| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 Nov 2023 09:46:04 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Paul Durrant <paul@....org>
Cc: Paolo Bonzini <pbonzini@...hat.com>,
Jonathan Corbet <corbet@....net>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
"H. Peter Anvin" <hpa@...or.com>,
David Woodhouse <dwmw2@...radead.org>, kvm@...r.kernel.org,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3] KVM x86/xen: add an override for PVCLOCK_TSC_STABLE_BIT
On Wed, Nov 01, 2023, Paul Durrant wrote:
> @@ -3231,12 +3245,15 @@ static int kvm_guest_time_update(struct kvm_vcpu *v)
> vcpu->hv_clock.flags = pvclock_flags;
>
> if (vcpu->pv_time.active)
> - kvm_setup_guest_pvclock(v, &vcpu->pv_time, 0);
> + kvm_setup_guest_pvclock(v, &vcpu->pv_time, 0, false);
> +
> if (vcpu->xen.vcpu_info_cache.active)
> kvm_setup_guest_pvclock(v, &vcpu->xen.vcpu_info_cache,
> - offsetof(struct compat_vcpu_info, time));
> + offsetof(struct compat_vcpu_info, time),
> + xen_pvclock_tsc_unstable);
> if (vcpu->xen.vcpu_time_info_cache.active)
> - kvm_setup_guest_pvclock(v, &vcpu->xen.vcpu_time_info_cache, 0);
> + kvm_setup_guest_pvclock(v, &vcpu->xen.vcpu_time_info_cache, 0,
> + xen_pvclock_tsc_unstable);
> kvm_hv_setup_tsc_page(v->kvm, &vcpu->hv_clock);
> return 0;
Please rebase, this conflicts with commit ee11ab6bb04e ("KVM: X86: Reduce size of
kvm_vcpu_arch structure when CONFIG_KVM_XEN=n"). I can solve the conflict, but
I really shouldn't have to.
Also, your version of git should support --base, which makes life much easier for
others when non-trivial conflicts are encountered. From maintainer-kvm-x86.rst:
: Git Base
: ~~~~~~~~
: If you are using git version 2.9.0 or later (Googlers, this is all of you!),
: use ``git format-patch`` with the ``--base`` flag to automatically include the
: base tree information in the generated patches.
:
: Note, ``--base=auto`` works as expected if and only if a branch's upstream is
: set to the base topic branch, e.g. it will do the wrong thing if your upstream
: is set to your personal repository for backup purposes. An alternative "auto"
: solution is to derive the names of your development branches based on their
: KVM x86 topic, and feed that into ``--base``. E.g. ``x86/pmu/my_branch_name``,
: and then write a small wrapper to extract ``pmu`` from the current branch name
: to yield ``--base=x/pmu``, where ``x`` is whatever name your repository uses to
: track the KVM x86 remote.
> @@ -4531,7 +4548,8 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
> KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL |
> KVM_XEN_HVM_CONFIG_SHARED_INFO |
> KVM_XEN_HVM_CONFIG_EVTCHN_2LEVEL |
> - KVM_XEN_HVM_CONFIG_EVTCHN_SEND;
> + KVM_XEN_HVM_CONFIG_EVTCHN_SEND |
> + KVM_XEN_HVM_CONFIG_PVCLOCK_TSC_UNSTABLE;
> if (sched_info_on())
> r |= KVM_XEN_HVM_CONFIG_RUNSTATE |
> KVM_XEN_HVM_CONFIG_RUNSTATE_UPDATE_FLAG;
> diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c
> index 40edf4d1974c..7699d94f190b 100644
> --- a/arch/x86/kvm/xen.c
> +++ b/arch/x86/kvm/xen.c
> @@ -1111,9 +1111,12 @@ int kvm_xen_write_hypercall_page(struct kvm_vcpu *vcpu, u64 data)
>
> int kvm_xen_hvm_config(struct kvm *kvm, struct kvm_xen_hvm_config *xhc)
> {
> + bool update_pvclock = false;
> +
> /* Only some feature flags need to be *enabled* by userspace */
> u32 permitted_flags = KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL |
> - KVM_XEN_HVM_CONFIG_EVTCHN_SEND;
> + KVM_XEN_HVM_CONFIG_EVTCHN_SEND |
> + KVM_XEN_HVM_CONFIG_PVCLOCK_TSC_UNSTABLE;
>
> if (xhc->flags & ~permitted_flags)
> return -EINVAL;
> @@ -1134,9 +1137,19 @@ int kvm_xen_hvm_config(struct kvm *kvm, struct kvm_xen_hvm_config *xhc)
> else if (!xhc->msr && kvm->arch.xen_hvm_config.msr)
> static_branch_slow_dec_deferred(&kvm_xen_enabled);
>
> + if ((kvm->arch.xen_hvm_config.flags &
> + KVM_XEN_HVM_CONFIG_PVCLOCK_TSC_UNSTABLE) !=
> + (xhc->flags &
> + KVM_XEN_HVM_CONFIG_PVCLOCK_TSC_UNSTABLE))
> + update_pvclock = true;
Rather than a boolean and the above, which is a bit hard to parse, what about
taking a snapshot of the old flags and then doing an XOR?
/* Only some feature flags need to be *enabled* by userspace */
u32 permitted_flags = KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL |
KVM_XEN_HVM_CONFIG_EVTCHN_SEND |
KVM_XEN_HVM_CONFIG_PVCLOCK_TSC_UNSTABLE;
u32 old_flags;
if (xhc->flags & ~permitted_flags)
return -EINVAL;
/*
* With hypercall interception the kernel generates its own
* hypercall page so it must not be provided.
*/
if ((xhc->flags & KVM_XEN_HVM_CONFIG_INTERCEPT_HCALL) &&
(xhc->blob_addr_32 || xhc->blob_addr_64 ||
xhc->blob_size_32 || xhc->blob_size_64))
return -EINVAL;
mutex_lock(&kvm->arch.xen.xen_lock);
if (xhc->msr && !kvm->arch.xen_hvm_config.msr)
static_branch_inc(&kvm_xen_enabled.key);
else if (!xhc->msr && kvm->arch.xen_hvm_config.msr)
static_branch_slow_dec_deferred(&kvm_xen_enabled);
old_flags = kvm->arch.xen_hvm_config.flags;
memcpy(&kvm->arch.xen_hvm_config, xhc, sizeof(*xhc));
mutex_unlock(&kvm->arch.xen.xen_lock);
if ((old_flags ^ xhc->flags) & KVM_XEN_HVM_CONFIG_PVCLOCK_TSC_UNSTABLE)
kvm_make_all_cpus_request(kvm, KVM_REQ_CLOCK_UPDATE);
return 0;
Powered by blists - more mailing lists