backport arm64 kvm support to 3.18 |
||
Issue description3.18 seems to be missing some support to properly run as a kvm host on arm64 systems, so let's pull back the necessary changes.
Showing comments 15 - 114
of 114
Older ›
,
Jun 12 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/1c5f09f4ce621155169fde719d9c3b1af7d54ac2 commit 1c5f09f4ce621155169fde719d9c3b1af7d54ac2 Author: Andre Przywara <andre.przywara@arm.com> Date: Tue Jun 12 00:29:39 2018 UPSTREAM: arm/arm64: KVM: introduce per-VM ops Currently we only have one virtual GIC model supported, so all guests use the same emulation code. With the addition of another model we end up with different guests using potentially different vGIC models, so we have to split up some functions to be per VM. Introduce a vgic_vm_ops struct to hold function pointers for those functions that are different and provide the necessary code to initialize them. Also split up the vgic_init() function to separate out VGIC model specific functionality into a separate function, which will later be different for a GICv3 model. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ic493d80c9fef675206388785c219f128ea3bda24 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit b26e5fdac43c1b7c394502917e42e3b91f3aa1a3) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088024 [modify] https://crrev.com/1c5f09f4ce621155169fde719d9c3b1af7d54ac2/include/kvm/arm_vgic.h [modify] https://crrev.com/1c5f09f4ce621155169fde719d9c3b1af7d54ac2/virt/kvm/arm/vgic.c
,
Jun 12 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d commit a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d Author: Andre Przywara <andre.przywara@arm.com> Date: Tue Jun 12 00:29:41 2018 UPSTREAM: arm/arm64: KVM: move kvm_register_device_ops() into vGIC probing Currently we unconditionally register the GICv2 emulation device during the host's KVM initialization. Since with GICv3 support we may end up with only v2 or only v3 or both supported, we move the registration into the GIC probing function, where we will later know which combination is valid. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I2c7481d75290698913670b07202a9a5758488a00 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit ea2f83a7de9d0abbd145e37177905aab57fdb835) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088025 [modify] https://crrev.com/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d/include/linux/kvm_host.h [modify] https://crrev.com/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d/virt/kvm/arm/vgic-v3.c [modify] https://crrev.com/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d/virt/kvm/arm/vgic.c [modify] https://crrev.com/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d/virt/kvm/arm/vgic-v2.c
,
Jun 12 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/02a10a399d6fc4ffb2fd9b27b158c0bcfa0a5883 commit 02a10a399d6fc4ffb2fd9b27b158c0bcfa0a5883 Author: Andre Przywara <andre.przywara@arm.com> Date: Tue Jun 12 00:29:43 2018 UPSTREAM: arm/arm64: KVM: dont rely on a valid GICH base address To check whether the vGIC was already initialized, we currently check the GICH base address for not being NULL. Since with GICv3 we may get along without this address, lets use the irqchip_in_kernel() function to detect an already initialized vGIC. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I16924ebf8226ee2d46f7c77fbaa9d0a211d9aa4b Signed-off-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 4ce7ebdfc69d1d5d166eec103ed2976eb45a6173) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088026 [modify] https://crrev.com/02a10a399d6fc4ffb2fd9b27b158c0bcfa0a5883/virt/kvm/arm/vgic.c
,
Jun 12 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/15730499e63cfc7167dc64d6554c54171d9964c5 commit 15730499e63cfc7167dc64d6554c54171d9964c5 Author: Andre Przywara <andre.przywara@arm.com> Date: Tue Jun 12 00:29:44 2018 UPSTREAM: arm/arm64: KVM: make the maximum number of vCPUs a per-VM value Currently the maximum number of vCPUs supported is a global value limited by the used GIC model. GICv3 will lift this limit, but we still need to observe it for guests using GICv2. So the maximum number of vCPUs is per-VM value, depending on the GIC model the guest uses. Store and check the value in struct kvm_arch, but keep it down to 8 for now. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I6b90724c3e76a06e98e984b0258f0065a62e58fd Signed-off-by: Andre Przywara <andre.przywara@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 3caa2d8c3b2d80f5e342fe8cec07c03c8147dcab) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088027 [modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/virt/kvm/arm/vgic.c [modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/virt/kvm/arm/vgic-v3.c [modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/arch/arm/include/asm/kvm_host.h [modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/virt/kvm/arm/vgic-v2.c [modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/include/kvm/arm_vgic.h [modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/arch/arm/kvm/arm.c [modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/arch/arm64/include/asm/kvm_host.h
,
Jun 12 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/f8730ab650c2993a716ca445a15ddc361b20ce7f commit f8730ab650c2993a716ca445a15ddc361b20ce7f Author: Andre Przywara <andre.przywara@arm.com> Date: Tue Jun 12 00:29:46 2018 UPSTREAM: arm/arm64: KVM: make the value of ICC_SRE_EL1 a per-VM variable ICC_SRE_EL1 is a system register allowing msr/mrs accesses to the GIC CPU interface for EL1 (guests). Currently we force it to 0, but for proper GICv3 support we have to allow guests to use it (depending on their selected virtual GIC model). So add ICC_SRE_EL1 to the list of saved/restored registers on a world switch, but actually disallow a guest to change it by only restoring a fixed, once-initialized value. This value depends on the GIC model userland has chosen for a guest. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Icebf3f7887482388f02c0a6e2a31fc3dfc3a6e37 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 2f5fa41a7a7f47f3109a6596b0ec96258dbf06e6) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088028 [modify] https://crrev.com/f8730ab650c2993a716ca445a15ddc361b20ce7f/include/kvm/arm_vgic.h [modify] https://crrev.com/f8730ab650c2993a716ca445a15ddc361b20ce7f/arch/arm64/kvm/vgic-v3-switch.S [modify] https://crrev.com/f8730ab650c2993a716ca445a15ddc361b20ce7f/virt/kvm/arm/vgic-v3.c [modify] https://crrev.com/f8730ab650c2993a716ca445a15ddc361b20ce7f/arch/arm64/kernel/asm-offsets.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/68bd106df593ba1ec332b04bdae4c4e39e5294fa commit 68bd106df593ba1ec332b04bdae4c4e39e5294fa Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:20 2018 UPSTREAM: arm/arm64: KVM: refactor MMIO accessors The MMIO accessors for GICD_I[CS]ENABLER, GICD_I[CS]PENDR and GICD_ICFGR behave very similar for GICv2 and GICv3, although the way the affected VCPU is determined differs. Since we need them to access the registers from three different places in the future, we factor out a generic, backend-facing implementation and use small wrappers in the current GICv2 emulation. This will ease adding GICv3 accessors later. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I7c820688c508c672531d2f20188147d68b5bf086 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit d97f683d0f4b2e63e68869f81ba2ce4ccbb6e5d8) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088029 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/68bd106df593ba1ec332b04bdae4c4e39e5294fa/virt/kvm/arm/vgic.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/f7be736bd9a7ed93aad65e31c2805a363c073d93 commit f7be736bd9a7ed93aad65e31c2805a363c073d93 Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:21 2018 UPSTREAM: arm/arm64: KVM: refactor/wrap vgic_set/get_attr() vgic_set_attr() and vgic_get_attr() contain both code specific for the emulated GIC as well as code for the userland facing, generic part of the GIC. Split the guest GIC facing code of from the generic part to allow easier splitting later. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: If66d57b2dd16c5974dfd1d23ab17d93f220b49cd Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit b60da146c135ea6b6c25a0ae925edca038b64344) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088030 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/f7be736bd9a7ed93aad65e31c2805a363c073d93/virt/kvm/arm/vgic.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/db5a91e92ea62f34766ab409c7c84fb01cfd836c commit db5a91e92ea62f34766ab409c7c84fb01cfd836c Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:23 2018 UPSTREAM: arm/arm64: KVM: add vgic.h header file vgic.c is currently a mixture of generic vGIC emulation code and functions specific to emulating a GICv2. To ease the addition of GICv3 later, we create new header file vgic.h, which holds constants and prototypes of commonly used functions. Rename some identifiers to avoid name space clutter. I removed the long-standing comment about using the kvm_io_bus API to tackle the GIC register ranges, as it wouldn't be a win for us anymore. Signed-off-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> ------- As the diff isn't always obvious here (and to aid eventual rebases), here is a list of high-level changes done to the code: * moved definitions and prototypes from vgic.c to vgic.h: - VGIC_ADDR_UNDEF - ACCESS_{READ,WRITE}_* - vgic_init() - vgic_update_state() - vgic_kick_vcpus() - vgic_get_vmcr() - vgic_set_vmcr() - struct mmio_range {} (renamed to struct kvm_mmio_range) * removed static keyword and exported prototype in vgic.h: - vgic_bitmap_get_reg() - vgic_bitmap_set_irq_val() - vgic_bitmap_get_shared_map() - vgic_bytemap_get_reg() - vgic_dist_irq_set_pending() - vgic_dist_irq_clear_pending() - vgic_cpu_irq_clear() - vgic_reg_access() - handle_mmio_raz_wi() - vgic_handle_enable_reg() - vgic_handle_set_pending_reg() - vgic_handle_clear_pending_reg() - vgic_handle_cfg_reg() - vgic_unqueue_irqs() - find_matching_range() (renamed to vgic_find_range) - vgic_handle_mmio_range() - vgic_update_state() - vgic_get_vmcr() - vgic_set_vmcr() - vgic_queue_irq() - vgic_kick_vcpus() - vgic_init() - vgic_v2_init_emulation() - vgic_has_attr_regs() - vgic_set_common_attr() - vgic_get_common_attr() - vgic_destroy() - vgic_create() * moved functions to vgic.h (static inline): - mmio_data_read() - mmio_data_write() - is_in_range() BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I2d438e17b884fcb4221605f37027bf073508e7a5 Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 832158125d2ef30b364f21e1616495c40c286a4a) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088031 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/db5a91e92ea62f34766ab409c7c84fb01cfd836c/virt/kvm/arm/vgic.c [add] https://crrev.com/db5a91e92ea62f34766ab409c7c84fb01cfd836c/virt/kvm/arm/vgic.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00 commit fe32720cbf9e17673a04a27bd028fc9fe3a6ad00 Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:24 2018 UPSTREAM: arm/arm64: KVM: split GICv2 specific emulation code from vgic.c vgic.c is currently a mixture of generic vGIC emulation code and functions specific to emulating a GICv2. To ease the addition of GICv3, split off strictly v2 specific parts into a new file vgic-v2-emul.c. Signed-off-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> ------- As the diff isn't always obvious here (and to aid eventual rebases), here is a list of high-level changes done to the code: * added new file to respective arm/arm64 Makefiles * moved GICv2 specific functions to vgic-v2-emul.c: - handle_mmio_misc() - handle_mmio_set_enable_reg() - handle_mmio_clear_enable_reg() - handle_mmio_set_pending_reg() - handle_mmio_clear_pending_reg() - handle_mmio_priority_reg() - vgic_get_target_reg() - vgic_set_target_reg() - handle_mmio_target_reg() - handle_mmio_cfg_reg() - handle_mmio_sgi_reg() - vgic_v2_unqueue_sgi() - read_set_clear_sgi_pend_reg() - write_set_clear_sgi_pend_reg() - handle_mmio_sgi_set() - handle_mmio_sgi_clear() - vgic_v2_handle_mmio() - vgic_get_sgi_sources() - vgic_dispatch_sgi() - vgic_v2_queue_sgi() - vgic_v2_map_resources() - vgic_v2_init() - vgic_v2_add_sgi_source() - vgic_v2_init_model() - vgic_v2_init_emulation() - handle_cpu_mmio_misc() - handle_mmio_abpr() - handle_cpu_mmio_ident() - vgic_attr_regs_access() - vgic_create() (renamed to vgic_v2_create()) - vgic_destroy() (renamed to vgic_v2_destroy()) - vgic_has_attr() (renamed to vgic_v2_has_attr()) - vgic_set_attr() (renamed to vgic_v2_set_attr()) - vgic_get_attr() (renamed to vgic_v2_get_attr()) - struct kvm_mmio_range vgic_dist_ranges[] - struct kvm_mmio_range vgic_cpu_ranges[] - struct kvm_device_ops kvm_arm_vgic_v2_ops {} BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I3c2d2b80c493887c5da27adbcfc3aa30c0cebf32 Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 1d916229e348c628ddc9cf97528e76d13f52c122) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088032 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00/arch/arm64/kvm/Makefile [add] https://crrev.com/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00/virt/kvm/arm/vgic-v2-emul.c [modify] https://crrev.com/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00/arch/arm/kvm/Makefile [modify] https://crrev.com/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00/virt/kvm/arm/vgic.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478 commit bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478 Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:26 2018 UPSTREAM: arm/arm64: KVM: add opaque private pointer to MMIO data For a GICv2 there is always only one (v)CPU involved: the one that does the access. On a GICv3 the access to a CPU redistributor is memory-mapped, but not banked, so the (v)CPU affected is determined by looking at the MMIO address region being accessed. To allow passing the affected CPU into the accessors later, extend struct kvm_exit_mmio to add an opaque private pointer parameter. The current GICv2 emulation just does not use it. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ic56a447bae92da475f9ff1ba837d36dbe663c878 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 9fedf146778e6d1c26319ebaf56131a4f3a6be03) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088033 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478/arch/arm64/include/asm/kvm_mmio.h [modify] https://crrev.com/bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478/arch/arm/include/asm/kvm_mmio.h [modify] https://crrev.com/bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478/virt/kvm/arm/vgic.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4b52b36a67fe73806eb1a5dcb4dd8cf3be80022e commit 4b52b36a67fe73806eb1a5dcb4dd8cf3be80022e Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:57:27 2018 UPSTREAM: irqchip: GICv3: rework redistributor structure The basic GICv3 driver has almost no use for the redistributor (other than the basic per-CPU interrupts), but the ITS needs a lot more from them. As such, rework the set of data structures. The behaviour of the GICv3 driver is otherwise unaffected. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I0b4e0904696322a022db186f19904f6ca6925658 Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Link: https://lkml.kernel.org/r/1416839720-18400-4-git-send-email-marc.zyngier@arm.com Signed-off-by: Jason Cooper <jason@lakedaemon.net> (cherry picked from commit f5c1434c217fd72ac0d24d3142d09e49a3d4e72e) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088034 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/4b52b36a67fe73806eb1a5dcb4dd8cf3be80022e/drivers/irqchip/irq-gic-v3.c [modify] https://crrev.com/4b52b36a67fe73806eb1a5dcb4dd8cf3be80022e/include/linux/irqchip/arm-gic-v3.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/08f024742771627f52679aa210cc1891fa132e7c commit 08f024742771627f52679aa210cc1891fa132e7c Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:57:29 2018 UPSTREAM: irqchip: GICv3: ITS command queue The ITS is configured through a number commands that the driver issues to the HW using a memory-based circular buffer. This patch implements the subset of commands that are required for Linux. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I654268cc6fcf5640dd015409e8656d1e65109ac1 Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Link: https://lkml.kernel.org/r/1416839720-18400-5-git-send-email-marc.zyngier@arm.com Signed-off-by: Jason Cooper <jason@lakedaemon.net> (cherry picked from commit cc2d3216f53c9fff0030eb71cacc4ce5f39d1d7e) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088035 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [add] https://crrev.com/08f024742771627f52679aa210cc1891fa132e7c/drivers/irqchip/irq-gic-v3-its.c [modify] https://crrev.com/08f024742771627f52679aa210cc1891fa132e7c/include/linux/irqchip/arm-gic-v3.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/87e6495abcb82ae5c073f6981789f9c42b7bbec9 commit 87e6495abcb82ae5c073f6981789f9c42b7bbec9 Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:30 2018 UPSTREAM: arm/arm64: KVM: add virtual GICv3 distributor emulation With everything separated and prepared, we implement a model of a GICv3 distributor and redistributors by using the existing framework to provide handler functions for each register group. Currently we limit the emulation to a model enforcing a single security state, with SRE==1 (forcing system register access) and ARE==1 (allowing more than 8 VCPUs). We share some of the functions provided for GICv2 emulation, but take the different ways of addressing (v)CPUs into account. Save and restore is currently not implemented. Similar to the split-off of the GICv2 specific code, the new emulation code goes into a new file (vgic-v3-emul.c). BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I0997eca47ef851266f61e051146da38f6b50cf26 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit a0675c25d6392c2197b796a60c4a2a0138c86355) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088036 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/include/uapi/linux/kvm.h [modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/virt/kvm/arm/vgic.c [modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/arch/arm64/kvm/Makefile [add] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/virt/kvm/arm/vgic-v3-emul.c [modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/virt/kvm/arm/vgic.h [modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/include/linux/irqchip/arm-gic-v3.h [modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/include/kvm/arm_vgic.h [modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/include/linux/kvm_host.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fe8a99a0f27eec4fa9d5e39624d3f2e36b6e6927 commit fe8a99a0f27eec4fa9d5e39624d3f2e36b6e6927 Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:32 2018 UPSTREAM: arm64: GICv3: introduce symbolic names for GICv3 ICC_SGI1R_EL1 fields The gic_send_sgi() function used hardcoded bit shift values to generate the ICC_SGI1R_EL1 register value. Replace this with symbolic names to allow reusing them later. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I720fd806c0ed3ce0e91294f7526200cc32584cfd Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 7e5802781c3e109558ddfd8b02155ad24d872ee7) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088037 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/fe8a99a0f27eec4fa9d5e39624d3f2e36b6e6927/drivers/irqchip/irq-gic-v3.c [modify] https://crrev.com/fe8a99a0f27eec4fa9d5e39624d3f2e36b6e6927/include/linux/irqchip/arm-gic-v3.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2a272f147e02f95e1f5431b105e75ee3efd3e78f commit 2a272f147e02f95e1f5431b105e75ee3efd3e78f Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:57:33 2018 UPSTREAM: irqchip/gic-v3: Fix ICC_SGI1R_EL1.INTID decoding mask commit dd5f1b049dc139876801db3cdd0f20d21fd428cc upstream. The INTID mask is wrong, and is made a signed value, which has nteresting effects in the KVM emulation. Let's sanitize it. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I765ff553ad041eaabcdded6f17c782b51cde4b9a Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit f32ef5c8e9e847706a3ef96791e14b207914d9e3 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088038 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/2a272f147e02f95e1f5431b105e75ee3efd3e78f/include/linux/irqchip/arm-gic-v3.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/39b5caa51380deed11435a9517a2927b1c0a71c9 commit 39b5caa51380deed11435a9517a2927b1c0a71c9 Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:34 2018 UPSTREAM: arm64: KVM: add SGI generation register emulation While the generation of a (virtual) inter-processor interrupt (SGI) on a GICv2 works by writing to a MMIO register, GICv3 uses the system register ICC_SGI1R_EL1 to trigger them. Add a trap handler function that calls the new SGI register handler in the GICv3 code. As ICC_SRE_EL1.SRE at this point is still always 0, this will not trap yet, but will only be used later when all the data structures have been initialized properly. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I80060df6f1973cc40de9f833a42e1b7ada64cfb9 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 6d52f35af10cf24d59b43f3fd8c938ad23cab543) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088039 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/39b5caa51380deed11435a9517a2927b1c0a71c9/include/kvm/arm_vgic.h [modify] https://crrev.com/39b5caa51380deed11435a9517a2927b1c0a71c9/arch/arm64/kvm/sys_regs.c [modify] https://crrev.com/39b5caa51380deed11435a9517a2927b1c0a71c9/virt/kvm/arm/vgic-v3-emul.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/cf323763ed36e66712178f18144f17152e712f91 commit cf323763ed36e66712178f18144f17152e712f91 Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:36 2018 UPSTREAM: arm/arm64: KVM: enable kernel side of GICv3 emulation With all the necessary GICv3 emulation code in place, we can now connect the code to the GICv3 backend in the kernel. The LR register handling is different depending on the emulated GIC model, so provide different implementations for each. Also allow non-v2-compatible GICv3 implementations (which don't provide MMIO regions for the virtual CPU interface in the DT), but restrict those hosts to support GICv3 guests only. If the device tree provides a GICv2 compatible GICV resource entry, but that one is faulty, just disable the GICv2 emulation and let the user use at least the GICv3 emulation for guests. To provide proper support for the legacy KVM_CREATE_IRQCHIP ioctl, note virtual GICv2 compatibility in struct vgic_params and use it on creating a VGICv2. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Iaa16302a5bff75022ae26b8554acc0dbd5ada041 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit b5d84ff600a244b655bd4f657f5350f29b0ce611) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088040 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/cf323763ed36e66712178f18144f17152e712f91/include/kvm/arm_vgic.h [modify] https://crrev.com/cf323763ed36e66712178f18144f17152e712f91/virt/kvm/arm/vgic.c [modify] https://crrev.com/cf323763ed36e66712178f18144f17152e712f91/virt/kvm/arm/vgic-v3.c [modify] https://crrev.com/cf323763ed36e66712178f18144f17152e712f91/virt/kvm/arm/vgic-v2.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/903c60275f9f517ef702032cac68c43c0c384366 commit 903c60275f9f517ef702032cac68c43c0c384366 Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:37 2018 BACKPORT: arm/arm64: KVM: allow userland to request a virtual GICv3 With all of the GICv3 code in place now we allow userland to ask the kernel for using a virtual GICv3 in the guest. Also we provide the necessary support for guests setting the memory addresses for the virtual distributor and redistributors. This requires some userland code to make use of that feature and explicitly ask for a virtual GICv3. Document that KVM_CREATE_IRQCHIP only works for GICv2, but is considered legacy and using KVM_CREATE_DEVICE is preferred. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I01bd94e894f2abed4f9e3e283c57376d22ad3b82 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit ac3d373564d9744068d867a0eb16da2ff8d5ee9d) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: context for not having something about IA64 in there] Conflicts: Documentation/virtual/kvm/api.txt Reviewed-on: https://chromium-review.googlesource.com/1088041 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/Documentation/virtual/kvm/devices/arm-vgic.txt [modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/virt/kvm/arm/vgic.c [modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/virt/kvm/arm/vgic-v3-emul.c [modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/arch/arm64/include/uapi/asm/kvm.h [modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/include/kvm/arm_vgic.h [modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/Documentation/virtual/kvm/api.txt
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/ab8c8770ebe0f10ddf3f66788f72c17b0099016d commit ab8c8770ebe0f10ddf3f66788f72c17b0099016d Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:57:39 2018 UPSTREAM: arm/arm64: KVM: force alignment of VGIC dist/CPU/redist addresses Although the GIC architecture requires us to map the MMIO regions only at page aligned addresses, we currently do not enforce this from the kernel side. Restrict any vGICv2 regions to be 4K aligned and any GICv3 regions to be 64K aligned. Document this requirement. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Id5e99850713b7d338c8dd3b3175b87e6ff4e3f76 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 4fa96afd94a9bb29135d6e2e8fdb527e58f4fd5c) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088042 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/ab8c8770ebe0f10ddf3f66788f72c17b0099016d/Documentation/virtual/kvm/devices/arm-vgic.txt [modify] https://crrev.com/ab8c8770ebe0f10ddf3f66788f72c17b0099016d/virt/kvm/arm/vgic.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/8ff208fe1dc34e8631c31475c66e4dc3d4fb537b commit 8ff208fe1dc34e8631c31475c66e4dc3d4fb537b Author: Christoffer Dall <christoffer.dall@linaro.org> Date: Wed Jun 13 19:57:40 2018 UPSTREAM: arm/arm64: KVM: Fixup incorrect config symbol in comment A comment in the dirty page logging patch series mentioned incorrectly spelled config symbols, just fix them up to match the real thing. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I30c7a4aca360033da8de7a39c9b52c661d767a34 Reported-by: Paul Bolle <pebolle@tiscali.nl> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 227ea818f26ec0d881853bdbae7684a32b1391ba) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088043 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/8ff208fe1dc34e8631c31475c66e4dc3d4fb537b/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31 commit 0f341bcce45f9813f022cdbf9d8e0e882c6bcb31 Author: Dominik Dingel <dingel@linux.vnet.ibm.com> Date: Wed Jun 13 19:57:42 2018 UPSTREAM: KVM: remove unneeded return value of vcpu_postcreate The return value of kvm_arch_vcpu_postcreate is not checked in its caller. This is okay, because only x86 provides vcpu_postcreate right now and it could only fail if vcpu_load failed. But that is not possible during KVM_CREATE_VCPU (kvm_arch_vcpu_load is void, too), so just get rid of the unchecked return value. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: If037eac7e3d8d16291091bfbaa49c5273a00d92e Signed-off-by: Dominik Dingel <dingel@linux.vnet.ibm.com> Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> (cherry picked from commit 31928aa5863e71535ee942f506ca9ac8ce1c4315) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088044 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/x86/kvm/x86.c [modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/powerpc/kvm/powerpc.c [modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/s390/kvm/kvm-s390.c [modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/mips/kvm/mips.c [modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/include/linux/kvm_host.h [modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/arm/kvm/arm.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2b6ba3160984de97c2e118665731160b3e0d240d commit 2b6ba3160984de97c2e118665731160b3e0d240d Author: Paolo Bonzini <pbonzini@redhat.com> Date: Wed Jun 13 19:57:43 2018 UPSTREAM: KVM: x86: switch to kvm_get_dirty_log_protect We now have a generic function that does most of the work of kvm_vm_ioctl_get_dirty_log, now use it. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ie9b8f0a2b744c271d33ac1761917331057aea8f5 Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Mario Smarduch <m.smarduch@samsung.com> (cherry picked from commit e108ff2f8033a417ee3e517d9f8730f665646076) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088045 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/2b6ba3160984de97c2e118665731160b3e0d240d/arch/x86/include/asm/kvm_host.h [modify] https://crrev.com/2b6ba3160984de97c2e118665731160b3e0d240d/arch/x86/kvm/x86.c [modify] https://crrev.com/2b6ba3160984de97c2e118665731160b3e0d240d/arch/x86/kvm/mmu.c [modify] https://crrev.com/2b6ba3160984de97c2e118665731160b3e0d240d/arch/x86/kvm/Kconfig
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d commit 76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d Author: Kai Huang <kai.huang@linux.intel.com> Date: Wed Jun 13 19:57:45 2018 UPSTREAM: KVM: Rename kvm_arch_mmu_write_protect_pt_masked to be more generic for log dirty We don't have to write protect guest memory for dirty logging if architecture supports hardware dirty logging, such as PML on VMX, so rename it to be more generic. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I6c194a1f730d476d37cda5669364d911ae9ad86d Signed-off-by: Kai Huang <kai.huang@linux.intel.com> Reviewed-by: Xiao Guangrong <guangrong.xiao@linux.intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 3b0f1d01e501792d8d89ab4371bc9e8cd2a10032) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088046 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d/include/linux/kvm_host.h [modify] https://crrev.com/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d/arch/x86/kvm/mmu.c [modify] https://crrev.com/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d/virt/kvm/kvm_main.c [modify] https://crrev.com/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0 commit c13c11d946b7e62691b03ad3e6fd23c02b8c03d0 Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:57:46 2018 BACKPORT: arm/arm64: KVM: Use set/way op trapping to track the state of the caches Trying to emulate the behaviour of set/way cache ops is fairly pointless, as there are too many ways we can end-up missing stuff. Also, there is some system caches out there that simply ignore set/way operations. So instead of trying to implement them, let's convert it to VA ops, and use them as a way to re-enable the trapping of VM ops. That way, we can detect the point when the MMU/caches are turned off, and do a full VM flush (which is what the guest was trying to do anyway). This allows a 32bit zImage to boot on the APM thingy, and will probably help bootloaders in general. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I8abcff5d48998521e743266c4db863825c00de0c Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 3c1e716508335eb132c9349cb1a1716c8f7e3d2e) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: context conflict] Conflicts: arch/arm64/kvm/sys_regs.c Reviewed-on: https://chromium-review.googlesource.com/1088047 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Reviewed-by: Dylan Reid <dgreid@chromium.org> [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/coproc_a7.c [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/coproc.h [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/include/asm/kvm_mmu.h [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm64/include/asm/kvm_mmu.h [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/include/asm/kvm_host.h [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/coproc.c [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/include/asm/kvm_emulate.h [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/trace.h [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm64/include/asm/kvm_emulate.h [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm64/kvm/sys_regs.c [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/coproc_a15.c [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/arm.c [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm64/include/asm/kvm_host.h [modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/a704f9dc5bdc4147cbc417c40e6395daa6d03b2d commit a704f9dc5bdc4147cbc417c40e6395daa6d03b2d Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:57:48 2018 BACKPORT: arm/arm64: KVM: Invalidate data cache on unmap Let's assume a guest has created an uncached mapping, and written to that page. Let's also assume that the host uses a cache-coherent IO subsystem. Let's finally assume that the host is under memory pressure and starts to swap things out. Before this "uncached" page is evicted, we need to make sure we invalidate potential speculated, clean cache lines that are sitting there, or the IO subsystem is going to swap out the cached view, loosing the data that has been written directly into memory. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Idd85714d4ee15667cebbbbd23e1c02feb7ed67fd Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 363ef89f8e9bcedc28b976d0fe2d858fe139c122) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: context conflict] Conflicts: arch/arm/kvm/mmu.c Reviewed-on: https://chromium-review.googlesource.com/1088048 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Reviewed-by: Dylan Reid <dgreid@chromium.org> [modify] https://crrev.com/a704f9dc5bdc4147cbc417c40e6395daa6d03b2d/arch/arm/include/asm/kvm_mmu.h [modify] https://crrev.com/a704f9dc5bdc4147cbc417c40e6395daa6d03b2d/arch/arm64/include/asm/kvm_mmu.h [modify] https://crrev.com/a704f9dc5bdc4147cbc417c40e6395daa6d03b2d/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/102555b2f27f791068f172cda20aba0d0cd8e9ef commit 102555b2f27f791068f172cda20aba0d0cd8e9ef Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:57:49 2018 BACKPORT: arm/arm64: KVM: Use kernel mapping to perform invalidation on page fault When handling a fault in stage-2, we need to resync I$ and D$, just to be sure we don't leave any old cache line behind. That's very good, except that we do so using the *user* address. Under heavy load (swapping like crazy), we may end up in a situation where the page gets mapped in stage-2 while being unmapped from userspace by another CPU. At that point, the DC/IC instructions can generate a fault, which we handle with kvm->mmu_lock held. The box quickly deadlocks, user is unhappy. Instead, perform this invalidation through the kernel mapping, which is guaranteed to be present. The box is much happier, and so am I. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ic6b97f263300b1662b3d07faaa6773991e6ea2eb Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 0d3e4d4fade6b04e933b11e69e80044f35e9cd60) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: context conflicts] Conflicts: arch/arm/kvm/mmu.c Reviewed-on: https://chromium-review.googlesource.com/1088049 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Reviewed-by: Dylan Reid <dgreid@chromium.org> [modify] https://crrev.com/102555b2f27f791068f172cda20aba0d0cd8e9ef/arch/arm/include/asm/kvm_mmu.h [modify] https://crrev.com/102555b2f27f791068f172cda20aba0d0cd8e9ef/arch/arm64/include/asm/kvm_mmu.h [modify] https://crrev.com/102555b2f27f791068f172cda20aba0d0cd8e9ef/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/78165c3b1680b658d92632812f239b0d6a9b3d5e commit 78165c3b1680b658d92632812f239b0d6a9b3d5e Author: Jan Kiszka <jan.kiszka@siemens.com> Date: Wed Jun 13 19:57:51 2018 UPSTREAM: ARM: KVM: Fix size check in __coherent_cache_guest_page The check is supposed to catch page-unaligned sizes, not the inverse. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I07c7b6f90164053ae08d7a80af561f9ad84fc722 Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit a050dfb21cc22ac0c666d52531040c1bc48184cc) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088050 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/78165c3b1680b658d92632812f239b0d6a9b3d5e/arch/arm/include/asm/kvm_mmu.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/160ce29b0b8f1750e7aff6e6272fd7d6035dd750 commit 160ce29b0b8f1750e7aff6e6272fd7d6035dd750 Author: Wei Huang <wei@redhat.com> Date: Wed Jun 13 19:57:52 2018 UPSTREAM: arm/arm64: KVM: Add exit reaons to kvm_exit event tracing This patch extends trace_kvm_exit() to include KVM exit reasons (i.e. EC of HSR). The tracing function then dumps both exit reason and PC of vCPU, shown as the following. Tracing tools can use this new exit_reason field to better understand the behavior of guest VMs. 886.301252: kvm_exit: HSR_EC: 0x0024, PC: 0xfffffe0000506b28 BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ieea0a7160ee229c3cfe76edc4f34f0412dc5db22 Signed-off-by: Wei Huang <wei@redhat.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 91314cb0053877991fd7b4749bb4b54d6bd6992f) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088051 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/160ce29b0b8f1750e7aff6e6272fd7d6035dd750/arch/arm/kvm/arm.c [modify] https://crrev.com/160ce29b0b8f1750e7aff6e6272fd7d6035dd750/arch/arm/kvm/trace.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/bf3e1e3c49a36c0b04513d38732f8574527eae53 commit bf3e1e3c49a36c0b04513d38732f8574527eae53 Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:57:54 2018 UPSTREAM: arm64: KVM: Fix stage-2 PGD allocation to have per-page refcounting We're using __get_free_pages with to allocate the guest's stage-2 PGD. The standard behaviour of this function is to return a set of pages where only the head page has a valid refcount. This behaviour gets us into trouble when we're trying to increment the refcount on a non-head page: page:ffff7c00cfb693c0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x4000000000000000() page dumped because: VM_BUG_ON_PAGE((*({ __attribute__((unused)) typeof((&page->_count)->counter) __var = ( typeof((&page->_count)->counter)) 0; (volatile typeof((&page->_count)->counter) *)&((&page->_count)->counter); })) <= 0) BUG: failure at include/linux/mm.h:548/get_page()! Kernel panic - not syncing: BUG! CPU: 1 PID: 1695 Comm: kvm-vcpu-0 Not tainted 4.0.0-rc1+ #3825 Hardware name: APM X-Gene Mustang board (DT) Call trace: [<ffff80000008a09c>] dump_backtrace+0x0/0x13c [<ffff80000008a1e8>] show_stack+0x10/0x1c [<ffff800000691da8>] dump_stack+0x74/0x94 [<ffff800000690d78>] panic+0x100/0x240 [<ffff8000000a0bc4>] stage2_get_pmd+0x17c/0x2bc [<ffff8000000a1dc4>] kvm_handle_guest_abort+0x4b4/0x6b0 [<ffff8000000a420c>] handle_exit+0x58/0x180 [<ffff80000009e7a4>] kvm_arch_vcpu_ioctl_run+0x114/0x45c [<ffff800000099df4>] kvm_vcpu_ioctl+0x2e0/0x754 [<ffff8000001c0a18>] do_vfs_ioctl+0x424/0x5c8 [<ffff8000001c0bfc>] SyS_ioctl+0x40/0x78 CPU0: stopping A possible approach for this is to split the compound page using split_page() at allocation time, and change the teardown path to free one page at a time. It turns out that alloc_pages_exact() and free_pages_exact() does exactly that. While we're at it, the PGD allocation code is reworked to reduce duplication. This has been tested on an X-Gene platform with a 4kB/48bit-VA host kernel, and kvmtool hacked to place memory in the second page of the hardware PGD (PUD for the host kernel). Also regression-tested on a Cubietruck (Cortex-A7). [ Reworked to use alloc_pages_exact() and free_pages_exact() and to return pointers directly instead of by reference as arguments - Christoffer ] BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I65a165d2d5044e5d4492a149da226da613a7bf25 Reported-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit a987370f8e7a1677ae385042644326d9cd145a20) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088052 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/bf3e1e3c49a36c0b04513d38732f8574527eae53/arch/arm/include/asm/kvm_mmu.h [modify] https://crrev.com/bf3e1e3c49a36c0b04513d38732f8574527eae53/arch/arm64/include/asm/kvm_mmu.h [modify] https://crrev.com/bf3e1e3c49a36c0b04513d38732f8574527eae53/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4e7220a46599e33512897db84121bfec9ba1a784 commit 4e7220a46599e33512897db84121bfec9ba1a784 Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:57:55 2018 UPSTREAM: arm64: KVM: Do not use pgd_index to index stage-2 pgd The kernel's pgd_index macro is designed to index a normal, page sized array. KVM is a bit diffferent, as we can use concatenated pages to have a bigger address space (for example 40bit IPA with 4kB pages gives us an 8kB PGD. In the above case, the use of pgd_index will always return an index inside the first 4kB, which makes a guest that has memory above 0x8000000000 rather unhappy, as it spins forever in a page fault, whist the host happilly corrupts the lower pgd. The obvious fix is to get our own kvm_pgd_index that does the right thing(tm). Tested on X-Gene with a hacked kvmtool that put memory at a stupidly high address. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I87ab2fc91c5ebbc3ea86d67b9f2f52005562393c Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 04b8dc85bf4a64517e3cf20e409eeaa503b15cc1) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088053 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/4e7220a46599e33512897db84121bfec9ba1a784/arch/arm/include/asm/kvm_mmu.h [modify] https://crrev.com/4e7220a46599e33512897db84121bfec9ba1a784/arch/arm64/include/asm/kvm_mmu.h [modify] https://crrev.com/4e7220a46599e33512897db84121bfec9ba1a784/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/b405cb5863ff3d462bcb519b5919aa1d419fb85a commit b405cb5863ff3d462bcb519b5919aa1d419fb85a Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:57:57 2018 UPSTREAM: arm64: KVM: Fix outdated comment about VTCR_EL2.PS Commit 87366d8cf7b3 ("arm64: Add boot time configuration of Intermediate Physical Address size") removed the hardcoded setting of VTCR_EL2.PS to use ID_AA64MMFR0_EL1.PARange instead, but didn't remove the (now rather misleading) comment. Fix the comments to match reality (at least for the next few minutes). BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I321f0fefbc5c1ef78f296406a606c3a69e13dffb Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 84ed7412b5eee1011579b3db7454b9cb6d26fa65) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088054 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/b405cb5863ff3d462bcb519b5919aa1d419fb85a/arch/arm64/include/asm/kvm_arm.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c13d03ab4ec0c9d443c1c9505e712ecc7ecbf761 commit c13d03ab4ec0c9d443c1c9505e712ecc7ecbf761 Author: Mark Rutland <mark.rutland@arm.com> Date: Wed Jun 13 19:57:58 2018 UPSTREAM: KVM: vgic: add virt-capable compatible strings Several dts only list "arm,cortex-a7-gic" or "arm,gic-400" in their GIC compatible list, and while this is correct (and supported by the GIC driver), KVM will fail to detect that it can support these cases. This patch adds the missing strings to the VGIC code. The of_device_id entries are padded to keep the probe function data aligned. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I701940c976fc2a0ddb5eb3ee37a308a032bd0400 Signed-off-by: Mark Rutland <mark.rutland@arm.com> Cc: Andre Przywara <andre.przywara@arm.com> Cc: Christoffer Dall <christoffer.dall@linaro.org> Cc: Marc Zyngier <marc.zyngier@arm.com> Cc: Michal Simek <monstr@monstr.eu> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 0f37247574b3ef5b130116bbf7c0f9eb8a4c78c2) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088055 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/c13d03ab4ec0c9d443c1c9505e712ecc7ecbf761/virt/kvm/arm/vgic.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/077604e625319438584e3999a8263fda9c13a02a commit 077604e625319438584e3999a8263fda9c13a02a Author: Paolo Bonzini <pbonzini@redhat.com> Date: Wed Jun 13 19:58:00 2018 UPSTREAM: KVM: arm/arm64: prefer IS_ENABLED to a static variable IS_ENABLED gives compile-time checking and keeps the code clearer. The one exception is inside kvm_vm_ioctl_check_extension, where the established idiom is to wrap the case labels with an #ifdef. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Id77b246d18d7d0991297455783f9ce5ba38d7b48 Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 69ff5c619cb350f43fbab2a491b4b66de7e96959) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088056 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/077604e625319438584e3999a8263fda9c13a02a/arch/arm/kvm/arm.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/92913ecc39e8d3333089bed1a01d93be43c5bf55 commit 92913ecc39e8d3333089bed1a01d93be43c5bf55 Author: Christoffer Dall <christoffer.dall@linaro.org> Date: Wed Jun 13 19:58:01 2018 BACKPORT: arm/arm64: KVM: Kill CONFIG_KVM_ARM_{VGIC,TIMER} We can definitely decide at run-time whether to use the GIC and timers or not, and the extra code and data structures that we allocate space for is really negligable with this config option, so I don't think it's worth the extra complexity of always having to define stub static inlines. The !CONFIG_KVM_ARM_VGIC/TIMER case is pretty much an untested code path anyway, so we're better off just getting rid of it. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ibacf98cfa45d9fb6c6c7ca50a6333f9b9a43c16c Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> Acked-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 662d9715840aef44dcb573b0f9fab9e8319c868a) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: conflict from not having 83fe27ea53] Conflicts: arch/arm/kvm/Kconfig Reviewed-on: https://chromium-review.googlesource.com/1088057 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm64/kvm/Makefile [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/guest.c [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/include/kvm/arm_arch_timer.h [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/Kconfig [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/Makefile [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/interrupts_head.S [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kernel/asm-offsets.c [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm64/kvm/Kconfig [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/include/kvm/arm_vgic.h [modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/arm.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/191d759657eba7f531acb406790bcb41012530e4 commit 191d759657eba7f531acb406790bcb41012530e4 Author: Eric Auger <eric.auger@linaro.org> Date: Wed Jun 13 19:58:03 2018 UPSTREAM: KVM: arm/arm64: unset CONFIG_HAVE_KVM_IRQCHIP CONFIG_HAVE_KVM_IRQCHIP is needed to support IRQ routing (along with irq_comm.c and irqchip.c usage). This is not the case for arm/arm64 currently. This patch unsets the flag for both arm and arm64. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ic5499b17a4429c879beea4edce0d804affed601f Signed-off-by: Eric Auger <eric.auger@linaro.org> Reviewed-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Acked-by: Will Deacon <will.deacon@arm.com> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit df2bd1ac03dfc19e955a43f796cfe9f9cf49c75f) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088058 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/191d759657eba7f531acb406790bcb41012530e4/arch/arm/kvm/Kconfig [modify] https://crrev.com/191d759657eba7f531acb406790bcb41012530e4/arch/arm64/kvm/Kconfig
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e92c251cc2e4e18fb01cecf27c3ab976bb0a7b85 commit e92c251cc2e4e18fb01cecf27c3ab976bb0a7b85 Author: Michael S. Tsirkin <mst@redhat.com> Date: Wed Jun 13 19:58:04 2018 UPSTREAM: arm/arm64: KVM: Fix ioctl error handling commit 4cad67fca3fc952d6f2ed9e799621f07666a560f upstream. Calling return copy_to_user(...) in an ioctl will not do the right thing if there's a pagefault: copy_to_user returns the number of bytes not copied in this case. Fix up kvm to do return copy_to_user(...)) ? -EFAULT : 0; everywhere. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I6da94945710b841e619f3c31cb898ddb1c89c7dc Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit d1c623c9c264c6cb045015900f8ce1e60b4d2c7d in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088059 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/e92c251cc2e4e18fb01cecf27c3ab976bb0a7b85/arch/arm/kvm/guest.c [modify] https://crrev.com/e92c251cc2e4e18fb01cecf27c3ab976bb0a7b85/arch/arm64/kvm/guest.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c1263d475a4f395c7899b741a9ca99219f95847c commit c1263d475a4f395c7899b741a9ca99219f95847c Author: Eric Auger <eric.auger@linaro.org> Date: Wed Jun 13 19:58:06 2018 UPSTREAM: KVM: arm/arm64: implement kvm_arch_intc_initialized On arm/arm64 the VGIC is dynamically instantiated and it is useful to expose its state, especially for irqfd setup. This patch defines __KVM_HAVE_ARCH_INTC_INITIALIZED and implements kvm_arch_intc_initialized. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I971833497d8874e37acc1513345b9eb92e33475d Signed-off-by: Eric Auger <eric.auger@linaro.org> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Reviewed-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit c1426e4c5add09042840013dfa5565e6be6d412e) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088060 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/c1263d475a4f395c7899b741a9ca99219f95847c/arch/arm/kvm/arm.c [modify] https://crrev.com/c1263d475a4f395c7899b741a9ca99219f95847c/arch/arm/include/asm/kvm_host.h [modify] https://crrev.com/c1263d475a4f395c7899b741a9ca99219f95847c/arch/arm64/include/asm/kvm_host.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/179285a1fa595295a8df0c3292486c20526c8e3a commit 179285a1fa595295a8df0c3292486c20526c8e3a Author: Eric Auger <eric.auger@linaro.org> Date: Wed Jun 13 19:58:07 2018 UPSTREAM: KVM: arm/arm64: remove coarse grain dist locking at kvm_vgic_sync_hwstate To prepare for irqfd addition, coarse grain locking is removed at kvm_vgic_sync_hwstate level and finer grain locking is introduced in vgic_process_maintenance only. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I8079908b6953cc953b1c8bd09b232dfbd0d8e8d2 Signed-off-by: Eric Auger <eric.auger@linaro.org> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 649cf73994e8ac69dfe3e7a35fba9acf051e7fe6) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088061 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/179285a1fa595295a8df0c3292486c20526c8e3a/virt/kvm/arm/vgic.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/338627063343f470f714eef95ad64b6618054bf4 commit 338627063343f470f714eef95ad64b6618054bf4 Author: Eric Auger <eric.auger@linaro.org> Date: Wed Jun 13 19:58:09 2018 BACKPORT: KVM: arm/arm64: add irqfd support This patch enables irqfd on arm/arm64. Both irqfd and resamplefd are supported. Injection is implemented in vgic.c without routing. This patch enables CONFIG_HAVE_KVM_EVENTFD and CONFIG_HAVE_KVM_IRQFD. KVM_CAP_IRQFD is now advertised. KVM_CAP_IRQFD_RESAMPLE capability automatically is advertised as soon as CONFIG_HAVE_KVM_IRQFD is set. Irqfd injection is restricted to SPI. The rationale behind not supporting PPI irqfd injection is that any device using a PPI would be a private-to-the-CPU device (timer for instance), so its state would have to be context-switched along with the VCPU and would require in-kernel wiring anyhow. It is not a relevant use case for irqfds. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I762924964f6f85b5f29255c631ceaa39d0356cad Signed-off-by: Eric Auger <eric.auger@linaro.org> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 174178fed338edba66ab9580af0c5d9e1a4e5019) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: conflict from not having 83fe27ea53] Conflicts: arch/arm64/kvm/Kconfig Reviewed-on: https://chromium-review.googlesource.com/1088062 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Reviewed-by: Dylan Reid <dgreid@chromium.org> [modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/virt/kvm/arm/vgic.c [modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm64/kvm/Makefile [modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm/include/uapi/asm/kvm.h [modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm64/include/uapi/asm/kvm.h [modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm64/kvm/Kconfig [modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm/kvm/Kconfig [modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm/kvm/Makefile [modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/Documentation/virtual/kvm/api.txt [modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm/kvm/arm.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/d0d3213eaab056428ca551e1c8bd21400c94a684 commit d0d3213eaab056428ca551e1c8bd21400c94a684 Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:58:10 2018 UPSTREAM: arm/arm64: KVM: Allow handle_hva_to_gpa to return a value So far, handle_hva_to_gpa was never required to return a value. As we prepare to age pages at Stage-2, we need to be able to return a value from the iterator (kvm_test_age_hva). Adapt the code to handle this situation. No semantic change. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I56174f00aaf889dc05c9076e3b2c2d2442a492c2 Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 1d2ebaccc741a299abfafb848414b01d190f4e33) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088063 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/d0d3213eaab056428ca551e1c8bd21400c94a684/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/9392ac176bba2eef785f20bb9577652f7730160c commit 9392ac176bba2eef785f20bb9577652f7730160c Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:58:12 2018 UPSTREAM: arm/arm64: KVM: Implement Stage-2 page aging Until now, KVM/arm didn't care much for page aging (who was swapping anyway?), and simply provided empty hooks to the core KVM code. With server-type systems now being available, things are quite different. This patch implements very simple support for page aging, by clearing the Access flag in the Stage-2 page tables. On access fault, the current fault handling will write the PTE or PMD again, putting the Access flag back on. It should be possible to implement a much faster handling for Access faults, but that's left for a later patch. With this in place, performance in VMs is degraded much more gracefully. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Id9bd1d8513eb035506774e69373723bd89e617ec Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 35307b9a5f7ebcc8d8db41c73b69c131b48ace2b) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088064 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm64/include/asm/kvm_arm.h [modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm64/include/asm/esr.h [modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm/include/asm/kvm_host.h [modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm/kvm/trace.h [modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm/include/asm/kvm_arm.h [modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm64/include/asm/kvm_host.h [modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c5056b47ed9459dda023bdeb2f74f2d21d2a69be commit c5056b47ed9459dda023bdeb2f74f2d21d2a69be Author: Marc Zyngier <marc.zyngier@arm.com> Date: Wed Jun 13 19:58:13 2018 UPSTREAM: arm/arm64: KVM: Optimize handling of Access Flag faults Now that we have page aging in Stage-2, it becomes obvious that we're doing way too much work handling the fault. The page is not going anywhere (it is still mapped), the page tables are already allocated, and all we want is to flip a bit in the PMD or PTE. Also, we can avoid any form of TLB invalidation, since a page with the AF bit off is not allowed to be cached. An obvious solution is to have a separate handler for FSC_ACCESS, where we pride ourselves to only do the very minimum amount of work. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ic73af1c5df560f1d52c6e03235feab7edca74c23 Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit aeda9130c38e2e0e77c1aaa65292c2f5a81107a8) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088065 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/c5056b47ed9459dda023bdeb2f74f2d21d2a69be/arch/arm/kvm/trace.h [modify] https://crrev.com/c5056b47ed9459dda023bdeb2f74f2d21d2a69be/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/ad336918c98a76a7feaef4eeb4b6542114379932 commit ad336918c98a76a7feaef4eeb4b6542114379932 Author: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Date: Wed Jun 13 19:58:15 2018 UPSTREAM: arm/arm64: KVM: fix missing unlock on error in kvm_vgic_create() Add the missing unlock before return from function kvm_vgic_create() in the error handling case. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I4ff6d8b64a482cd8e4dc01ada1470d44a5c48c8b Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit b52104e509479c4709eb9d81642df77c5ef2716b) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088066 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/ad336918c98a76a7feaef4eeb4b6542114379932/virt/kvm/arm/vgic.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/225a32df9b12e6299898665917e13db1f8396148 commit 225a32df9b12e6299898665917e13db1f8396148 Author: Christoffer Dall <christoffer.dall@linaro.org> Date: Wed Jun 13 19:58:16 2018 UPSTREAM: arm/arm64: KVM: Keep elrsr/aisr in sync with software model There is an interesting bug in the vgic code, which manifests itself when the KVM run loop has a signal pending or needs a vmid generation rollover after having disabled interrupts but before actually switching to the guest. In this case, we flush the vgic as usual, but we sync back the vgic state and exit to userspace before entering the guest. The consequence is that we will be syncing the list registers back to the software model using the GICH_ELRSR and GICH_EISR from the last execution of the guest, potentially overwriting a list register containing an interrupt. This showed up during migration testing where we would capture a state where the VM has masked the arch timer but there were no interrupts, resulting in a hung test. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I1843894e3f2b7e0e285af2986b2cffb85498a797 Cc: Marc Zyngier <marc.zyngier@arm.com> Reported-by: Alex Bennee <alex.bennee@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Alex Benne <alex.bennee@linaro.org> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit ae705930fca6322600690df9dc1c7d0516145a93) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088067 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/225a32df9b12e6299898665917e13db1f8396148/include/kvm/arm_vgic.h [modify] https://crrev.com/225a32df9b12e6299898665917e13db1f8396148/virt/kvm/arm/vgic.c [modify] https://crrev.com/225a32df9b12e6299898665917e13db1f8396148/virt/kvm/arm/vgic-v3.c [modify] https://crrev.com/225a32df9b12e6299898665917e13db1f8396148/virt/kvm/arm/vgic-v2.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fafa9b990a715669f76ab6612b826418195c68b4 commit fafa9b990a715669f76ab6612b826418195c68b4 Author: Alex Bennée <alex.bennee@linaro.org> Date: Wed Jun 13 19:58:18 2018 UPSTREAM: arm/arm64: KVM: export VCPU power state via MP_STATE ioctl To cleanly restore an SMP VM we need to ensure that the current pause state of each vcpu is correctly recorded. Things could get confused if the CPU starts running after migration restore completes when it was paused before it state was captured. We use the existing KVM_GET/SET_MP_STATE ioctl to do this. The arm/arm64 interface is a lot simpler as the only valid states are KVM_MP_STATE_RUNNABLE and KVM_MP_STATE_STOPPED. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I2374b94ff4d505f05dcaae645b841d8668eadfe5 Signed-off-by: Alex Benne <alex.bennee@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit ecccf0cc722f40e0dcc97872e7a960765119a256) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: context -- don't care about IA64] Conflicts: Documentation/virtual/kvm/api.txt Reviewed-on: https://chromium-review.googlesource.com/1088068 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/fafa9b990a715669f76ab6612b826418195c68b4/Documentation/virtual/kvm/api.txt [modify] https://crrev.com/fafa9b990a715669f76ab6612b826418195c68b4/arch/arm/kvm/arm.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2495374d0efbbf609b921824f5060ec70e8c7f3e commit 2495374d0efbbf609b921824f5060ec70e8c7f3e Author: Alex Bennée <alex.bennee@linaro.org> Date: Wed Jun 13 19:58:19 2018 BACKPORT: arm/arm64: KVM: add a common vgic_queue_irq_to_lr fn This helps re-factor away some of the repetitive code and makes the code flow more nicely. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I9617a1e26e894096d32e7dd3acb9ac28a63695c1 Signed-off-by: Alex Benne <alex.bennee@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 71760950bf3dc796e5e53ea3300dec724a09f593) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: use the same resolution as bf0fb67cf957] Conflicts: virt/kvm/arm/vgic.c Reviewed-on: https://chromium-review.googlesource.com/1088069 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Reviewed-by: Dylan Reid <dgreid@chromium.org> [modify] https://crrev.com/2495374d0efbbf609b921824f5060ec70e8c7f3e/virt/kvm/arm/vgic.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/570e79c85c4722bc8963c9677371cc26030a47b9 commit 570e79c85c4722bc8963c9677371cc26030a47b9 Author: Christoffer Dall <christoffer.dall@linaro.org> Date: Wed Jun 13 19:58:20 2018 UPSTREAM: arm/arm64: KVM: support for un-queuing active IRQs Migrating active interrupts causes the active state to be lost completely. This implements some additional bitmaps to track the active state on the distributor and export this to user space. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ifce61d80750c05ec084dde216e8516a7cbbd4e83 Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Alex Benne <alex.bennee@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 47a98b15ba7cf6a13bd94ab8455d3f586b16420b) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088070 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/570e79c85c4722bc8963c9677371cc26030a47b9/include/kvm/arm_vgic.h [modify] https://crrev.com/570e79c85c4722bc8963c9677371cc26030a47b9/virt/kvm/arm/vgic.c [modify] https://crrev.com/570e79c85c4722bc8963c9677371cc26030a47b9/virt/kvm/arm/vgic-v2-emul.c [modify] https://crrev.com/570e79c85c4722bc8963c9677371cc26030a47b9/virt/kvm/arm/vgic.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4d60e06832c5782204d71b87e733a6cb8d96a516 commit 4d60e06832c5782204d71b87e733a6cb8d96a516 Author: Richard Cochran <richardcochran@gmail.com> Date: Wed Jun 13 19:58:22 2018 UPSTREAM: timecounter: keep track of accumulated fractional nanoseconds The current timecounter implementation will drop a variable amount of resolution, depending on the magnitude of the time delta. In other words, reading the clock too often or too close to a time stamp conversion will introduce errors into the time values. This patch fixes the issue by introducing a fractional nanosecond field that accumulates the low order bits. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I9a9f4597061509866e194a9d56f25380696d3b6d Reported-by: Janusz Uycki <j.uzycki@elproma.com.pl> Signed-off-by: Richard Cochran <richardcochran@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> (cherry picked from commit 2eebdde6528a722fbf8e2cffcf7aa52cbb4c2de0) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088071 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/4d60e06832c5782204d71b87e733a6cb8d96a516/virt/kvm/arm/arch_timer.c [modify] https://crrev.com/4d60e06832c5782204d71b87e733a6cb8d96a516/kernel/time/timecounter.c [modify] https://crrev.com/4d60e06832c5782204d71b87e733a6cb8d96a516/include/linux/timecounter.h [modify] https://crrev.com/4d60e06832c5782204d71b87e733a6cb8d96a516/drivers/net/ethernet/mellanox/mlx4/en_clock.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/74376cb839398fc4e433f9856a351cf007790bcf commit 74376cb839398fc4e433f9856a351cf007790bcf Author: Christoffer Dall <christoffer.dall@linaro.org> Date: Wed Jun 13 19:58:23 2018 UPSTREAM: arm/arm64: KVM: Fix migration race in the arch timer When a VCPU is no longer running, we currently check to see if it has a timer scheduled in the future, and if it does, we schedule a host hrtimer to notify is in case the timer expires while the VCPU is still not running. When the hrtimer fires, we mask the guest's timer and inject the timer IRQ (still relying on the guest unmasking the time when it receives the IRQ). This is all good and fine, but when migration a VM (checkpoint/restore) this introduces a race. It is unlikely, but possible, for the following sequence of events to happen: 1. Userspace stops the VM 2. Hrtimer for VCPU is scheduled 3. Userspace checkpoints the VGIC state (no pending timer interrupts) 4. The hrtimer fires, schedules work in a workqueue 5. Workqueue function runs, masks the timer and injects timer interrupt 6. Userspace checkpoints the timer state (timer masked) At restore time, you end up with a masked timer without any timer interrupts and your guest halts never receiving timer interrupts. Fix this by only kicking the VCPU in the workqueue function, and sample the expired state of the timer when entering the guest again and inject the interrupt and mask the timer only then. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ifecfecea131c45a603d73a95efb0be140e753e9c Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Alex Benne <alex.bennee@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 1a74847885cc87857d631f91cca4d83924f75674) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088072 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/74376cb839398fc4e433f9856a351cf007790bcf/virt/kvm/arm/arch_timer.c [modify] https://crrev.com/74376cb839398fc4e433f9856a351cf007790bcf/arch/arm/kvm/arm.c [modify] https://crrev.com/74376cb839398fc4e433f9856a351cf007790bcf/include/kvm/arm_arch_timer.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4 commit 4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4 Author: Ard Biesheuvel <ard.biesheuvel@linaro.org> Date: Wed Jun 13 19:58:25 2018 UPSTREAM: ARM, arm64: kvm: get rid of the bounce page The HYP init bounce page is a runtime construct that ensures that the HYP init code does not cross a page boundary. However, this is something we can do perfectly well at build time, by aligning the code appropriately. For arm64, we just align to 4 KB, and enforce that the code size is less than 4 KB, regardless of the chosen page size. For ARM, the whole code is less than 256 bytes, so we tweak the linker script to align at a power of 2 upper bound of the code size Note that this also fixes a benign off-by-one error in the original bounce page code, where a bounce page would be allocated unnecessarily if the code was exactly 1 page in size. On ARM, it also fixes an issue with very large kernels reported by Arnd Bergmann, where stub sections with linker emitted veneers could erroneously trigger the size/alignment ASSERT() in the linker script. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I0e2f50d6709512673bf2ea140a4d8169de8a3a4b Tested-by: Marc Zyngier <marc.zyngier@arm.com> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Will Deacon <will.deacon@arm.com> (cherry picked from commit 06f75a1f6200042aa36ad40afb44dd72107b25d6) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088073 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4/arch/arm64/kernel/vmlinux.lds.S [modify] https://crrev.com/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4/arch/arm/kvm/init.S [modify] https://crrev.com/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4/arch/arm/kernel/vmlinux.lds.S [modify] https://crrev.com/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4/arch/arm/kvm/mmu.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4754977985fe9cd9c563cd32c69dab42a8d7786d commit 4754977985fe9cd9c563cd32c69dab42a8d7786d Author: Ard Biesheuvel <ard.biesheuvel@linaro.org> Date: Wed Jun 13 19:58:26 2018 UPSTREAM: ARM: kvm: implement replacement for ld's LOG2CEIL() Commit 06f75a1f6200 ("ARM, arm64: kvm: get rid of the bounce page") uses ld's builtin function LOG2CEIL() to align the KVM init code to a log2 upper bound of its size. However, this function turns out to be a fairly recent addition to binutils, which breaks the build for older toolchains. So instead, implement a replacement LOG2_ROUNDUP() using the C preprocessor. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ib720518d11a777015f6aabd84aec931dc31b5881 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Will Deacon <will.deacon@arm.com> (cherry picked from commit e60a1fec44a2fe2c85ac406a5c1161ca2957a4fa) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088074 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/4754977985fe9cd9c563cd32c69dab42a8d7786d/arch/arm/kernel/vmlinux.lds.S
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/9e430b6bfdb9d0965c8b1ef748e2f814f1eee477 commit 9e430b6bfdb9d0965c8b1ef748e2f814f1eee477 Author: Ard Biesheuvel <ard.biesheuvel@linaro.org> Date: Wed Jun 13 19:58:28 2018 UPSTREAM: ARM: kvm: assert on HYP section boundaries not actual code size Using ASSERT() with an expression that involves a symbol that is only supplied through a PROVIDE() definition in the linker script itself is apparently not supported by some older versions of binutils. So instead, rewrite the expression so that only the section boundaries __hyp_idmap_text_start and __hyp_idmap_text_end are used. Note that this reverts the fix in 06f75a1f6200 ("ARM, arm64: kvm: get rid of the bounce page") for the ASSERT() being triggered erroneously when unrelated linker emitted veneers happen to end up in the HYP idmap region. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I561e2699603ad51ea904cf322a92175bc25b99e2 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Will Deacon <will.deacon@arm.com> (cherry picked from commit 12eb3e833961bfe532b763a6e4e817ec87f48bc7) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088075 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/9e430b6bfdb9d0965c8b1ef748e2f814f1eee477/arch/arm/kernel/vmlinux.lds.S
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fa7c0640474e414d8b20778554f14bdc6da0f035 commit fa7c0640474e414d8b20778554f14bdc6da0f035 Author: Paolo Bonzini <pbonzini@redhat.com> Date: Wed Jun 13 19:58:29 2018 UPSTREAM: kvm: x86: move ioapic.c and irq_comm.c back to arch/x86/ ia64 does not need them anymore. Ack notifiers become x86-specific too. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I54a3b63912759ae50fd14825889d9005d883f7fe Suggested-by: Gleb Natapov <gleb@kernel.org> Reviewed-by: Radim Krcmar <rkrcmar@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 6ef768fac9dfe3404d3fdc09909ea203a88f2f38) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088076 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/Makefile [modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/x86.c [rename] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/irq_comm.c [modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/virt/kvm/kvm_main.c [modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/virt/kvm/eventfd.c [rename] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/ioapic.c [modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/include/linux/kvm_host.h [modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/include/asm/kvm_host.h [rename] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/ioapic.h
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6 commit bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6 Author: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com> Date: Wed Jun 13 19:58:31 2018 UPSTREAM: KVM: Redesign kvm_io_bus_ API to pass VCPU structure to the callbacks. This is needed in e.g. ARM vGIC emulation, where the MMIO handling depends on the VCPU that does the access. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I90f6274db3a62fdf467ce8ca69643d360ae9e88c Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com> Signed-off-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit e32edf4fd0fa4897e12ca66118ab67bf257e16e4) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088077 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/x86.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/s390/kvm/diag.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/powerpc/kvm/powerpc.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/i8259.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/virt/kvm/iodev.h [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/virt/kvm/eventfd.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/lapic.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/i8254.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/virt/kvm/coalesced_mmio.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/vmx.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/ioapic.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/include/linux/kvm_host.h [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/powerpc/kvm/mpic.c [modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/virt/kvm/kvm_main.c
,
Jun 13 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67 commit dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67 Author: Andre Przywara <andre.przywara@arm.com> Date: Wed Jun 13 19:58:33 2018 UPSTREAM: KVM: move iodev.h from virt/kvm/ to include/kvm iodev.h contains definitions for the kvm_io_bus framework. This is needed both by the generic KVM code in virt/kvm as well as by architecture specific code under arch/. Putting the header file in virt/kvm and using local includes in the architecture part seems at least dodgy to me, so let's move the file into include/kvm, so that a more natural "#include <kvm/iodev.h>" can be used by all of the code. This also solves a problem later when using struct kvm_io_device in arm_vgic.h. Fixing up the FSF address in the GPL header and a wrong include path on the way. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Iaa2a3117a2b145c8a5ae0bfc516398e9179ed798 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit af669ac6dc3f66bb56fb9612b9826adac6292794) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088078 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> [modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/x86/kvm/irq.h [rename] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/include/kvm/iodev.h [modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/x86/kvm/ioapic.h [modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/virt/kvm/eventfd.c [modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/virt/kvm/coalesced_mmio.c [modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/virt/kvm/kvm_main.c [modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/x86/kvm/i8254.h [modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/powerpc/kvm/mpic.c [modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/x86/kvm/lapic.h
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/a2d31b41399dc1f7150433872e26e669639776aa commit a2d31b41399dc1f7150433872e26e669639776aa Author: Andre Przywara <andre.przywara@arm.com> Date: Fri Jun 15 17:53:18 2018 UPSTREAM: KVM: arm/arm64: remove now unneeded include directory from Makefile virt/kvm was never really a good include directory for anything else than locally included headers. With the move of iodev.h there is no need anymore to add this directory the compiler's include path, so remove it from the arm and arm64 kvm Makefile. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I12dfa72a45d1c96dc957a9c7e58be5f9a564a227 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 5d9d15af1cade35e84979f222b911cbc97106032) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088079 [modify] https://crrev.com/a2d31b41399dc1f7150433872e26e669639776aa/arch/arm64/kvm/Makefile [modify] https://crrev.com/a2d31b41399dc1f7150433872e26e669639776aa/arch/arm/kvm/Makefile
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fe7125e133a8ec5d3b90a87160149c73b630366a commit fe7125e133a8ec5d3b90a87160149c73b630366a Author: Andre Przywara <andre.przywara@arm.com> Date: Fri Jun 15 17:53:19 2018 UPSTREAM: KVM: arm/arm64: rename struct kvm_mmio_range to vgic_io_range The name "kvm_mmio_range" is a bit bold, given that it only covers the VGIC's MMIO ranges. To avoid confusion with kvm_io_range, rename it to vgic_io_range. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I3c67345a0fa262ece43a9d9142a43e4c9c0703ff Signed-off-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit cf50a1eb43b98daa181714e40e22c8e5ad5007d6) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088080 [modify] https://crrev.com/fe7125e133a8ec5d3b90a87160149c73b630366a/virt/kvm/arm/vgic.c [modify] https://crrev.com/fe7125e133a8ec5d3b90a87160149c73b630366a/virt/kvm/arm/vgic-v2-emul.c [modify] https://crrev.com/fe7125e133a8ec5d3b90a87160149c73b630366a/virt/kvm/arm/vgic-v3-emul.c [modify] https://crrev.com/fe7125e133a8ec5d3b90a87160149c73b630366a/virt/kvm/arm/vgic.h
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/97deede595fd7dbec561ac116bcc044c6b948126 commit 97deede595fd7dbec561ac116bcc044c6b948126 Author: Andre Przywara <andre.przywara@arm.com> Date: Fri Jun 15 17:53:21 2018 UPSTREAM: KVM: arm/arm64: simplify vgic_find_range() and callers The vgic_find_range() function in vgic.c takes a struct kvm_exit_mmio argument, but actually only used the length field in there. Since we need to get rid of that structure in that part of the code anyway, let's rework the function (and it's callers) to pass the length argument to the function directly. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I94407681424953502e2259bb4c7adfa497767a90 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 9f199d0a0eeb8efb564ff41a6b9f819c4c0285ea) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088081 [modify] https://crrev.com/97deede595fd7dbec561ac116bcc044c6b948126/virt/kvm/arm/vgic.c [modify] https://crrev.com/97deede595fd7dbec561ac116bcc044c6b948126/virt/kvm/arm/vgic-v2-emul.c [modify] https://crrev.com/97deede595fd7dbec561ac116bcc044c6b948126/virt/kvm/arm/vgic.h
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c7c3a44ab3921cb0c6061ce8068e9c43064d8bae commit c7c3a44ab3921cb0c6061ce8068e9c43064d8bae Author: Andre Przywara <andre.przywara@arm.com> Date: Fri Jun 15 17:53:22 2018 UPSTREAM: KVM: arm/arm64: implement kvm_io_bus MMIO handling for the VGIC Currently we use a lot of VGIC specific code to do the MMIO dispatching. Use the previous reworks to add kvm_io_bus style MMIO handlers. Those are not yet called by the MMIO abort handler, also the actual VGIC emulator function do not make use of it yet, but will be enabled with the following patches. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I00e2cca60ac59dd69b4bd647a2b4cfd1622d6a63 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 6777f77f0f544f686ee3158ff0db6a7d81b7d3a2) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088082 [modify] https://crrev.com/c7c3a44ab3921cb0c6061ce8068e9c43064d8bae/include/kvm/arm_vgic.h [modify] https://crrev.com/c7c3a44ab3921cb0c6061ce8068e9c43064d8bae/virt/kvm/arm/vgic.c [modify] https://crrev.com/c7c3a44ab3921cb0c6061ce8068e9c43064d8bae/virt/kvm/arm/vgic.h
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/1c1e6e88eff279914d1ebe12e92df7a9b4a28b38 commit 1c1e6e88eff279914d1ebe12e92df7a9b4a28b38 Author: Andre Przywara <andre.przywara@arm.com> Date: Fri Jun 15 17:53:24 2018 UPSTREAM: KVM: arm/arm64: prepare GICv2 emulation to be handled by kvm_io_bus Using the framework provided by the recent vgic.c changes we register a kvm_io_bus device when initializing the virtual GICv2. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I408ab36dd2ee7f2d3c4c90dc3ec9f47af71472fd Signed-off-by: Andre Przywara <andre.przywara@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit a9cf86f62b785202684c3ba92895946f03d910c8) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088083 [modify] https://crrev.com/1c1e6e88eff279914d1ebe12e92df7a9b4a28b38/include/kvm/arm_vgic.h [modify] https://crrev.com/1c1e6e88eff279914d1ebe12e92df7a9b4a28b38/virt/kvm/arm/vgic-v2-emul.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/8ad2d579135f13fcec2423e5c46d2eb3cbd3c09c commit 8ad2d579135f13fcec2423e5c46d2eb3cbd3c09c Author: Ard Biesheuvel <ard.biesheuvel@linaro.org> Date: Fri Jun 15 17:53:25 2018 UPSTREAM: ARM: kvm: round HYP section to page size instead of log2 upper bound Older binutils do not support expressions involving the values of external symbols so just round up the HYP region to the page size. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I19a6a7cc378694a44eb8c2bbf09fe5927a029322 Tested-by: Simon Horman <horms+renesas@verge.net.au> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> [will: when will this ever end?!] Signed-off-by: Will Deacon <will.deacon@arm.com> (cherry picked from commit a9fea8b388ed5838fe0744970e67f7019d420824) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088084 [modify] https://crrev.com/8ad2d579135f13fcec2423e5c46d2eb3cbd3c09c/arch/arm/kvm/init.S [modify] https://crrev.com/8ad2d579135f13fcec2423e5c46d2eb3cbd3c09c/arch/arm/kernel/vmlinux.lds.S
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/b43220afdba2fe1c558c6cf7fd147b1144ae40e0 commit b43220afdba2fe1c558c6cf7fd147b1144ae40e0 Author: Andre Przywara <andre.przywara@arm.com> Date: Fri Jun 15 17:53:27 2018 UPSTREAM: KVM: arm/arm64: merge GICv3 RD_base and SGI_base register frames Currently we handle the redistributor registers in two separate MMIO regions, one for the overall behaviour and SPIs and one for the SGIs/PPIs. That latter forces the creation of _two_ KVM I/O bus devices for each redistributor. Since the spec mandates those two pages to be contigious, we could as well merge them and save the churn with the second KVM I/O bus device. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I1044f0f27e9854288131de95ea8eab21ee690b92 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 0ba10d53920d030cd7772a9553b13b5ea1aa4115) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088085 [modify] https://crrev.com/b43220afdba2fe1c558c6cf7fd147b1144ae40e0/virt/kvm/arm/vgic-v3-emul.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/45144143de7c3fac2966aeaaef2f3f54cb42c118 commit 45144143de7c3fac2966aeaaef2f3f54cb42c118 Author: Andre Przywara <andre.przywara@arm.com> Date: Fri Jun 15 17:53:28 2018 UPSTREAM: KVM: arm/arm64: prepare GICv3 emulation to use kvm_io_bus MMIO handling Using the framework provided by the recent vgic.c changes, we register a kvm_io_bus device on mapping the virtual GICv3 resources. The distributor mapping is pretty straight forward, but the redistributors need some more love, since they need to be tagged with the respective redistributor (read: VCPU) they are connected with. We use the kvm_io_bus framework to register one devices per VCPU. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ia9d952fcdf3170b638fc68a3030f343dd4b94547 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit fb8f61abab48467ef670ef165ff664cdc94f742e) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088086 [modify] https://crrev.com/45144143de7c3fac2966aeaaef2f3f54cb42c118/include/kvm/arm_vgic.h [modify] https://crrev.com/45144143de7c3fac2966aeaaef2f3f54cb42c118/virt/kvm/arm/vgic-v3-emul.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2c06a618bb344fc02c44823c8cd1623415a59391 commit 2c06a618bb344fc02c44823c8cd1623415a59391 Author: Andre Przywara <andre.przywara@arm.com> Date: Fri Jun 15 17:53:30 2018 UPSTREAM: KVM: arm/arm64: rework MMIO abort handling to use KVM MMIO bus Currently we have struct kvm_exit_mmio for encapsulating MMIO abort data to be passed on from syndrome decoding all the way down to the VGIC register handlers. Now as we switch the MMIO handling to be routed through the KVM MMIO bus, it does not make sense anymore to use that structure already from the beginning. So we keep the data in local variables until we put them into the kvm_io_bus framework. Then we fill kvm_exit_mmio in the VGIC only, making it a VGIC private structure. On that way we replace the data buffer in that structure with a pointer pointing to a single location in a local variable, so we get rid of some copying on the way. With all of the virtual GIC emulation code now being registered with the kvm_io_bus, we can remove all of the old MMIO handling code and its dispatching functionality. I didn't bother to rename kvm_exit_mmio (to vgic_mmio or something), because that touches a lot of code lines without any good reason. This is based on an original patch by Nikolay. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I6988128baa064a12dfd8faaf58e36371ace4d62e Signed-off-by: Andre Przywara <andre.przywara@arm.com> Cc: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 950324ab81bf006542f30a1d1ab3d65fcf15cbc1) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088087 [modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/virt/kvm/arm/vgic.c [modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/arch/arm/include/asm/kvm_mmio.h [modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/arch/arm64/include/asm/kvm_mmio.h [modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/virt/kvm/arm/vgic-v2-emul.c [modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/include/kvm/arm_vgic.h [modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/arch/arm/kvm/mmio.c [modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/virt/kvm/arm/vgic.h [modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/virt/kvm/arm/vgic-v3-emul.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4766261693d8bde417604e91637145e2eb1691e6 commit 4766261693d8bde417604e91637145e2eb1691e6 Author: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com> Date: Fri Jun 15 17:53:31 2018 UPSTREAM: KVM: arm/arm64: enable KVM_CAP_IOEVENTFD As the infrastructure for eventfd has now been merged, report the ioeventfd capability as being supported. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ib4380303aacd992c237194debe9a4d5085deb4dd Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com> [maz: grouped the case entry with the others, fixed commit log] Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit d44758c0dfc5993a4b9952935a7eae4c91ebb6b4) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088088 [modify] https://crrev.com/4766261693d8bde417604e91637145e2eb1691e6/arch/arm/kvm/arm.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/1ea3d80dd49efd832b4bfe07bcc9828f81ae1351 commit 1ea3d80dd49efd832b4bfe07bcc9828f81ae1351 Author: Eric Auger <eric.auger@linaro.org> Date: Fri Jun 15 17:53:33 2018 UPSTREAM: KVM: arm: irqfd: fix value returned by kvm_irq_map_gsi irqfd/arm curently does not support routing. kvm_irq_map_gsi is supposed to return all the routing entries associated with the provided gsi and return the number of those entries. We should return 0 at this point. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I36d094a37b2f0876c168b60ed889cd4b1298b9e3 Signed-off-by: Eric Auger <eric.auger@linaro.org> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 0b3289ebc2d50cf5ab778215ed0b4075bbae6629) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088089 [modify] https://crrev.com/1ea3d80dd49efd832b4bfe07bcc9828f81ae1351/virt/kvm/arm/vgic.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/482f801f8cbd1d8262c5152b26ed4d831e9a1616 commit 482f801f8cbd1d8262c5152b26ed4d831e9a1616 Author: Andre Przywara <andre.przywara@arm.com> Date: Fri Jun 15 17:53:34 2018 UPSTREAM: KVM: arm/arm64: check IRQ number on userland injection When userland injects a SPI via the KVM_IRQ_LINE ioctl we currently only check it against a fixed limit, which historically is set to 127. With the new dynamic IRQ allocation the effective limit may actually be smaller (64). So when now a malicious or buggy userland injects a SPI in that range, we spill over on our VGIC bitmaps and bytemaps memory. I could trigger a host kernel NULL pointer dereference with current mainline by injecting some bogus IRQ number from a hacked kvmtool: ----------------- .... DEBUG: kvm_vgic_inject_irq(kvm, cpu=0, irq=114, level=1) DEBUG: vgic_update_irq_pending(kvm, cpu=0, irq=114, level=1) DEBUG: IRQ #114 still in the game, writing to bytemap now... Unable to handle kernel NULL pointer dereference at virtual address 00000000 pgd = ffffffc07652e000 [00000000] *pgd=00000000f658b003, *pud=00000000f658b003, *pmd=0000000000000000 Internal error: Oops: 96000006 [#1] PREEMPT SMP Modules linked in: CPU: 1 PID: 1053 Comm: lkvm-msi-irqinj Not tainted 4.0.0-rc7+ #3027 Hardware name: FVP Base (DT) task: ffffffc0774e9680 ti: ffffffc0765a8000 task.ti: ffffffc0765a8000 PC is at kvm_vgic_inject_irq+0x234/0x310 LR is at kvm_vgic_inject_irq+0x30c/0x310 pc : [<ffffffc0000ae0a8>] lr : [<ffffffc0000ae180>] pstate: 80000145 ..... So this patch fixes this by checking the SPI number against the actual limit. Also we remove the former legacy hard limit of 127 in the ioctl code. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Id61d9f0522b9f464560b5713c79fb1d9e4356981 Signed-off-by: Andre Przywara <andre.przywara@arm.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> CC: <stable@vger.kernel.org> # 4.0, 3.19, 3.18 [maz: wrap KVM_ARM_IRQ_GIC_MAX with #ifndef __KERNEL__, as suggested by Christopher Covington] Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit fd1d0ddf2ae92fb3df42ed476939861806c5d785) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088090 [modify] https://crrev.com/482f801f8cbd1d8262c5152b26ed4d831e9a1616/virt/kvm/arm/vgic.c [modify] https://crrev.com/482f801f8cbd1d8262c5152b26ed4d831e9a1616/arch/arm/kvm/arm.c [modify] https://crrev.com/482f801f8cbd1d8262c5152b26ed4d831e9a1616/arch/arm64/include/uapi/asm/kvm.h [modify] https://crrev.com/482f801f8cbd1d8262c5152b26ed4d831e9a1616/arch/arm/include/uapi/asm/kvm.h
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/d902ff0ce15ebe1a91a3dc5a48f448494dc00d06 commit d902ff0ce15ebe1a91a3dc5a48f448494dc00d06 Author: Russell King <rmk+kernel@arm.linux.org.uk> Date: Fri Jun 15 17:53:36 2018 UPSTREAM: ARM: kvm: fix a bad BSYM() usage BSYM() should only be used when refering to local symbols in the same assembly file which are resolved by the assembler, and not for linker-fixed up symbols. The use of BSYM() with panic is incorrect as the linker is involved in fixing up this relocation, and it knows whether panic() is ARM or Thumb. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I686b1e6d907859b765bcb76f90af16a990c78a3a Acked-by: Nicolas Pitre <nico@linaro.org> Acked-by: Dave Martin <Dave.Martin@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk> (cherry picked from commit 5890298a834c04aaa9b5fb576e5f2b77e79ab38d) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088091 [modify] https://crrev.com/d902ff0ce15ebe1a91a3dc5a48f448494dc00d06/arch/arm/kvm/interrupts.S
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e7eee8ba3208a0e455135ff32c1a810ad8d4420d commit e7eee8ba3208a0e455135ff32c1a810ad8d4420d Author: Suzuki K. Poulose <suzuki.poulose@arm.com> Date: Fri Jun 15 17:53:37 2018 UPSTREAM: arm64/kvm: Add generic v8 KVM target This patch adds a generic ARM v8 KVM target cpu type for use by the new CPUs which eventualy ends up using the common sys_reg table. For backward compatibility the existing targets have been preserved. Any new target CPU that can be covered by generic v8 sys_reg tables should make use of the new generic target. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I4948696787b18b2ae9a4d43671f8d1c266762180 Signed-off-by: Suzuki K. Poulose <suzuki.poulose@arm.com> Acked-by: Marc Zyngier <Marc.Zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit bca556ac468ab4744692926b67cb525cdce850c9) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088092 [modify] https://crrev.com/e7eee8ba3208a0e455135ff32c1a810ad8d4420d/arch/arm64/include/uapi/asm/kvm.h [modify] https://crrev.com/e7eee8ba3208a0e455135ff32c1a810ad8d4420d/arch/arm64/kvm/guest.c [modify] https://crrev.com/e7eee8ba3208a0e455135ff32c1a810ad8d4420d/arch/arm64/kvm/sys_regs_generic_v8.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e4b9193cba4d44b407eb80346e9fbf8e4f91ab1b commit e4b9193cba4d44b407eb80346e9fbf8e4f91ab1b Author: Marc Zyngier <marc.zyngier@arm.com> Date: Fri Jun 15 17:53:39 2018 UPSTREAM: arm: KVM: force execution of HCPTR access on VM exit On VM entry, we disable access to the VFP registers in order to perform a lazy save/restore of these registers. On VM exit, we restore access, test if we did enable them before, and save/restore the guest/host registers if necessary. In this sequence, the FPEXC register is always accessed, irrespective of the trapping configuration. If the guest didn't touch the VFP registers, then the HCPTR access has now enabled such access, but we're missing a barrier to ensure architectural execution of the new HCPTR configuration. If the HCPTR access has been delayed/reordered, the subsequent access to FPEXC will cause a trap, which we aren't prepared to handle at all. The same condition exists when trapping to enable VFP for the guest. The fix is to introduce a barrier after enabling VFP access. In the vmexit case, it can be relaxed to only takes place if the guest hasn't accessed its view of the VFP registers, making the access to FPEXC safe. The set_hcptr macro is modified to deal with both vmenter/vmexit and vmtrap operations, and now takes an optional label that is branched to when the guest hasn't touched the VFP registers. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I4815474405d8e81d6631ec0ffb3a06db45108f14 Reported-by: Vikram Sethi <vikrams@codeaurora.org> Cc: stable@kernel.org # v3.9+ Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 85e84ba31039595995dae80b277378213602891b) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088093 [modify] https://crrev.com/e4b9193cba4d44b407eb80346e9fbf8e4f91ab1b/arch/arm/kvm/interrupts.S [modify] https://crrev.com/e4b9193cba4d44b407eb80346e9fbf8e4f91ab1b/arch/arm/kvm/interrupts_head.S
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/5704321b65d8d59b2a47f08ae466dabb2aa2307b commit 5704321b65d8d59b2a47f08ae466dabb2aa2307b Author: Jason Wang <jasowang@redhat.com> Date: Fri Jun 15 17:53:40 2018 UPSTREAM: kvm: don't try to register to KVM_FAST_MMIO_BUS for non mmio eventfd [ Upstream commit 8453fecbecae26edb3f278627376caab05d9a88d ] We only want zero length mmio eventfd to be registered on KVM_FAST_MMIO_BUS. So check this explicitly when arg->len is zero to make sure this. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I419261d4ae576fcbef443e220e4266cf4cd839b6 Cc: stable@vger.kernel.org Cc: Gleb Natapov <gleb@kernel.org> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> (cherry picked from commit d758df24a58e5160270c74b467dfa6453fceb91b in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088094 [modify] https://crrev.com/5704321b65d8d59b2a47f08ae466dabb2aa2307b/virt/kvm/eventfd.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/98b50f25520d3ad55fe30d5e62ebfef3ae4111a4 commit 98b50f25520d3ad55fe30d5e62ebfef3ae4111a4 Author: Jason Wang <jasowang@redhat.com> Date: Fri Jun 15 17:53:42 2018 UPSTREAM: kvm: factor out core eventfd assign/deassign logic [ Upstream commit 85da11ca587c8eb73993a1b503052391a73586f9 ] This patch factors out core eventfd assign/deassign logic and leaves the argument checking and bus index selection to callers. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I193d122f44b025b26ae8e5f838b1ecfdabb473a0 Cc: stable@vger.kernel.org Cc: Gleb Natapov <gleb@kernel.org> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> (cherry picked from commit 7642b3f109228718f1bf57c35210c9a36696a465 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088095 [modify] https://crrev.com/98b50f25520d3ad55fe30d5e62ebfef3ae4111a4/virt/kvm/eventfd.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/caf487f0ab16e960fb4bf0464644367a643def4f commit caf487f0ab16e960fb4bf0464644367a643def4f Author: Jason Wang <jasowang@redhat.com> Date: Fri Jun 15 17:53:43 2018 UPSTREAM: kvm: fix double free for fast mmio eventfd [ Upstream commit eefd6b06b17c5478e7c24bea6f64beaa2c431ca6 ] We register wildcard mmio eventfd on two buses, once for KVM_MMIO_BUS and once on KVM_FAST_MMIO_BUS but with a single iodev instance. This will lead to an issue: kvm_io_bus_destroy() knows nothing about the devices on two buses pointing to a single dev. Which will lead to double free[1] during exit. Fix this by allocating two instances of iodevs then registering one on KVM_MMIO_BUS and another on KVM_FAST_MMIO_BUS. CPU: 1 PID: 2894 Comm: qemu-system-x86 Not tainted 3.19.0-26-generic #28-Ubuntu Hardware name: LENOVO 2356BG6/2356BG6, BIOS G7ET96WW (2.56 ) 09/12/2013 task: ffff88009ae0c4b0 ti: ffff88020e7f0000 task.ti: ffff88020e7f0000 RIP: 0010:[<ffffffffc07e25d8>] [<ffffffffc07e25d8>] ioeventfd_release+0x28/0x60 [kvm] RSP: 0018:ffff88020e7f3bc8 EFLAGS: 00010292 RAX: dead000000200200 RBX: ffff8801ec19c900 RCX: 000000018200016d RDX: ffff8801ec19cf80 RSI: ffffea0008bf1d40 RDI: ffff8801ec19c900 RBP: ffff88020e7f3bd8 R08: 000000002fc75a01 R09: 000000018200016d R10: ffffffffc07df6ae R11: ffff88022fc75a98 R12: ffff88021e7cc000 R13: ffff88021e7cca48 R14: ffff88021e7cca50 R15: ffff8801ec19c880 FS: 00007fc1ee3e6700(0000) GS:ffff88023e240000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8f389d8000 CR3: 000000023dc13000 CR4: 00000000001427e0 Stack: ffff88021e7cc000 0000000000000000 ffff88020e7f3be8 ffffffffc07e2622 ffff88020e7f3c38 ffffffffc07df69a ffff880232524160 ffff88020e792d80 0000000000000000 ffff880219b78c00 0000000000000008 ffff8802321686a8 Call Trace: [<ffffffffc07e2622>] ioeventfd_destructor+0x12/0x20 [kvm] [<ffffffffc07df69a>] kvm_put_kvm+0xca/0x210 [kvm] [<ffffffffc07df818>] kvm_vcpu_release+0x18/0x20 [kvm] [<ffffffff811f69f7>] __fput+0xe7/0x250 [<ffffffff811f6bae>] ____fput+0xe/0x10 [<ffffffff81093f04>] task_work_run+0xd4/0xf0 [<ffffffff81079358>] do_exit+0x368/0xa50 [<ffffffff81082c8f>] ? recalc_sigpending+0x1f/0x60 [<ffffffff81079ad5>] do_group_exit+0x45/0xb0 [<ffffffff81085c71>] get_signal+0x291/0x750 [<ffffffff810144d8>] do_signal+0x28/0xab0 [<ffffffff810f3a3b>] ? do_futex+0xdb/0x5d0 [<ffffffff810b7028>] ? __wake_up_locked_key+0x18/0x20 [<ffffffff810f3fa6>] ? SyS_futex+0x76/0x170 [<ffffffff81014fc9>] do_notify_resume+0x69/0xb0 [<ffffffff817cb9af>] int_signal+0x12/0x17 Code: 5d c3 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb 48 83 ec 08 48 8b 7f 20 e8 06 d6 a5 c0 48 8b 43 08 48 8b 13 48 89 df 48 89 42 08 <48> 89 10 48 b8 00 01 10 00 00 RIP [<ffffffffc07e25d8>] ioeventfd_release+0x28/0x60 [kvm] RSP <ffff88020e7f3bc8> BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I01fc5035679c780c1d132e5dd18d3373b8be17cc Cc: stable@vger.kernel.org Cc: Gleb Natapov <gleb@kernel.org> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> (cherry picked from commit 0b5ee81826c2d98d40366c4fa435ebf73cfec8fd in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088096 [modify] https://crrev.com/caf487f0ab16e960fb4bf0464644367a643def4f/virt/kvm/eventfd.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/74a98feeb108551654a0b3c5024d0ee84d317031 commit 74a98feeb108551654a0b3c5024d0ee84d317031 Author: Igor Mammedov <imammedo@redhat.com> Date: Fri Jun 15 17:53:45 2018 UPSTREAM: kvm: avoid page allocation failure in kvm_set_memory_region() [ Upstream commit 744961341d472db6272ed9b42319a90f5a2aa7c4 ] KVM guest can fail to startup with following trace on host: qemu-system-x86: page allocation failure: order:4, mode:0x40d0 Call Trace: dump_stack+0x47/0x67 warn_alloc_failed+0xee/0x150 __alloc_pages_direct_compact+0x14a/0x150 __alloc_pages_nodemask+0x776/0xb80 alloc_kmem_pages+0x3a/0x110 kmalloc_order+0x13/0x50 kmemdup+0x1b/0x40 __kvm_set_memory_region+0x24a/0x9f0 [kvm] kvm_set_ioapic+0x130/0x130 [kvm] kvm_set_memory_region+0x21/0x40 [kvm] kvm_vm_ioctl+0x43f/0x750 [kvm] Failure happens when attempting to allocate pages for 'struct kvm_memslots', however it doesn't have to be present in physically contiguous (kmalloc-ed) address space, change allocation to kvm_kvzalloc() so that it will be vmalloc-ed when its size is more then a page. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I62f3fa5e3314547f9b54b39985e27d7edc484086 Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> (cherry picked from commit b94e91cc2225ea311e6bb8500f492702e319b348 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088097 [modify] https://crrev.com/74a98feeb108551654a0b3c5024d0ee84d317031/virt/kvm/kvm_main.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/86b7d4a5647b8d6837ffabc4dc67f606ec6caaf8 commit 86b7d4a5647b8d6837ffabc4dc67f606ec6caaf8 Author: Radim Krčmář <rkrcmar@redhat.com> Date: Fri Jun 15 17:53:46 2018 UPSTREAM: KVM: use slowpath for cross page cached accesses [ Upstream commit ca3f0874723fad81d0c701b63ae3a17a408d5f25 ] kvm_write_guest_cached() does not mark all written pages as dirty and code comments in kvm_gfn_to_hva_cache_init() talk about NULL memslot with cross page accesses. Fix all the easy way. The check is '<= 1' to have the same result for 'len = 0' cache anywhere in the page. (nr_pages_needed is 0 on page boundary.) BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I95ffe795f15ef41a22c2e2b7c922d9735c48ee35 Fixes: 8f964525a121 ("KVM: Allow cross page reads and writes from cached translations.") Signed-off-by: Radim Krm <rkrcmar@redhat.com> Message-Id: <20150408121648.GA3519@potion.brq.redhat.com> Reviewed-by: Wanpeng Li <wanpeng.li@linux.intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> (cherry picked from commit 35e1329264c8b2ff71d4c186aabb856710cf9b2f in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088098 [modify] https://crrev.com/86b7d4a5647b8d6837ffabc4dc67f606ec6caaf8/virt/kvm/kvm_main.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/bdd0f1c1a30715b7e63b35016429418da5136d2d commit bdd0f1c1a30715b7e63b35016429418da5136d2d Author: Jason Wang <jasowang@redhat.com> Date: Fri Jun 15 17:53:48 2018 UPSTREAM: kvm: fix zero length mmio searching [ Upstream commit 8f4216c7d28976f7ec1b2bcbfa0a9f787133c45e ] Currently, if we had a zero length mmio eventfd assigned on KVM_MMIO_BUS. It will never be found by kvm_io_bus_cmp() since it always compares the kvm_io_range() with the length that guest wrote. This will cause e.g for vhost, kick will be trapped by qemu userspace instead of vhost. Fixing this by using zero length if an iodevice is zero length. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I49c4b669d6910041c502b2c0d46a6dad67ccbb5e Cc: stable@vger.kernel.org Cc: Gleb Natapov <gleb@kernel.org> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> (cherry picked from commit 7d765ce07eff78ab78d09d4acaa3aecb71e322a4 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088099 [modify] https://crrev.com/bdd0f1c1a30715b7e63b35016429418da5136d2d/virt/kvm/kvm_main.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e39e5b905fb4d08f5b2ee90360b3755cb4dd601b commit e39e5b905fb4d08f5b2ee90360b3755cb4dd601b Author: Paolo Bonzini <pbonzini@redhat.com> Date: Fri Jun 15 17:53:49 2018 UPSTREAM: KVM: fix spin_lock_init order on x86 [ Upstream commit e9ad4ec8379ad1ba6f68b8ca1c26b50b5ae0a327 ] Moving the initialization earlier is needed in 4.6 because kvm_arch_init_vm is now using mmu_lock, causing lockdep to complain: [ 284.440294] INFO: trying to register non-static key. [ 284.445259] the code is fine but needs lockdep annotation. [ 284.450736] turning off the locking correctness validator. ... [ 284.528318] [<ffffffff810aecc3>] lock_acquire+0xd3/0x240 [ 284.533733] [<ffffffffa0305aa0>] ? kvm_page_track_register_notifier+0x20/0x60 [kvm] [ 284.541467] [<ffffffff81715581>] _raw_spin_lock+0x41/0x80 [ 284.546960] [<ffffffffa0305aa0>] ? kvm_page_track_register_notifier+0x20/0x60 [kvm] [ 284.554707] [<ffffffffa0305aa0>] kvm_page_track_register_notifier+0x20/0x60 [kvm] [ 284.562281] [<ffffffffa02ece70>] kvm_mmu_init_vm+0x20/0x30 [kvm] [ 284.568381] [<ffffffffa02dbf7a>] kvm_arch_init_vm+0x1ea/0x200 [kvm] [ 284.574740] [<ffffffffa02bff3f>] kvm_dev_ioctl+0xbf/0x4d0 [kvm] However, it also helps fixing a preexisting problem, which is why this patch is also good for stable kernels: kvm_create_vm was incrementing current->mm->mm_count but not decrementing it at the out_err label (in case kvm_init_mmu_notifier failed). The new initialization order makes it possible to add the required mmdrop without adding a new error label. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I9954d23d83cd3f362668fbf16a3f37746219fb98 Cc: stable@vger.kernel.org Reported-by: Borislav Petkov <bp@alien8.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> (cherry picked from commit 241a9a816bc95d7bbc7c422c60e880491a59ac1b in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088100 [modify] https://crrev.com/e39e5b905fb4d08f5b2ee90360b3755cb4dd601b/virt/kvm/kvm_main.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/3a700ff1a96b8b78889f46e54f98c46fbec22214 commit 3a700ff1a96b8b78889f46e54f98c46fbec22214 Author: Xiubo Li <lixiubo@cmss.chinamobile.com> Date: Fri Jun 15 17:53:51 2018 UPSTREAM: kvm: Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES [ Upstream commit caf1ff26e1aa178133df68ac3d40815fed2187d9 ] These days, we experienced one guest crash with 8 cores and 3 disks, with qemu error logs as bellow: qemu-system-x86_64: /build/qemu-2.0.0/kvm-all.c:984: kvm_irqchip_commit_routes: Assertion `ret == 0' failed. And then we found one patch(bdf026317d) in qemu tree, which said could fix this bug. Execute the following script will reproduce the BUG quickly: irq_affinity.sh ======================================================================== vda_irq_num=25 vdb_irq_num=27 while [ 1 ] do for irq in {1,2,4,8,10,20,40,80} do echo $irq > /proc/irq/$vda_irq_num/smp_affinity echo $irq > /proc/irq/$vdb_irq_num/smp_affinity dd if=/dev/vda of=/dev/zero bs=4K count=100 iflag=direct dd if=/dev/vdb of=/dev/zero bs=4K count=100 iflag=direct done done ======================================================================== The following qemu log is added in the qemu code and is displayed when this bug reproduced: kvm_irqchip_commit_routes: max gsi: 1008, nr_allocated_irq_routes: 1024, irq_routes->nr: 1024, gsi_count: 1024. That's to say when irq_routes->nr == 1024, there are 1024 routing entries, but in the kernel code when routes->nr >= 1024, will just return -EINVAL; The nr is the number of the routing entries which is in of [1 ~ KVM_MAX_IRQ_ROUTES], not the index in [0 ~ KVM_MAX_IRQ_ROUTES - 1]. This patch fix the BUG above. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I4df4e08532d1e0c7219c0ab1a0be697d76fef685 Cc: stable@vger.kernel.org Signed-off-by: Xiubo Li <lixiubo@cmss.chinamobile.com> Signed-off-by: Wei Tang <tangwei@cmss.chinamobile.com> Signed-off-by: Zhang Zhuoyu <zhangzhuoyu@cmss.chinamobile.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> (cherry picked from commit 4929b4934f7bf919a97bd8826c929f74915c8e9a in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088101 [modify] https://crrev.com/3a700ff1a96b8b78889f46e54f98c46fbec22214/virt/kvm/kvm_main.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/0e8ae0aa45fea509c9998a2138d436052b232a3b commit 0e8ae0aa45fea509c9998a2138d436052b232a3b Author: Peter Xu <peterx@redhat.com> Date: Fri Jun 15 17:53:52 2018 UPSTREAM: KVM: x86: clear bus pointer when destroyed commit df630b8c1e851b5e265dc2ca9c87222e342c093b upstream. When releasing the bus, let's clear the bus pointers to mark it out. If any further device unregister happens on this bus, we know that we're done if we found the bus being released already. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I4ed6cd4b794a6a9c31f12278f0268d128a504e0e Signed-off-by: Peter Xu <peterx@redhat.com> Signed-off-by: Radim Krm <rkrcmar@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit c6216a0f1e3da39f37aba3d43257c8cda172b414 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088102 [modify] https://crrev.com/0e8ae0aa45fea509c9998a2138d436052b232a3b/virt/kvm/kvm_main.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/88baee0ac36bacfcad83ccddb349d0f520a80683 commit 88baee0ac36bacfcad83ccddb349d0f520a80683 Author: Eric Auger <eric.auger@linaro.org> Date: Fri Jun 15 17:53:53 2018 UPSTREAM: KVM: introduce kvm_arch_intc_initialized and use it in irqfd Introduce __KVM_HAVE_ARCH_INTC_INITIALIZED define and associated kvm_arch_intc_initialized function. This latter allows to test whether the virtual interrupt controller is initialized and ready to accept virtual IRQ injection. On some architectures, the virtual interrupt controller is dynamically instantiated, justifying that kind of check. The new function can now be used by irqfd to check whether the virtual interrupt controller is ready on KVM_IRQFD request. If not, KVM_IRQFD returns -EAGAIN. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I0de99770faddf56bd992b99b60360a99868da23e Signed-off-by: Eric Auger <eric.auger@linaro.org> Acked-by: Christoffer Dall <christoffer.dall@linaro.org> Reviewed-by: Andre Przywara <andre.przywara@arm.com> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 01c94e64f5a6f298774bdbde435e577821119fc0) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088103 [modify] https://crrev.com/88baee0ac36bacfcad83ccddb349d0f520a80683/virt/kvm/eventfd.c [modify] https://crrev.com/88baee0ac36bacfcad83ccddb349d0f520a80683/include/linux/kvm_host.h
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/65e8d3fbd1c5303b94bb3d82f5979c149fee9950 commit 65e8d3fbd1c5303b94bb3d82f5979c149fee9950 Author: Radim Krcmar <rkrcmar@redhat.com> Date: Fri Jun 15 17:53:55 2018 UPSTREAM: kvm: remove CONFIG_X86 #ifdefs from files formerly shared with ia64 BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I6c0bf19f00d800ec08fefd6e0a6f576553b694aa Signed-off-by: Radim Krcmar <rkrcmar@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 3bf58e9ae8802bbb6af722a2e7dc4c4d21110c5a) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088104 [modify] https://crrev.com/65e8d3fbd1c5303b94bb3d82f5979c149fee9950/arch/x86/kvm/irq_comm.c [modify] https://crrev.com/65e8d3fbd1c5303b94bb3d82f5979c149fee9950/arch/x86/kvm/ioapic.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/20002e923abe109fb6b1792c0e9a0631c4d989fb commit 20002e923abe109fb6b1792c0e9a0631c4d989fb Author: Will Deacon <will.deacon@arm.com> Date: Fri Jun 15 17:53:56 2018 UPSTREAM: KVM: arm64: add workaround for Cortex-A57 erratum #852523 When restoring the system register state for an AArch32 guest at EL2, writes to DACR32_EL2 may not be correctly synchronised by Cortex-A57, which can lead to the guest effectively running with junk in the DACR and running into unexpected domain faults. This patch works around the issue by re-ordering our restoration of the AArch32 register aliases so that they happen before the AArch64 system registers. Ensuring that the registers are restored in this order guarantees that they will be correctly synchronised by the core. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I608fa153e49751aaed9f13a6e7addf6ccc1fa98c Cc: <stable@vger.kernel.org> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 43297dda0a51e4ffed0888ce727c218cfb7474b6) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088105 [modify] https://crrev.com/20002e923abe109fb6b1792c0e9a0631c4d989fb/arch/arm64/kvm/hyp.S
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/585bb87a78900d095ec1c2173536d9408cada798 commit 585bb87a78900d095ec1c2173536d9408cada798 Author: Marek Majtyka <marek.majtyka@tieto.com> Date: Fri Jun 15 17:53:58 2018 UPSTREAM: arm: KVM: Fix incorrect device to IPA mapping A critical bug has been found in device memory stage1 translation for VMs with more then 4GB of address space. Once vm_pgoff size is smaller then pa (which is true for LPAE case, u32 and u64 respectively) some more significant bits of pa may be lost as a shift operation is performed on u32 and later cast onto u64. Example: vm_pgoff(u32)=0x00210030, PAGE_SHIFT=12 expected pa(u64): 0x0000002010030000 produced pa(u64): 0x0000000010030000 The fix is to change the order of operations (casting first onto phys_addr_t and then shifting). BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Icb17c157d30720bbb4cde4735a68e1ef5d5caa4c Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> [maz: fixed changelog and patch formatting] Cc: stable@vger.kernel.org Signed-off-by: Marek Majtyka <marek.majtyka@tieto.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit ca09f02f122b2ecb0f5ddfc5fd47b29ed657d4fd) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088106 [modify] https://crrev.com/585bb87a78900d095ec1c2173536d9408cada798/arch/arm/kvm/mmu.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/eda9c9d938509499ada3ece914bcc0a576ce4e4f commit eda9c9d938509499ada3ece914bcc0a576ce4e4f Author: Ard Biesheuvel <ard.biesheuvel@linaro.org> Date: Fri Jun 15 17:53:59 2018 BACKPORT: ARM/arm64: KVM: test properly for a PTE's uncachedness The open coded tests for checking whether a PTE maps a page as uncached use a flawed '(pte_val(xxx) & CONST) != CONST' pattern, which is not guaranteed to work since the type of a mapping is not a set of mutually exclusive bits For HYP mappings, the type is an index into the MAIR table (i.e, the index itself does not contain any information whatsoever about the type of the mapping), and for stage-2 mappings it is a bit field where normal memory and device types are defined as follows: #define MT_S2_NORMAL 0xf #define MT_S2_DEVICE_nGnRE 0x1 I.e., masking *and* comparing with the latter matches on the former, and we have been getting lucky merely because the S2 device mappings also have the PTE_UXN bit set, or we would misidentify memory mappings as device mappings. Since the unmap_range() code path (which contains one instance of the flawed test) is used both for HYP mappings and stage-2 mappings, and considering the difference between the two, it is non-trivial to fix this by rewriting the tests in place, as it would involve passing down the type of mapping through all the functions. However, since HYP mappings and stage-2 mappings both deal with host physical addresses, we can simply check whether the mapping is backed by memory that is managed by the host kernel, and only perform the D-cache maintenance if this is the case. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Icf584d6f75d04e9fe1e13e080773d91315e5e470 Cc: stable@vger.kernel.org Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Tested-by: Pavel Fedin <p.fedin@samsung.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit e6fab54423450d699a09ec2b899473a541f61971) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: context from not having 15a49a44fc3620] Conflicts: arch/arm/kvm/mmu.c Reviewed-on: https://chromium-review.googlesource.com/1088107 Reviewed-by: Dylan Reid <dgreid@chromium.org> [modify] https://crrev.com/eda9c9d938509499ada3ece914bcc0a576ce4e4f/arch/arm/kvm/mmu.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/5ce52f3aad46a9795f037cf8bcfa84ade962941e commit 5ce52f3aad46a9795f037cf8bcfa84ade962941e Author: Mark Rutland <mark.rutland@arm.com> Date: Fri Jun 15 17:54:01 2018 UPSTREAM: arm64: kvm: avoid %p in __kvm_hyp_panic Currently __kvm_hyp_panic uses %p for values which are not pointers, such as the ESR value. This can confusingly lead to "(null)" being printed for the value. Use %x instead, and only use %p for host pointers. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ibc305353d30c1dd896b60a417809cb14b5a6bc89 Signed-off-by: Mark Rutland <mark.rutland@arm.com> Acked-by: Marc Zyngier <marc.zyngier@arm.com> Cc: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 1d7a4e313abbc7200982e5a68121483a3aa32295) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088108 [modify] https://crrev.com/5ce52f3aad46a9795f037cf8bcfa84ade962941e/arch/arm64/kvm/hyp.S
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/98e14b30ebf05afa735301f679bc78aca8b450a7 commit 98e14b30ebf05afa735301f679bc78aca8b450a7 Author: Mark Rutland <mark.rutland@arm.com> Date: Fri Jun 15 17:54:02 2018 UPSTREAM: arm64: kvm: report original PAR_EL1 upon panic If we call __kvm_hyp_panic while a guest context is active, we call __restore_sysregs before acquiring the system register values for the panic, in the process throwing away the PAR_EL1 value at the point of the panic. This patch modifies __kvm_hyp_panic to stash the PAR_EL1 value prior to restoring host register values, enabling us to report the original values at the point of the panic. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I4ae3b5e519321d215b9744bc5cd9657ead126f2c Acked-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit fbb4574ce9a37e15a9872860bf202f2be5bdf6c4) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088109 [modify] https://crrev.com/98e14b30ebf05afa735301f679bc78aca8b450a7/arch/arm64/kvm/hyp.S
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/3e95401c957e0be89f625f35d1bdb238d23e7118 commit 3e95401c957e0be89f625f35d1bdb238d23e7118 Author: Pavel Fedin <p.fedin@samsung.com> Date: Fri Jun 15 17:54:04 2018 UPSTREAM: arm64: KVM: Correctly handle zero register during MMIO On ARM64 register index of 31 corresponds to both zero register and SP. However, all memory access instructions, use ZR as transfer register. SP is used only as a base register in indirect memory addressing, or by register-register arithmetics, which cannot be trapped here. Correct emulation is achieved by introducing new register accessor functions, which can do special handling for reg_num == 31. These new accessors intentionally do not rely on old vcpu_reg() on ARM64, because it is to be removed. Since the affected code is shared by both ARM flavours, implementations of these accessors are also added to ARM32 code. This patch fixes setting MMIO register to a random value (actually SP) instead of zero by something like: *((volatile int *)reg) = 0; compilers tend to generate "str wzr, [xx]" here [Marc: Fixed 32bit splat] BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Id1f9f6e04df874a65b30c22fe0008a6020214397 Signed-off-by: Pavel Fedin <p.fedin@samsung.com> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit bc45a516fa90b43b1898758d8b53b74c24b954e4) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088110 [modify] https://crrev.com/3e95401c957e0be89f625f35d1bdb238d23e7118/arch/arm/include/asm/kvm_emulate.h [modify] https://crrev.com/3e95401c957e0be89f625f35d1bdb238d23e7118/arch/arm64/include/asm/kvm_emulate.h [modify] https://crrev.com/3e95401c957e0be89f625f35d1bdb238d23e7118/arch/arm/kvm/mmio.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/92d242faeaf27c33b9b467c54bda3c91ffc1318d commit 92d242faeaf27c33b9b467c54bda3c91ffc1318d Author: Ard Biesheuvel <ard.biesheuvel@linaro.org> Date: Fri Jun 15 17:54:05 2018 UPSTREAM: ARM/arm64: KVM: correct PTE uncachedness check Commit e6fab5442345 ("ARM/arm64: KVM: test properly for a PTE's uncachedness") modified the logic to test whether a HYP or stage-2 mapping needs flushing, from [incorrectly] interpreting the page table attributes to [incorrectly] checking whether the PFN that backs the mapping is covered by host system RAM. The PFN number is part of the output of the translation, not the input, so we have to use pte_pfn() on the contents of the PTE, not __phys_to_pfn() on the HYP virtual address or stage-2 intermediate physical address. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I7237d9c49449de357c3709cc0c42f84bbd73b0e0 Fixes: e6fab5442345 ("ARM/arm64: KVM: test properly for a PTE's uncachedness") Cc: stable@vger.kernel.org Tested-by: Pavel Fedin <p.fedin@samsung.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 0de58f852875a0f0dcfb120bb8433e4e73c7803b) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088111 [modify] https://crrev.com/92d242faeaf27c33b9b467c54bda3c91ffc1318d/arch/arm/kvm/mmu.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/6a43ef6b3b3044e35f605f8b04803b1d78e11bf0 commit 6a43ef6b3b3044e35f605f8b04803b1d78e11bf0 Author: Wei Huang <wei@redhat.com> Date: Fri Jun 15 17:54:07 2018 BACKPORT: arm/arm64: KVM : Enable vhost device selection under KVM config menu vhost drivers provide guest VMs with better I/O performance and lower CPU utilization. This patch allows users to select vhost devices under KVM configuration menu on ARM. This makes vhost support on arm/arm64 on a par with other architectures (e.g. x86, ppc). BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I48ea02f2c0160a809307b86b1a149c55d0319d2f Signed-off-by: Wei Huang <wei@redhat.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 75755c6d02df9e9b959b3066c12de5494907e3d9) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: context conflicts] Conflicts: arch/arm/kvm/Kconfig arch/arm64/kvm/Kconfig Reviewed-on: https://chromium-review.googlesource.com/1088112 Reviewed-by: Dylan Reid <dgreid@chromium.org> [modify] https://crrev.com/6a43ef6b3b3044e35f605f8b04803b1d78e11bf0/arch/arm/kvm/Kconfig [modify] https://crrev.com/6a43ef6b3b3044e35f605f8b04803b1d78e11bf0/arch/arm64/kvm/Kconfig
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/88e8415d81d67f331660639c5edf6dc41056d44c commit 88e8415d81d67f331660639c5edf6dc41056d44c Author: Marc Zyngier <marc.zyngier@arm.com> Date: Fri Jun 15 17:54:08 2018 UPSTREAM: arm64: KVM: Fix AArch32 to AArch64 register mapping When running a 32bit guest under a 64bit hypervisor, the ARMv8 architecture defines a mapping of the 32bit registers in the 64bit space. This includes banked registers that are being demultiplexed over the 64bit ones. On exceptions caused by an operation involving a 32bit register, the HW exposes the register number in the ESR_EL2 register. It was so far understood that SW had to distinguish between AArch32 and AArch64 accesses (based on the current AArch32 mode and register number). It turns out that I misinterpreted the ARM ARM, and the clue is in D1.20.1: "For some exceptions, the exception syndrome given in the ESR_ELx identifies one or more register numbers from the issued instruction that generated the exception. Where the exception is taken from an Exception level using AArch32 these register numbers give the AArch64 view of the register." Which means that the HW is already giving us the translated version, and that we shouldn't try to interpret it at all (for example, doing an MMIO operation from the IRQ mode using the LR register leads to very unexpected behaviours). The fix is thus not to perform a call to vcpu_reg32() at all from vcpu_reg(), and use whatever register number is supplied directly. The only case we need to find out about the mapping is when we actively generate a register access, which only occurs when injecting a fault in a guest. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I70f44eb71c865d22d75988ffb002b414d8b7f488 Cc: stable@vger.kernel.org Reviewed-by: Robin Murphy <robin.murphy@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit c0f0963464c24e034b858441205455bf2a5d93ad) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088113 [modify] https://crrev.com/88e8415d81d67f331660639c5edf6dc41056d44c/arch/arm64/kvm/inject_fault.c [modify] https://crrev.com/88e8415d81d67f331660639c5edf6dc41056d44c/arch/arm64/include/asm/kvm_emulate.h
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/8e999bc5c65b35462378bdc0aa54c00497edf952 commit 8e999bc5c65b35462378bdc0aa54c00497edf952 Author: Tiejun Chen <tiejun.chen@intel.com> Date: Fri Jun 15 17:54:10 2018 UPSTREAM: kvm: remove one useless check extension We already check KVM_CAP_IRQFD in generic once enable CONFIG_HAVE_KVM_IRQFD, kvm_vm_ioctl_check_extension_generic() | + switch (arg) { + ... + #ifdef CONFIG_HAVE_KVM_IRQFD + case KVM_CAP_IRQFD: + #endif + ... + return 1; + ... + } | + kvm_vm_ioctl_check_extension() So its not necessary to check this in arch again, and also fix one typo, s/emlation/emulation. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I685c7a418777528890f95743f37160299b5bf6b2 Signed-off-by: Tiejun Chen <tiejun.chen@intel.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit ea2c6d9745c6698d9f820bc230aa1a80d9e908ac) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088114 [modify] https://crrev.com/8e999bc5c65b35462378bdc0aa54c00497edf952/include/uapi/linux/kvm.h [modify] https://crrev.com/8e999bc5c65b35462378bdc0aa54c00497edf952/arch/arm/kvm/arm.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/9b86763f07bc5781af6f959bc976aa1adaa88a45 commit 9b86763f07bc5781af6f959bc976aa1adaa88a45 Author: Christoffer Dall <christoffer.dall@linaro.org> Date: Fri Jun 15 17:54:11 2018 BACKPORT: arm/arm64: KVM: Properly account for guest CPU time Until now we have been calling kvm_guest_exit after re-enabling interrupts when we come back from the guest, but this has the unfortunate effect that CPU time accounting done in the context of timer interrupts occurring while the guest is running doesn't properly notice that the time since the last tick was spent in the guest. Inspired by the comment in the x86 code, move the kvm_guest_exit() call below the local_irq_enable() call and change __kvm_guest_exit() to kvm_guest_exit(), because we are now calling this function with interrupts enabled. We have to now explicitly disable preemption and not enable preemption before we've called kvm_guest_exit(), since otherwise we could be preempted and everything happening before we eventually get scheduled again would be accounted for as guest time. At the same time, move the trace_kvm_exit() call outside of the atomic section, since there is no reason for us to do that with interrupts disabled. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I6d763052dcce0cfd84f5a1e72b19440489713204 Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 1b3d546daf85ed2bc9966e12cee3e6435fb65eca) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> [SR: context from not having ccf73aaf5ad] Conflicts: arch/arm/kvm/arm.c Reviewed-on: https://chromium-review.googlesource.com/1088115 Reviewed-by: Dylan Reid <dgreid@chromium.org> [modify] https://crrev.com/9b86763f07bc5781af6f959bc976aa1adaa88a45/arch/arm/kvm/arm.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/8196b67f580702dc06eb5c70635ce87c803c7840 commit 8196b67f580702dc06eb5c70635ce87c803c7840 Author: Marc Zyngier <marc.zyngier@arm.com> Date: Fri Jun 15 17:54:12 2018 UPSTREAM: arm/arm64: KVM: Fix ordering of timer/GIC on guest entry As we now inject the timer interrupt when we're about to enter the guest, it makes a lot more sense to make sure this happens before the vgic code queues the pending interrupts. Otherwise, we get the interrupt on the following exit, which is not great for latency (and leads to all kind of bizarre issues when using with active interrupts at the HW level). BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I1f2ed9c288ee6d366de5a13447df7a800dd04dcf Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Reviewed-by: Alex Benne <alex.bennee@linaro.org> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 9a99d050705318d1cb27979e1c810464347db9db) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088116 [modify] https://crrev.com/8196b67f580702dc06eb5c70635ce87c803c7840/arch/arm/kvm/arm.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/95f5ae90f59a28f847e3349c909c9cad86694460 commit 95f5ae90f59a28f847e3349c909c9cad86694460 Author: Marc Zyngier <marc.zyngier@arm.com> Date: Fri Jun 15 17:54:14 2018 UPSTREAM: arm/arm64: KVM: Move vgic handling to a non-preemptible section As we're about to introduce some serious GIC-poking to the vgic code, it is important to make sure that we're going to poke the part of the GIC that belongs to the CPU we're about to run on (otherwise, we'd end up with some unexpected interrupts firing)... Introducing a non-preemptible section in kvm_arch_vcpu_ioctl_run prevents the problem from occuring. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Id3193c916625161b15520bb62879d62779fac968 Reviewed-by: Alex Benne <alex.bennee@linaro.org> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit abdf58438356c7baf34bdd98084b094ca3a6a23f) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088117 [modify] https://crrev.com/95f5ae90f59a28f847e3349c909c9cad86694460/arch/arm/kvm/arm.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/b01c22181d32532c16ad7f90af8cb64f7ce26083 commit b01c22181d32532c16ad7f90af8cb64f7ce26083 Author: Marc Zyngier <marc.zyngier@arm.com> Date: Fri Jun 15 17:54:15 2018 UPSTREAM: KVM: arm/arm64: vgic: Allow dynamic mapping of physical/virtual interrupts In order to be able to feed physical interrupts to a guest, we need to be able to establish the virtual-physical mapping between the two worlds. The mappings are kept in a set of RCU lists, indexed by virtual interrupts. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I99b66679aa0694f34cb55d236297bfa0245c8f94 Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit 6c3d63c9a26ba56e2ca63a9f68d52f77ae551d91) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088118 [modify] https://crrev.com/b01c22181d32532c16ad7f90af8cb64f7ce26083/include/kvm/arm_vgic.h [modify] https://crrev.com/b01c22181d32532c16ad7f90af8cb64f7ce26083/virt/kvm/arm/vgic.c [modify] https://crrev.com/b01c22181d32532c16ad7f90af8cb64f7ce26083/arch/arm/kvm/arm.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/ff0ca8693dda72f58008c7008ad5f4c96f47c603 commit ff0ca8693dda72f58008c7008ad5f4c96f47c603 Author: Pavel Fedin <p.fedin@samsung.com> Date: Fri Jun 15 17:54:17 2018 UPSTREAM: arm/arm64: KVM: vgic: Check for !irqchip_in_kernel() when mapping resources Until b26e5fdac43c ("arm/arm64: KVM: introduce per-VM ops"), kvm_vgic_map_resources() used to include a check on irqchip_in_kernel(), and vgic_v2_map_resources() still has it. But now vm_ops are not initialized until we call kvm_vgic_create(). Therefore kvm_vgic_map_resources() can being called without a VGIC, and we die because vm_ops.map_resources is NULL. Fixing this restores QEMU's kernel-irqchip=off option to a working state, allowing to use GIC emulation in userspace. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Ie9f0d8ef31c3910d442b79d98e368d4b395858a3 Fixes: b26e5fdac43c ("arm/arm64: KVM: introduce per-VM ops") Cc: stable@vger.kernel.org Signed-off-by: Pavel Fedin <p.fedin@samsung.com> [maz: reworked commit message] Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> (cherry picked from commit c2f58514cfb374d5368c9da945f1765cd48eb0da) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088119 [modify] https://crrev.com/ff0ca8693dda72f58008c7008ad5f4c96f47c603/arch/arm/kvm/arm.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/96d394f5f563551924132c1137ec28d7e1be9bf0 commit 96d394f5f563551924132c1137ec28d7e1be9bf0 Author: Pavel Fedin <p.fedin@samsung.com> Date: Fri Jun 15 17:54:18 2018 UPSTREAM: KVM: arm/arm64: Fix memory leak if timer initialization fails Jump to correct label and free kvm_host_cpu_state BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I496996ef7426394984da880dcf06e1335b67ee5f Reviewed-by: Wei Huang <wei@redhat.com> Signed-off-by: Pavel Fedin <p.fedin@samsung.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> (cherry picked from commit 399ea0f6bcd318af94ec8e4ffe96703ed674f22e) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088120 [modify] https://crrev.com/96d394f5f563551924132c1137ec28d7e1be9bf0/arch/arm/kvm/arm.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/0d5b8fdacbe7c46b4b92b1840c2fa6d4052d03ec commit 0d5b8fdacbe7c46b4b92b1840c2fa6d4052d03ec Author: Mark Rutland <mark.rutland@arm.com> Date: Fri Jun 15 17:54:20 2018 UPSTREAM: arm: KVM: Survive unknown traps from guests [ Upstream commit f050fe7a9164945dd1c28be05bf00e8cfb082ccf ] Currently we BUG() if we see a HSR.EC value we don't recognise. As configurable disables/enables are added to the architecture (controlled by RES1/RES0 bits respectively), with associated synchronous exceptions, it may be possible for a guest to trigger exceptions with classes that we don't recognise. While we can't service these exceptions in a manner useful to the guest, we can avoid bringing down the host. Per ARM DDI 0406C.c, all currently unallocated HSR EC encodings are reserved, and per ARM DDI 0487A.k_iss10775, page G6-4395, EC values within the range 0x00 - 0x2c are reserved for future use with synchronous exceptions, and EC values within the range 0x2d - 0x3f may be used for either synchronous or asynchronous exceptions. The patch makes KVM handle any unknown EC by injecting an UNDEFINED exception into the guest, with a corresponding (ratelimited) warning in the host dmesg. We could later improve on this with with a new (opt-in) exit to the host userspace. BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: I8bfc36d0fd8c53d39493680fb1097e469ef1fa76 Cc: Dave Martin <dave.martin@arm.com> Cc: Suzuki K Poulose <suzuki.poulose@arm.com> Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Sasha Levin <alexander.levin@verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit 5dc5c8e6551541fa9502b15dd5532c01273fa1f3 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088121 [modify] https://crrev.com/0d5b8fdacbe7c46b4b92b1840c2fa6d4052d03ec/arch/arm/include/asm/kvm_arm.h [modify] https://crrev.com/0d5b8fdacbe7c46b4b92b1840c2fa6d4052d03ec/arch/arm/kvm/handle_exit.c
,
Jun 15 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/801e4a44dc3112a32db485708e83aaf17e332658 commit 801e4a44dc3112a32db485708e83aaf17e332658 Author: Wanpeng Li <wanpeng.li@hotmail.com> Date: Fri Jun 15 17:54:21 2018 UPSTREAM: KVM: Fix stack-out-of-bounds read in write_mmio commit e39d200fa5bf5b94a0948db0dae44c1b73b84a56 upstream. Reported by syzkaller: BUG: KASAN: stack-out-of-bounds in write_mmio+0x11e/0x270 [kvm] Read of size 8 at addr ffff8803259df7f8 by task syz-executor/32298 CPU: 6 PID: 32298 Comm: syz-executor Tainted: G OE 4.15.0-rc2+ #18 Hardware name: LENOVO ThinkCentre M8500t-N000/SHARKBAY, BIOS FBKTC1AUS 02/16/2016 Call Trace: dump_stack+0xab/0xe1 print_address_description+0x6b/0x290 kasan_report+0x28a/0x370 write_mmio+0x11e/0x270 [kvm] emulator_read_write_onepage+0x311/0x600 [kvm] emulator_read_write+0xef/0x240 [kvm] emulator_fix_hypercall+0x105/0x150 [kvm] em_hypercall+0x2b/0x80 [kvm] x86_emulate_insn+0x2b1/0x1640 [kvm] x86_emulate_instruction+0x39a/0xb90 [kvm] handle_exception+0x1b4/0x4d0 [kvm_intel] vcpu_enter_guest+0x15a0/0x2640 [kvm] kvm_arch_vcpu_ioctl_run+0x549/0x7d0 [kvm] kvm_vcpu_ioctl+0x479/0x880 [kvm] do_vfs_ioctl+0x142/0x9a0 SyS_ioctl+0x74/0x80 entry_SYSCALL_64_fastpath+0x23/0x9a The path of patched vmmcall will patch 3 bytes opcode 0F 01 C1(vmcall) to the guest memory, however, write_mmio tracepoint always prints 8 bytes through *(u64 *)val since kvm splits the mmio access into 8 bytes. This leaks 5 bytes from the kernel stack (CVE-2017-17741). This patch fixes it by just accessing the bytes which we operate on. Before patch: syz-executor-5567 [007] .... 51370.561696: kvm_mmio: mmio write len 3 gpa 0x10 val 0x1ffff10077c1010f After patch: syz-executor-13416 [002] .... 51302.299573: kvm_mmio: mmio write len 3 gpa 0x10 val 0xc1010f BUG=chromium:846515 TEST=build/boot on hana with USE=kvm_host Change-Id: Iecffb5fc7703164e5a312eb1246470ad63ef83f6 Reported-by: Dmitry Vyukov <dvyukov@google.com> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Tested-by: Marc Zyngier <marc.zyngier@arm.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Radim Krm <rkrcmar@redhat.com> Cc: Marc Zyngier <marc.zyngier@arm.com> Cc: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit eb91461daa77eb0ddb4c24aa427051f3669ba1f3 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/) Signed-off-by: Sonny Rao <sonnyrao@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/1088122 [modify] https://crrev.com/801e4a44dc3112a32db485708e83aaf17e332658/arch/arm/kvm/mmio.c [modify] https://crrev.com/801e4a44dc3112a32db485708e83aaf17e332658/arch/x86/kvm/x86.c [modify] https://crrev.com/801e4a44dc3112a32db485708e83aaf17e332658/include/trace/events/kvm.h
,
Jun 15 2018
Support has landed now. I just need to get the Spectre v2 fixes backported to 3.18 now which has been more of a pain so far.
Showing comments 15 - 114
of 114
Older ›
|
||
►
Sign in to add a comment |
||
