lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 12 Sep 2023 09:53:39 -0700
From:   Brett Creeley <bcreeley@....com>
To:     Haitao Shan <hshan@...gle.com>,
        Sean Christopherson <seanjc@...gle.com>,
        Paolo Bonzini <pbonzini@...hat.com>, kvm@...r.kernel.org
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
        "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] KVM: x86: Fix lapic timer interrupt lost after loading a
 snapshot.

On 9/12/2023 9:15 AM, Haitao Shan wrote:
> Caution: This message originated from an External Source. Use proper caution when opening attachments, clicking links, or responding.
> 
> 
> This issue exists in kernel version 6.3-rc1 or above. The issue is
> introduced by the commit 8e6ed96cdd50 ("KVM: x86: fire timer when it is
> migrated and expired, and in oneshot mode"). The issue occurs on Intel
> platform which APIC virtualization and posted interrupt processing.
> 
> The issue is first discovered when running the Android Emulator which
> is based on QEMU 2.12. I can reproduce the issue with QEMU 8.0.4 in
> Debian 12.
> 
> With the above commit, the timer gets fired immediately inside the
> KVM_SET_LAPIC call when loading the snapshot. On such Intel platforms,
> this eventually leads to setting the corresponding PIR bit. However,
> the whole PIR bits get cleared later in the same KVM_SET_LAPIC call.
> Missing lapic timer interrupt freeze the guest kernel.
> 

Should there be a "Fixes" tag here with the problematic commit?

Thanks,

Brett

> Signed-off-by: Haitao Shan <hshan@...gle.com>
> ---
>   arch/x86/kvm/lapic.c | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
> index a983a16163b1..6f73406b875a 100644
> --- a/arch/x86/kvm/lapic.c
> +++ b/arch/x86/kvm/lapic.c
> @@ -2977,14 +2977,14 @@ int kvm_apic_set_state(struct kvm_vcpu *vcpu, struct kvm_lapic_state *s)
>          apic_update_lvtt(apic);
>          apic_manage_nmi_watchdog(apic, kvm_lapic_get_reg(apic, APIC_LVT0));
>          update_divide_count(apic);
> -       __start_apic_timer(apic, APIC_TMCCT);
> -       kvm_lapic_set_reg(apic, APIC_TMCCT, 0);
>          kvm_apic_update_apicv(vcpu);
>          if (apic->apicv_active) {
>                  static_call_cond(kvm_x86_apicv_post_state_restore)(vcpu);
>                  static_call_cond(kvm_x86_hwapic_irr_update)(vcpu, apic_find_highest_irr(apic));
>                  static_call_cond(kvm_x86_hwapic_isr_update)(apic_find_highest_isr(apic));
>          }
> +       __start_apic_timer(apic, APIC_TMCCT);
> +       kvm_lapic_set_reg(apic, APIC_TMCCT, 0);
>          kvm_make_request(KVM_REQ_EVENT, vcpu);
>          if (ioapic_in_kernel(vcpu->kvm))
>                  kvm_rtc_eoi_tracking_restore_one(vcpu);
> --
> 2.42.0.283.g2d96d420d3-goog
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ