Commit ecf78583 authored Sep 13, 2023 by Binbin Wu Committed by Zhiquan Li Feb 29, 2024

KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's legality

mainline inclusion
from mainline-v6.8-rc1
commit 2c49db455ee27c72a680c9e4fad1c12433902ee3
category: feature
bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I94GWL
CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2c49db455ee27c72a680c9e4fad1c12433902ee3



--------------------------------

Add and use kvm_vcpu_is_legal_cr3() to check CR3's legality to provide
a clear distinction between CR3 and GPA checks.  This will allow exempting
bits from kvm_vcpu_is_legal_cr3() without affecting general GPA checks,
e.g. for upcoming features that will use high bits in CR3 for feature
enabling.

No functional change intended.

Intel-SIG: commit 2c49db455ee2 KVM: x86: Add & use
kvm_vcpu_is_legal_cr3() to check CR3's legality
Backport KVM Linear Address Masking (LAM) support.

Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
Tested-by: Xuelian Guo <xuelian.guo@intel.com>
Link: https://lore.kernel.org/r/20230913124227.12574-7-binbin.wu@linux.intel.com


Signed-off-by: Sean Christopherson <seanjc@google.com>
[ Zhiquan Li: amend commit log ]
Signed-off-by: Zhiquan Li <zhiquan1.li@intel.com>

parent 2b073994

arch/x86/kvm/cpuid.h

+5 −0

Original line number	Diff line number	Diff line
		@@ -278,4 +278,9 @@ static __always_inline bool guest_can_use(struct kvm_vcpu *vcpu,
		vcpu->arch.governed_features.enabled);
		}

		static inline bool kvm_vcpu_is_legal_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
		{
		return kvm_vcpu_is_legal_gpa(vcpu, cr3);
		}

		#endif

arch/x86/kvm/svm/nested.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -311,7 +311,7 @@ static bool __nested_vmcb_check_save(struct kvm_vcpu *vcpu,
		if ((save->efer & EFER_LME) && (save->cr0 & X86_CR0_PG)) {
		if (CC(!(save->cr4 & X86_CR4_PAE)) \|\|
		CC(!(save->cr0 & X86_CR0_PE)) \|\|
		CC(kvm_vcpu_is_illegal_gpa(vcpu, save->cr3)))
		CC(!kvm_vcpu_is_legal_cr3(vcpu, save->cr3)))
		return false;
		}

		@@ -520,7 +520,7 @@ static void nested_svm_transition_tlb_flush(struct kvm_vcpu *vcpu)
		static int nested_svm_load_cr3(struct kvm_vcpu *vcpu, unsigned long cr3,
		bool nested_npt, bool reload_pdptrs)
		{
		if (CC(kvm_vcpu_is_illegal_gpa(vcpu, cr3)))
		if (CC(!kvm_vcpu_is_legal_cr3(vcpu, cr3)))
		return -EINVAL;

		if (reload_pdptrs && !nested_npt && is_pae_paging(vcpu) &&

arch/x86/kvm/vmx/nested.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -1085,7 +1085,7 @@ static int nested_vmx_load_cr3(struct kvm_vcpu *vcpu, unsigned long cr3,
		bool nested_ept, bool reload_pdptrs,
		enum vm_entry_failure_code *entry_failure_code)
		{
		if (CC(kvm_vcpu_is_illegal_gpa(vcpu, cr3))) {
		if (CC(!kvm_vcpu_is_legal_cr3(vcpu, cr3))) {
		*entry_failure_code = ENTRY_FAIL_DEFAULT;
		return -EINVAL;
		}
		@@ -2912,7 +2912,7 @@ static int nested_vmx_check_host_state(struct kvm_vcpu *vcpu,

		if (CC(!nested_host_cr0_valid(vcpu, vmcs12->host_cr0)) \|\|
		CC(!nested_host_cr4_valid(vcpu, vmcs12->host_cr4)) \|\|
		CC(kvm_vcpu_is_illegal_gpa(vcpu, vmcs12->host_cr3)))
		CC(!kvm_vcpu_is_legal_cr3(vcpu, vmcs12->host_cr3)))
		return -EINVAL;

		if (CC(is_noncanonical_address(vmcs12->host_ia32_sysenter_esp, vcpu)) \|\|

arch/x86/kvm/x86.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -1331,7 +1331,7 @@ int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
		* stuff CR3, e.g. for RSM emulation, and there is no guarantee that
		* the current vCPU mode is accurate.
		*/
		if (kvm_vcpu_is_illegal_gpa(vcpu, cr3))
		if (!kvm_vcpu_is_legal_cr3(vcpu, cr3))
		return 1;

		if (is_pae_paging(vcpu) && !load_pdptrs(vcpu, cr3))
		@@ -11561,7 +11561,7 @@ static bool kvm_is_valid_sregs(struct kvm_vcpu vcpu, struct kvm_sregs sregs)
		*/
		if (!(sregs->cr4 & X86_CR4_PAE) \|\| !(sregs->efer & EFER_LMA))
		return false;
		if (kvm_vcpu_is_illegal_gpa(vcpu, sregs->cr3))
		if (!kvm_vcpu_is_legal_cr3(vcpu, sregs->cr3))
		return false;
		} else {
		/*