KVM: x86/mmu: Plug an unsync shadow page leak

[PATCH 0/2] KVM: x86/mmu: Plug an unsync shadow page leak

Sean Christopherson posted 2 patches 2 days, 10 hours ago

Download series mbox

arch/x86/include/asm/kvm_host.h |  1 +
arch/x86/kvm/mmu/mmu.c          | 16 ++++++++--------
arch/x86/kvm/mmu/mmutrace.h     |  2 +-
arch/x86/kvm/x86.c              |  1 +
4 files changed, 11 insertions(+), 9 deletions(-)

Expand all Fold all

[PATCH 0/2] KVM: x86/mmu: Plug an unsync shadow page leak

Posted by Sean Christopherson 2 days, 10 hours ago

Recursively zap orphaned nested TDP shadow pages on emulated writes, not just
when the parent is being fully zapped, to plug an unsync shadow page leak if
the L1 hypervisor zaps bottom-up instead of top-down, as KVM's TDP MMU has
done since commit 8ca983631f3c ("KVM: x86/mmu: Zap invalidated TDP MMU roots
at 4KiB granularity").

Gory details in patch 1.  Patch 2 adds a stat that, very thankfully, we more
or less have in our internal kernels, and without which, diagnosing the bug
would have been much more difficult.

Sean Christopherson (2):
  KVM: x86/mmu: Recursively zap orphaned nested TDP shadow pages on
    emulated writes
  KVM: x86/mmu: Expose number of shadow MMU shadow pages as a stat

 arch/x86/include/asm/kvm_host.h |  1 +
 arch/x86/kvm/mmu/mmu.c          | 16 ++++++++--------
 arch/x86/kvm/mmu/mmutrace.h     |  2 +-
 arch/x86/kvm/x86.c              |  1 +
 4 files changed, 11 insertions(+), 9 deletions(-)


base-commit: d4bfaa66fa171089b9b9fb2dc17af9245f2b9b34
-- 
2.54.0.1032.g2f8565e1d1-goog