From: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Date: Tue, 12 Jul 2011 03:25:19 +0800
Subject: KVM: MMU: cleanup for FNAME(fetch)
Git-commit: b36c7a7c10bf845b623ce187501b561d1d843a18
Patch-mainline: v3.1-rc1
References: CVE-2021-38198 bsc#1189262

gw->pte_access is the final access permission, since it is unified with
gw->pt_access when we walked guest page table:

FNAME(walk_addr_generic):
	pte_access = pt_access & FNAME(gpte_access)(vcpu, pte, true);

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Acked-by: Joerg Roedel <jroedel@suse.de>
---
 arch/x86/kvm/paging_tmpl.h |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- a/arch/x86/kvm/paging_tmpl.h
+++ b/arch/x86/kvm/paging_tmpl.h
@@ -480,7 +480,7 @@ static u64 *FNAME(fetch)(struct kvm_vcpu
 	if (!is_present_gpte(gw->ptes[gw->level - 1]))
 		return NULL;
 
-	direct_access = gw->pt_access & gw->pte_access;
+	direct_access = gw->pte_access;
 	if (!dirty)
 		direct_access &= ~ACC_WRITE_MASK;
 
@@ -540,7 +540,7 @@ static u64 *FNAME(fetch)(struct kvm_vcpu
 		link_shadow_page(it.sptep, sp);
 	}
 
-	mmu_set_spte(vcpu, it.sptep, access, gw->pte_access & access,
+	mmu_set_spte(vcpu, it.sptep, access, gw->pte_access,
 		     user_fault, write_fault, dirty, ptwrite, it.level,
 		     gw->gfn, pfn, prefault, map_writable);
 	FNAME(pte_prefetch)(vcpu, gw, it.sptep);
