xen/5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch

# Commit 71bb7304e7a7a35ea6df4b0cedebc35028e4c159
# Date 2015-06-30 15:00:54 +0100
# Author Liang Li <liang.z.li@intel.com>
# Committer Ian Campbell <ian.campbell@citrix.com>
nested EPT: fix the handling of nested EPT

If the host EPT entry is changed, the nested EPT should be updated.
the current code does not do this, and it's wrong.
I have tested this patch, the L2 guest can boot and run as normal.

Signed-off-by: Liang Li <liang.z.li@intel.com>
Signed-off-by: Yang Zhang <yang.z.zhang@intel.com>
Reported-by: Tim Deegan <tim@xen.org>
Reviewed-by: Tim Deegan <tim@xen.org>

--- a/xen/arch/x86/mm/p2m-ept.c
+++ b/xen/arch/x86/mm/p2m-ept.c
@@ -26,6 +26,7 @@
 #include <asm/p2m.h>
 #include <asm/hvm/vmx/vmx.h>
 #include <asm/hvm/vmx/vmcs.h>
+#include <asm/hvm/nestedhvm.h>
 #include <xen/iommu.h>
 #include <asm/mtrr.h>
 #include <asm/hvm/cacheattr.h>
@@ -1040,6 +1041,9 @@ void ept_sync_domain(struct p2m_domain *
 
     ASSERT(local_irq_is_enabled());
 
+    if ( nestedhvm_enabled(d) && !p2m_is_nestedp2m(p2m) )
+        p2m_flush_nestedp2m(d);
+
     /*
      * Flush active cpus synchronously. Flush others the next time this domain
      * is scheduled onto them. We accept the race of other CPUs adding to
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -1713,6 +1713,12 @@ p2m_flush_table(struct p2m_domain *p2m)
     ASSERT(page_list_empty(&p2m->pod.super));
     ASSERT(page_list_empty(&p2m->pod.single));
 
+    if ( p2m->np2m_base == P2M_BASE_EADDR )
+    {
+        p2m_unlock(p2m);
+        return;
+    }
+
     /* This is no longer a valid nested p2m for any address space */
     p2m->np2m_base = P2M_BASE_EADDR;
- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line config handling stack overflow CVE-2015-3259-xsa137.patch - Upstream patches from Jan 558bfaa0-x86-traps-avoid-using-current-too-early.patch 5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch 559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch 559bdde5-pull-in-latest-linux-earlycpio.patch - Upstream patches from Jan pending review 552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch 552d0fe8-x86-mtrr-include-asm-atomic.h.patch 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 554c7aee-x86-provide-arch_fetch_and_add.patch 554c7b00-arm-provide-arch_fetch_and_add.patch 55534b0a-x86-provide-add_sized.patch 55534b25-arm-provide-add_sized.patch 5555a4f8-use-ticket-locks-for-spin-locks.patch 5555a5b9-x86-arm-remove-asm-spinlock-h.patch 5555a8ec-introduce-non-contiguous-allocation.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 557eb55f-gnttab-per-active-entry-locking.patch 557eb5b6-gnttab-introduce-maptrack-lock.patch 557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch 557ffab8-evtchn-factor-out-freeing-an-event-channel.patch 5582bf43-evtchn-simplify-port_is_valid.patch 5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=369 2015-07-10 17:21:29 +02:00			`# Commit 71bb7304e7a7a35ea6df4b0cedebc35028e4c159`
			`# Date 2015-06-30 15:00:54 +0100`
			`# Author Liang Li <liang.z.li@intel.com>`
			`# Committer Ian Campbell <ian.campbell@citrix.com>`
			`nested EPT: fix the handling of nested EPT`

			`If the host EPT entry is changed, the nested EPT should be updated.`
			`the current code does not do this, and it's wrong.`
			`I have tested this patch, the L2 guest can boot and run as normal.`

			`Signed-off-by: Liang Li <liang.z.li@intel.com>`
			`Signed-off-by: Yang Zhang <yang.z.zhang@intel.com>`
			`Reported-by: Tim Deegan <tim@xen.org>`
			`Reviewed-by: Tim Deegan <tim@xen.org>`

			`--- a/xen/arch/x86/mm/p2m-ept.c`
			`+++ b/xen/arch/x86/mm/p2m-ept.c`
			`@@ -26,6 +26,7 @@`
			`#include <asm/p2m.h>`
			`#include <asm/hvm/vmx/vmx.h>`
			`#include <asm/hvm/vmx/vmcs.h>`
			`+#include <asm/hvm/nestedhvm.h>`
			`#include <xen/iommu.h>`
			`#include <asm/mtrr.h>`
			`#include <asm/hvm/cacheattr.h>`
			`@@ -1040,6 +1041,9 @@ void ept_sync_domain(struct p2m_domain *`

			`ASSERT(local_irq_is_enabled());`

			`+ if ( nestedhvm_enabled(d) && !p2m_is_nestedp2m(p2m) )`
			`+ p2m_flush_nestedp2m(d);`
			`+`
			`/*`
			`* Flush active cpus synchronously. Flush others the next time this domain`
			`* is scheduled onto them. We accept the race of other CPUs adding to`
			`--- a/xen/arch/x86/mm/p2m.c`
			`+++ b/xen/arch/x86/mm/p2m.c`
			`@@ -1713,6 +1713,12 @@ p2m_flush_table(struct p2m_domain *p2m)`
			`ASSERT(page_list_empty(&p2m->pod.super));`
			`ASSERT(page_list_empty(&p2m->pod.single));`

			`+ if ( p2m->np2m_base == P2M_BASE_EADDR )`
			`+ {`
			`+ p2m_unlock(p2m);`
			`+ return;`
			`+ }`
			`+`
			`/* This is no longer a valid nested p2m for any address space */`
			`p2m->np2m_base = P2M_BASE_EADDR;`