| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Mar 2024 15:43:46 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: Sean Christopherson <seanjc@...gle.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
Christian Borntraeger <borntraeger@...ux.ibm.com>,
Janosch Frank <frankja@...ux.ibm.com>,
Claudio Imbrenda <imbrenda@...ux.ibm.com>,
David Hildenbrand <david@...hat.com>
Subject: Re: [GIT PULL] KVM: Xen and gfn_to_pfn_cache changes for 6.9
On 3/8/24 23:37, Sean Christopherson wrote:
> Aaaand seeing my one commit in the shortlog made me realize I completely forgot
> to get acks from s390 on the kvm_is_error_gpa() => kvm_is_gpa_in_memslot()
> refactor. Fudge.
>
> s390 folks, my apologies for not reaching out earlier. Please take a look at
> commit 9e7325acb3dc ("KVM: s390: Refactor kvm_is_error_gpa() into
> kvm_is_gpa_in_memslot()"). It *should* be a straight refactor, and I don't
> expect the rename to be contentious, but I didn't intend to send this pull request
> before getting an explicit ack.
>
> As for the actual pull request, the bulk of the changes are to add support
> for using gfn_to_pfn caches without a gfn, e.g. to opimize handling of overlay
> pages, and then use that functionality for Xen's shared_info page.
>
> Note, the commits towards the end are a variety of fixes from David that have
> been on the list for a while, but only got applied this week due to issues with
> the patches being corrupted (thanks to Evolution doing weird things).
Evolution?!? :)
> The following changes since commit db7d6fbc10447090bab8691a907a7c383ec66f58:
>
> KVM: remove unnecessary #ifdef (2024-02-08 08:41:06 -0500)
>
> are available in the Git repository at:
>
> https://github.com/kvm-x86/linux.git tags/kvm-x86-xen-6.9
>
> for you to fetch changes up to 7a36d680658ba5a0d350f2ad275b97156b8d4333:
>
> KVM: x86/xen: fix recursive deadlock in timer injection (2024-03-04 16:22:39 -0800)
Pulled, thanks.
Paolo
> ----------------------------------------------------------------
> KVM Xen and pfncache changes for 6.9:
>
> - Rip out the half-baked support for using gfn_to_pfn caches to manage pages
> that are "mapped" into guests via physical addresses.
>
> - Add support for using gfn_to_pfn caches with only a host virtual address,
> i.e. to bypass the "gfn" stage of the cache. The primary use case is
> overlay pages, where the guest may change the gfn used to reference the
> overlay page, but the backing hva+pfn remains the same.
>
> - Add an ioctl() to allow mapping Xen's shared_info page using an hva instead
> of a gpa, so that userspace doesn't need to reconfigure and invalidate the
> cache/mapping if the guest changes the gpa (but userspace keeps the resolved
> hva the same).
>
> - When possible, use a single host TSC value when computing the deadline for
> Xen timers in order to improve the accuracy of the timer emulation.
>
> - Inject pending upcall events when the vCPU software-enables its APIC to fix
> a bug where an upcall can be lost (and to follow Xen's behavior).
>
> - Fall back to the slow path instead of warning if "fast" IRQ delivery of Xen
> events fails, e.g. if the guest has aliased xAPIC IDs.
>
> - Extend gfn_to_pfn_cache's mutex to cover (de)activation (in addition to
> refresh), and drop a now-redundant acquisition of xen_lock (that was
> protecting the shared_info cache) to fix a deadlock due to recursively
> acquiring xen_lock.
>
> ----------------------------------------------------------------
> David Woodhouse (5):
> KVM: x86/xen: improve accuracy of Xen timers
> KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled
> KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery
> KVM: pfncache: simplify locking and make more self-contained
> KVM: x86/xen: fix recursive deadlock in timer injection
>
> Paul Durrant (17):
> KVM: pfncache: Add a map helper function
> KVM: pfncache: remove unnecessary exports
> KVM: x86/xen: mark guest pages dirty with the pfncache lock held
> KVM: pfncache: add a mark-dirty helper
> KVM: pfncache: remove KVM_GUEST_USES_PFN usage
> KVM: pfncache: stop open-coding offset_in_page()
> KVM: pfncache: include page offset in uhva and use it consistently
> KVM: pfncache: allow a cache to be activated with a fixed (userspace) HVA
> KVM: x86/xen: separate initialization of shared_info cache and content
> KVM: x86/xen: re-initialize shared_info if guest (32/64-bit) mode is set
> KVM: x86/xen: allow shared_info to be mapped by fixed HVA
> KVM: x86/xen: allow vcpu_info to be mapped by fixed HVA
> KVM: selftests: map Xen's shared_info page using HVA rather than GFN
> KVM: selftests: re-map Xen's vcpu_info using HVA rather than GPA
> KVM: x86/xen: advertize the KVM_XEN_HVM_CONFIG_SHARED_INFO_HVA capability
> KVM: pfncache: check the need for invalidation under read lock first
> KVM: x86/xen: allow vcpu_info content to be 'safely' copied
>
> Sean Christopherson (1):
> KVM: s390: Refactor kvm_is_error_gpa() into kvm_is_gpa_in_memslot()
>
> Documentation/virt/kvm/api.rst | 51 +++-
> arch/s390/kvm/diag.c | 2 +-
> arch/s390/kvm/gaccess.c | 14 +-
> arch/s390/kvm/kvm-s390.c | 4 +-
> arch/s390/kvm/priv.c | 4 +-
> arch/s390/kvm/sigp.c | 2 +-
> arch/x86/include/uapi/asm/kvm.h | 9 +-
> arch/x86/kvm/lapic.c | 5 +-
> arch/x86/kvm/x86.c | 68 ++++-
> arch/x86/kvm/x86.h | 1 +
> arch/x86/kvm/xen.c | 325 ++++++++++++++-------
> arch/x86/kvm/xen.h | 18 ++
> include/linux/kvm_host.h | 56 +++-
> include/linux/kvm_types.h | 8 -
> .../testing/selftests/kvm/x86_64/xen_shinfo_test.c | 59 +++-
> virt/kvm/pfncache.c | 245 +++++++++-------
> 16 files changed, 602 insertions(+), 269 deletions(-)
>
Powered by blists - more mailing lists