| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250211025828.3072076-3-binbin.wu@linux.intel.com> Date: Tue, 11 Feb 2025 10:58:13 +0800 From: Binbin Wu <binbin.wu@...ux.intel.com> To: pbonzini@...hat.com, seanjc@...gle.com, kvm@...r.kernel.org Cc: rick.p.edgecombe@...el.com, kai.huang@...el.com, adrian.hunter@...el.com, reinette.chatre@...el.com, xiaoyao.li@...el.com, tony.lindgren@...el.com, isaku.yamahata@...el.com, yan.y.zhao@...el.com, chao.gao@...el.com, linux-kernel@...r.kernel.org, binbin.wu@...ux.intel.com Subject: [PATCH v2 02/17] KVM: TDX: Disable PI wakeup for IPIv From: Isaku Yamahata <isaku.yamahata@...el.com> Disable PI wakeup for IPI virtualization (IPIv) case for TDX. When a vCPU is being scheduled out, notification vector is switched and pi_wakeup_handler() is enabled when the vCPU has interrupt enabled and posted interrupt is used to wake up the vCPU. For VMX, a blocked vCPU can be the target of posted interrupts when using IPIv or VT-d PI. TDX doesn't support IPIv, disable PI wakeup for IPIv. Also, since the guest status of TD vCPU is protected, assume interrupt is always enabled for TD. (PV HLT hypercall is not support yet, TDX guest tells VMM whether HLT is called with interrupt disabled or not.) Signed-off-by: Isaku Yamahata <isaku.yamahata@...el.com> [binbin: split into new patch] Signed-off-by: Binbin Wu <binbin.wu@...ux.intel.com> --- TDX interrupts v2: - "KVM: VMX: Remove use of struct vcpu_vmx from posted_intr.c" is dropped because the related fields have been moved to the common struct vcpu_vt already. Move the pi_wakeup_list init to this patch. TDX interrupts v1: - This is split out as a new patch from patch "KVM: TDX: remove use of struct vcpu_vmx from posted_interrupt.c" --- arch/x86/kvm/vmx/posted_intr.c | 7 +++++-- arch/x86/kvm/vmx/tdx.c | 1 + 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/posted_intr.c b/arch/x86/kvm/vmx/posted_intr.c index 5696e0f9f924..25f8a19e2831 100644 --- a/arch/x86/kvm/vmx/posted_intr.c +++ b/arch/x86/kvm/vmx/posted_intr.c @@ -11,6 +11,7 @@ #include "posted_intr.h" #include "trace.h" #include "vmx.h" +#include "tdx.h" /* * Maintain a per-CPU list of vCPUs that need to be awakened by wakeup_handler() @@ -190,7 +191,8 @@ static bool vmx_needs_pi_wakeup(struct kvm_vcpu *vcpu) * notification vector is switched to the one that calls * back to the pi_wakeup_handler() function. */ - return vmx_can_use_ipiv(vcpu) || vmx_can_use_vtd_pi(vcpu->kvm); + return (vmx_can_use_ipiv(vcpu) && !is_td_vcpu(vcpu)) || + vmx_can_use_vtd_pi(vcpu->kvm); } void vmx_vcpu_pi_put(struct kvm_vcpu *vcpu) @@ -200,7 +202,8 @@ void vmx_vcpu_pi_put(struct kvm_vcpu *vcpu) if (!vmx_needs_pi_wakeup(vcpu)) return; - if (kvm_vcpu_is_blocking(vcpu) && !vmx_interrupt_blocked(vcpu)) + if (kvm_vcpu_is_blocking(vcpu) && + (is_td_vcpu(vcpu) || !vmx_interrupt_blocked(vcpu))) pi_enable_wakeup_handler(vcpu); /* diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 6940ce812730..825f13371134 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -669,6 +669,7 @@ int tdx_vcpu_create(struct kvm_vcpu *vcpu) fpstate_set_confidential(&vcpu->arch.guest_fpu); vcpu->arch.apic->guest_apic_protected = true; + INIT_LIST_HEAD(&tdx->vt.pi_wakeup_list); vcpu->arch.efer = EFER_SCE | EFER_LME | EFER_LMA | EFER_NX; -- 2.46.0
Powered by blists - more mailing lists