KVM: x86: avoid write-tearing of TDP
In theory, nothing prevents the compiler from write-tearing PTEs, or split PTE writes. These partially-modified PTEs can be fetched by other cores and cause mayhem. I have not really encountered such case in real-life, but it does seem possible. For example, the compiler may try to do something creative for kvm_set_pte_rmapp() and perform multiple writes to the PTE. Signed-off-by: Nadav Amit <nadav.amit@gmail.com> Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
This commit is contained in:
parent
13e98fd1ef
commit
b19ee2ff3b
|
@ -336,12 +336,12 @@ static gfn_t pse36_gfn_delta(u32 gpte)
|
||||||
#ifdef CONFIG_X86_64
|
#ifdef CONFIG_X86_64
|
||||||
static void __set_spte(u64 *sptep, u64 spte)
|
static void __set_spte(u64 *sptep, u64 spte)
|
||||||
{
|
{
|
||||||
*sptep = spte;
|
WRITE_ONCE(*sptep, spte);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void __update_clear_spte_fast(u64 *sptep, u64 spte)
|
static void __update_clear_spte_fast(u64 *sptep, u64 spte)
|
||||||
{
|
{
|
||||||
*sptep = spte;
|
WRITE_ONCE(*sptep, spte);
|
||||||
}
|
}
|
||||||
|
|
||||||
static u64 __update_clear_spte_slow(u64 *sptep, u64 spte)
|
static u64 __update_clear_spte_slow(u64 *sptep, u64 spte)
|
||||||
|
@ -390,7 +390,7 @@ static void __set_spte(u64 *sptep, u64 spte)
|
||||||
*/
|
*/
|
||||||
smp_wmb();
|
smp_wmb();
|
||||||
|
|
||||||
ssptep->spte_low = sspte.spte_low;
|
WRITE_ONCE(ssptep->spte_low, sspte.spte_low);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void __update_clear_spte_fast(u64 *sptep, u64 spte)
|
static void __update_clear_spte_fast(u64 *sptep, u64 spte)
|
||||||
|
@ -400,7 +400,7 @@ static void __update_clear_spte_fast(u64 *sptep, u64 spte)
|
||||||
ssptep = (union split_spte *)sptep;
|
ssptep = (union split_spte *)sptep;
|
||||||
sspte = (union split_spte)spte;
|
sspte = (union split_spte)spte;
|
||||||
|
|
||||||
ssptep->spte_low = sspte.spte_low;
|
WRITE_ONCE(ssptep->spte_low, sspte.spte_low);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If we map the spte from present to nonpresent, we should clear
|
* If we map the spte from present to nonpresent, we should clear
|
||||||
|
|
Loading…
Reference in New Issue