2010-08-30 18:24:10 +08:00
/*
* mmu_audit . c :
*
* Audit code for KVM MMU
*
* Copyright ( C ) 2006 Qumranet , Inc .
* Copyright 2010 Red Hat , Inc . and / or its affilates .
*
* Authors :
* Yaniv Kamay < yaniv @ qumranet . com >
* Avi Kivity < avi @ qumranet . com >
* Marcelo Tosatti < mtosatti @ redhat . com >
* Xiao Guangrong < xiaoguangrong @ cn . fujitsu . com >
*
* This work is licensed under the terms of the GNU GPL , version 2. See
* the COPYING file in the top - level directory .
*
*/
2010-08-30 18:26:33 +08:00
# include <linux/ratelimit.h>
2010-08-30 18:24:10 +08:00
static const char * audit_msg ;
2010-08-30 18:25:51 +08:00
typedef void ( * inspect_spte_fn ) ( struct kvm_vcpu * vcpu , u64 * sptep , int level ) ;
2010-08-30 18:24:10 +08:00
2010-08-30 18:25:51 +08:00
static void __mmu_spte_walk ( struct kvm_vcpu * vcpu , struct kvm_mmu_page * sp ,
inspect_spte_fn fn , int level )
2010-08-30 18:24:10 +08:00
{
int i ;
for ( i = 0 ; i < PT64_ENT_PER_PAGE ; + + i ) {
2010-08-30 18:25:51 +08:00
u64 * ent = sp - > spt ;
fn ( vcpu , ent + i , level ) ;
if ( is_shadow_present_pte ( ent [ i ] ) & &
! is_last_spte ( ent [ i ] , level ) ) {
struct kvm_mmu_page * child ;
child = page_header ( ent [ i ] & PT64_BASE_ADDR_MASK ) ;
__mmu_spte_walk ( vcpu , child , fn , level - 1 ) ;
2010-08-30 18:24:10 +08:00
}
}
}
static void mmu_spte_walk ( struct kvm_vcpu * vcpu , inspect_spte_fn fn )
{
int i ;
struct kvm_mmu_page * sp ;
if ( ! VALID_PAGE ( vcpu - > arch . mmu . root_hpa ) )
return ;
2010-08-30 18:25:51 +08:00
2010-09-27 18:06:16 +08:00
if ( vcpu - > arch . mmu . root_level = = PT64_ROOT_LEVEL ) {
2010-08-30 18:24:10 +08:00
hpa_t root = vcpu - > arch . mmu . root_hpa ;
2010-08-30 18:25:51 +08:00
2010-08-30 18:24:10 +08:00
sp = page_header ( root ) ;
2010-08-30 18:25:51 +08:00
__mmu_spte_walk ( vcpu , sp , fn , PT64_ROOT_LEVEL ) ;
2010-08-30 18:24:10 +08:00
return ;
}
2010-08-30 18:25:51 +08:00
2010-08-30 18:24:10 +08:00
for ( i = 0 ; i < 4 ; + + i ) {
hpa_t root = vcpu - > arch . mmu . pae_root [ i ] ;
if ( root & & VALID_PAGE ( root ) ) {
root & = PT64_BASE_ADDR_MASK ;
sp = page_header ( root ) ;
2010-08-30 18:25:51 +08:00
__mmu_spte_walk ( vcpu , sp , fn , 2 ) ;
2010-08-30 18:24:10 +08:00
}
}
2010-08-30 18:25:51 +08:00
2010-08-30 18:24:10 +08:00
return ;
}
2010-08-30 18:25:03 +08:00
typedef void ( * sp_handler ) ( struct kvm * kvm , struct kvm_mmu_page * sp ) ;
static void walk_all_active_sps ( struct kvm * kvm , sp_handler fn )
{
struct kvm_mmu_page * sp ;
list_for_each_entry ( sp , & kvm - > arch . active_mmu_pages , link )
fn ( kvm , sp ) ;
}
2010-08-30 18:25:51 +08:00
static void audit_mappings ( struct kvm_vcpu * vcpu , u64 * sptep , int level )
2010-08-30 18:24:10 +08:00
{
2010-08-30 18:25:51 +08:00
struct kvm_mmu_page * sp ;
gfn_t gfn ;
pfn_t pfn ;
hpa_t hpa ;
2010-08-30 18:24:10 +08:00
2010-08-30 18:25:51 +08:00
sp = page_header ( __pa ( sptep ) ) ;
if ( sp - > unsync ) {
if ( level ! = PT_PAGE_TABLE_LEVEL ) {
printk ( KERN_ERR " audit: (%s) error: unsync sp: %p level = %d \n " ,
audit_msg , sp , level ) ;
2010-08-30 18:24:10 +08:00
return ;
}
2010-08-30 18:25:51 +08:00
if ( * sptep = = shadow_notrap_nonpresent_pte ) {
printk ( KERN_ERR " audit: (%s) error: notrap spte in unsync sp: %p \n " ,
audit_msg , sp ) ;
2010-08-30 18:24:10 +08:00
return ;
2010-08-30 18:25:51 +08:00
}
}
2010-08-30 18:24:10 +08:00
2010-08-30 18:25:51 +08:00
if ( sp - > role . direct & & * sptep = = shadow_notrap_nonpresent_pte ) {
printk ( KERN_ERR " audit: (%s) error: notrap spte in direct sp: %p \n " ,
audit_msg , sp ) ;
return ;
}
2010-08-30 18:24:10 +08:00
2010-08-30 18:25:51 +08:00
if ( ! is_shadow_present_pte ( * sptep ) | | ! is_last_spte ( * sptep , level ) )
return ;
2010-08-30 18:24:10 +08:00
2010-08-30 18:25:51 +08:00
gfn = kvm_mmu_page_get_gfn ( sp , sptep - sp - > spt ) ;
pfn = gfn_to_pfn_atomic ( vcpu - > kvm , gfn ) ;
2010-08-30 18:24:10 +08:00
2010-08-30 18:25:51 +08:00
if ( is_error_pfn ( pfn ) ) {
kvm_release_pfn_clean ( pfn ) ;
return ;
2010-08-30 18:24:10 +08:00
}
2010-08-30 18:25:51 +08:00
hpa = pfn < < PAGE_SHIFT ;
if ( ( * sptep & PT64_BASE_ADDR_MASK ) ! = hpa )
printk ( KERN_ERR " xx audit error: (%s) levels %d "
" pfn %llx hpa %llx ent %llxn " ,
audit_msg , vcpu - > arch . mmu . root_level ,
pfn , hpa , * sptep ) ;
2010-08-30 18:24:10 +08:00
}
2010-08-30 18:25:51 +08:00
static void inspect_spte_has_rmap ( struct kvm * kvm , u64 * sptep )
2010-08-30 18:24:10 +08:00
{
unsigned long * rmapp ;
struct kvm_mmu_page * rev_sp ;
gfn_t gfn ;
rev_sp = page_header ( __pa ( sptep ) ) ;
gfn = kvm_mmu_page_get_gfn ( rev_sp , sptep - rev_sp - > spt ) ;
if ( ! gfn_to_memslot ( kvm , gfn ) ) {
if ( ! printk_ratelimit ( ) )
return ;
printk ( KERN_ERR " %s: no memslot for gfn %llx \n " ,
audit_msg , gfn ) ;
printk ( KERN_ERR " %s: index %ld of sp (gfn=%llx) \n " ,
audit_msg , ( long int ) ( sptep - rev_sp - > spt ) ,
rev_sp - > gfn ) ;
dump_stack ( ) ;
return ;
}
rmapp = gfn_to_rmap ( kvm , gfn , rev_sp - > role . level ) ;
if ( ! * rmapp ) {
if ( ! printk_ratelimit ( ) )
return ;
printk ( KERN_ERR " %s: no rmap for writable spte %llx \n " ,
audit_msg , * sptep ) ;
dump_stack ( ) ;
}
}
2010-08-30 18:25:51 +08:00
static void audit_sptes_have_rmaps ( struct kvm_vcpu * vcpu , u64 * sptep , int level )
2010-08-30 18:24:10 +08:00
{
2010-08-30 18:25:51 +08:00
if ( is_shadow_present_pte ( * sptep ) & & is_last_spte ( * sptep , level ) )
inspect_spte_has_rmap ( vcpu - > kvm , sptep ) ;
2010-08-30 18:24:10 +08:00
}
2010-08-30 18:25:03 +08:00
static void check_mappings_rmap ( struct kvm * kvm , struct kvm_mmu_page * sp )
2010-08-30 18:24:10 +08:00
{
int i ;
2010-08-30 18:25:03 +08:00
if ( sp - > role . level ! = PT_PAGE_TABLE_LEVEL )
return ;
2010-08-30 18:24:10 +08:00
2010-08-30 18:25:03 +08:00
for ( i = 0 ; i < PT64_ENT_PER_PAGE ; + + i ) {
if ( ! is_rmap_spte ( sp - > spt [ i ] ) )
2010-08-30 18:24:10 +08:00
continue ;
2010-08-30 18:25:03 +08:00
inspect_spte_has_rmap ( kvm , sp - > spt + i ) ;
2010-08-30 18:24:10 +08:00
}
}
2010-08-30 18:25:03 +08:00
void audit_write_protection ( struct kvm * kvm , struct kvm_mmu_page * sp )
2010-08-30 18:24:10 +08:00
{
struct kvm_memory_slot * slot ;
unsigned long * rmapp ;
u64 * spte ;
2010-08-30 18:25:03 +08:00
if ( sp - > role . direct | | sp - > unsync | | sp - > role . invalid )
return ;
2010-08-30 18:24:10 +08:00
2010-08-30 18:25:03 +08:00
slot = gfn_to_memslot ( kvm , sp - > gfn ) ;
rmapp = & slot - > rmap [ sp - > gfn - slot - > base_gfn ] ;
2010-08-30 18:24:10 +08:00
2010-08-30 18:25:03 +08:00
spte = rmap_next ( kvm , rmapp , NULL ) ;
while ( spte ) {
if ( is_writable_pte ( * spte ) )
printk ( KERN_ERR " %s: (%s) shadow page has "
2010-08-30 18:24:10 +08:00
" writable mappings: gfn %llx role %x \n " ,
__func__ , audit_msg , sp - > gfn ,
sp - > role . word ) ;
2010-08-30 18:25:03 +08:00
spte = rmap_next ( kvm , rmapp , spte ) ;
2010-08-30 18:24:10 +08:00
}
}
2010-08-30 18:25:03 +08:00
static void audit_sp ( struct kvm * kvm , struct kvm_mmu_page * sp )
{
check_mappings_rmap ( kvm , sp ) ;
audit_write_protection ( kvm , sp ) ;
}
static void audit_all_active_sps ( struct kvm * kvm )
{
walk_all_active_sps ( kvm , audit_sp ) ;
}
2010-08-30 18:25:51 +08:00
static void audit_spte ( struct kvm_vcpu * vcpu , u64 * sptep , int level )
{
audit_sptes_have_rmaps ( vcpu , sptep , level ) ;
audit_mappings ( vcpu , sptep , level ) ;
}
static void audit_vcpu_spte ( struct kvm_vcpu * vcpu )
{
mmu_spte_walk ( vcpu , audit_spte ) ;
}
2010-08-30 18:24:10 +08:00
static void kvm_mmu_audit ( void * ignore , struct kvm_vcpu * vcpu , int audit_point )
{
2010-08-30 18:26:33 +08:00
static DEFINE_RATELIMIT_STATE ( ratelimit_state , 5 * HZ , 10 ) ;
if ( ! __ratelimit ( & ratelimit_state ) )
return ;
2010-08-30 18:24:10 +08:00
audit_msg = audit_point_name [ audit_point ] ;
2010-08-30 18:25:03 +08:00
audit_all_active_sps ( vcpu - > kvm ) ;
2010-08-30 18:25:51 +08:00
audit_vcpu_spte ( vcpu ) ;
2010-08-30 18:24:10 +08:00
}
static bool mmu_audit ;
static void mmu_audit_enable ( void )
{
int ret ;
if ( mmu_audit )
return ;
ret = register_trace_kvm_mmu_audit ( kvm_mmu_audit , NULL ) ;
WARN_ON ( ret ) ;
mmu_audit = true ;
}
static void mmu_audit_disable ( void )
{
if ( ! mmu_audit )
return ;
unregister_trace_kvm_mmu_audit ( kvm_mmu_audit , NULL ) ;
tracepoint_synchronize_unregister ( ) ;
mmu_audit = false ;
}
static int mmu_audit_set ( const char * val , const struct kernel_param * kp )
{
int ret ;
unsigned long enable ;
ret = strict_strtoul ( val , 10 , & enable ) ;
if ( ret < 0 )
return - EINVAL ;
switch ( enable ) {
case 0 :
mmu_audit_disable ( ) ;
break ;
case 1 :
mmu_audit_enable ( ) ;
break ;
default :
return - EINVAL ;
}
return 0 ;
}
static struct kernel_param_ops audit_param_ops = {
. set = mmu_audit_set ,
. get = param_get_bool ,
} ;
module_param_cb ( mmu_audit , & audit_param_ops , & mmu_audit , 0644 ) ;