x86, hvm: Flush local TLB after any change to linear pagetable mapping.

This was not needed when vmenter/vmexit always had the side effect of
flushing host TLBs.

But, with SVM ASIDs, it is possible to:
 (1) Update CR3 update,
 (2) vmenter the guest, and
 (3) and vmexit due to a page fault
all without an intervening host TLB flush.

Then the page fault code could use the linear pagetable
to read a top-level shadow page table entry.

But, without this change, it would fetch the wrong value
due to a stale TLB.

Signed-off-by: Robert Phillips <rphillips@virtualiron.com>
Signed-off-by: Ben Guthro <bguthro@virtualiron.com>

diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c
index fe59647bb41e1aacb83727f2f2b06015bdc0e1a4..5996ed351c2b1f90247ed072a498a0115dc6c0ed 100644 (file)
--- a/xen/arch/x86/mm/shadow/multi.c
+++ b/xen/arch/x86/mm/shadow/multi.c
@@ -3399,6 +3399,21 @@ sh_update_linear_entries(struct vcpu *v)
 #else
 #error this should not happen
 #endif
+
+    if ( shadow_mode_external(d) )
+    {
+        /*
+         * Having modified the linear pagetable mapping, flush local host TLBs.
+         * This was not needed when vmenter/vmexit always had the side effect
+         * of flushing host TLBs but, with ASIDs, it is possible to finish 
+         * this CR3 update, vmenter the guest, vmexit due to a page fault, 
+         * without an intervening host TLB flush. Then the page fault code 
+         * could use the linear pagetable to read a top-level shadow page 
+         * table entry. But, without this change, it would fetch the wrong 
+         * value due to a stale TLB.
+         */
+        flush_tlb_local();
+    }
 }