KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload()

yanzhao56 · sean-jc · commit 20a6cff3b283 · 2025-04-28T11:06:13.000-07:00
Check request KVM_REQ_MMU_FREE_OBSOLETE_ROOTS to free obsolete roots in kvm_mmu_reload() to prevent kvm_mmu_reload() from seeing a stale obsolete root. Since kvm_mmu_reload() can be called outside the vcpu_enter_guest() path (e.g., kvm_arch_vcpu_pre_fault_memory()), it may be invoked after a root has been marked obsolete and before vcpu_enter_guest() is invoked to process KVM_REQ_MMU_FREE_OBSOLETE_ROOTS and set root.hpa to invalid. This causes kvm_mmu_reload() to fail to load a new root, which can lead to kvm_arch_vcpu_pre_fault_memory() being stuck in the while loop in kvm_tdp_map_page() since RET_PF_RETRY is always returned due to is_page_fault_stale(). Keep the existing check of KVM_REQ_MMU_FREE_OBSOLETE_ROOTS in vcpu_enter_guest() since the cost of kvm_check_request() is negligible, especially a check that's guarded by kvm_request_pending(). Export symbol of kvm_mmu_free_obsolete_roots() as kvm_mmu_reload() is inline and may be called outside of kvm.ko. Fixes: 6e01b76 ("KVM: x86: Implement kvm_arch_vcpu_pre_fault_memory()") Suggested-by: Sean Christopherson <seanjc@google.com> Signed-off-by: Yan Zhao <yan.y.zhao@intel.com> Link: https://lore.kernel.org/r/20250318013333.5817-1-yan.y.zhao@intel.com Signed-off-by: Sean Christopherson <seanjc@google.com>
diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h
@@ -104,6 +104,9 @@ void kvm_mmu_track_write(struct kvm_vcpu *vcpu, gpa_t gpa, const u8 *new,
 
 static inline int kvm_mmu_reload(struct kvm_vcpu *vcpu)
 {
+	if (kvm_check_request(KVM_REQ_MMU_FREE_OBSOLETE_ROOTS, vcpu))
+		kvm_mmu_free_obsolete_roots(vcpu);
+
 	/*
 	 * Checking root.hpa is sufficient even when KVM has mirror root.
 	 * We can have either:
diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
@@ -5974,6 +5974,7 @@ void kvm_mmu_free_obsolete_roots(struct kvm_vcpu *vcpu)
 	__kvm_mmu_free_obsolete_roots(vcpu->kvm, &vcpu->arch.root_mmu);
 	__kvm_mmu_free_obsolete_roots(vcpu->kvm, &vcpu->arch.guest_mmu);
 }
+EXPORT_SYMBOL_GPL(kvm_mmu_free_obsolete_roots);
 
 static u64 mmu_pte_write_fetch_gpte(struct kvm_vcpu *vcpu, gpa_t *gpa,
 				    int *bytes)

Original file line number	Diff line number	Diff line change
`@@ -104,6 +104,9 @@ void kvm_mmu_track_write(struct kvm_vcpu vcpu, gpa_t gpa, const u8 new,`
`104`	`104`
`105`	`105`	`static inline int kvm_mmu_reload(struct kvm_vcpu *vcpu)`
`106`	`106`	`{`
	`107`	`+ if (kvm_check_request(KVM_REQ_MMU_FREE_OBSOLETE_ROOTS, vcpu))`
	`108`	`+ kvm_mmu_free_obsolete_roots(vcpu);`
	`109`	`+`
`107`	`110`	`/*`
`108`	`111`	`* Checking root.hpa is sufficient even when KVM has mirror root.`
`109`	`112`	`* We can have either:`
Original file line number	Diff line number	Diff line change
`@@ -5974,6 +5974,7 @@ void kvm_mmu_free_obsolete_roots(struct kvm_vcpu *vcpu)`
`5974`	`5974`	`__kvm_mmu_free_obsolete_roots(vcpu->kvm, &vcpu->arch.root_mmu);`
`5975`	`5975`	`__kvm_mmu_free_obsolete_roots(vcpu->kvm, &vcpu->arch.guest_mmu);`
`5976`	`5976`	`}`
	`5977`	`+EXPORT_SYMBOL_GPL(kvm_mmu_free_obsolete_roots);`
`5977`	`5978`
`5978`	`5979`	`static u64 mmu_pte_write_fetch_gpte(struct kvm_vcpu vcpu, gpa_t gpa,`
`5979`	`5980`	`int *bytes)`