KVM: x86/mmu: Properly dereference rcu-protected TDP MMU sptep iterator
authorSean Christopherson <seanjc@google.com>
Wed, 3 Nov 2021 16:18:33 +0000 (09:18 -0700)
committerPaolo Bonzini <pbonzini@redhat.com>
Thu, 11 Nov 2021 15:56:20 +0000 (10:56 -0500)
Wrap the read of iter->sptep in tdp_mmu_map_handle_target_level() with
rcu_dereference().  Shadow pages in the TDP MMU, and thus their SPTEs,
are protected by rcu.

This fixes a Sparse warning at tdp_mmu.c:900:51:
  warning: incorrect type in argument 1 (different address spaces)
  expected unsigned long long [usertype] *sptep
  got unsigned long long [noderef] [usertype] __rcu *[usertype] sptep

Fixes: 7158bee4b475 ("KVM: MMU: pass kvm_mmu_page struct to make_spte")
Cc: Ben Gardon <bgardon@google.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20211103161833.3769487-1-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
arch/x86/kvm/mmu/tdp_mmu.c

index 7c5dd83e52dec9d2cf0d36a2a0b895e69795f5c0..a54c3491af42c9fba8a894619ee7bd5c7f3f4628 100644 (file)
@@ -897,7 +897,7 @@ static int tdp_mmu_map_handle_target_level(struct kvm_vcpu *vcpu,
                                          struct kvm_page_fault *fault,
                                          struct tdp_iter *iter)
 {
-       struct kvm_mmu_page *sp = sptep_to_sp(iter->sptep);
+       struct kvm_mmu_page *sp = sptep_to_sp(rcu_dereference(iter->sptep));
        u64 new_spte;
        int ret = RET_PF_FIXED;
        bool wrprot = false;