20 2.53.0 From nobody Thu Apr 2 18:47:37 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 53BBD3A453D for ; Thu, 26 Mar 2026 18:18:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549117; cv=none; b=V5+AD9U9vnZtELTWCMKj4sEpjJPYQNbwjBP4nFLaemHxL7TPrQPG33ef1DAYksi9Y6bQZbgO1nXKAqLZYOdCOpBA89lrzYMQ9c1aXVVTRQ/rTqTv6PxUtmwR5m/yXuGQOlNAV/yMRNAyPkPk4S22m1s9yE7WX1oTDE0yXmvbQWA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774549117; c=relaxed/simple; bh=VqDC5nq0YNGqKNZ6RKmT3do9bT1aOH4fFp5OqMgujK4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=t4aISLeSiRGFqEFWMdPpnLPrQd7UK49AhxfSefPZgnVySwy7sMQYmdl5f8FzG0NAjXcY6Cd33JDQkiMW+Sdurf8V0dse6B2BLTeInjGKvSO4yjbdRSxvwvJe5pFaVEht5d2zElfgwe3EA1bS7jYfepk2hOr/+l8D6kvYdWVHOCU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=dowjdQNt; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=j1Wm4oqu; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="dowjdQNt"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="j1Wm4oqu" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1774549115; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=HYNGVWrKJXR6S3Kdoud61y7GGD55W7Al+2THWDfCOTw=; b=dowjdQNtp7bcCxRdCUj+uYNm6O7BLae4G+IwzjhGGlmOMSxdRkBgFVTmQpHTilIssPXQu9 Wr5V9IjW7180SH+9puEVEYlxI5ZfmD9RZz7XwmGqHmZ5UWaASVAZuwHj8ABAd/FjtO5uOc +zhnl1bnDJ9GSnFYXHcksPWBA1ywhGA= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-646-Ss-UaQi-O9i-KoANNzRVzQ-1; Thu, 26 Mar 2026 14:18:34 -0400 X-MC-Unique: Ss-UaQi-O9i-KoANNzRVzQ-1 X-Mimecast-MFC-AGG-ID: Ss-UaQi-O9i-KoANNzRVzQ_1774549113 Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-486fb29a8b8so9716015e9.0 for ; Thu, 26 Mar 2026 11:18:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1774549112; x=1775153912; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HYNGVWrKJXR6S3Kdoud61y7GGD55W7Al+2THWDfCOTw=; b=j1Wm4oqu0B2jyLQymexPN11iS5AdsBWVEnEP2qLb0/h4G9xZdNZTlRybnQo/AI/Tfn o9Jh4AE5ZV5sBS3tAlYjFgPlN4KXxRpH0WoOEcI23JWg9xmcuRoTpXtn/Mj1JaG2vPxm 6yXMljda38lGbh3MUKovkRXptOvoCdUSyp3Ii+NYJsAwXYIDQNZOAcTmJZgLVRMW2epE 73QF35r0kGN4JvDuvtV71LrAObG4NBpx9bxT/CpEE+9E/BAVouTXtthHcElNDPBetSsM XYWSsaPYVnxw/9yn3JRA4Mjvbj/HQV24aw9bVAlgD0cmq9KZeK0QKv9O6ao0uPsHfFVs 74uw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774549112; x=1775153912; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=HYNGVWrKJXR6S3Kdoud61y7GGD55W7Al+2THWDfCOTw=; b=AzXWqHr9FgnRI2FGuvQTM9w8VZntTxNUPQvmslVELu00+JEYbtIOjjKawvPVuKfH0O QbCglLmwij0GFOo1eJ9H2au5fxhuZBIIDpGBTTVmdmau98v0kp5YObXM2E/ExpTnF+Cw /kBCjH7m3JHLdUr24aEyAX6qQRNxludv715BRCXipqvfLU/XedqE0w8nmuOu+lvJXrOn N/KcyidPwa0KeyhCYljqwKU5z6z5yuqkJLMD/8LTtWU1kf88QRYJvKuWy8OKVO6FJe9V 2EYJoylAoJYrnZrgaMJITWDAkQRZ1Fti115HiRkW+GmpMxh1/ue+yudTEf38noRBO4XJ fKdg== X-Gm-Message-State: AOJu0Yys2ZkI6K+fPdQpVontJE758qHppewO+J+hWFe+OYYLJfNnArea Xt7K0seGDRYS59hnYIzY/NJnyaIECGjoNRyaaQxZIJeAl5O0sm6+HzGOhuMrj5xDgWUs1uI4p/5 3Eqo4HpfQGNc6kmhkr5l0bSlMB48tfQs50+/4AP4dBVYWvhYFK2hcGnPmmt09tOl4p0YV3pehhk 1vl0r69CFP+UTu+a/45TFAOKrj0z5b/Tc2VV3zmgTTY6zvvtXNgQ== X-Gm-Gg: ATEYQzzv8+CyRoq6xAd9Y2HqwoZc5yxrld97AcUum5GchtFc+2yPtIKnMWS0F1rLt7o Am3KakslRDdAej1OhIsalI6LsBEVILpD60wnSPR8HOFw7Qj8INZVUef2UWdcxlIJpSv+En9so6t IPO/eSKvyHdi+mkwOoiSkt1a6Dx3dpBJT5dh5kqiUa+7Psxj04ju6cULyeGvMfNjAzcgHDWHeB7 f6BMYJ0DoZeEOr98CcmTOYOXjROjufxiBbDWZ4YqOGMTyh9D+fY/pMmAaO+/f4cVwfoRyrNNxu5 RBk+xmQ6i9XL/I5tc83YgYp55st+ISz/MOA7y/qyhEJ0IZuS/rR/L8XqVvY+35hhksNaUsuhb9S Todp7zgUdP/PG6GOPZonnSYmjeU3l/bG576l9RBRXDjVKFmECTQ76TAsh59KyXb2/540waVcUCH ih1D4L2Q4hicsv1WmPkeLhp7ud X-Received: by 2002:a05:600c:c10e:b0:485:3af5:7e53 with SMTP id 5b1f17b1804b1-48716039dfamr105341875e9.19.1774549112360; Thu, 26 Mar 2026 11:18:32 -0700 (PDT) X-Received: by 2002:a05:600c:c10e:b0:485:3af5:7e53 with SMTP id 5b1f17b1804b1-48716039dfamr105341435e9.19.1774549111836; Thu, 26 Mar 2026 11:18:31 -0700 (PDT) Received: from [192.168.10.48] ([151.49.85.67]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b919e7111sm9497117f8f.37.2026.03.26.11.18.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2026 11:18:31 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Jon Kohler , Nikunj A Dadhania , Amit Shah , Sean Christopherson , Marcelo Tosatti Subject: [PATCH 25/24] stats hack Date: Thu, 26 Mar 2026 19:17:23 +0100 Message-ID: <20260326181723.218115-26-pbonzini@redhat.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260326181723.218115-1-pbonzini@redhat.com> References: <20260326181723.218115-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Signed-off-by: Paolo Bonzini Tested-By: Jon Kohler --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/svm/svm.c | 2 +- arch/x86/kvm/vmx/vmx.c | 2 +- arch/x86/kvm/x86.c | 1 + 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 2a26c8fe3f4b..1bd12c03c319 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1705,6 +1705,7 @@ struct kvm_vcpu_stat { u64 nmi_injections; u64 req_event; u64 nested_run; + u64 nested_run_gmet; u64 directed_yield_attempted; u64 directed_yield_successful; u64 preemption_reported; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 430e4f4ef55b..705bfb98ebfc 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4424,7 +4424,7 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_= vcpu *vcpu, u64 run_flags) /* Track VMRUNs that have made past consistency checking */ if (svm->nested.nested_run_pending && !svm_is_vmrun_failure(svm->vmcb->control.exit_code)) - ++vcpu->stat.nested_run; + ++vcpu->stat.nested_run, vcpu->stat.nested_run_gme= t +=3D !!(svm->vmcb->control.nested_ctl & SVM_NESTED_CTL_GMET_ENABLE); =20 svm->nested.nested_run_pending =3D 0; } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 65892dc6f478..262cf8a69bb8 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7749,7 +7749,7 @@ fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, u64 ru= n_flags) */ if (vmx->nested.nested_run_pending && !vmx_get_exit_reason(vcpu).failed_vmentry) - ++vcpu->stat.nested_run; + ++vcpu->stat.nested_run, vcpu->stat.nested_run_gme= t +=3D !!nested_cpu_has2(get_vmcs12(vcpu), SECONDARY_EXEC_MODE_BASED_EPT_EX= EC); =20 vmx->nested.nested_run_pending =3D 0; } diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index fd1c4a36b593..09e4b53f34f8 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -299,6 +299,7 @@ const struct kvm_stats_desc kvm_vcpu_stats_desc[] =3D { STATS_DESC_COUNTER(VCPU, nmi_injections), STATS_DESC_COUNTER(VCPU, req_event), STATS_DESC_COUNTER(VCPU, nested_run), + STATS_DESC_COUNTER(VCPU, nested_run_gmet), STATS_DESC_COUNTER(VCPU, directed_yield_attempted), STATS_DESC_COUNTER(VCPU, directed_yield_successful), STATS_DESC_COUNTER(VCPU, preemption_reported), --=20 2.53.0