| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250401161106.790710-18-pbonzini@redhat.com>
Date: Tue, 1 Apr 2025 18:10:54 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Cc: roy.hopkins@...e.com,
seanjc@...gle.com,
thomas.lendacky@....com,
ashish.kalra@....com,
michael.roth@....com,
jroedel@...e.de,
nsaenz@...zon.com,
anelkz@...zon.de,
James.Bottomley@...senPartnership.com
Subject: [PATCH 17/29] KVM: x86: block creating irqchip if planes are active
Force creating the irqchip before planes, so that APICV_INHIBIT_REASON_ABSENT
only needs to be removed from plane 0.
Signed-off-by: Paolo Bonzini <pbonzini@...hat.com>
---
Documentation/virt/kvm/api.rst | 6 ++++--
arch/x86/kvm/x86.c | 4 ++--
include/linux/kvm_host.h | 1 +
virt/kvm/kvm_main.c | 1 +
4 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst
index e1c67bc6df47..16d836b954dc 100644
--- a/Documentation/virt/kvm/api.rst
+++ b/Documentation/virt/kvm/api.rst
@@ -882,6 +882,8 @@ On s390, a dummy irq routing table is created.
Note that on s390 the KVM_CAP_S390_IRQCHIP vm capability needs to be enabled
before KVM_CREATE_IRQCHIP can be used.
+The interrupt controller must be created before any extra VM planes.
+
4.25 KVM_IRQ_LINE
-----------------
@@ -7792,8 +7794,8 @@ used in the IRQ routing table. The first args[0] MSI routes are reserved
for the IOAPIC pins. Whenever the LAPIC receives an EOI for these routes,
a KVM_EXIT_IOAPIC_EOI vmexit will be reported to userspace.
-Fails if VCPU has already been created, or if the irqchip is already in the
-kernel (i.e. KVM_CREATE_IRQCHIP has already been called).
+Fails if VCPUs or planes have already been created, or if the irqchip is
+already in the kernel (i.e. KVM_CREATE_IRQCHIP has already been called).
7.6 KVM_CAP_S390_RI
-------------------
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index f70d9a572455..653886e6e1c8 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -6561,7 +6561,7 @@ int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
r = -EEXIST;
if (irqchip_in_kernel(kvm))
goto split_irqchip_unlock;
- if (kvm->created_vcpus)
+ if (kvm->created_vcpus || kvm->has_planes)
goto split_irqchip_unlock;
/* Pairs with irqchip_in_kernel. */
smp_wmb();
@@ -7087,7 +7087,7 @@ int kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg)
goto create_irqchip_unlock;
r = -EINVAL;
- if (kvm->created_vcpus)
+ if (kvm->created_vcpus || kvm->has_planes)
goto create_irqchip_unlock;
r = kvm_pic_init(kvm);
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index 16a8b3adb76d..152dc5845309 100644
--- a/include/linux/kvm_host.h
+++ b/include/linux/kvm_host.h
@@ -883,6 +883,7 @@ struct kvm {
bool dirty_ring_with_bitmap;
bool vm_bugged;
bool vm_dead;
+ bool has_planes;
#ifdef CONFIG_HAVE_KVM_PM_NOTIFIER
struct notifier_block pm_notifier;
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index cb04fe6f8a2c..db38894f6fa3 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -5316,6 +5316,7 @@ static int kvm_vm_ioctl_create_plane(struct kvm *kvm, unsigned id)
return fd;
plane = kvm_create_vm_plane(kvm, id);
+ kvm->has_planes = true;
if (IS_ERR(plane)) {
r = PTR_ERR(plane);
goto put_fd;
--
2.49.0
Powered by blists - more mailing lists