[PATCH 0/2] KVM: do not assume PTE is writable after follow_pfn

From: Paolo Bonzini
Date: Fri Feb 05 2021 - 05:46:31 EST

Next message: Namhyung Kim: "Re: [PATCH V3 1/5] perf/core: Add PERF_SAMPLE_WEIGHT_STRUCT"
Previous message: Michelle Goodman: "From Michelle"
Next in thread: Paolo Bonzini: "[PATCH 1/2] mm: provide a sane PTE walking API for modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This series is the first step towards fixing KVM's usage of follow_pfn.
The immediate fix here is that KVM is not checking the writability of
the PFN, which actually dates back to way before the introduction of
follow_pfn in commit add6a0cd1c5b ("KVM: MMU: try to fix up page faults
before giving up", 2016-07-05). There are more changes needed to
invalidate gfn-to-pfn caches from MMU notifiers, but this issue will
be tackled later.

A more fundamental issue however is that the follow_pfn function is
basically impossible to use correctly. Almost all users for example
are assuming that the page is writable; KVM was not alone in this
mistake. follow_pte, despite not being exported for modules, is a
far saner API. Therefore, patch 1 simplifies follow_pte a bit and
makes it available to modules.

Please review and possibly ack for inclusion in the KVM tree,
thanks!

Paolo

Paolo Bonzini (2):
mm: provide a sane PTE walking API for modules
KVM: do not assume PTE is writable after follow_pfn

arch/s390/pci/pci_mmio.c | 2 +-
fs/dax.c | 5 +++--
include/linux/mm.h | 6 ++++--
mm/memory.c | 35 ++++++++++++++++++++++++++++++-----
virt/kvm/kvm_main.c | 15 ++++++++++++---
5 files changed, 50 insertions(+), 13 deletions(-)

--
2.26.2

Next message: Namhyung Kim: "Re: [PATCH V3 1/5] perf/core: Add PERF_SAMPLE_WEIGHT_STRUCT"
Previous message: Michelle Goodman: "From Michelle"
Next in thread: Paolo Bonzini: "[PATCH 1/2] mm: provide a sane PTE walking API for modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]