lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 2 May 2024 16:21:39 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Alejandro Jimenez <alejandro.j.jimenez@...cle.com>
Cc: kvm@...r.kernel.org, pbonzini@...hat.com, linux-kernel@...r.kernel.org, 
	joao.m.martins@...cle.com, boris.ostrovsky@...cle.com, 
	suravee.suthikulpanit@....com, mlevitsk@...hat.com
Subject: Re: [PATCH v2 1/2] KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if
 APICv is enabled

On Thu, Apr 18, 2024, Alejandro Jimenez wrote:
> Use the APICv enablement status to determine if APICV_INHIBIT_REASON_ABSENT
> needs to be set, instead of unconditionally setting the reason during
> initialization.
> 
> Specifically, in cases where AVIC is disabled via module parameter or lack
> of hardware support, unconditionally setting an inhibit reason due to the
> absence of an in-kernel local APIC can lead to a scenario where the reason
> incorrectly remains set after a local APIC has been created by either
> KVM_CREATE_IRQCHIP or the enabling of KVM_CAP_IRQCHIP_SPLIT. This is
> because the helpers in charge of removing the inhibit return early if
> enable_apicv is not true, and therefore the bit remains set.
> 
> This leads to confusion as to the cause why APICv is not active, since an
> incorrect reason will be reported by tracepoints and/or a debugging tool
> that examines the currently set inhibit reasons.
> 
> Fixes: ef8b4b720368 ("KVM: ensure APICv is considered inactive if there is no APIC")
> Co-developed-by: Sean Christopherson <seanjc@...gle.com>

Heh, no need, I just provided review feedback.

> Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@...cle.com>
> ---
>  arch/x86/kvm/x86.c | 13 ++++++-------
>  1 file changed, 6 insertions(+), 7 deletions(-)
> 
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 26288ca05364..09052ff5a9a0 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -9995,15 +9995,14 @@ static void set_or_clear_apicv_inhibit(unsigned long *inhibits,
>  
>  static void kvm_apicv_init(struct kvm *kvm)
>  {
> -	unsigned long *inhibits = &kvm->arch.apicv_inhibit_reasons;
> +	enum kvm_apicv_inhibit reason = enable_apicv ?
> +						APICV_INHIBIT_REASON_ABSENT :
> +						APICV_INHIBIT_REASON_DISABLE;

Just let this poke out, the 80 char limit is a soft limit, where "soft" is fairly
"hard" in KVM", but there are still legitimate situations where running past 80
is yields more readable code, and IMO this is one of them.

> -	init_rwsem(&kvm->arch.apicv_update_lock);
> -
> -	set_or_clear_apicv_inhibit(inhibits, APICV_INHIBIT_REASON_ABSENT, true);
> +	set_or_clear_apicv_inhibit(&kvm->arch.apicv_inhibit_reasons, reason,
> +				   true);

Same here.

No need for a v3, I'll fixup when applying.

>  
> -	if (!enable_apicv)
> -		set_or_clear_apicv_inhibit(inhibits,
> -					   APICV_INHIBIT_REASON_DISABLE, true);
> +	init_rwsem(&kvm->arch.apicv_update_lock);
>  }
>  
>  static void kvm_sched_yield(struct kvm_vcpu *vcpu, unsigned long dest_id)
> -- 
> 2.39.3
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ