| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 2 May 2024 16:21:39 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Alejandro Jimenez <alejandro.j.jimenez@...cle.com>
Cc: kvm@...r.kernel.org, pbonzini@...hat.com, linux-kernel@...r.kernel.org,
joao.m.martins@...cle.com, boris.ostrovsky@...cle.com,
suravee.suthikulpanit@....com, mlevitsk@...hat.com
Subject: Re: [PATCH v2 1/2] KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if
APICv is enabled
On Thu, Apr 18, 2024, Alejandro Jimenez wrote:
> Use the APICv enablement status to determine if APICV_INHIBIT_REASON_ABSENT
> needs to be set, instead of unconditionally setting the reason during
> initialization.
>
> Specifically, in cases where AVIC is disabled via module parameter or lack
> of hardware support, unconditionally setting an inhibit reason due to the
> absence of an in-kernel local APIC can lead to a scenario where the reason
> incorrectly remains set after a local APIC has been created by either
> KVM_CREATE_IRQCHIP or the enabling of KVM_CAP_IRQCHIP_SPLIT. This is
> because the helpers in charge of removing the inhibit return early if
> enable_apicv is not true, and therefore the bit remains set.
>
> This leads to confusion as to the cause why APICv is not active, since an
> incorrect reason will be reported by tracepoints and/or a debugging tool
> that examines the currently set inhibit reasons.
>
> Fixes: ef8b4b720368 ("KVM: ensure APICv is considered inactive if there is no APIC")
> Co-developed-by: Sean Christopherson <seanjc@...gle.com>
Heh, no need, I just provided review feedback.
> Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@...cle.com>
> ---
> arch/x86/kvm/x86.c | 13 ++++++-------
> 1 file changed, 6 insertions(+), 7 deletions(-)
>
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 26288ca05364..09052ff5a9a0 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -9995,15 +9995,14 @@ static void set_or_clear_apicv_inhibit(unsigned long *inhibits,
>
> static void kvm_apicv_init(struct kvm *kvm)
> {
> - unsigned long *inhibits = &kvm->arch.apicv_inhibit_reasons;
> + enum kvm_apicv_inhibit reason = enable_apicv ?
> + APICV_INHIBIT_REASON_ABSENT :
> + APICV_INHIBIT_REASON_DISABLE;
Just let this poke out, the 80 char limit is a soft limit, where "soft" is fairly
"hard" in KVM", but there are still legitimate situations where running past 80
is yields more readable code, and IMO this is one of them.
> - init_rwsem(&kvm->arch.apicv_update_lock);
> -
> - set_or_clear_apicv_inhibit(inhibits, APICV_INHIBIT_REASON_ABSENT, true);
> + set_or_clear_apicv_inhibit(&kvm->arch.apicv_inhibit_reasons, reason,
> + true);
Same here.
No need for a v3, I'll fixup when applying.
>
> - if (!enable_apicv)
> - set_or_clear_apicv_inhibit(inhibits,
> - APICV_INHIBIT_REASON_DISABLE, true);
> + init_rwsem(&kvm->arch.apicv_update_lock);
> }
>
> static void kvm_sched_yield(struct kvm_vcpu *vcpu, unsigned long dest_id)
> --
> 2.39.3
>
Powered by blists - more mailing lists