On 10/10/19 00:42, speck for Ben Hutchings wrote: > > I've started trying to backport the NX patches to stable branches, and > I think I can take them back as far as 4.9. > > However, kvm_mmu_zap_all() is a relatively new addition and looks hard > to backport. I intend to make the nx_huge_pages parameter read-only > (0444 permissions) and delete this "if (new_val != old_val)" block. > Does that seem reasonable? Just replace it with kvm_mmu_invalidate_zap_all_pages (which will be in v6, because we have since brought it back from the dead). You also have to backport commit 833b45de69a6 ("kvm: x86, powerpc: do not allow clearing largepages debugfs entry", 2019-09-30) and make the new statistic 0444 as well. This is the only other change in v6 for now. This is the list of prerequisites I had prepared, it should go back to 4.3 or so: 17e4bce0ae63c7e03f3c7fa8d80890e7af3d4971 kvm: x86: mmu: fix ubsan index-out-of-range warning cd1872f028556dc0e8424e58413c0268c159383b kvm: x86: mmu: Make force_pt_level bool 5ed5c5c8fdbab889837c9223fc6f4bdaa830879c kvm: x86: mmu: Simplify force_pt_level calculation code in FNAME(page_fault)() fd136902187838bcae3a572f41cb703553dd63b8 kvm: x86: mmu: Move mapping_level_dirty_bitmap() call in mapping_level() d8aacf5df86a961923a2c9c547d341d64a9d9f5d kvm: x86: mmu: Remove mapping_level_dirty_bitmap() 5225fdf8c8bea4418f69875804584c89a27c170e kvm: x86: mmu: Eliminate an extra memory slot search in mapping_level() 018aabb56d6109c8f12397c24e59f67c58870ac1 kvm: x86: mmu: Encapsulate the type of rmap-chain head in a new struct ded5874946baa15b56b531f638f9c706266deb7b kvm: x86: mmu: Consolidate quickly_check_mmio_pf() and is_mmio_page_fault() 450869d6dbb72b370774fd4ee14c4f275bb08f98 kvm: x86: merge handle_mmio_page_fault and handle_mmio_page_fault_common e9ee956e311d3d0a1506995b98e8de0b30773e1a kvm: x86: mmu: Move handle_mmio_page_fault() call to kvm_mmu_page_fault() 92f94f1e9e509caa564353c516c904278999e350 kvm: mmu: rename has_wrprotected_page to mmu_gfn_lpage_is_disallowed 547ffaed871af7db8713972eaf630802cac47cb1 kvm: mmu: introduce kvm_mmu_gfn_{allow, disallow}_lpage 029499b477389f7d6486c8c759a8498bcfecf322 kvm: x86: mmu: Make mmu_set_spte() return emulate value 4700579241d2d587765a58dddd1b2a89902767c0 kvm: x86: mmu: Move initialization of parent_ptes out from kvm_mmu_alloc_page() 0e3d0648bd903ff6cda7499f9349a2ce612bccb4 kvm: x86: mmu: always set accessed bit in shadow PTEs 98bba238429e200521594ed30dd1edad7faa0081 kvm: x86: mmu: Move parent_pte handling from kvm_mmu_get_page() to link_shadow_page() bb11c6c96544737aede6a2eb92e5c6bc8b46534b kvm: x86: mmu: Remove unused parameter parent_pte from kvm_mmu_get_page() e08d26f0712532c79b5ba6200862eaf2036f8df6 kvm: x86: simplify ept_misconfig 9b8ebbdb74b5ad76b9dfd8b101af17839174b126 kvm: x86: extend usage of RET_MMIO_PF_* constants 42522d08cdba6d8be4247e4f0770f39f4708b71f KVM: MMU: drop vcpu param in gpte_access 0d9ce162cf46c99628cc5da9510b959c7976735b kvm: Convert kvm_lock to a mutex 7ee0e5b29d275ac299cdf8ef67e60bf1648c8c6a KVM: x86: MMU: Remove unused parameter of __direct_map() 43fdcda96e2550c6d1c46fb8a78801aa2f7276ed kvm: mmu: Do not release the page inside mmu_set_spte() 9de2b2120668d2874570b14105e49235097b70c2 KVM: x86: make FNAME(fetch) and __direct_map more similar d679b32611c0102ce33b9e1a4e4b94854ed1812a KVM: x86: remove now unneeded hugepage gfn adjustment 1e823556fd3af3635e174f570d0b85b4e72b2b1c KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON bf9af89c4146978000eba9b0a1eb43540d893223 KVM: x86: add tracepoints around __direct_map and FNAME(fetch) 833b45de69a6016c4b0cebe6765d526a31a81580 kvm: x86, powerpc: do not allow clearing largepages debugfs entry None of the backports should be particularly tricky. Thanks, Paolo