RISCV: KVM: fix bug in migration

euleros inclusion category: feature feature: initial KVM RISC-V support bugzilla: 46845 CVE: NA When mapping the HVA to HPA above, it doesn't know that the PTE writeable of stage2 is "!memslot_is_readonly(slot)". This may causes the difference between the writability of HVA->HPA and GPA->HPA. Reference: https://gitee.com/openeuler/kernel/issues/I26X9VSigned-off-by: N Mingwang Li <limingwang@huawei.com> Reviewed-by: N Yifei Jiang <jiangyifei@huawei.com> Acked-by: N Xie XiuQi <xiexiuqi@huawei.com> Signed-off-by: N Chen Jun <chenjun102@huawei.com>

RISCV: KVM: fix bug in migration
euleros inclusion category: feature feature: initial KVM RISC-V support bugzilla: 46845 CVE: NA When mapping the HVA to HPA above, it doesn't know that the PTE writeable of stage2 is "!memslot_is_readonly(slot)". This may causes the difference between the writability of HVA->HPA and GPA->HPA. Reference: https://gitee.com/openeuler/kernel/issues/I26X9VSigned-off-by: N Mingwang Li <limingwang@huawei.com> Reviewed-by: N Yifei Jiang <jiangyifei@huawei.com> Acked-by: N Xie XiuQi <xiexiuqi@huawei.com> Signed-off-by: N Chen Jun <chenjun102@huawei.com>
bb420cf9 · Mingwang Li · Xie XiuQi · 8d9fb94d · bb420cf9 · bb420cf9
隐藏空白更改
内联并排

Showing with 5 addition and 6 deletion

arch/riscv/include/asm/kvm_host.h arch/riscv/include/asm/kvm_host.h +1 -2

arch/riscv/kvm/mmu.c arch/riscv/kvm/mmu.c +3 -3

arch/riscv/kvm/vcpu_exit.c arch/riscv/kvm/vcpu_exit.c +1 -1

未找到文件。
--- a/arch/riscv/include/asm/kvm_host.h
+++ b/arch/riscv/include/asm/kvm_host.h
@@ -232,8 +232,7 @@ void __kvm_riscv_hfence_gvma_all(void);
 int kvm_riscv_stage2_map(struct kvm_vcpu *vcpu,
 			 struct kvm_memory_slot *memslot,
-			 gpa_t gpa, unsigned long hva,
+			 gpa_t gpa, unsigned long hva, bool is_write);
-			 bool writeable, bool is_write);
 void kvm_riscv_stage2_flush_cache(struct kvm_vcpu *vcpu);
 int kvm_riscv_stage2_alloc_pgd(struct kvm *kvm);
 void kvm_riscv_stage2_free_pgd(struct kvm *kvm);

--- a/arch/riscv/kvm/mmu.c
+++ b/arch/riscv/kvm/mmu.c
@@ -689,11 +689,11 @@ int kvm_test_age_hva(struct kvm *kvm, unsigned long hva)
 int kvm_riscv_stage2_map(struct kvm_vcpu *vcpu,
 			 struct kvm_memory_slot *memslot,
-			 gpa_t gpa, unsigned long hva,
+			 gpa_t gpa, unsigned long hva, bool is_write)
-			 bool writeable, bool is_write)
 {
 	int ret;
 	kvm_pfn_t hfn;
+	bool writeable;
 	short vma_pageshift;
 	gfn_t gfn = gpa >> PAGE_SHIFT;
 	struct vm_area_struct *vma;
@@ -742,7 +742,7 @@ int kvm_riscv_stage2_map(struct kvm_vcpu *vcpu,
 	mmu_seq = kvm->mmu_notifier_seq;
-	hfn = gfn_to_pfn_prot(kvm, gfn, is_write, NULL);
+	hfn = gfn_to_pfn_prot(kvm, gfn, is_write, &writeable);
 	if (hfn == KVM_PFN_ERR_HWPOISON) {
 		send_sig_mceerr(BUS_MCEERR_AR, (void __user *)hva,
 				vma_pageshift, current);

--- a/arch/riscv/kvm/vcpu_exit.c
+++ b/arch/riscv/kvm/vcpu_exit.c
@@ -445,7 +445,7 @@ static int stage2_page_fault(struct kvm_vcpu *vcpu, struct kvm_run *run,
 		};
 	}
-	ret = kvm_riscv_stage2_map(vcpu, memslot, fault_addr, hva, writeable,
+	ret = kvm_riscv_stage2_map(vcpu, memslot, fault_addr, hva,
 		(trap->scause == EXC_STORE_GUEST_PAGE_FAULT) ? true : false);
 	if (ret < 0)
 		return ret;