1. 19 9月, 2014 7 次提交
    • M
      KVM: ARM: vgic: plug irq injection race · 71afaba4
      Marc Zyngier 提交于
      As it stands, nothing prevents userspace from injecting an interrupt
      before the guest's GIC is actually initialized.
      
      This goes unnoticed so far (as everything is pretty much statically
      allocated), but ends up exploding in a spectacular way once we switch
      to a more dynamic allocation (the GIC data structure isn't there yet).
      
      The fix is to test for the "ready" flag in the VGIC distributor before
      trying to inject the interrupt. Note that in order to avoid breaking
      userspace, we have to ignore what is essentially an error.
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      Acked-by: NChristoffer Dall <christoffer.dall@linaro.org>
      71afaba4
    • C
      arm/arm64: KVM: vgic: Clarify and correct vgic documentation · 7e362919
      Christoffer Dall 提交于
      The VGIC virtual distributor implementation documentation was written a
      very long time ago, before the true nature of the beast had been
      partially absorbed into my bloodstream.  Clarify the docs.
      
      Plus, it fixes an actual bug.  ICFRn, pfff.
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      7e362919
    • C
      arm/arm64: KVM: vgic: Fix SGI writes to GICD_I{CS}PENDR0 · 9da48b55
      Christoffer Dall 提交于
      Writes to GICD_ISPENDR0 and GICD_ICPENDR0 ignore all settings of the
      pending state for SGIs.  Make sure the implementation handles this
      correctly.
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      9da48b55
    • C
      arm/arm64: KVM: vgic: Improve handling of GICD_I{CS}PENDRn · faa1b46c
      Christoffer Dall 提交于
      Writes to GICD_ISPENDRn and GICD_ICPENDRn are currently not handled
      correctly for level-triggered interrupts.  The spec states that for
      level-triggered interrupts, writes to the GICD_ISPENDRn activate the
      output of a flip-flop which is in turn or'ed with the actual input
      interrupt signal.  Correspondingly, writes to GICD_ICPENDRn simply
      deactivates the output of that flip-flop, but does not (of course) affect
      the external input signal.  Reads from GICC_IAR will also deactivate the
      flip-flop output.
      
      This requires us to track the state of the level-input separately from
      the state in the flip-flop.  We therefore introduce two new variables on
      the distributor struct to track these two states.  Astute readers may
      notice that this is introducing more state than required (because an OR
      of the two states gives you the pending state), but the remaining vgic
      code uses the pending bitmap for optimized operations to figure out, at
      the end of the day, if an interrupt is pending or not on the distributor
      side.  Refactoring the code to consider the two state variables all the
      places where we currently access the precomputed pending value, did not
      look pretty.
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      faa1b46c
    • C
      arm/arm64: KVM: vgic: Clear queued flags on unqueue · cced50c9
      Christoffer Dall 提交于
      If we unqueue a level-triggered interrupt completely, and the LR does
      not stick around in the active state (and will therefore no longer
      generate a maintenance interrupt), then we should clear the queued flag
      so that the vgic can actually queue this level-triggered interrupt at a
      later time and deal with its pending state then.
      
      Note: This should actually be properly fixed to handle the active state
      on the distributor.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      cced50c9
    • C
      arm/arm64: KVM: Rename irq_active to irq_queued · dbf20f9d
      Christoffer Dall 提交于
      We have a special bitmap on the distributor struct to keep track of when
      level-triggered interrupts are queued on the list registers.  This was
      named irq_active, which is confusing, because the active state of an
      interrupt as per the GIC spec is a different thing, not specifically
      related to edge-triggered/level-triggered configurations but rather
      indicates an interrupt which has been ack'ed but not yet eoi'ed.
      
      Rename the bitmap and the corresponding accessor functions to irq_queued
      to clarify what this is actually used for.
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      dbf20f9d
    • C
      arm/arm64: KVM: Rename irq_state to irq_pending · 227844f5
      Christoffer Dall 提交于
      The irq_state field on the distributor struct is ambiguous in its
      meaning; the comment says it's the level of the input put, but that
      doesn't make much sense for edge-triggered interrupts.  The code
      actually uses this state variable to check if the interrupt is in the
      pending state on the distributor so clarify the comment and rename the
      actual variable and accessor methods.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      227844f5
  2. 17 9月, 2014 1 次提交
  3. 28 8月, 2014 2 次提交
  4. 30 7月, 2014 1 次提交
    • W
      kvm: arm64: vgic: fix hyp panic with 64k pages on juno platform · 63afbe7a
      Will Deacon 提交于
      If the physical address of GICV isn't page-aligned, then we end up
      creating a stage-2 mapping of the page containing it, which causes us to
      map neighbouring memory locations directly into the guest.
      
      As an example, consider a platform with GICV at physical 0x2c02f000
      running a 64k-page host kernel. If qemu maps this into the guest at
      0x80010000, then guest physical addresses 0x80010000 - 0x8001efff will
      map host physical region 0x2c020000 - 0x2c02efff. Accesses to these
      physical regions may cause UNPREDICTABLE behaviour, for example, on the
      Juno platform this will cause an SError exception to EL3, which brings
      down the entire physical CPU resulting in RCU stalls / HYP panics / host
      crashing / wasted weeks of debugging.
      
      SBSA recommends that systems alias the 4k GICV across the bounding 64k
      region, in which case GICV physical could be described as 0x2c020000 in
      the above scenario.
      
      This patch fixes the problem by failing the vgic probe if the physical
      base address or the size of GICV aren't page-aligned. Note that this
      generated a warning in dmesg about freeing enabled IRQs, so I had to
      move the IRQ enabling later in the probe.
      
      Cc: Christoffer Dall <christoffer.dall@linaro.org>
      Cc: Marc Zyngier <marc.zyngier@arm.com>
      Cc: Gleb Natapov <gleb@kernel.org>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Joel Schopp <joel.schopp@amd.com>
      Cc: Don Dutile <ddutile@redhat.com>
      Acked-by: NPeter Maydell <peter.maydell@linaro.org>
      Acked-by: NJoel Schopp <joel.schopp@amd.com>
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      63afbe7a
  5. 11 7月, 2014 15 次提交
  6. 29 4月, 2014 1 次提交
  7. 28 4月, 2014 2 次提交
  8. 08 4月, 2014 1 次提交
  9. 14 2月, 2014 1 次提交
  10. 22 12月, 2013 9 次提交
    • C
      KVM: arm-vgic: Support CPU interface reg access · fa20f5ae
      Christoffer Dall 提交于
      Implement support for the CPU interface register access driven by MMIO
      address offsets from the CPU interface base address.  Useful for user
      space to support save/restore of the VGIC state.
      
      This commit adds support only for the same logic as the current VGIC
      support, and no more.  For example, the active priority registers are
      handled as RAZ/WI, just like setting priorities on the emulated
      distributor.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      fa20f5ae
    • C
      KVM: arm-vgic: Add GICD_SPENDSGIR and GICD_CPENDSGIR handlers · 90a5355e
      Christoffer Dall 提交于
      Handle MMIO accesses to the two registers which should support both the
      case where the VMs want to read/write either of these registers and the
      case where user space reads/writes these registers to do save/restore of
      the VGIC state.
      
      Note that the added complexity compared to simple set/clear enable
      registers stems from the bookkeping of source cpu ids.  It may be
      possible to change the underlying data structure to simplify the
      complexity, but since this is not in the critical path at all, this will
      do.
      
      Also note that reading this register from a live guest will not be
      accurate compared to on hardware, because some state may be living on
      the CPU LRs and the only way to give a consistent read would be to force
      stop all the VCPUs and request them to unqueu the LR state onto the
      distributor.  Until we have an actual user of live reading this
      register, we can live with the difference.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      90a5355e
    • C
      KVM: arm-vgic: Support unqueueing of LRs to the dist · cbd333a4
      Christoffer Dall 提交于
      To properly access the VGIC state from user space it is very unpractical
      to have to loop through all the LRs in all register access functions.
      Instead, support moving all pending state from LRs to the distributor,
      but leave active state LRs alone.
      
      Note that to accurately present the active and pending state to VCPUs
      reading these distributor registers from a live VM, we would have to
      stop all other VPUs than the calling VCPU and ask each CPU to unqueue
      their LR state onto the distributor and add fields to track active state
      on the distributor side as well.  We don't have any users of such
      functionality yet and there are other inaccuracies of the GIC emulation,
      so don't provide accurate synchronized access to this state just yet.
      However, when the time comes, having this function should help.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      cbd333a4
    • C
      KVM: arm-vgic: Add vgic reg access from dev attr · c07a0191
      Christoffer Dall 提交于
      Add infrastructure to handle distributor and cpu interface register
      accesses through the KVM_{GET/SET}_DEVICE_ATTR interface by adding the
      KVM_DEV_ARM_VGIC_GRP_DIST_REGS and KVM_DEV_ARM_VGIC_GRP_CPU_REGS groups
      and defining the semantics of the attr field to be the MMIO offset as
      specified in the GICv2 specs.
      
      Missing register accesses or other changes in individual register access
      functions to support save/restore of the VGIC state is added in
      subsequent patches.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      c07a0191
    • C
      KVM: arm-vgic: Make vgic mmio functions more generic · 1006e8cb
      Christoffer Dall 提交于
      Rename the vgic_ranges array to vgic_dist_ranges to be more specific and
      to prepare for handling CPU interface register access as well (for
      save/restore of VGIC state).
      
      Pass offset from distributor or interface MMIO base to
      find_matching_range function instead of the physical address of the
      access in the VM memory map.  This allows other callers unaware of the
      VM specifics, but with generic VGIC knowledge to reuse the function.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      1006e8cb
    • C
      KVM: arm-vgic: Set base addr through device API · ce01e4e8
      Christoffer Dall 提交于
      Support setting the distributor and cpu interface base addresses in the
      VM physical address space through the KVM_{SET,GET}_DEVICE_ATTR API
      in addition to the ARM specific API.
      
      This has the added benefit of being able to share more code in user
      space and do things in a uniform manner.
      
      Also deprecate the older API at the same time, but backwards
      compatibility will be maintained.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      ce01e4e8
    • C
      KVM: arm-vgic: Support KVM_CREATE_DEVICE for VGIC · 7330672b
      Christoffer Dall 提交于
      Support creating the ARM VGIC device through the KVM_CREATE_DEVICE
      ioctl, which can then later be leveraged to use the
      KVM_{GET/SET}_DEVICE_ATTR, which is useful both for setting addresses in
      a more generic API than the ARM-specific one and is useful for
      save/restore of VGIC state.
      
      Adds KVM_CAP_DEVICE_CTRL to ARM capabilities.
      
      Note that we change the check for creating a VGIC from bailing out if
      any VCPUs were created, to bailing out if any VCPUs were ever run.  This
      is an important distinction that shouldn't break anything, but allows
      creating the VGIC after the VCPUs have been created.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      7330672b
    • C
      ARM: KVM: Allow creating the VGIC after VCPUs · e1ba0207
      Christoffer Dall 提交于
      Rework the VGIC initialization slightly to allow initialization of the
      vgic cpu-specific state even if the irqchip (the VGIC) hasn't been
      created by user space yet.  This is safe, because the vgic data
      structures are already allocated when the CPU is allocated if VGIC
      support is compiled into the kernel.  Further, the init process does not
      depend on any other information and the sacrifice is a slight
      performance degradation for creating VMs in the no-VGIC case.
      
      The reason is that the new device control API doesn't mandate creating
      the VGIC before creating the VCPU and it is unreasonable to require user
      space to create the VGIC before creating the VCPUs.
      
      At the same time move the irqchip_in_kernel check out of
      kvm_vcpu_first_run_init and into the init function to make the per-vcpu
      and global init functions symmetric and add comments on the exported
      functions making it a bit easier to understand the init flow by only
      looking at vgic.c.
      Acked-by: NMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      e1ba0207
    • C
      arm/arm64: KVM: arch_timer: Initialize cntvoff at kvm_init · a1a64387
      Christoffer Dall 提交于
      Initialize the cntvoff at kvm_init_vm time, not before running the VCPUs
      at the first time because that will overwrite any potentially restored
      values from user space.
      
      Cc: Andre Przywara <andre.przywara@linaro.org>
      Acked-by: NMarc Zynger <marc.zyngier@arm.com>
      Signed-off-by: NChristoffer Dall <christoffer.dall@linaro.org>
      a1a64387