Commit 715f1079 authored by Sean Christopherson's avatar Sean Christopherson Committed by Paolo Bonzini
Browse files

KVM: x86/mmu: Use low available bits for removed SPTEs 



Use low "available" bits to tag REMOVED SPTEs.  Using a high bit is
moderately costly as it often causes the compiler to generate a 64-bit
immediate.  More importantly, this makes it very clear REMOVED_SPTE is
a value, not a flag.

Cc: Ben Gardon <bgardon@google.com>
Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
Message-Id: <20210225204749.1512652-24-seanjc@google.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 7a51393a

arch/x86/kvm/mmu/spte.c

+10 −1
Original line number Diff line number Diff line
@@ -277,7 +277,16 @@ void kvm_mmu_set_mmio_spte_mask(u64 mmio_value, u64 mmio_mask, u64 access_mask) 
				  SHADOW_NONPRESENT_OR_RSVD_MASK_LEN)))

		mmio_value = 0;



	WARN_ON((mmio_value & mmio_mask) != mmio_value);

	/*

	 * The masked MMIO value must obviously match itself and a removed SPTE

	 * must not get a false positive.  Removed SPTEs and MMIO SPTEs should

	 * never collide as MMIO must set some RWX bits, and removed SPTEs must

	 * not set any RWX bits.

	 */

	if (WARN_ON((mmio_value & mmio_mask) != mmio_value) ||

	    WARN_ON(mmio_value && (REMOVED_SPTE & mmio_mask) == mmio_value))

		mmio_value = 0;



	shadow_mmio_value = mmio_value;

	shadow_mmio_mask  = mmio_mask;

	shadow_mmio_access_mask = access_mask;

arch/x86/kvm/mmu/spte.h

+7 −4
Original line number Diff line number Diff line
@@ -176,13 +176,16 @@ extern u64 __read_mostly shadow_nonpresent_or_rsvd_mask; 
 * non-present intermediate value. Other threads which encounter this value

 * should not modify the SPTE.

 *

 * This constant works because it is considered non-present on both AMD and

 * Intel CPUs and does not create a L1TF vulnerability because the pfn section

 * is zeroed out.

 * Use a semi-arbitrary value that doesn't set RWX bits, i.e. is not-present on

 * bot AMD and Intel CPUs, and doesn't set PFN bits, i.e. doesn't create a L1TF

 * vulnerability.  Use only low bits to avoid 64-bit immediates.

 *

 * Only used by the TDP MMU.

 */

#define REMOVED_SPTE (1ull << 59)

#define REMOVED_SPTE	0x5a0ULL



/* Removed SPTEs must not be misconstrued as shadow present PTEs. */

static_assert(!(REMOVED_SPTE & SPTE_MMU_PRESENT_MASK));



static inline bool is_removed_spte(u64 spte)

{