Re: [PATCH] KVM: nVMX: fix AD condition when handling EPT violation
From: Paolo Bonzini
Date: Fri Apr 14 2017 - 01:10:57 EST
On 14/04/2017 00:39, Radim KrÄmÃÅ wrote:
> I have introduced this bug when applying and simplifying Paolo's patch
> as we agreed on the list. The original was "x &= ~y; if (z) x |= y;".
>
> Here is the story of a bad workflow:
>
> A maintainer was already testing with the intended change, but it was
> applied only to a testing repo on a different machine. When the time
> to push tested patches to kvm/next came, he realized that this change
> was missing and quickly added it to the maintenance repo, didn't test
> again (because the change is trivial, right), and pushed the world to
> fire.
>
> Fixes: ae1e2d1082ae ("kvm: nVMX: support EPT accessed/dirty bits")
> Signed-off-by: Radim KrÄmÃÅ <rkrcmar@xxxxxxxxxx>
> ---
> arch/x86/kvm/vmx.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index cfdb0d9389d1..837f6dd1ae9c 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -6221,7 +6221,7 @@ static int handle_ept_violation(struct kvm_vcpu *vcpu)
> * page table accesses are reads or writes.
> */
> u64 eptp = nested_ept_get_cr3(vcpu);
> - if (eptp & VMX_EPT_AD_ENABLE_BIT)
> + if (!(eptp & VMX_EPT_AD_ENABLE_BIT))
> exit_qualification &= ~EPT_VIOLATION_ACC_WRITE;
> }
>
>
I have done this as well, so you're forgiven. :)
More important: did kvm-unit-test catch the bug?
Paolo