return 0;
}
+static bool is_executable_pte(u64 spte)
+{
+ return (spte & (shadow_x_mask | shadow_nx_mask)) == shadow_x_mask;
+}
+
static kvm_pfn_t spte_to_pfn(u64 pte)
{
return (pte & PT64_BASE_ADDR_MASK) >> PAGE_SHIFT;
return spte;
}
+/* Restore an acc-track PTE back to a regular PTE */
+static u64 restore_acc_track_spte(u64 spte)
+{
+ u64 new_spte = spte;
+ u64 saved_bits = (spte >> shadow_acc_track_saved_bits_shift)
+ & shadow_acc_track_saved_bits_mask;
+
+ WARN_ON_ONCE(!is_access_track_spte(spte));
+
+ new_spte &= ~shadow_acc_track_mask;
+ new_spte &= ~(shadow_acc_track_saved_bits_mask <<
+ shadow_acc_track_saved_bits_shift);
+ new_spte |= saved_bits;
+
+ return new_spte;
+}
+
/* Returns the Accessed status of the PTE and resets it at the same time. */
static bool mmu_spte_age(u64 *sptep)
{
*/
static bool
fast_pf_fix_direct_spte(struct kvm_vcpu *vcpu, struct kvm_mmu_page *sp,
- u64 *sptep, u64 old_spte,
- bool remove_write_prot, bool remove_acc_track)
+ u64 *sptep, u64 old_spte, u64 new_spte)
{
gfn_t gfn;
- u64 new_spte = old_spte;
WARN_ON(!sp->role.direct);
- if (remove_acc_track) {
- u64 saved_bits = (old_spte >> shadow_acc_track_saved_bits_shift)
- & shadow_acc_track_saved_bits_mask;
-
- new_spte &= ~shadow_acc_track_mask;
- new_spte &= ~(shadow_acc_track_saved_bits_mask <<
- shadow_acc_track_saved_bits_shift);
- new_spte |= saved_bits;
- }
-
- if (remove_write_prot)
- new_spte |= PT_WRITABLE_MASK;
-
/*
* Theoretically we could also set dirty bit (and flush TLB) here in
* order to eliminate unnecessary PML logging. See comments in
if (cmpxchg64(sptep, old_spte, new_spte) != old_spte)
return false;
- if (remove_write_prot) {
+ if (is_writable_pte(new_spte) && !is_writable_pte(old_spte)) {
/*
* The gfn of direct spte is stable since it is
* calculated by sp->gfn.
return true;
}
+static bool is_access_allowed(u32 fault_err_code, u64 spte)
+{
+ if (fault_err_code & PFERR_FETCH_MASK)
+ return is_executable_pte(spte);
+
+ if (fault_err_code & PFERR_WRITE_MASK)
+ return is_writable_pte(spte);
+
+ /* Fault was on Read access */
+ return spte & PT_PRESENT_MASK;
+}
+
/*
* Return value:
* - true: let the vcpu to access on the same address again.
walk_shadow_page_lockless_begin(vcpu);
do {
- bool remove_write_prot = false;
- bool remove_acc_track;
+ u64 new_spte;
for_each_shadow_entry_lockless(vcpu, gva, iterator, spte)
if (!is_shadow_present_pte(spte) ||
* Need not check the access of upper level table entries since
* they are always ACC_ALL.
*/
+ if (is_access_allowed(error_code, spte)) {
+ fault_handled = true;
+ break;
+ }
- if (error_code & PFERR_FETCH_MASK) {
- if ((spte & (shadow_x_mask | shadow_nx_mask))
- == shadow_x_mask) {
- fault_handled = true;
- break;
- }
- } else if (error_code & PFERR_WRITE_MASK) {
- if (is_writable_pte(spte)) {
- fault_handled = true;
- break;
- }
+ new_spte = spte;
+
+ if (is_access_track_spte(spte))
+ new_spte = restore_acc_track_spte(new_spte);
+
+ /*
+ * Currently, to simplify the code, write-protection can
+ * be removed in the fast path only if the SPTE was
+ * write-protected for dirty-logging or access tracking.
+ */
+ if ((error_code & PFERR_WRITE_MASK) &&
+ spte_can_locklessly_be_made_writable(spte))
+ {
+ new_spte |= PT_WRITABLE_MASK;
/*
- * Currently, to simplify the code, write-protection can
- * be removed in the fast path only if the SPTE was
- * write-protected for dirty-logging.
+ * Do not fix write-permission on the large spte. Since
+ * we only dirty the first page into the dirty-bitmap in
+ * fast_pf_fix_direct_spte(), other pages are missed
+ * if its slot has dirty logging enabled.
+ *
+ * Instead, we let the slow page fault path create a
+ * normal spte to fix the access.
+ *
+ * See the comments in kvm_arch_commit_memory_region().
*/
- remove_write_prot =
- spte_can_locklessly_be_made_writable(spte);
- } else {
- /* Fault was on Read access */
- if (spte & PT_PRESENT_MASK) {
- fault_handled = true;
+ if (sp->role.level > PT_PAGE_TABLE_LEVEL)
break;
- }
}
- remove_acc_track = is_access_track_spte(spte);
-
/* Verify that the fault can be handled in the fast path */
- if (!remove_acc_track && !remove_write_prot)
- break;
-
- /*
- * Do not fix write-permission on the large spte since we only
- * dirty the first page into the dirty-bitmap in
- * fast_pf_fix_direct_spte() that means other pages are missed
- * if its slot is dirty-logged.
- *
- * Instead, we let the slow page fault path create a normal spte
- * to fix the access.
- *
- * See the comments in kvm_arch_commit_memory_region().
- */
- if (sp->role.level > PT_PAGE_TABLE_LEVEL && remove_write_prot)
+ if (new_spte == spte ||
+ !is_access_allowed(error_code, new_spte))
break;
/*
*/
fault_handled = fast_pf_fix_direct_spte(vcpu, sp,
iterator.sptep, spte,
- remove_write_prot,
- remove_acc_track);
+ new_spte);
if (fault_handled)
break;