1. 30 11月, 2021 14 次提交
    • P
      KVM: SEV: Do COPY_ENC_CONTEXT_FROM with both VMs locked · bf42b02b
      Paolo Bonzini 提交于
      Now that we have a facility to lock two VMs with deadlock
      protection, use it for the creation of mirror VMs as well.  One of
      COPY_ENC_CONTEXT_FROM(dst, src) and COPY_ENC_CONTEXT_FROM(src, dst)
      would always fail, so the combination is nonsensical and it is okay to
      return -EBUSY if it is attempted.
      
      This sidesteps the question of what happens if a VM is
      MOVE_ENC_CONTEXT_FROM'd at the same time as it is
      COPY_ENC_CONTEXT_FROM'd: the locking prevents that from
      happening.
      
      Cc: Peter Gonda <pgonda@google.com>
      Cc: Sean Christopherson <seanjc@google.com>
      Reviewed-by: NSean Christopherson <seanjc@google.com>
      Message-Id: <20211123005036.2954379-10-pbonzini@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      bf42b02b
    • P
      selftests: sev_migrate_tests: add tests for KVM_CAP_VM_COPY_ENC_CONTEXT_FROM · dc79c9f4
      Paolo Bonzini 提交于
      I am putting the tests in sev_migrate_tests because the failure conditions are
      very similar and some of the setup code can be reused, too.
      
      The tests cover both successful creation of a mirror VM, and error
      conditions.
      
      Cc: Peter Gonda <pgonda@google.com>
      Cc: Sean Christopherson <seanjc@google.com>
      Message-Id: <20211123005036.2954379-9-pbonzini@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      dc79c9f4
    • P
      KVM: SEV: move mirror status to destination of KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM · 642525e3
      Paolo Bonzini 提交于
      Allow intra-host migration of a mirror VM; the destination VM will be
      a mirror of the same ASID as the source.
      
      Fixes: b5663931 ("KVM: SEV: Add support for SEV intra host migration")
      Reviewed-by: NSean Christopherson <seanjc@google.com>
      Message-Id: <20211123005036.2954379-8-pbonzini@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      642525e3
    • P
      KVM: SEV: initialize regions_list of a mirror VM · 2b347a38
      Paolo Bonzini 提交于
      This was broken before the introduction of KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM,
      but technically harmless because the region list was unused for a mirror
      VM.  However, it is untidy and it now causes a NULL pointer access when
      attempting to move the encryption context of a mirror VM.
      
      Fixes: 54526d1f ("KVM: x86: Support KVM VMs sharing SEV context")
      Message-Id: <20211123005036.2954379-7-pbonzini@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      2b347a38
    • P
      KVM: SEV: cleanup locking for KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM · 501b580c
      Paolo Bonzini 提交于
      Encapsulate the handling of the migration_in_progress flag for both VMs in
      two functions sev_lock_two_vms and sev_unlock_two_vms.  It does not matter
      if KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM locks the destination struct kvm a bit
      later, and this change 1) keeps the cleanup chain of labels smaller 2)
      makes it possible for KVM_CAP_VM_COPY_ENC_CONTEXT_FROM to reuse the logic.
      
      Cc: Peter Gonda <pgonda@google.com>
      Cc: Sean Christopherson <seanjc@google.com>
      Message-Id: <20211123005036.2954379-6-pbonzini@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      501b580c
    • P
      KVM: SEV: do not use list_replace_init on an empty list · 4674164f
      Paolo Bonzini 提交于
      list_replace_init cannot be used if the source is an empty list,
      because "new->next->prev = new" will overwrite "old->next":
      
      				new				old
      				prev = new, next = new		prev = old, next = old
      new->next = old->next		prev = new, next = old		prev = old, next = old
      new->next->prev = new		prev = new, next = old		prev = old, next = new
      new->prev = old->prev		prev = old, next = old		prev = old, next = old
      new->next->prev = new		prev = old, next = old		prev = new, next = new
      
      The desired outcome instead would be to leave both old and new the same
      as they were (two empty circular lists).  Use list_cut_before, which
      already has the necessary check and is documented to discard the
      previous contents of the list that will hold the result.
      
      Fixes: b5663931 ("KVM: SEV: Add support for SEV intra host migration")
      Reviewed-by: NSean Christopherson <seanjc@google.com>
      Message-Id: <20211123005036.2954379-5-pbonzini@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      4674164f
    • P
      KVM: x86: Use a stable condition around all VT-d PI paths · 53b7ca1a
      Paolo Bonzini 提交于
      Currently, checks for whether VT-d PI can be used refer to the current
      status of the feature in the current vCPU; or they more or less pick
      vCPU 0 in case a specific vCPU is not available.
      
      However, these checks do not attempt to synchronize with changes to
      the IRTE.  In particular, there is no path that updates the IRTE when
      APICv is re-activated on vCPU 0; and there is no path to wakeup a CPU
      that has APICv disabled, if the wakeup occurs because of an IRTE
      that points to a posted interrupt.
      
      To fix this, always go through the VT-d PI path as long as there are
      assigned devices and APICv is available on both the host and the VM side.
      Since the relevant condition was copied over three times, take the hint
      and factor it into a separate function.
      Suggested-by: NSean Christopherson <seanjc@google.com>
      Cc: stable@vger.kernel.org
      Reviewed-by: NSean Christopherson <seanjc@google.com>
      Reviewed-by: NMaxim Levitsky <mlevitsk@redhat.com>
      Reviewed-by: NDavid Matlack <dmatlack@google.com>
      Message-Id: <20211123004311.2954158-5-pbonzini@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      53b7ca1a
    • P
      KVM: x86: check PIR even for vCPUs with disabled APICv · 37c4dbf3
      Paolo Bonzini 提交于
      The IRTE for an assigned device can trigger a POSTED_INTR_VECTOR even
      if APICv is disabled on the vCPU that receives it.  In that case, the
      interrupt will just cause a vmexit and leave the ON bit set together
      with the PIR bit corresponding to the interrupt.
      
      Right now, the interrupt would not be delivered until APICv is re-enabled.
      However, fixing this is just a matter of always doing the PIR->IRR
      synchronization, even if the vCPU has temporarily disabled APICv.
      
      This is not a problem for performance, or if anything it is an
      improvement.  First, in the common case where vcpu->arch.apicv_active is
      true, one fewer check has to be performed.  Second, static_call_cond will
      elide the function call if APICv is not present or disabled.  Finally,
      in the case for AMD hardware we can remove the sync_pir_to_irr callback:
      it is only needed for apic_has_interrupt_for_ppr, and that function
      already has a fallback for !APICv.
      
      Cc: stable@vger.kernel.org
      Co-developed-by: NSean Christopherson <seanjc@google.com>
      Signed-off-by: NSean Christopherson <seanjc@google.com>
      Reviewed-by: NMaxim Levitsky <mlevitsk@redhat.com>
      Reviewed-by: NDavid Matlack <dmatlack@google.com>
      Message-Id: <20211123004311.2954158-4-pbonzini@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      37c4dbf3
    • P
      KVM: VMX: prepare sync_pir_to_irr for running with APICv disabled · 7e1901f6
      Paolo Bonzini 提交于
      If APICv is disabled for this vCPU, assigned devices may still attempt to
      post interrupts.  In that case, we need to cancel the vmentry and deliver
      the interrupt with KVM_REQ_EVENT.  Extend the existing code that handles
      injection of L1 interrupts into L2 to cover this case as well.
      
      vmx_hwapic_irr_update is only called when APICv is active so it would be
      confusing to add a check for vcpu->arch.apicv_active in there.  Instead,
      just use vmx_set_rvi directly in vmx_sync_pir_to_irr.
      
      Cc: stable@vger.kernel.org
      Reviewed-by: NMaxim Levitsky <mlevitsk@redhat.com>
      Reviewed-by: NDavid Matlack <dmatlack@google.com>
      Reviewed-by: NSean Christopherson <seanjc@google.com>
      Message-Id: <20211123004311.2954158-3-pbonzini@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      7e1901f6
    • M
      KVM: selftests: page_table_test: fix calculation of guest_test_phys_mem · 81835ee1
      Maciej S. Szmigiero 提交于
      A kvm_page_table_test run with its default settings fails on VMX due to
      memory region add failure:
      > ==== Test Assertion Failure ====
      >  lib/kvm_util.c:952: ret == 0
      >  pid=10538 tid=10538 errno=17 - File exists
      >     1  0x00000000004057d1: vm_userspace_mem_region_add at kvm_util.c:947
      >     2  0x0000000000401ee9: pre_init_before_test at kvm_page_table_test.c:302
      >     3   (inlined by) run_test at kvm_page_table_test.c:374
      >     4  0x0000000000409754: for_each_guest_mode at guest_modes.c:53
      >     5  0x0000000000401860: main at kvm_page_table_test.c:500
      >     6  0x00007f82ae2d8554: ?? ??:0
      >     7  0x0000000000401894: _start at ??:?
      >  KVM_SET_USER_MEMORY_REGION IOCTL failed,
      >  rc: -1 errno: 17
      >  slot: 1 flags: 0x0
      >  guest_phys_addr: 0xc0000000 size: 0x40000000
      
      This is because the memory range that this test is trying to add
      (0x0c0000000 - 0x100000000) conflicts with LAPIC mapping at 0x0fee00000.
      
      Looking at the code it seems that guest_test_*phys*_mem variable gets
      mistakenly overwritten with guest_test_*virt*_mem while trying to adjust
      the former for alignment.
      With the correct variable adjusted this test runs successfully.
      Signed-off-by: NMaciej S. Szmigiero <maciej.szmigiero@oracle.com>
      Message-Id: <52e487458c3172923549bbcf9dfccfbe6faea60b.1637940473.git.maciej.szmigiero@oracle.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      81835ee1
    • S
      KVM: x86/mmu: Handle "default" period when selectively waking kthread · f47491d7
      Sean Christopherson 提交于
      Account for the '0' being a default, "let KVM choose" period, when
      determining whether or not the recovery worker needs to be awakened in
      response to userspace reducing the period.  Failure to do so results in
      the worker not being awakened properly, e.g. when changing the period
      from '0' to any small-ish value.
      
      Fixes: 4dfe4f40 ("kvm: x86: mmu: Make NX huge page recovery period configurable")
      Cc: stable@vger.kernel.org
      Cc: Junaid Shahid <junaids@google.com>
      Signed-off-by: NSean Christopherson <seanjc@google.com>
      Message-Id: <20211120015706.3830341-1-seanjc@google.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      f47491d7
    • P
      KVM: MMU: shadow nested paging does not have PKU · 28f091bc
      Paolo Bonzini 提交于
      Initialize the mask for PKU permissions as if CR4.PKE=0, avoiding
      incorrect interpretations of the nested hypervisor's page tables.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      28f091bc
    • S
      KVM: x86/mmu: Remove spurious TLB flushes in TDP MMU zap collapsible path · 4b85c921
      Sean Christopherson 提交于
      Drop the "flush" param and return values to/from the TDP MMU's helper for
      zapping collapsible SPTEs.  Because the helper runs with mmu_lock held
      for read, not write, it uses tdp_mmu_zap_spte_atomic(), and the atomic
      zap handles the necessary remote TLB flush.
      
      Similarly, because mmu_lock is dropped and re-acquired between zapping
      legacy MMUs and zapping TDP MMUs, kvm_mmu_zap_collapsible_sptes() must
      handle remote TLB flushes from the legacy MMU before calling into the TDP
      MMU.
      
      Fixes: e2209710 ("KVM: x86/mmu: Skip rmap operations if rmaps not allocated")
      Signed-off-by: NSean Christopherson <seanjc@google.com>
      Message-Id: <20211120045046.3940942-4-seanjc@google.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      4b85c921
    • S
      KVM: x86/mmu: Use yield-safe TDP MMU root iter in MMU notifier unmapping · 75333772
      Sean Christopherson 提交于
      Use the yield-safe variant of the TDP MMU iterator when handling an
      unmapping event from the MMU notifier, as most occurences of the event
      allow yielding.
      
      Fixes: e1eed584 ("KVM: x86/mmu: Allow yielding during MMU notifier unmap/zap, if possible")
      Cc: stable@vger.kernel.org
      Signed-off-by: NSean Christopherson <seanjc@google.com>
      Message-Id: <20211120015008.3780032-1-seanjc@google.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      75333772
  2. 26 11月, 2021 17 次提交
  3. 25 11月, 2021 1 次提交
  4. 24 11月, 2021 2 次提交
  5. 22 11月, 2021 6 次提交
    • A
      RISC-V: KVM: Fix incorrect KVM_MAX_VCPUS value · 74c2e97b
      Anup Patel 提交于
      The KVM_MAX_VCPUS value is supposed to be aligned with number of
      VMID bits in the hgatp CSR but the current KVM_MAX_VCPUS value
      is aligned with number of ASID bits in the satp CSR.
      
      Fixes: 99cdc6c1 ("RISC-V: Add initial skeletal KVM support")
      Signed-off-by: NAnup Patel <anup.patel@wdc.com>
      Reviewed-by: NAtish Patra <atishp@rivosinc.com>
      74c2e97b
    • S
      KVM: RISC-V: Unmap stage2 mapping when deleting/moving a memslot · 756e1fc1
      Sean Christopherson 提交于
      Unmap stage2 page tables when a memslot is being deleted or moved.  It's
      the architectures' responsibility to ensure existing mappings are removed
      when kvm_arch_flush_shadow_memslot() returns.
      
      Fixes: 9d05c1fe ("RISC-V: KVM: Implement stage2 page table programming")
      Signed-off-by: NSean Christopherson <seanjc@google.com>
      Signed-off-by: NAnup Patel <anup.patel@wdc.com>
      756e1fc1
    • L
      Linux 5.16-rc2 · 13605725
      Linus Torvalds 提交于
      13605725
    • L
      Merge tag 'x86-urgent-2021-11-21' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 40c93d7f
      Linus Torvalds 提交于
      Pull x86 fixes from Thomas Gleixner:
      
       - Move the command line preparation and the early command line parsing
         earlier so that the command line parameters which affect
         early_reserve_memory(), e.g. efi=nosftreserve, are taken into
         account. This was broken when the invocation of
         early_reserve_memory() was moved recently.
      
       - Use an atomic type for the SGX page accounting, which is read and
         written locklessly, to plug various race conditions related to it.
      
      * tag 'x86-urgent-2021-11-21' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/sgx: Fix free page accounting
        x86/boot: Pull up cmdline preparation and early param parsing
      40c93d7f
    • L
      Merge tag 'perf-urgent-2021-11-21' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · af16bdea
      Linus Torvalds 提交于
      Pull x86 perf fixes from Thomas Gleixner:
      
       - Remove unneded PEBS disabling when taking LBR snapshots to prevent an
         unchecked MSR access error.
      
       - Fix IIO event constraints for Snowridge and Skylake server chips.
      
      * tag 'perf-urgent-2021-11-21' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/perf: Fix snapshot_branch_stack warning in VM
        perf/x86/intel/uncore: Fix IIO event constraints for Snowridge
        perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
        perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server
      af16bdea
    • L
      Merge tag 'powerpc-5.16-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · 75603b14
      Linus Torvalds 提交于
      Pull more powerpc fixes from Michael Ellerman:
      
       - Fix a bug in copying of sigset_t for 32-bit systems, which caused X
         to not start.
      
       - Fix handling of shared LSIs (rare) with the xive interrupt controller
         (Power9/10).
      
       - Fix missing TOC setup in some KVM code, which could result in oopses
         depending on kernel data layout.
      
       - Fix DMA mapping when we have persistent memory and only one DMA
         window available.
      
       - Fix further problems with STRICT_KERNEL_RWX on 8xx, exposed by a
         recent fix.
      
       - A couple of other minor fixes.
      
      Thanks to Alexey Kardashevskiy, Aneesh Kumar K.V, Cédric Le Goater,
      Christian Zigotzky, Christophe Leroy, Daniel Axtens, Finn Thain, Greg
      Kurz, Masahiro Yamada, Nicholas Piggin, and Uwe Kleine-König.
      
      * tag 'powerpc-5.16-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/xive: Change IRQ domain to a tree domain
        powerpc/8xx: Fix pinned TLBs with CONFIG_STRICT_KERNEL_RWX
        powerpc/signal32: Fix sigset_t copy
        powerpc/book3e: Fix TLBCAM preset at boot
        powerpc/pseries/ddw: Do not try direct mapping with persistent memory and one window
        powerpc/pseries/ddw: simplify enable_ddw()
        powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for persistent memory"
        powerpc/pseries: Fix numa FORM2 parsing fallback code
        powerpc/pseries: rename numa_dist_table to form2_distances
        powerpc: clean vdso32 and vdso64 directories
        powerpc/83xx/mpc8349emitx: Drop unused variable
        KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr()
      75603b14