| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 Nov 2019 22:41:37 +0000
From: "Suthikulpanit, Suravee" <Suravee.Suthikulpanit@....com>
To: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>
CC: "pbonzini@...hat.com" <pbonzini@...hat.com>,
"rkrcmar@...hat.com" <rkrcmar@...hat.com>,
"joro@...tes.org" <joro@...tes.org>,
"vkuznets@...hat.com" <vkuznets@...hat.com>,
"rkagan@...tuozzo.com" <rkagan@...tuozzo.com>,
"graf@...zon.com" <graf@...zon.com>,
"jschoenh@...zon.de" <jschoenh@...zon.de>,
"karahmed@...zon.de" <karahmed@...zon.de>,
"rimasluk@...zon.com" <rimasluk@...zon.com>,
"Grimm, Jon" <Jon.Grimm@....com>,
"Suthikulpanit, Suravee" <Suravee.Suthikulpanit@....com>
Subject: [PATCH v4 13/17] kvm: i8254: Deactivate APICv when using in-kernel
PIT re-injection mode.
AMD SVM AVIC accelerates EOI write and does not trap. This causes
in-kernel PIT re-injection mode to fail since it relies on irq-ack
notifier mechanism. So, APICv is activated only when in-kernel PIT
is in discard mode e.g. w/ qemu option:
-global kvm-pit.lost_tick_policy=discard
Suggested-by: Paolo Bonzini <pbonzini@...hat.com>
Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@....com>
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/i8254.c | 10 ++++++++++
arch/x86/kvm/svm.c | 8 +++++++-
3 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index fe61269..460f7a4 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -858,6 +858,7 @@ enum kvm_irqchip_mode {
#define APICV_DEACT_BIT_HYPERV 1
#define APICV_DEACT_BIT_NESTED 2
#define APICV_DEACT_BIT_IRQWIN 3
+#define APICV_DEACT_BIT_PIT_REINJ 4
struct kvm_arch {
unsigned long n_used_mmu_pages;
diff --git a/arch/x86/kvm/i8254.c b/arch/x86/kvm/i8254.c
index 4a6dc54..3f77fda 100644
--- a/arch/x86/kvm/i8254.c
+++ b/arch/x86/kvm/i8254.c
@@ -295,12 +295,22 @@ void kvm_pit_set_reinject(struct kvm_pit *pit, bool reinject)
if (atomic_read(&ps->reinject) == reinject)
return;
+ /*
+ * AMD SVM AVIC accelerates EOI write and does not trap.
+ * This cause in-kernel PIT re-inject mode to fail
+ * since it checks ps->irq_ack before kvm_set_irq()
+ * and relies on the ack notifier to timely queue
+ * the pt->worker work iterm and reinject the missed tick.
+ * So, deactivate APICv when PIT is in reinject mode.
+ */
if (reinject) {
+ kvm_request_apicv_update(kvm, false, APICV_DEACT_BIT_PIT_REINJ);
/* The initial state is preserved while ps->reinject == 0. */
kvm_pit_reset_reinject(pit);
kvm_register_irq_ack_notifier(kvm, &ps->irq_ack_notifier);
kvm_register_irq_mask_notifier(kvm, 0, &pit->mask_notifier);
} else {
+ kvm_request_apicv_update(kvm, true, APICV_DEACT_BIT_PIT_REINJ);
kvm_unregister_irq_ack_notifier(kvm, &ps->irq_ack_notifier);
kvm_unregister_irq_mask_notifier(kvm, 0, &pit->mask_notifier);
}
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 0e7ff04..9812feb 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -1679,7 +1679,13 @@ static int avic_update_access_page(struct kvm *kvm, bool activate)
int ret = 0;
mutex_lock(&kvm->slots_lock);
- if (kvm->arch.apic_access_page_done == activate)
+ /*
+ * During kvm_destroy_vm(), kvm_pit_set_reinject() could trigger
+ * APICv mode change, which update APIC_ACCESS_PAGE_PRIVATE_MEMSLOT
+ * memory region. So, we need to ensure that kvm->mm == current->mm.
+ */
+ if ((kvm->arch.apic_access_page_done == activate) ||
+ (kvm->mm != current->mm))
goto out;
ret = __x86_set_memory_region(kvm,
--
1.8.3.1
Powered by blists - more mailing lists