| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z62ettusFdcR+b87@intel.com>
Date: Thu, 13 Feb 2025 15:26:46 +0800
From: Chao Gao <chao.gao@...el.com>
To: Binbin Wu <binbin.wu@...ux.intel.com>
CC: <pbonzini@...hat.com>, <seanjc@...gle.com>, <kvm@...r.kernel.org>,
<rick.p.edgecombe@...el.com>, <kai.huang@...el.com>,
<adrian.hunter@...el.com>, <reinette.chatre@...el.com>,
<xiaoyao.li@...el.com>, <tony.lindgren@...el.com>,
<isaku.yamahata@...el.com>, <yan.y.zhao@...el.com>,
<linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 05/17] KVM: x86: Assume timer IRQ was injected if APIC
state is protected
On Tue, Feb 11, 2025 at 10:58:16AM +0800, Binbin Wu wrote:
>From: Sean Christopherson <seanjc@...gle.com>
>
>If APIC state is protected, i.e. the vCPU is a TDX guest, assume a timer
>IRQ was injected when deciding whether or not to busy wait in the "timer
>advanced" path. The "real" vIRR is not readable/writable, so trying to
>query for a pending timer IRQ will return garbage.
>
>Note, TDX can scour the PIR if it wants to be more precise and skip the
>"wait" call entirely.
>
>Signed-off-by: Sean Christopherson <seanjc@...gle.com>
>Signed-off-by: Binbin Wu <binbin.wu@...ux.intel.com>
>---
>TDX interrupts v2:
>- No change.
>
>TDX interrupts v1:
>- Renamed from "KVM: x86: Assume timer IRQ was injected if APIC state is proteced"
> to "KVM: x86: Assume timer IRQ was injected if APIC state is protected", i.e.,
> fix the typo 'proteced'.
>---
> arch/x86/kvm/lapic.c | 11 ++++++++++-
> 1 file changed, 10 insertions(+), 1 deletion(-)
>
>diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
>index bbdede07d063..bab5c42f63b7 100644
>--- a/arch/x86/kvm/lapic.c
>+++ b/arch/x86/kvm/lapic.c
>@@ -1797,8 +1797,17 @@ static void apic_update_lvtt(struct kvm_lapic *apic)
> static bool lapic_timer_int_injected(struct kvm_vcpu *vcpu)
> {
> struct kvm_lapic *apic = vcpu->arch.apic;
>- u32 reg = kvm_lapic_get_reg(apic, APIC_LVTT);
>+ u32 reg;
>
>+ /*
>+ * Assume a timer IRQ was "injected" if the APIC is protected. KVM's
>+ * copy of the vIRR is bogus, it's the responsibility of the caller to
>+ * precisely check whether or not a timer IRQ is pending.
>+ */
>+ if (apic->guest_apic_protected)
>+ return true;
>+
>+ reg = kvm_lapic_get_reg(apic, APIC_LVTT);
nit: ^^ remove one space here
> if (kvm_apic_hw_enabled(apic)) {
> int vec = reg & APIC_VECTOR_MASK;
> void *bitmap = apic->regs + APIC_ISR;
>--
>2.46.0
>
Powered by blists - more mailing lists