New issue
Advanced search Search tips

Issue 846515 link

Starred by 7 users

Issue metadata

Status: Fixed
Owner:
Closed: Jun 15
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug



Sign in to add a comment

backport arm64 kvm support to 3.18

Project Member Reported by sonnyrao@chromium.org, May 24

Issue description

3.18 seems to be missing some support to properly run as a kvm host on arm64 systems, so let's pull back the necessary changes.
 
Showing comments 15 - 114 of 114 Older
Project Member

Comment 15 by bugdroid1@chromium.org, Jun 12

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/1c5f09f4ce621155169fde719d9c3b1af7d54ac2

commit 1c5f09f4ce621155169fde719d9c3b1af7d54ac2
Author: Andre Przywara <andre.przywara@arm.com>
Date: Tue Jun 12 00:29:39 2018

UPSTREAM: arm/arm64: KVM: introduce per-VM ops

Currently we only have one virtual GIC model supported, so all guests
use the same emulation code. With the addition of another model we
end up with different guests using potentially different vGIC models,
so we have to split up some functions to be per VM.
Introduce a vgic_vm_ops struct to hold function pointers for those
functions that are different and provide the necessary code to
initialize them.
Also split up the vgic_init() function to separate out VGIC model
specific functionality into a separate function, which will later be
different for a GICv3 model.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ic493d80c9fef675206388785c219f128ea3bda24
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit b26e5fdac43c1b7c394502917e42e3b91f3aa1a3)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088024

[modify] https://crrev.com/1c5f09f4ce621155169fde719d9c3b1af7d54ac2/include/kvm/arm_vgic.h
[modify] https://crrev.com/1c5f09f4ce621155169fde719d9c3b1af7d54ac2/virt/kvm/arm/vgic.c

Project Member

Comment 16 by bugdroid1@chromium.org, Jun 12

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d

commit a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d
Author: Andre Przywara <andre.przywara@arm.com>
Date: Tue Jun 12 00:29:41 2018

UPSTREAM: arm/arm64: KVM: move kvm_register_device_ops() into vGIC probing

Currently we unconditionally register the GICv2 emulation device
during the host's KVM initialization. Since with GICv3 support we
may end up with only v2 or only v3 or both supported, we move the
registration into the GIC probing function, where we will later know
which combination is valid.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I2c7481d75290698913670b07202a9a5758488a00
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit ea2f83a7de9d0abbd145e37177905aab57fdb835)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088025

[modify] https://crrev.com/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d/include/linux/kvm_host.h
[modify] https://crrev.com/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d/virt/kvm/arm/vgic-v3.c
[modify] https://crrev.com/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d/virt/kvm/arm/vgic.c
[modify] https://crrev.com/a40ff74d54ca395a0073a3b6fb4fd2cfc561bb2d/virt/kvm/arm/vgic-v2.c

Project Member

Comment 17 by bugdroid1@chromium.org, Jun 12

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/02a10a399d6fc4ffb2fd9b27b158c0bcfa0a5883

commit 02a10a399d6fc4ffb2fd9b27b158c0bcfa0a5883
Author: Andre Przywara <andre.przywara@arm.com>
Date: Tue Jun 12 00:29:43 2018

UPSTREAM: arm/arm64: KVM: dont rely on a valid GICH base address

To check whether the vGIC was already initialized, we currently check
the GICH base address for not being NULL. Since with GICv3 we may
get along without this address, lets use the irqchip_in_kernel()
function to detect an already initialized vGIC.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I16924ebf8226ee2d46f7c77fbaa9d0a211d9aa4b
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 4ce7ebdfc69d1d5d166eec103ed2976eb45a6173)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088026

[modify] https://crrev.com/02a10a399d6fc4ffb2fd9b27b158c0bcfa0a5883/virt/kvm/arm/vgic.c

Project Member

Comment 18 by bugdroid1@chromium.org, Jun 12

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/15730499e63cfc7167dc64d6554c54171d9964c5

commit 15730499e63cfc7167dc64d6554c54171d9964c5
Author: Andre Przywara <andre.przywara@arm.com>
Date: Tue Jun 12 00:29:44 2018

UPSTREAM: arm/arm64: KVM: make the maximum number of vCPUs a per-VM value

Currently the maximum number of vCPUs supported is a global value
limited by the used GIC model. GICv3 will lift this limit, but we
still need to observe it for guests using GICv2.
So the maximum number of vCPUs is per-VM value, depending on the
GIC model the guest uses.
Store and check the value in struct kvm_arch, but keep it down to
8 for now.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I6b90724c3e76a06e98e984b0258f0065a62e58fd
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 3caa2d8c3b2d80f5e342fe8cec07c03c8147dcab)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088027

[modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/virt/kvm/arm/vgic.c
[modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/virt/kvm/arm/vgic-v3.c
[modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/arch/arm/include/asm/kvm_host.h
[modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/virt/kvm/arm/vgic-v2.c
[modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/include/kvm/arm_vgic.h
[modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/arch/arm/kvm/arm.c
[modify] https://crrev.com/15730499e63cfc7167dc64d6554c54171d9964c5/arch/arm64/include/asm/kvm_host.h

Project Member

Comment 19 by bugdroid1@chromium.org, Jun 12

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/f8730ab650c2993a716ca445a15ddc361b20ce7f

commit f8730ab650c2993a716ca445a15ddc361b20ce7f
Author: Andre Przywara <andre.przywara@arm.com>
Date: Tue Jun 12 00:29:46 2018

UPSTREAM: arm/arm64: KVM: make the value of ICC_SRE_EL1 a per-VM variable

ICC_SRE_EL1 is a system register allowing msr/mrs accesses to the
GIC CPU interface for EL1 (guests). Currently we force it to 0, but
for proper GICv3 support we have to allow guests to use it (depending
on their selected virtual GIC model).
So add ICC_SRE_EL1 to the list of saved/restored registers on a
world switch, but actually disallow a guest to change it by only
restoring a fixed, once-initialized value.
This value depends on the GIC model userland has chosen for a guest.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Icebf3f7887482388f02c0a6e2a31fc3dfc3a6e37
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 2f5fa41a7a7f47f3109a6596b0ec96258dbf06e6)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088028

[modify] https://crrev.com/f8730ab650c2993a716ca445a15ddc361b20ce7f/include/kvm/arm_vgic.h
[modify] https://crrev.com/f8730ab650c2993a716ca445a15ddc361b20ce7f/arch/arm64/kvm/vgic-v3-switch.S
[modify] https://crrev.com/f8730ab650c2993a716ca445a15ddc361b20ce7f/virt/kvm/arm/vgic-v3.c
[modify] https://crrev.com/f8730ab650c2993a716ca445a15ddc361b20ce7f/arch/arm64/kernel/asm-offsets.c

Project Member

Comment 20 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/68bd106df593ba1ec332b04bdae4c4e39e5294fa

commit 68bd106df593ba1ec332b04bdae4c4e39e5294fa
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:20 2018

UPSTREAM: arm/arm64: KVM: refactor MMIO accessors

The MMIO accessors for GICD_I[CS]ENABLER, GICD_I[CS]PENDR and
GICD_ICFGR behave very similar for GICv2 and GICv3, although the way
the affected VCPU is determined differs.
Since we need them to access the registers from three different
places in the future, we factor out a generic, backend-facing
implementation and use small wrappers in the current GICv2 emulation.
This will ease adding GICv3 accessors later.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I7c820688c508c672531d2f20188147d68b5bf086
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit d97f683d0f4b2e63e68869f81ba2ce4ccbb6e5d8)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088029
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/68bd106df593ba1ec332b04bdae4c4e39e5294fa/virt/kvm/arm/vgic.c

Project Member

Comment 21 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/f7be736bd9a7ed93aad65e31c2805a363c073d93

commit f7be736bd9a7ed93aad65e31c2805a363c073d93
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:21 2018

UPSTREAM: arm/arm64: KVM: refactor/wrap vgic_set/get_attr()

vgic_set_attr() and vgic_get_attr() contain both code specific for
the emulated GIC as well as code for the userland facing, generic
part of the GIC.
Split the guest GIC facing code of from the generic part to allow
easier splitting later.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: If66d57b2dd16c5974dfd1d23ab17d93f220b49cd
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit b60da146c135ea6b6c25a0ae925edca038b64344)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088030
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/f7be736bd9a7ed93aad65e31c2805a363c073d93/virt/kvm/arm/vgic.c

Project Member

Comment 22 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/db5a91e92ea62f34766ab409c7c84fb01cfd836c

commit db5a91e92ea62f34766ab409c7c84fb01cfd836c
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:23 2018

UPSTREAM: arm/arm64: KVM: add vgic.h header file

vgic.c is currently a mixture of generic vGIC emulation code and
functions specific to emulating a GICv2. To ease the addition of
GICv3 later, we create new header file vgic.h, which holds constants
and prototypes of commonly used functions.
Rename some identifiers to avoid name space clutter.
I removed the long-standing comment about using the kvm_io_bus API
to tackle the GIC register ranges, as it wouldn't be a win for us
anymore.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>

-------
As the diff isn't always obvious here (and to aid eventual rebases),
here is a list of high-level changes done to the code:
* moved definitions and prototypes from vgic.c to vgic.h:
  - VGIC_ADDR_UNDEF
  - ACCESS_{READ,WRITE}_*
  - vgic_init()
  - vgic_update_state()
  - vgic_kick_vcpus()
  - vgic_get_vmcr()
  - vgic_set_vmcr()
  - struct mmio_range {} (renamed to struct kvm_mmio_range)
* removed static keyword and exported prototype in vgic.h:
  - vgic_bitmap_get_reg()
  - vgic_bitmap_set_irq_val()
  - vgic_bitmap_get_shared_map()
  - vgic_bytemap_get_reg()
  - vgic_dist_irq_set_pending()
  - vgic_dist_irq_clear_pending()
  - vgic_cpu_irq_clear()
  - vgic_reg_access()
  - handle_mmio_raz_wi()
  - vgic_handle_enable_reg()
  - vgic_handle_set_pending_reg()
  - vgic_handle_clear_pending_reg()
  - vgic_handle_cfg_reg()
  - vgic_unqueue_irqs()
  - find_matching_range() (renamed to vgic_find_range)
  - vgic_handle_mmio_range()
  - vgic_update_state()
  - vgic_get_vmcr()
  - vgic_set_vmcr()
  - vgic_queue_irq()
  - vgic_kick_vcpus()
  - vgic_init()
  - vgic_v2_init_emulation()
  - vgic_has_attr_regs()
  - vgic_set_common_attr()
  - vgic_get_common_attr()
  - vgic_destroy()
  - vgic_create()
* moved functions to vgic.h (static inline):
  - mmio_data_read()
  - mmio_data_write()
  - is_in_range()

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I2d438e17b884fcb4221605f37027bf073508e7a5
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 832158125d2ef30b364f21e1616495c40c286a4a)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088031
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/db5a91e92ea62f34766ab409c7c84fb01cfd836c/virt/kvm/arm/vgic.c
[add] https://crrev.com/db5a91e92ea62f34766ab409c7c84fb01cfd836c/virt/kvm/arm/vgic.h

Project Member

Comment 23 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00

commit fe32720cbf9e17673a04a27bd028fc9fe3a6ad00
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:24 2018

UPSTREAM: arm/arm64: KVM: split GICv2 specific emulation code from vgic.c

vgic.c is currently a mixture of generic vGIC emulation code and
functions specific to emulating a GICv2. To ease the addition of
GICv3, split off strictly v2 specific parts into a new file
vgic-v2-emul.c.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>

-------
As the diff isn't always obvious here (and to aid eventual rebases),
here is a list of high-level changes done to the code:
* added new file to respective arm/arm64 Makefiles
* moved GICv2 specific functions to vgic-v2-emul.c:
  - handle_mmio_misc()
  - handle_mmio_set_enable_reg()
  - handle_mmio_clear_enable_reg()
  - handle_mmio_set_pending_reg()
  - handle_mmio_clear_pending_reg()
  - handle_mmio_priority_reg()
  - vgic_get_target_reg()
  - vgic_set_target_reg()
  - handle_mmio_target_reg()
  - handle_mmio_cfg_reg()
  - handle_mmio_sgi_reg()
  - vgic_v2_unqueue_sgi()
  - read_set_clear_sgi_pend_reg()
  - write_set_clear_sgi_pend_reg()
  - handle_mmio_sgi_set()
  - handle_mmio_sgi_clear()
  - vgic_v2_handle_mmio()
  - vgic_get_sgi_sources()
  - vgic_dispatch_sgi()
  - vgic_v2_queue_sgi()
  - vgic_v2_map_resources()
  - vgic_v2_init()
  - vgic_v2_add_sgi_source()
  - vgic_v2_init_model()
  - vgic_v2_init_emulation()
  - handle_cpu_mmio_misc()
  - handle_mmio_abpr()
  - handle_cpu_mmio_ident()
  - vgic_attr_regs_access()
  - vgic_create() (renamed to vgic_v2_create())
  - vgic_destroy() (renamed to vgic_v2_destroy())
  - vgic_has_attr() (renamed to vgic_v2_has_attr())
  - vgic_set_attr() (renamed to vgic_v2_set_attr())
  - vgic_get_attr() (renamed to vgic_v2_get_attr())
  - struct kvm_mmio_range vgic_dist_ranges[]
  - struct kvm_mmio_range vgic_cpu_ranges[]
  - struct kvm_device_ops kvm_arm_vgic_v2_ops {}

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I3c2d2b80c493887c5da27adbcfc3aa30c0cebf32
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 1d916229e348c628ddc9cf97528e76d13f52c122)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088032
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00/arch/arm64/kvm/Makefile
[add] https://crrev.com/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00/virt/kvm/arm/vgic-v2-emul.c
[modify] https://crrev.com/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00/arch/arm/kvm/Makefile
[modify] https://crrev.com/fe32720cbf9e17673a04a27bd028fc9fe3a6ad00/virt/kvm/arm/vgic.c

Project Member

Comment 24 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478

commit bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:26 2018

UPSTREAM: arm/arm64: KVM: add opaque private pointer to MMIO data

For a GICv2 there is always only one (v)CPU involved: the one that
does the access. On a GICv3 the access to a CPU redistributor is
memory-mapped, but not banked, so the (v)CPU affected is determined by
looking at the MMIO address region being accessed.
To allow passing the affected CPU into the accessors later, extend
struct kvm_exit_mmio to add an opaque private pointer parameter.
The current GICv2 emulation just does not use it.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ic56a447bae92da475f9ff1ba837d36dbe663c878
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 9fedf146778e6d1c26319ebaf56131a4f3a6be03)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088033
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478/arch/arm64/include/asm/kvm_mmio.h
[modify] https://crrev.com/bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478/arch/arm/include/asm/kvm_mmio.h
[modify] https://crrev.com/bda4d8cd7fa69cfcda28eecf6e0b3b3feb1b4478/virt/kvm/arm/vgic.c

Project Member

Comment 25 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4b52b36a67fe73806eb1a5dcb4dd8cf3be80022e

commit 4b52b36a67fe73806eb1a5dcb4dd8cf3be80022e
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:57:27 2018

UPSTREAM: irqchip: GICv3: rework redistributor structure

The basic GICv3 driver has almost no use for the redistributor
(other than the basic per-CPU interrupts), but the ITS needs
a lot more from them.

As such, rework the set of data structures. The behaviour of the
GICv3 driver is otherwise unaffected.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I0b4e0904696322a022db186f19904f6ca6925658
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Link: https://lkml.kernel.org/r/1416839720-18400-4-git-send-email-marc.zyngier@arm.com
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
(cherry picked from commit f5c1434c217fd72ac0d24d3142d09e49a3d4e72e)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088034
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/4b52b36a67fe73806eb1a5dcb4dd8cf3be80022e/drivers/irqchip/irq-gic-v3.c
[modify] https://crrev.com/4b52b36a67fe73806eb1a5dcb4dd8cf3be80022e/include/linux/irqchip/arm-gic-v3.h

Project Member

Comment 26 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/08f024742771627f52679aa210cc1891fa132e7c

commit 08f024742771627f52679aa210cc1891fa132e7c
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:57:29 2018

UPSTREAM: irqchip: GICv3: ITS command queue

The ITS is configured through a number commands that the driver
issues to the HW using a memory-based circular buffer.

This patch implements the subset of commands that are required
for Linux.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I654268cc6fcf5640dd015409e8656d1e65109ac1
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Link: https://lkml.kernel.org/r/1416839720-18400-5-git-send-email-marc.zyngier@arm.com
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
(cherry picked from commit cc2d3216f53c9fff0030eb71cacc4ce5f39d1d7e)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088035
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[add] https://crrev.com/08f024742771627f52679aa210cc1891fa132e7c/drivers/irqchip/irq-gic-v3-its.c
[modify] https://crrev.com/08f024742771627f52679aa210cc1891fa132e7c/include/linux/irqchip/arm-gic-v3.h

Project Member

Comment 27 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/87e6495abcb82ae5c073f6981789f9c42b7bbec9

commit 87e6495abcb82ae5c073f6981789f9c42b7bbec9
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:30 2018

UPSTREAM: arm/arm64: KVM: add virtual GICv3 distributor emulation

With everything separated and prepared, we implement a model of a
GICv3 distributor and redistributors by using the existing framework
to provide handler functions for each register group.

Currently we limit the emulation to a model enforcing a single
security state, with SRE==1 (forcing system register access) and
ARE==1 (allowing more than 8 VCPUs).

We share some of the functions provided for GICv2 emulation, but take
the different ways of addressing (v)CPUs into account.
Save and restore is currently not implemented.

Similar to the split-off of the GICv2 specific code, the new emulation
code goes into a new file (vgic-v3-emul.c).

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I0997eca47ef851266f61e051146da38f6b50cf26
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit a0675c25d6392c2197b796a60c4a2a0138c86355)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088036
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/include/uapi/linux/kvm.h
[modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/virt/kvm/arm/vgic.c
[modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/arch/arm64/kvm/Makefile
[add] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/virt/kvm/arm/vgic-v3-emul.c
[modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/virt/kvm/arm/vgic.h
[modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/include/linux/irqchip/arm-gic-v3.h
[modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/include/kvm/arm_vgic.h
[modify] https://crrev.com/87e6495abcb82ae5c073f6981789f9c42b7bbec9/include/linux/kvm_host.h

Project Member

Comment 28 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fe8a99a0f27eec4fa9d5e39624d3f2e36b6e6927

commit fe8a99a0f27eec4fa9d5e39624d3f2e36b6e6927
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:32 2018

UPSTREAM: arm64: GICv3: introduce symbolic names for GICv3 ICC_SGI1R_EL1 fields

The gic_send_sgi() function used hardcoded bit shift values to
generate the ICC_SGI1R_EL1 register value.
Replace this with symbolic names to allow reusing them later.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I720fd806c0ed3ce0e91294f7526200cc32584cfd
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 7e5802781c3e109558ddfd8b02155ad24d872ee7)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088037
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/fe8a99a0f27eec4fa9d5e39624d3f2e36b6e6927/drivers/irqchip/irq-gic-v3.c
[modify] https://crrev.com/fe8a99a0f27eec4fa9d5e39624d3f2e36b6e6927/include/linux/irqchip/arm-gic-v3.h

Project Member

Comment 29 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2a272f147e02f95e1f5431b105e75ee3efd3e78f

commit 2a272f147e02f95e1f5431b105e75ee3efd3e78f
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:57:33 2018

UPSTREAM: irqchip/gic-v3: Fix ICC_SGI1R_EL1.INTID decoding mask

commit dd5f1b049dc139876801db3cdd0f20d21fd428cc upstream.

The INTID mask is wrong, and is made a signed value, which has
nteresting effects in the KVM emulation. Let's sanitize it.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I765ff553ad041eaabcdded6f17c782b51cde4b9a
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit f32ef5c8e9e847706a3ef96791e14b207914d9e3
  in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088038
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/2a272f147e02f95e1f5431b105e75ee3efd3e78f/include/linux/irqchip/arm-gic-v3.h

Project Member

Comment 30 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/39b5caa51380deed11435a9517a2927b1c0a71c9

commit 39b5caa51380deed11435a9517a2927b1c0a71c9
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:34 2018

UPSTREAM: arm64: KVM: add SGI generation register emulation

While the generation of a (virtual) inter-processor interrupt (SGI)
on a GICv2 works by writing to a MMIO register, GICv3 uses the system
register ICC_SGI1R_EL1 to trigger them.
Add a trap handler function that calls the new SGI register handler
in the GICv3 code. As ICC_SRE_EL1.SRE at this point is still always 0,
this will not trap yet, but will only be used later when all the data
structures have been initialized properly.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I80060df6f1973cc40de9f833a42e1b7ada64cfb9
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 6d52f35af10cf24d59b43f3fd8c938ad23cab543)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088039
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/39b5caa51380deed11435a9517a2927b1c0a71c9/include/kvm/arm_vgic.h
[modify] https://crrev.com/39b5caa51380deed11435a9517a2927b1c0a71c9/arch/arm64/kvm/sys_regs.c
[modify] https://crrev.com/39b5caa51380deed11435a9517a2927b1c0a71c9/virt/kvm/arm/vgic-v3-emul.c

Project Member

Comment 31 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/cf323763ed36e66712178f18144f17152e712f91

commit cf323763ed36e66712178f18144f17152e712f91
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:36 2018

UPSTREAM: arm/arm64: KVM: enable kernel side of GICv3 emulation

With all the necessary GICv3 emulation code in place, we can now
connect the code to the GICv3 backend in the kernel.
The LR register handling is different depending on the emulated GIC
model, so provide different implementations for each.
Also allow non-v2-compatible GICv3 implementations (which don't
provide MMIO regions for the virtual CPU interface in the DT), but
restrict those hosts to support GICv3 guests only.
If the device tree provides a GICv2 compatible GICV resource entry,
but that one is faulty, just disable the GICv2 emulation and let the
user use at least the GICv3 emulation for guests.
To provide proper support for the legacy KVM_CREATE_IRQCHIP ioctl,
note virtual GICv2 compatibility in struct vgic_params and use it
on creating a VGICv2.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Iaa16302a5bff75022ae26b8554acc0dbd5ada041
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit b5d84ff600a244b655bd4f657f5350f29b0ce611)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088040
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/cf323763ed36e66712178f18144f17152e712f91/include/kvm/arm_vgic.h
[modify] https://crrev.com/cf323763ed36e66712178f18144f17152e712f91/virt/kvm/arm/vgic.c
[modify] https://crrev.com/cf323763ed36e66712178f18144f17152e712f91/virt/kvm/arm/vgic-v3.c
[modify] https://crrev.com/cf323763ed36e66712178f18144f17152e712f91/virt/kvm/arm/vgic-v2.c

Project Member

Comment 32 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/903c60275f9f517ef702032cac68c43c0c384366

commit 903c60275f9f517ef702032cac68c43c0c384366
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:37 2018

BACKPORT: arm/arm64: KVM: allow userland to request a virtual GICv3

With all of the GICv3 code in place now we allow userland to ask the
kernel for using a virtual GICv3 in the guest.
Also we provide the necessary support for guests setting the memory
addresses for the virtual distributor and redistributors.
This requires some userland code to make use of that feature and
explicitly ask for a virtual GICv3.
Document that KVM_CREATE_IRQCHIP only works for GICv2, but is
considered legacy and using KVM_CREATE_DEVICE is preferred.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I01bd94e894f2abed4f9e3e283c57376d22ad3b82
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit ac3d373564d9744068d867a0eb16da2ff8d5ee9d)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: context for not having something about IA64 in there]
 Conflicts:
	Documentation/virtual/kvm/api.txt
Reviewed-on: https://chromium-review.googlesource.com/1088041
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/Documentation/virtual/kvm/devices/arm-vgic.txt
[modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/virt/kvm/arm/vgic.c
[modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/virt/kvm/arm/vgic-v3-emul.c
[modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/arch/arm64/include/uapi/asm/kvm.h
[modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/include/kvm/arm_vgic.h
[modify] https://crrev.com/903c60275f9f517ef702032cac68c43c0c384366/Documentation/virtual/kvm/api.txt

Project Member

Comment 33 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/ab8c8770ebe0f10ddf3f66788f72c17b0099016d

commit ab8c8770ebe0f10ddf3f66788f72c17b0099016d
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:57:39 2018

UPSTREAM: arm/arm64: KVM: force alignment of VGIC dist/CPU/redist addresses

Although the GIC architecture requires us to map the MMIO regions
only at page aligned addresses, we currently do not enforce this from
the kernel side.
Restrict any vGICv2 regions to be 4K aligned and any GICv3 regions
to be 64K aligned. Document this requirement.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Id5e99850713b7d338c8dd3b3175b87e6ff4e3f76
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 4fa96afd94a9bb29135d6e2e8fdb527e58f4fd5c)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088042
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/ab8c8770ebe0f10ddf3f66788f72c17b0099016d/Documentation/virtual/kvm/devices/arm-vgic.txt
[modify] https://crrev.com/ab8c8770ebe0f10ddf3f66788f72c17b0099016d/virt/kvm/arm/vgic.c

Project Member

Comment 34 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/8ff208fe1dc34e8631c31475c66e4dc3d4fb537b

commit 8ff208fe1dc34e8631c31475c66e4dc3d4fb537b
Author: Christoffer Dall <christoffer.dall@linaro.org>
Date: Wed Jun 13 19:57:40 2018

UPSTREAM: arm/arm64: KVM: Fixup incorrect config symbol in comment

A comment in the dirty page logging patch series mentioned incorrectly
spelled config symbols, just fix them up to match the real thing.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I30c7a4aca360033da8de7a39c9b52c661d767a34
Reported-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 227ea818f26ec0d881853bdbae7684a32b1391ba)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088043
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/8ff208fe1dc34e8631c31475c66e4dc3d4fb537b/arch/arm/kvm/mmu.c

Project Member

Comment 35 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31

commit 0f341bcce45f9813f022cdbf9d8e0e882c6bcb31
Author: Dominik Dingel <dingel@linux.vnet.ibm.com>
Date: Wed Jun 13 19:57:42 2018

UPSTREAM: KVM: remove unneeded return value of vcpu_postcreate

The return value of kvm_arch_vcpu_postcreate is not checked in its
caller.  This is okay, because only x86 provides vcpu_postcreate right
now and it could only fail if vcpu_load failed.  But that is not
possible during KVM_CREATE_VCPU (kvm_arch_vcpu_load is void, too), so
just get rid of the unchecked return value.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: If037eac7e3d8d16291091bfbaa49c5273a00d92e
Signed-off-by: Dominik Dingel <dingel@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
(cherry picked from commit 31928aa5863e71535ee942f506ca9ac8ce1c4315)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088044
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/x86/kvm/x86.c
[modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/powerpc/kvm/powerpc.c
[modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/s390/kvm/kvm-s390.c
[modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/mips/kvm/mips.c
[modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/include/linux/kvm_host.h
[modify] https://crrev.com/0f341bcce45f9813f022cdbf9d8e0e882c6bcb31/arch/arm/kvm/arm.c

Project Member

Comment 36 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2b6ba3160984de97c2e118665731160b3e0d240d

commit 2b6ba3160984de97c2e118665731160b3e0d240d
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: Wed Jun 13 19:57:43 2018

UPSTREAM: KVM: x86: switch to kvm_get_dirty_log_protect

We now have a generic function that does most of the work of
kvm_vm_ioctl_get_dirty_log, now use it.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ie9b8f0a2b744c271d33ac1761917331057aea8f5
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Mario Smarduch <m.smarduch@samsung.com>
(cherry picked from commit e108ff2f8033a417ee3e517d9f8730f665646076)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088045
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/2b6ba3160984de97c2e118665731160b3e0d240d/arch/x86/include/asm/kvm_host.h
[modify] https://crrev.com/2b6ba3160984de97c2e118665731160b3e0d240d/arch/x86/kvm/x86.c
[modify] https://crrev.com/2b6ba3160984de97c2e118665731160b3e0d240d/arch/x86/kvm/mmu.c
[modify] https://crrev.com/2b6ba3160984de97c2e118665731160b3e0d240d/arch/x86/kvm/Kconfig

Project Member

Comment 37 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d

commit 76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d
Author: Kai Huang <kai.huang@linux.intel.com>
Date: Wed Jun 13 19:57:45 2018

UPSTREAM: KVM: Rename kvm_arch_mmu_write_protect_pt_masked to be more generic for log dirty

We don't have to write protect guest memory for dirty logging if architecture
supports hardware dirty logging, such as PML on VMX, so rename it to be more
generic.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I6c194a1f730d476d37cda5669364d911ae9ad86d
Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
Reviewed-by: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 3b0f1d01e501792d8d89ab4371bc9e8cd2a10032)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088046
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d/include/linux/kvm_host.h
[modify] https://crrev.com/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d/arch/x86/kvm/mmu.c
[modify] https://crrev.com/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d/virt/kvm/kvm_main.c
[modify] https://crrev.com/76f83877e65a7fd16c4ad7d9b4bf2cf29d48a39d/arch/arm/kvm/mmu.c

Project Member

Comment 38 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0

commit c13c11d946b7e62691b03ad3e6fd23c02b8c03d0
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:57:46 2018

BACKPORT: arm/arm64: KVM: Use set/way op trapping to track the state of the caches

Trying to emulate the behaviour of set/way cache ops is fairly
pointless, as there are too many ways we can end-up missing stuff.
Also, there is some system caches out there that simply ignore
set/way operations.

So instead of trying to implement them, let's convert it to VA ops,
and use them as a way to re-enable the trapping of VM ops. That way,
we can detect the point when the MMU/caches are turned off, and do
a full VM flush (which is what the guest was trying to do anyway).

This allows a 32bit zImage to boot on the APM thingy, and will
probably help bootloaders in general.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I8abcff5d48998521e743266c4db863825c00de0c
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 3c1e716508335eb132c9349cb1a1716c8f7e3d2e)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: context conflict]
 Conflicts:
	arch/arm64/kvm/sys_regs.c
Reviewed-on: https://chromium-review.googlesource.com/1088047
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/coproc_a7.c
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/coproc.h
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/include/asm/kvm_mmu.h
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm64/include/asm/kvm_mmu.h
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/include/asm/kvm_host.h
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/coproc.c
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/include/asm/kvm_emulate.h
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/trace.h
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm64/include/asm/kvm_emulate.h
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm64/kvm/sys_regs.c
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/coproc_a15.c
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/arm.c
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm64/include/asm/kvm_host.h
[modify] https://crrev.com/c13c11d946b7e62691b03ad3e6fd23c02b8c03d0/arch/arm/kvm/mmu.c

Project Member

Comment 39 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/a704f9dc5bdc4147cbc417c40e6395daa6d03b2d

commit a704f9dc5bdc4147cbc417c40e6395daa6d03b2d
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:57:48 2018

BACKPORT: arm/arm64: KVM: Invalidate data cache on unmap

Let's assume a guest has created an uncached mapping, and written
to that page. Let's also assume that the host uses a cache-coherent
IO subsystem. Let's finally assume that the host is under memory
pressure and starts to swap things out.

Before this "uncached" page is evicted, we need to make sure
we invalidate potential speculated, clean cache lines that are
sitting there, or the IO subsystem is going to swap out the
cached view, loosing the data that has been written directly
into memory.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Idd85714d4ee15667cebbbbd23e1c02feb7ed67fd
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 363ef89f8e9bcedc28b976d0fe2d858fe139c122)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: context conflict]
 Conflicts:
	arch/arm/kvm/mmu.c
Reviewed-on: https://chromium-review.googlesource.com/1088048
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

[modify] https://crrev.com/a704f9dc5bdc4147cbc417c40e6395daa6d03b2d/arch/arm/include/asm/kvm_mmu.h
[modify] https://crrev.com/a704f9dc5bdc4147cbc417c40e6395daa6d03b2d/arch/arm64/include/asm/kvm_mmu.h
[modify] https://crrev.com/a704f9dc5bdc4147cbc417c40e6395daa6d03b2d/arch/arm/kvm/mmu.c

Project Member

Comment 40 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/102555b2f27f791068f172cda20aba0d0cd8e9ef

commit 102555b2f27f791068f172cda20aba0d0cd8e9ef
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:57:49 2018

BACKPORT: arm/arm64: KVM: Use kernel mapping to perform invalidation on page fault

When handling a fault in stage-2, we need to resync I$ and D$, just
to be sure we don't leave any old cache line behind.

That's very good, except that we do so using the *user* address.
Under heavy load (swapping like crazy), we may end up in a situation
where the page gets mapped in stage-2 while being unmapped from
userspace by another CPU.

At that point, the DC/IC instructions can generate a fault, which
we handle with kvm->mmu_lock held. The box quickly deadlocks, user
is unhappy.

Instead, perform this invalidation through the kernel mapping,
which is guaranteed to be present. The box is much happier, and so
am I.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ic6b97f263300b1662b3d07faaa6773991e6ea2eb
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 0d3e4d4fade6b04e933b11e69e80044f35e9cd60)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: context conflicts]
Conflicts:
   arch/arm/kvm/mmu.c
Reviewed-on: https://chromium-review.googlesource.com/1088049
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

[modify] https://crrev.com/102555b2f27f791068f172cda20aba0d0cd8e9ef/arch/arm/include/asm/kvm_mmu.h
[modify] https://crrev.com/102555b2f27f791068f172cda20aba0d0cd8e9ef/arch/arm64/include/asm/kvm_mmu.h
[modify] https://crrev.com/102555b2f27f791068f172cda20aba0d0cd8e9ef/arch/arm/kvm/mmu.c

Project Member

Comment 41 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/78165c3b1680b658d92632812f239b0d6a9b3d5e

commit 78165c3b1680b658d92632812f239b0d6a9b3d5e
Author: Jan Kiszka <jan.kiszka@siemens.com>
Date: Wed Jun 13 19:57:51 2018

UPSTREAM: ARM: KVM: Fix size check in __coherent_cache_guest_page

The check is supposed to catch page-unaligned sizes, not the inverse.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I07c7b6f90164053ae08d7a80af561f9ad84fc722
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit a050dfb21cc22ac0c666d52531040c1bc48184cc)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088050
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/78165c3b1680b658d92632812f239b0d6a9b3d5e/arch/arm/include/asm/kvm_mmu.h

Project Member

Comment 42 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/160ce29b0b8f1750e7aff6e6272fd7d6035dd750

commit 160ce29b0b8f1750e7aff6e6272fd7d6035dd750
Author: Wei Huang <wei@redhat.com>
Date: Wed Jun 13 19:57:52 2018

UPSTREAM: arm/arm64: KVM: Add exit reaons to kvm_exit event tracing

This patch extends trace_kvm_exit() to include KVM exit reasons
(i.e. EC of HSR). The tracing function then dumps both exit reason
and PC of vCPU, shown as the following. Tracing tools can use this
new exit_reason field to better understand the behavior of guest VMs.

886.301252: kvm_exit:             HSR_EC: 0x0024, PC: 0xfffffe0000506b28

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ieea0a7160ee229c3cfe76edc4f34f0412dc5db22
Signed-off-by: Wei Huang <wei@redhat.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 91314cb0053877991fd7b4749bb4b54d6bd6992f)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088051
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/160ce29b0b8f1750e7aff6e6272fd7d6035dd750/arch/arm/kvm/arm.c
[modify] https://crrev.com/160ce29b0b8f1750e7aff6e6272fd7d6035dd750/arch/arm/kvm/trace.h

Project Member

Comment 43 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/bf3e1e3c49a36c0b04513d38732f8574527eae53

commit bf3e1e3c49a36c0b04513d38732f8574527eae53
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:57:54 2018

UPSTREAM: arm64: KVM: Fix stage-2 PGD allocation to have per-page refcounting

We're using __get_free_pages with to allocate the guest's stage-2
PGD. The standard behaviour of this function is to return a set of
pages where only the head page has a valid refcount.

This behaviour gets us into trouble when we're trying to increment
the refcount on a non-head page:

page:ffff7c00cfb693c0 count:0 mapcount:0 mapping:          (null) index:0x0
flags: 0x4000000000000000()
page dumped because: VM_BUG_ON_PAGE((*({ __attribute__((unused)) typeof((&page->_count)->counter) __var = ( typeof((&page->_count)->counter)) 0; (volatile typeof((&page->_count)->counter) *)&((&page->_count)->counter); })) <= 0)
BUG: failure at include/linux/mm.h:548/get_page()!
Kernel panic - not syncing: BUG!
CPU: 1 PID: 1695 Comm: kvm-vcpu-0 Not tainted 4.0.0-rc1+ #3825
Hardware name: APM X-Gene Mustang board (DT)
Call trace:
[<ffff80000008a09c>] dump_backtrace+0x0/0x13c
[<ffff80000008a1e8>] show_stack+0x10/0x1c
[<ffff800000691da8>] dump_stack+0x74/0x94
[<ffff800000690d78>] panic+0x100/0x240
[<ffff8000000a0bc4>] stage2_get_pmd+0x17c/0x2bc
[<ffff8000000a1dc4>] kvm_handle_guest_abort+0x4b4/0x6b0
[<ffff8000000a420c>] handle_exit+0x58/0x180
[<ffff80000009e7a4>] kvm_arch_vcpu_ioctl_run+0x114/0x45c
[<ffff800000099df4>] kvm_vcpu_ioctl+0x2e0/0x754
[<ffff8000001c0a18>] do_vfs_ioctl+0x424/0x5c8
[<ffff8000001c0bfc>] SyS_ioctl+0x40/0x78
CPU0: stopping

A possible approach for this is to split the compound page using
split_page() at allocation time, and change the teardown path to
free one page at a time.  It turns out that alloc_pages_exact() and
free_pages_exact() does exactly that.

While we're at it, the PGD allocation code is reworked to reduce
duplication.

This has been tested on an X-Gene platform with a 4kB/48bit-VA host
kernel, and kvmtool hacked to place memory in the second page of
the hardware PGD (PUD for the host kernel). Also regression-tested
on a Cubietruck (Cortex-A7).

 [ Reworked to use alloc_pages_exact() and free_pages_exact() and to
   return pointers directly instead of by reference as arguments
    - Christoffer ]

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I65a165d2d5044e5d4492a149da226da613a7bf25
Reported-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit a987370f8e7a1677ae385042644326d9cd145a20)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088052
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/bf3e1e3c49a36c0b04513d38732f8574527eae53/arch/arm/include/asm/kvm_mmu.h
[modify] https://crrev.com/bf3e1e3c49a36c0b04513d38732f8574527eae53/arch/arm64/include/asm/kvm_mmu.h
[modify] https://crrev.com/bf3e1e3c49a36c0b04513d38732f8574527eae53/arch/arm/kvm/mmu.c

Project Member

Comment 44 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4e7220a46599e33512897db84121bfec9ba1a784

commit 4e7220a46599e33512897db84121bfec9ba1a784
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:57:55 2018

UPSTREAM: arm64: KVM: Do not use pgd_index to index stage-2 pgd

The kernel's pgd_index macro is designed to index a normal, page
sized array. KVM is a bit diffferent, as we can use concatenated
pages to have a bigger address space (for example 40bit IPA with
4kB pages gives us an 8kB PGD.

In the above case, the use of pgd_index will always return an index
inside the first 4kB, which makes a guest that has memory above
0x8000000000 rather unhappy, as it spins forever in a page fault,
whist the host happilly corrupts the lower pgd.

The obvious fix is to get our own kvm_pgd_index that does the right
thing(tm).

Tested on X-Gene with a hacked kvmtool that put memory at a stupidly
high address.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I87ab2fc91c5ebbc3ea86d67b9f2f52005562393c
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 04b8dc85bf4a64517e3cf20e409eeaa503b15cc1)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088053
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/4e7220a46599e33512897db84121bfec9ba1a784/arch/arm/include/asm/kvm_mmu.h
[modify] https://crrev.com/4e7220a46599e33512897db84121bfec9ba1a784/arch/arm64/include/asm/kvm_mmu.h
[modify] https://crrev.com/4e7220a46599e33512897db84121bfec9ba1a784/arch/arm/kvm/mmu.c

Project Member

Comment 45 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/b405cb5863ff3d462bcb519b5919aa1d419fb85a

commit b405cb5863ff3d462bcb519b5919aa1d419fb85a
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:57:57 2018

UPSTREAM: arm64: KVM: Fix outdated comment about VTCR_EL2.PS

Commit 87366d8cf7b3 ("arm64: Add boot time configuration of
Intermediate Physical Address size") removed the hardcoded setting
of VTCR_EL2.PS to use ID_AA64MMFR0_EL1.PARange instead, but didn't
remove the (now rather misleading) comment.

Fix the comments to match reality (at least for the next few minutes).

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I321f0fefbc5c1ef78f296406a606c3a69e13dffb
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 84ed7412b5eee1011579b3db7454b9cb6d26fa65)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088054
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/b405cb5863ff3d462bcb519b5919aa1d419fb85a/arch/arm64/include/asm/kvm_arm.h

Project Member

Comment 46 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c13d03ab4ec0c9d443c1c9505e712ecc7ecbf761

commit c13d03ab4ec0c9d443c1c9505e712ecc7ecbf761
Author: Mark Rutland <mark.rutland@arm.com>
Date: Wed Jun 13 19:57:58 2018

UPSTREAM: KVM: vgic: add virt-capable compatible strings

Several dts only list "arm,cortex-a7-gic" or "arm,gic-400" in their GIC
compatible list, and while this is correct (and supported by the GIC
driver), KVM will fail to detect that it can support these cases.

This patch adds the missing strings to the VGIC code. The of_device_id
entries are padded to keep the probe function data aligned.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I701940c976fc2a0ddb5eb3ee37a308a032bd0400
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Andre Przywara <andre.przywara@arm.com>
Cc: Christoffer Dall <christoffer.dall@linaro.org>
Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: Michal Simek <monstr@monstr.eu>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 0f37247574b3ef5b130116bbf7c0f9eb8a4c78c2)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088055
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/c13d03ab4ec0c9d443c1c9505e712ecc7ecbf761/virt/kvm/arm/vgic.c

Project Member

Comment 47 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/077604e625319438584e3999a8263fda9c13a02a

commit 077604e625319438584e3999a8263fda9c13a02a
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: Wed Jun 13 19:58:00 2018

UPSTREAM: KVM: arm/arm64: prefer IS_ENABLED to a static variable

IS_ENABLED gives compile-time checking and keeps the code clearer.

The one exception is inside kvm_vm_ioctl_check_extension, where
the established idiom is to wrap the case labels with an #ifdef.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Id77b246d18d7d0991297455783f9ce5ba38d7b48
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 69ff5c619cb350f43fbab2a491b4b66de7e96959)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088056
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/077604e625319438584e3999a8263fda9c13a02a/arch/arm/kvm/arm.c

Project Member

Comment 48 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/92913ecc39e8d3333089bed1a01d93be43c5bf55

commit 92913ecc39e8d3333089bed1a01d93be43c5bf55
Author: Christoffer Dall <christoffer.dall@linaro.org>
Date: Wed Jun 13 19:58:01 2018

BACKPORT: arm/arm64: KVM: Kill CONFIG_KVM_ARM_{VGIC,TIMER}

We can definitely decide at run-time whether to use the GIC and timers
or not, and the extra code and data structures that we allocate space
for is really negligable with this config option, so I don't think it's
worth the extra complexity of always having to define stub static
inlines.  The !CONFIG_KVM_ARM_VGIC/TIMER case is pretty much an untested
code path anyway, so we're better off just getting rid of it.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ibacf98cfa45d9fb6c6c7ca50a6333f9b9a43c16c
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 662d9715840aef44dcb573b0f9fab9e8319c868a)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: conflict from not having 83fe27ea53]
 Conflicts:
	arch/arm/kvm/Kconfig
Reviewed-on: https://chromium-review.googlesource.com/1088057
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm64/kvm/Makefile
[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/guest.c
[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/include/kvm/arm_arch_timer.h
[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/Kconfig
[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/Makefile
[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/interrupts_head.S
[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kernel/asm-offsets.c
[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm64/kvm/Kconfig
[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/include/kvm/arm_vgic.h
[modify] https://crrev.com/92913ecc39e8d3333089bed1a01d93be43c5bf55/arch/arm/kvm/arm.c

Project Member

Comment 49 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/191d759657eba7f531acb406790bcb41012530e4

commit 191d759657eba7f531acb406790bcb41012530e4
Author: Eric Auger <eric.auger@linaro.org>
Date: Wed Jun 13 19:58:03 2018

UPSTREAM: KVM: arm/arm64: unset CONFIG_HAVE_KVM_IRQCHIP

CONFIG_HAVE_KVM_IRQCHIP is needed to support IRQ routing (along
with irq_comm.c and irqchip.c usage). This is not the case for
arm/arm64 currently.

This patch unsets the flag for both arm and arm64.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ic5499b17a4429c879beea4edce0d804affed601f
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit df2bd1ac03dfc19e955a43f796cfe9f9cf49c75f)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088058
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/191d759657eba7f531acb406790bcb41012530e4/arch/arm/kvm/Kconfig
[modify] https://crrev.com/191d759657eba7f531acb406790bcb41012530e4/arch/arm64/kvm/Kconfig

Project Member

Comment 50 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e92c251cc2e4e18fb01cecf27c3ab976bb0a7b85

commit e92c251cc2e4e18fb01cecf27c3ab976bb0a7b85
Author: Michael S. Tsirkin <mst@redhat.com>
Date: Wed Jun 13 19:58:04 2018

UPSTREAM: arm/arm64: KVM: Fix ioctl error handling

commit 4cad67fca3fc952d6f2ed9e799621f07666a560f upstream.

Calling return copy_to_user(...) in an ioctl will not
do the right thing if there's a pagefault:
copy_to_user returns the number of bytes not copied
in this case.

Fix up kvm to do
	return copy_to_user(...)) ?  -EFAULT : 0;

everywhere.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I6da94945710b841e619f3c31cb898ddb1c89c7dc
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit d1c623c9c264c6cb045015900f8ce1e60b4d2c7d
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088059
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/e92c251cc2e4e18fb01cecf27c3ab976bb0a7b85/arch/arm/kvm/guest.c
[modify] https://crrev.com/e92c251cc2e4e18fb01cecf27c3ab976bb0a7b85/arch/arm64/kvm/guest.c

Project Member

Comment 51 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c1263d475a4f395c7899b741a9ca99219f95847c

commit c1263d475a4f395c7899b741a9ca99219f95847c
Author: Eric Auger <eric.auger@linaro.org>
Date: Wed Jun 13 19:58:06 2018

UPSTREAM: KVM: arm/arm64: implement kvm_arch_intc_initialized

On arm/arm64 the VGIC is dynamically instantiated and it is useful
to expose its state, especially for irqfd setup.

This patch defines __KVM_HAVE_ARCH_INTC_INITIALIZED and
implements kvm_arch_intc_initialized.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I971833497d8874e37acc1513345b9eb92e33475d
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit c1426e4c5add09042840013dfa5565e6be6d412e)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088060
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/c1263d475a4f395c7899b741a9ca99219f95847c/arch/arm/kvm/arm.c
[modify] https://crrev.com/c1263d475a4f395c7899b741a9ca99219f95847c/arch/arm/include/asm/kvm_host.h
[modify] https://crrev.com/c1263d475a4f395c7899b741a9ca99219f95847c/arch/arm64/include/asm/kvm_host.h

Project Member

Comment 52 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/179285a1fa595295a8df0c3292486c20526c8e3a

commit 179285a1fa595295a8df0c3292486c20526c8e3a
Author: Eric Auger <eric.auger@linaro.org>
Date: Wed Jun 13 19:58:07 2018

UPSTREAM: KVM: arm/arm64: remove coarse grain dist locking at kvm_vgic_sync_hwstate

To prepare for irqfd addition, coarse grain locking is removed at
kvm_vgic_sync_hwstate level and finer grain locking is introduced in
vgic_process_maintenance only.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I8079908b6953cc953b1c8bd09b232dfbd0d8e8d2
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 649cf73994e8ac69dfe3e7a35fba9acf051e7fe6)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088061
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/179285a1fa595295a8df0c3292486c20526c8e3a/virt/kvm/arm/vgic.c

Project Member

Comment 53 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/338627063343f470f714eef95ad64b6618054bf4

commit 338627063343f470f714eef95ad64b6618054bf4
Author: Eric Auger <eric.auger@linaro.org>
Date: Wed Jun 13 19:58:09 2018

BACKPORT: KVM: arm/arm64: add irqfd support

This patch enables irqfd on arm/arm64.

Both irqfd and resamplefd are supported. Injection is implemented
in vgic.c without routing.

This patch enables CONFIG_HAVE_KVM_EVENTFD and CONFIG_HAVE_KVM_IRQFD.

KVM_CAP_IRQFD is now advertised. KVM_CAP_IRQFD_RESAMPLE capability
automatically is advertised as soon as CONFIG_HAVE_KVM_IRQFD is set.

Irqfd injection is restricted to SPI. The rationale behind not
supporting PPI irqfd injection is that any device using a PPI would
be a private-to-the-CPU device (timer for instance), so its state
would have to be context-switched along with the VCPU and would
require in-kernel wiring anyhow. It is not a relevant use case for
irqfds.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I762924964f6f85b5f29255c631ceaa39d0356cad
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 174178fed338edba66ab9580af0c5d9e1a4e5019)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: conflict from not having 83fe27ea53]
 Conflicts:
	arch/arm64/kvm/Kconfig
Reviewed-on: https://chromium-review.googlesource.com/1088062
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

[modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/virt/kvm/arm/vgic.c
[modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm64/kvm/Makefile
[modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm/include/uapi/asm/kvm.h
[modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm64/include/uapi/asm/kvm.h
[modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm64/kvm/Kconfig
[modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm/kvm/Kconfig
[modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm/kvm/Makefile
[modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/Documentation/virtual/kvm/api.txt
[modify] https://crrev.com/338627063343f470f714eef95ad64b6618054bf4/arch/arm/kvm/arm.c

Project Member

Comment 54 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/d0d3213eaab056428ca551e1c8bd21400c94a684

commit d0d3213eaab056428ca551e1c8bd21400c94a684
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:58:10 2018

UPSTREAM: arm/arm64: KVM: Allow handle_hva_to_gpa to return a value

So far, handle_hva_to_gpa was never required to return a value.
As we prepare to age pages at Stage-2, we need to be able to
return a value from the iterator (kvm_test_age_hva).

Adapt the code to handle this situation. No semantic change.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I56174f00aaf889dc05c9076e3b2c2d2442a492c2
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 1d2ebaccc741a299abfafb848414b01d190f4e33)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088063
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/d0d3213eaab056428ca551e1c8bd21400c94a684/arch/arm/kvm/mmu.c

Project Member

Comment 55 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/9392ac176bba2eef785f20bb9577652f7730160c

commit 9392ac176bba2eef785f20bb9577652f7730160c
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:58:12 2018

UPSTREAM: arm/arm64: KVM: Implement Stage-2 page aging

Until now, KVM/arm didn't care much for page aging (who was swapping
anyway?), and simply provided empty hooks to the core KVM code. With
server-type systems now being available, things are quite different.

This patch implements very simple support for page aging, by clearing
the Access flag in the Stage-2 page tables. On access fault, the current
fault handling will write the PTE or PMD again, putting the Access flag
back on.

It should be possible to implement a much faster handling for Access
faults, but that's left for a later patch.

With this in place, performance in VMs is degraded much more gracefully.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Id9bd1d8513eb035506774e69373723bd89e617ec
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 35307b9a5f7ebcc8d8db41c73b69c131b48ace2b)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088064
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm64/include/asm/kvm_arm.h
[modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm64/include/asm/esr.h
[modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm/include/asm/kvm_host.h
[modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm/kvm/trace.h
[modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm/include/asm/kvm_arm.h
[modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm64/include/asm/kvm_host.h
[modify] https://crrev.com/9392ac176bba2eef785f20bb9577652f7730160c/arch/arm/kvm/mmu.c

Project Member

Comment 56 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c5056b47ed9459dda023bdeb2f74f2d21d2a69be

commit c5056b47ed9459dda023bdeb2f74f2d21d2a69be
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Wed Jun 13 19:58:13 2018

UPSTREAM: arm/arm64: KVM: Optimize handling of Access Flag faults

Now that we have page aging in Stage-2, it becomes obvious that
we're doing way too much work handling the fault.

The page is not going anywhere (it is still mapped), the page
tables are already allocated, and all we want is to flip a bit
in the PMD or PTE. Also, we can avoid any form of TLB invalidation,
since a page with the AF bit off is not allowed to be cached.

An obvious solution is to have a separate handler for FSC_ACCESS,
where we pride ourselves to only do the very minimum amount of
work.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ic73af1c5df560f1d52c6e03235feab7edca74c23
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit aeda9130c38e2e0e77c1aaa65292c2f5a81107a8)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088065
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/c5056b47ed9459dda023bdeb2f74f2d21d2a69be/arch/arm/kvm/trace.h
[modify] https://crrev.com/c5056b47ed9459dda023bdeb2f74f2d21d2a69be/arch/arm/kvm/mmu.c

Project Member

Comment 57 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/ad336918c98a76a7feaef4eeb4b6542114379932

commit ad336918c98a76a7feaef4eeb4b6542114379932
Author: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Date: Wed Jun 13 19:58:15 2018

UPSTREAM: arm/arm64: KVM: fix missing unlock on error in kvm_vgic_create()

Add the missing unlock before return from function kvm_vgic_create()
in the error handling case.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I4ff6d8b64a482cd8e4dc01ada1470d44a5c48c8b
Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit b52104e509479c4709eb9d81642df77c5ef2716b)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088066
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/ad336918c98a76a7feaef4eeb4b6542114379932/virt/kvm/arm/vgic.c

Project Member

Comment 58 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/225a32df9b12e6299898665917e13db1f8396148

commit 225a32df9b12e6299898665917e13db1f8396148
Author: Christoffer Dall <christoffer.dall@linaro.org>
Date: Wed Jun 13 19:58:16 2018

UPSTREAM: arm/arm64: KVM: Keep elrsr/aisr in sync with software model

There is an interesting bug in the vgic code, which manifests itself
when the KVM run loop has a signal pending or needs a vmid generation
rollover after having disabled interrupts but before actually switching
to the guest.

In this case, we flush the vgic as usual, but we sync back the vgic
state and exit to userspace before entering the guest.  The consequence
is that we will be syncing the list registers back to the software model
using the GICH_ELRSR and GICH_EISR from the last execution of the guest,
potentially overwriting a list register containing an interrupt.

This showed up during migration testing where we would capture a state
where the VM has masked the arch timer but there were no interrupts,
resulting in a hung test.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I1843894e3f2b7e0e285af2986b2cffb85498a797
Cc: Marc Zyngier <marc.zyngier@arm.com>
Reported-by: Alex Bennee <alex.bennee@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Alex Benne <alex.bennee@linaro.org>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit ae705930fca6322600690df9dc1c7d0516145a93)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088067
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/225a32df9b12e6299898665917e13db1f8396148/include/kvm/arm_vgic.h
[modify] https://crrev.com/225a32df9b12e6299898665917e13db1f8396148/virt/kvm/arm/vgic.c
[modify] https://crrev.com/225a32df9b12e6299898665917e13db1f8396148/virt/kvm/arm/vgic-v3.c
[modify] https://crrev.com/225a32df9b12e6299898665917e13db1f8396148/virt/kvm/arm/vgic-v2.c

Project Member

Comment 59 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fafa9b990a715669f76ab6612b826418195c68b4

commit fafa9b990a715669f76ab6612b826418195c68b4
Author: Alex Bennée <alex.bennee@linaro.org>
Date: Wed Jun 13 19:58:18 2018

UPSTREAM: arm/arm64: KVM: export VCPU power state via MP_STATE ioctl

To cleanly restore an SMP VM we need to ensure that the current pause
state of each vcpu is correctly recorded. Things could get confused if
the CPU starts running after migration restore completes when it was
paused before it state was captured.

We use the existing KVM_GET/SET_MP_STATE ioctl to do this. The arm/arm64
interface is a lot simpler as the only valid states are
KVM_MP_STATE_RUNNABLE and KVM_MP_STATE_STOPPED.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I2374b94ff4d505f05dcaae645b841d8668eadfe5
Signed-off-by: Alex Benne <alex.bennee@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit ecccf0cc722f40e0dcc97872e7a960765119a256)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: context -- don't care about IA64]
 Conflicts:
	Documentation/virtual/kvm/api.txt
Reviewed-on: https://chromium-review.googlesource.com/1088068
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/fafa9b990a715669f76ab6612b826418195c68b4/Documentation/virtual/kvm/api.txt
[modify] https://crrev.com/fafa9b990a715669f76ab6612b826418195c68b4/arch/arm/kvm/arm.c

Project Member

Comment 60 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2495374d0efbbf609b921824f5060ec70e8c7f3e

commit 2495374d0efbbf609b921824f5060ec70e8c7f3e
Author: Alex Bennée <alex.bennee@linaro.org>
Date: Wed Jun 13 19:58:19 2018

BACKPORT: arm/arm64: KVM: add a common vgic_queue_irq_to_lr fn

This helps re-factor away some of the repetitive code and makes the code
flow more nicely.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I9617a1e26e894096d32e7dd3acb9ac28a63695c1
Signed-off-by: Alex Benne <alex.bennee@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 71760950bf3dc796e5e53ea3300dec724a09f593)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: use the same resolution as bf0fb67cf957]
 Conflicts:
	virt/kvm/arm/vgic.c
Reviewed-on: https://chromium-review.googlesource.com/1088069
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

[modify] https://crrev.com/2495374d0efbbf609b921824f5060ec70e8c7f3e/virt/kvm/arm/vgic.c

Project Member

Comment 61 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/570e79c85c4722bc8963c9677371cc26030a47b9

commit 570e79c85c4722bc8963c9677371cc26030a47b9
Author: Christoffer Dall <christoffer.dall@linaro.org>
Date: Wed Jun 13 19:58:20 2018

UPSTREAM: arm/arm64: KVM: support for un-queuing active IRQs

Migrating active interrupts causes the active state to be lost
completely. This implements some additional bitmaps to track the active
state on the distributor and export this to user space.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ifce61d80750c05ec084dde216e8516a7cbbd4e83
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Alex Benne <alex.bennee@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 47a98b15ba7cf6a13bd94ab8455d3f586b16420b)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088070
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/570e79c85c4722bc8963c9677371cc26030a47b9/include/kvm/arm_vgic.h
[modify] https://crrev.com/570e79c85c4722bc8963c9677371cc26030a47b9/virt/kvm/arm/vgic.c
[modify] https://crrev.com/570e79c85c4722bc8963c9677371cc26030a47b9/virt/kvm/arm/vgic-v2-emul.c
[modify] https://crrev.com/570e79c85c4722bc8963c9677371cc26030a47b9/virt/kvm/arm/vgic.h

Project Member

Comment 62 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4d60e06832c5782204d71b87e733a6cb8d96a516

commit 4d60e06832c5782204d71b87e733a6cb8d96a516
Author: Richard Cochran <richardcochran@gmail.com>
Date: Wed Jun 13 19:58:22 2018

UPSTREAM: timecounter: keep track of accumulated fractional nanoseconds

The current timecounter implementation will drop a variable amount
of resolution, depending on the magnitude of the time delta. In
other words, reading the clock too often or too close to a time
stamp conversion will introduce errors into the time values. This
patch fixes the issue by introducing a fractional nanosecond field
that accumulates the low order bits.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I9a9f4597061509866e194a9d56f25380696d3b6d
Reported-by: Janusz Uycki <j.uzycki@elproma.com.pl>
Signed-off-by: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit 2eebdde6528a722fbf8e2cffcf7aa52cbb4c2de0)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088071
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/4d60e06832c5782204d71b87e733a6cb8d96a516/virt/kvm/arm/arch_timer.c
[modify] https://crrev.com/4d60e06832c5782204d71b87e733a6cb8d96a516/kernel/time/timecounter.c
[modify] https://crrev.com/4d60e06832c5782204d71b87e733a6cb8d96a516/include/linux/timecounter.h
[modify] https://crrev.com/4d60e06832c5782204d71b87e733a6cb8d96a516/drivers/net/ethernet/mellanox/mlx4/en_clock.c

Project Member

Comment 63 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/74376cb839398fc4e433f9856a351cf007790bcf

commit 74376cb839398fc4e433f9856a351cf007790bcf
Author: Christoffer Dall <christoffer.dall@linaro.org>
Date: Wed Jun 13 19:58:23 2018

UPSTREAM: arm/arm64: KVM: Fix migration race in the arch timer

When a VCPU is no longer running, we currently check to see if it has a
timer scheduled in the future, and if it does, we schedule a host
hrtimer to notify is in case the timer expires while the VCPU is still
not running.  When the hrtimer fires, we mask the guest's timer and
inject the timer IRQ (still relying on the guest unmasking the time when
it receives the IRQ).

This is all good and fine, but when migration a VM (checkpoint/restore)
this introduces a race.  It is unlikely, but possible, for the following
sequence of events to happen:

 1. Userspace stops the VM
 2. Hrtimer for VCPU is scheduled
 3. Userspace checkpoints the VGIC state (no pending timer interrupts)
 4. The hrtimer fires, schedules work in a workqueue
 5. Workqueue function runs, masks the timer and injects timer interrupt
 6. Userspace checkpoints the timer state (timer masked)

At restore time, you end up with a masked timer without any timer
interrupts and your guest halts never receiving timer interrupts.

Fix this by only kicking the VCPU in the workqueue function, and sample
the expired state of the timer when entering the guest again and inject
the interrupt and mask the timer only then.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ifecfecea131c45a603d73a95efb0be140e753e9c
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Alex Benne <alex.bennee@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 1a74847885cc87857d631f91cca4d83924f75674)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088072
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/74376cb839398fc4e433f9856a351cf007790bcf/virt/kvm/arm/arch_timer.c
[modify] https://crrev.com/74376cb839398fc4e433f9856a351cf007790bcf/arch/arm/kvm/arm.c
[modify] https://crrev.com/74376cb839398fc4e433f9856a351cf007790bcf/include/kvm/arm_arch_timer.h

Project Member

Comment 64 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4

commit 4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4
Author: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Wed Jun 13 19:58:25 2018

UPSTREAM: ARM, arm64: kvm: get rid of the bounce page

The HYP init bounce page is a runtime construct that ensures that the
HYP init code does not cross a page boundary. However, this is something
we can do perfectly well at build time, by aligning the code appropriately.

For arm64, we just align to 4 KB, and enforce that the code size is less
than 4 KB, regardless of the chosen page size.

For ARM, the whole code is less than 256 bytes, so we tweak the linker
script to align at a power of 2 upper bound of the code size

Note that this also fixes a benign off-by-one error in the original bounce
page code, where a bounce page would be allocated unnecessarily if the code
was exactly 1 page in size.

On ARM, it also fixes an issue with very large kernels reported by Arnd
Bergmann, where stub sections with linker emitted veneers could erroneously
trigger the size/alignment ASSERT() in the linker script.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I0e2f50d6709512673bf2ea140a4d8169de8a3a4b
Tested-by: Marc Zyngier <marc.zyngier@arm.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
(cherry picked from commit 06f75a1f6200042aa36ad40afb44dd72107b25d6)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088073
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4/arch/arm64/kernel/vmlinux.lds.S
[modify] https://crrev.com/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4/arch/arm/kvm/init.S
[modify] https://crrev.com/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4/arch/arm/kernel/vmlinux.lds.S
[modify] https://crrev.com/4e013ba82d64551338cd8e53c5c5cf5a9bad5fb4/arch/arm/kvm/mmu.c

Project Member

Comment 65 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4754977985fe9cd9c563cd32c69dab42a8d7786d

commit 4754977985fe9cd9c563cd32c69dab42a8d7786d
Author: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Wed Jun 13 19:58:26 2018

UPSTREAM: ARM: kvm: implement replacement for ld's LOG2CEIL()

Commit 06f75a1f6200 ("ARM, arm64: kvm: get rid of the bounce
page") uses ld's builtin function LOG2CEIL() to align the
KVM init code to a log2 upper bound of its size. However,
this function turns out to be a fairly recent addition to
binutils, which breaks the build for older toolchains.

So instead, implement a replacement LOG2_ROUNDUP() using
the C preprocessor.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ib720518d11a777015f6aabd84aec931dc31b5881
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
(cherry picked from commit e60a1fec44a2fe2c85ac406a5c1161ca2957a4fa)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088074
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/4754977985fe9cd9c563cd32c69dab42a8d7786d/arch/arm/kernel/vmlinux.lds.S

Project Member

Comment 66 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/9e430b6bfdb9d0965c8b1ef748e2f814f1eee477

commit 9e430b6bfdb9d0965c8b1ef748e2f814f1eee477
Author: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Wed Jun 13 19:58:28 2018

UPSTREAM: ARM: kvm: assert on HYP section boundaries not actual code size

Using ASSERT() with an expression that involves a symbol that
is only supplied through a PROVIDE() definition in the linker
script itself is apparently not supported by some older versions
of binutils.

So instead, rewrite the expression so that only the section
boundaries __hyp_idmap_text_start and __hyp_idmap_text_end
are used. Note that this reverts the fix in 06f75a1f6200
("ARM, arm64: kvm: get rid of the bounce page") for the ASSERT()
being triggered erroneously when unrelated linker emitted veneers
happen to end up in the HYP idmap region.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I561e2699603ad51ea904cf322a92175bc25b99e2
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
(cherry picked from commit 12eb3e833961bfe532b763a6e4e817ec87f48bc7)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088075
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/9e430b6bfdb9d0965c8b1ef748e2f814f1eee477/arch/arm/kernel/vmlinux.lds.S

Project Member

Comment 67 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fa7c0640474e414d8b20778554f14bdc6da0f035

commit fa7c0640474e414d8b20778554f14bdc6da0f035
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: Wed Jun 13 19:58:29 2018

UPSTREAM: kvm: x86: move ioapic.c and irq_comm.c back to arch/x86/

ia64 does not need them anymore.  Ack notifiers become x86-specific
too.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I54a3b63912759ae50fd14825889d9005d883f7fe
Suggested-by: Gleb Natapov <gleb@kernel.org>
Reviewed-by: Radim Krcmar <rkrcmar@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 6ef768fac9dfe3404d3fdc09909ea203a88f2f38)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088076
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/Makefile
[modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/x86.c
[rename] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/irq_comm.c
[modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/virt/kvm/kvm_main.c
[modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/virt/kvm/eventfd.c
[rename] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/ioapic.c
[modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/include/linux/kvm_host.h
[modify] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/include/asm/kvm_host.h
[rename] https://crrev.com/fa7c0640474e414d8b20778554f14bdc6da0f035/arch/x86/kvm/ioapic.h

Project Member

Comment 68 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6

commit bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6
Author: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Date: Wed Jun 13 19:58:31 2018

UPSTREAM: KVM: Redesign kvm_io_bus_ API to pass VCPU structure to the callbacks.

This is needed in e.g. ARM vGIC emulation, where the MMIO handling
depends on the VCPU that does the access.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I90f6274db3a62fdf467ce8ca69643d360ae9e88c
Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit e32edf4fd0fa4897e12ca66118ab67bf257e16e4)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088077
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/x86.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/s390/kvm/diag.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/powerpc/kvm/powerpc.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/i8259.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/virt/kvm/iodev.h
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/virt/kvm/eventfd.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/lapic.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/i8254.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/virt/kvm/coalesced_mmio.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/vmx.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/x86/kvm/ioapic.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/include/linux/kvm_host.h
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/arch/powerpc/kvm/mpic.c
[modify] https://crrev.com/bbd92b97ca6ce278f3a0b8bdd26e04a3385ce3a6/virt/kvm/kvm_main.c

Project Member

Comment 69 by bugdroid1@chromium.org, Jun 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67

commit dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67
Author: Andre Przywara <andre.przywara@arm.com>
Date: Wed Jun 13 19:58:33 2018

UPSTREAM: KVM: move iodev.h from virt/kvm/ to include/kvm

iodev.h contains definitions for the kvm_io_bus framework. This is
needed both by the generic KVM code in virt/kvm as well as by
architecture specific code under arch/. Putting the header file in
virt/kvm and using local includes in the architecture part seems at
least dodgy to me, so let's move the file into include/kvm, so that a
more natural "#include <kvm/iodev.h>" can be used by all of the code.
This also solves a problem later when using struct kvm_io_device
in arm_vgic.h.
Fixing up the FSF address in the GPL header and a wrong include path
on the way.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Iaa2a3117a2b145c8a5ae0bfc516398e9179ed798
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Reviewed-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit af669ac6dc3f66bb56fb9612b9826adac6292794)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088078
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>

[modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/x86/kvm/irq.h
[rename] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/include/kvm/iodev.h
[modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/x86/kvm/ioapic.h
[modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/virt/kvm/eventfd.c
[modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/virt/kvm/coalesced_mmio.c
[modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/virt/kvm/kvm_main.c
[modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/x86/kvm/i8254.h
[modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/powerpc/kvm/mpic.c
[modify] https://crrev.com/dadd3481b49ca78a3c70d4ce96d4502dc1e2cc67/arch/x86/kvm/lapic.h

Project Member

Comment 70 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/a2d31b41399dc1f7150433872e26e669639776aa

commit a2d31b41399dc1f7150433872e26e669639776aa
Author: Andre Przywara <andre.przywara@arm.com>
Date: Fri Jun 15 17:53:18 2018

UPSTREAM: KVM: arm/arm64: remove now unneeded include directory from Makefile

virt/kvm was never really a good include directory for anything else
than locally included headers.
With the move of iodev.h there is no need anymore to add this
directory the compiler's include path, so remove it from the arm and
arm64 kvm Makefile.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I12dfa72a45d1c96dc957a9c7e58be5f9a564a227
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 5d9d15af1cade35e84979f222b911cbc97106032)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088079

[modify] https://crrev.com/a2d31b41399dc1f7150433872e26e669639776aa/arch/arm64/kvm/Makefile
[modify] https://crrev.com/a2d31b41399dc1f7150433872e26e669639776aa/arch/arm/kvm/Makefile

Project Member

Comment 71 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fe7125e133a8ec5d3b90a87160149c73b630366a

commit fe7125e133a8ec5d3b90a87160149c73b630366a
Author: Andre Przywara <andre.przywara@arm.com>
Date: Fri Jun 15 17:53:19 2018

UPSTREAM: KVM: arm/arm64: rename struct kvm_mmio_range to vgic_io_range

The name "kvm_mmio_range" is a bit bold, given that it only covers
the VGIC's MMIO ranges. To avoid confusion with kvm_io_range, rename
it to vgic_io_range.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I3c67345a0fa262ece43a9d9142a43e4c9c0703ff
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit cf50a1eb43b98daa181714e40e22c8e5ad5007d6)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088080

[modify] https://crrev.com/fe7125e133a8ec5d3b90a87160149c73b630366a/virt/kvm/arm/vgic.c
[modify] https://crrev.com/fe7125e133a8ec5d3b90a87160149c73b630366a/virt/kvm/arm/vgic-v2-emul.c
[modify] https://crrev.com/fe7125e133a8ec5d3b90a87160149c73b630366a/virt/kvm/arm/vgic-v3-emul.c
[modify] https://crrev.com/fe7125e133a8ec5d3b90a87160149c73b630366a/virt/kvm/arm/vgic.h

Project Member

Comment 72 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/97deede595fd7dbec561ac116bcc044c6b948126

commit 97deede595fd7dbec561ac116bcc044c6b948126
Author: Andre Przywara <andre.przywara@arm.com>
Date: Fri Jun 15 17:53:21 2018

UPSTREAM: KVM: arm/arm64: simplify vgic_find_range() and callers

The vgic_find_range() function in vgic.c takes a struct kvm_exit_mmio
argument, but actually only used the length field in there. Since we
need to get rid of that structure in that part of the code anyway,
let's rework the function (and it's callers) to pass the length
argument to the function directly.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I94407681424953502e2259bb4c7adfa497767a90
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 9f199d0a0eeb8efb564ff41a6b9f819c4c0285ea)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088081

[modify] https://crrev.com/97deede595fd7dbec561ac116bcc044c6b948126/virt/kvm/arm/vgic.c
[modify] https://crrev.com/97deede595fd7dbec561ac116bcc044c6b948126/virt/kvm/arm/vgic-v2-emul.c
[modify] https://crrev.com/97deede595fd7dbec561ac116bcc044c6b948126/virt/kvm/arm/vgic.h

Project Member

Comment 73 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c7c3a44ab3921cb0c6061ce8068e9c43064d8bae

commit c7c3a44ab3921cb0c6061ce8068e9c43064d8bae
Author: Andre Przywara <andre.przywara@arm.com>
Date: Fri Jun 15 17:53:22 2018

UPSTREAM: KVM: arm/arm64: implement kvm_io_bus MMIO handling for the VGIC

Currently we use a lot of VGIC specific code to do the MMIO
dispatching.
Use the previous reworks to add kvm_io_bus style MMIO handlers.

Those are not yet called by the MMIO abort handler, also the actual
VGIC emulator function do not make use of it yet, but will be enabled
with the following patches.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I00e2cca60ac59dd69b4bd647a2b4cfd1622d6a63
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 6777f77f0f544f686ee3158ff0db6a7d81b7d3a2)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088082

[modify] https://crrev.com/c7c3a44ab3921cb0c6061ce8068e9c43064d8bae/include/kvm/arm_vgic.h
[modify] https://crrev.com/c7c3a44ab3921cb0c6061ce8068e9c43064d8bae/virt/kvm/arm/vgic.c
[modify] https://crrev.com/c7c3a44ab3921cb0c6061ce8068e9c43064d8bae/virt/kvm/arm/vgic.h

Project Member

Comment 74 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/1c1e6e88eff279914d1ebe12e92df7a9b4a28b38

commit 1c1e6e88eff279914d1ebe12e92df7a9b4a28b38
Author: Andre Przywara <andre.przywara@arm.com>
Date: Fri Jun 15 17:53:24 2018

UPSTREAM: KVM: arm/arm64: prepare GICv2 emulation to be handled by kvm_io_bus

Using the framework provided by the recent vgic.c changes we register
a kvm_io_bus device when initializing the virtual GICv2.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I408ab36dd2ee7f2d3c4c90dc3ec9f47af71472fd
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit a9cf86f62b785202684c3ba92895946f03d910c8)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088083

[modify] https://crrev.com/1c1e6e88eff279914d1ebe12e92df7a9b4a28b38/include/kvm/arm_vgic.h
[modify] https://crrev.com/1c1e6e88eff279914d1ebe12e92df7a9b4a28b38/virt/kvm/arm/vgic-v2-emul.c

Project Member

Comment 75 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/8ad2d579135f13fcec2423e5c46d2eb3cbd3c09c

commit 8ad2d579135f13fcec2423e5c46d2eb3cbd3c09c
Author: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Fri Jun 15 17:53:25 2018

UPSTREAM: ARM: kvm: round HYP section to page size instead of log2 upper bound

Older binutils do not support expressions involving the values of
external symbols so just round up the HYP region to the page size.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I19a6a7cc378694a44eb8c2bbf09fe5927a029322
Tested-by: Simon Horman <horms+renesas@verge.net.au>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
[will: when will this ever end?!]
Signed-off-by: Will Deacon <will.deacon@arm.com>
(cherry picked from commit a9fea8b388ed5838fe0744970e67f7019d420824)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088084

[modify] https://crrev.com/8ad2d579135f13fcec2423e5c46d2eb3cbd3c09c/arch/arm/kvm/init.S
[modify] https://crrev.com/8ad2d579135f13fcec2423e5c46d2eb3cbd3c09c/arch/arm/kernel/vmlinux.lds.S

Project Member

Comment 76 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/b43220afdba2fe1c558c6cf7fd147b1144ae40e0

commit b43220afdba2fe1c558c6cf7fd147b1144ae40e0
Author: Andre Przywara <andre.przywara@arm.com>
Date: Fri Jun 15 17:53:27 2018

UPSTREAM: KVM: arm/arm64: merge GICv3 RD_base and SGI_base register frames

Currently we handle the redistributor registers in two separate MMIO
regions, one for the overall behaviour and SPIs and one for the
SGIs/PPIs. That latter forces the creation of _two_ KVM I/O bus
devices for each redistributor.
Since the spec mandates those two pages to be contigious, we could as
well merge them and save the churn with the second KVM I/O bus device.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I1044f0f27e9854288131de95ea8eab21ee690b92
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 0ba10d53920d030cd7772a9553b13b5ea1aa4115)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088085

[modify] https://crrev.com/b43220afdba2fe1c558c6cf7fd147b1144ae40e0/virt/kvm/arm/vgic-v3-emul.c

Project Member

Comment 77 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/45144143de7c3fac2966aeaaef2f3f54cb42c118

commit 45144143de7c3fac2966aeaaef2f3f54cb42c118
Author: Andre Przywara <andre.przywara@arm.com>
Date: Fri Jun 15 17:53:28 2018

UPSTREAM: KVM: arm/arm64: prepare GICv3 emulation to use kvm_io_bus MMIO handling

Using the framework provided by the recent vgic.c changes, we
register a kvm_io_bus device on mapping the virtual GICv3 resources.
The distributor mapping is pretty straight forward, but the
redistributors need some more love, since they need to be tagged with
the respective redistributor (read: VCPU) they are connected with.
We use the kvm_io_bus framework to register one devices per VCPU.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ia9d952fcdf3170b638fc68a3030f343dd4b94547
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit fb8f61abab48467ef670ef165ff664cdc94f742e)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088086

[modify] https://crrev.com/45144143de7c3fac2966aeaaef2f3f54cb42c118/include/kvm/arm_vgic.h
[modify] https://crrev.com/45144143de7c3fac2966aeaaef2f3f54cb42c118/virt/kvm/arm/vgic-v3-emul.c

Project Member

Comment 78 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2c06a618bb344fc02c44823c8cd1623415a59391

commit 2c06a618bb344fc02c44823c8cd1623415a59391
Author: Andre Przywara <andre.przywara@arm.com>
Date: Fri Jun 15 17:53:30 2018

UPSTREAM: KVM: arm/arm64: rework MMIO abort handling to use KVM MMIO bus

Currently we have struct kvm_exit_mmio for encapsulating MMIO abort
data to be passed on from syndrome decoding all the way down to the
VGIC register handlers. Now as we switch the MMIO handling to be
routed through the KVM MMIO bus, it does not make sense anymore to
use that structure already from the beginning. So we keep the data in
local variables until we put them into the kvm_io_bus framework.
Then we fill kvm_exit_mmio in the VGIC only, making it a VGIC private
structure. On that way we replace the data buffer in that structure
with a pointer pointing to a single location in a local variable, so
we get rid of some copying on the way.
With all of the virtual GIC emulation code now being registered with
the kvm_io_bus, we can remove all of the old MMIO handling code and
its dispatching functionality.

I didn't bother to rename kvm_exit_mmio (to vgic_mmio or something),
because that touches a lot of code lines without any good reason.

This is based on an original patch by Nikolay.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I6988128baa064a12dfd8faaf58e36371ace4d62e
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Cc: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 950324ab81bf006542f30a1d1ab3d65fcf15cbc1)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088087

[modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/virt/kvm/arm/vgic.c
[modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/arch/arm/include/asm/kvm_mmio.h
[modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/arch/arm64/include/asm/kvm_mmio.h
[modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/virt/kvm/arm/vgic-v2-emul.c
[modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/include/kvm/arm_vgic.h
[modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/arch/arm/kvm/mmio.c
[modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/virt/kvm/arm/vgic.h
[modify] https://crrev.com/2c06a618bb344fc02c44823c8cd1623415a59391/virt/kvm/arm/vgic-v3-emul.c

Project Member

Comment 79 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/4766261693d8bde417604e91637145e2eb1691e6

commit 4766261693d8bde417604e91637145e2eb1691e6
Author: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
Date: Fri Jun 15 17:53:31 2018

UPSTREAM: KVM: arm/arm64: enable KVM_CAP_IOEVENTFD

As the infrastructure for eventfd has now been merged, report the
ioeventfd capability as being supported.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ib4380303aacd992c237194debe9a4d5085deb4dd
Signed-off-by: Nikolay Nikolaev <n.nikolaev@virtualopensystems.com>
[maz: grouped the case entry with the others, fixed commit log]
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit d44758c0dfc5993a4b9952935a7eae4c91ebb6b4)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088088

[modify] https://crrev.com/4766261693d8bde417604e91637145e2eb1691e6/arch/arm/kvm/arm.c

Project Member

Comment 80 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/1ea3d80dd49efd832b4bfe07bcc9828f81ae1351

commit 1ea3d80dd49efd832b4bfe07bcc9828f81ae1351
Author: Eric Auger <eric.auger@linaro.org>
Date: Fri Jun 15 17:53:33 2018

UPSTREAM: KVM: arm: irqfd: fix value returned by kvm_irq_map_gsi

irqfd/arm curently does not support routing. kvm_irq_map_gsi is
supposed to return all the routing entries associated with the
provided gsi and return the number of those entries. We should
return 0 at this point.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I36d094a37b2f0876c168b60ed889cd4b1298b9e3
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 0b3289ebc2d50cf5ab778215ed0b4075bbae6629)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088089

[modify] https://crrev.com/1ea3d80dd49efd832b4bfe07bcc9828f81ae1351/virt/kvm/arm/vgic.c

Project Member

Comment 81 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/482f801f8cbd1d8262c5152b26ed4d831e9a1616

commit 482f801f8cbd1d8262c5152b26ed4d831e9a1616
Author: Andre Przywara <andre.przywara@arm.com>
Date: Fri Jun 15 17:53:34 2018

UPSTREAM: KVM: arm/arm64: check IRQ number on userland injection

When userland injects a SPI via the KVM_IRQ_LINE ioctl we currently
only check it against a fixed limit, which historically is set
to 127. With the new dynamic IRQ allocation the effective limit may
actually be smaller (64).
So when now a malicious or buggy userland injects a SPI in that
range, we spill over on our VGIC bitmaps and bytemaps memory.
I could trigger a host kernel NULL pointer dereference with current
mainline by injecting some bogus IRQ number from a hacked kvmtool:
-----------------
....
DEBUG: kvm_vgic_inject_irq(kvm, cpu=0, irq=114, level=1)
DEBUG: vgic_update_irq_pending(kvm, cpu=0, irq=114, level=1)
DEBUG: IRQ #114 still in the game, writing to bytemap now...
Unable to handle kernel NULL pointer dereference at virtual address 00000000
pgd = ffffffc07652e000
[00000000] *pgd=00000000f658b003, *pud=00000000f658b003, *pmd=0000000000000000
Internal error: Oops: 96000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 1053 Comm: lkvm-msi-irqinj Not tainted 4.0.0-rc7+ #3027
Hardware name: FVP Base (DT)
task: ffffffc0774e9680 ti: ffffffc0765a8000 task.ti: ffffffc0765a8000
PC is at kvm_vgic_inject_irq+0x234/0x310
LR is at kvm_vgic_inject_irq+0x30c/0x310
pc : [<ffffffc0000ae0a8>] lr : [<ffffffc0000ae180>] pstate: 80000145
.....

So this patch fixes this by checking the SPI number against the
actual limit. Also we remove the former legacy hard limit of
127 in the ioctl code.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Id61d9f0522b9f464560b5713c79fb1d9e4356981
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
CC: <stable@vger.kernel.org> # 4.0, 3.19, 3.18
[maz: wrap KVM_ARM_IRQ_GIC_MAX with #ifndef __KERNEL__,
as suggested by Christopher Covington]
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit fd1d0ddf2ae92fb3df42ed476939861806c5d785)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088090

[modify] https://crrev.com/482f801f8cbd1d8262c5152b26ed4d831e9a1616/virt/kvm/arm/vgic.c
[modify] https://crrev.com/482f801f8cbd1d8262c5152b26ed4d831e9a1616/arch/arm/kvm/arm.c
[modify] https://crrev.com/482f801f8cbd1d8262c5152b26ed4d831e9a1616/arch/arm64/include/uapi/asm/kvm.h
[modify] https://crrev.com/482f801f8cbd1d8262c5152b26ed4d831e9a1616/arch/arm/include/uapi/asm/kvm.h

Project Member

Comment 82 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/d902ff0ce15ebe1a91a3dc5a48f448494dc00d06

commit d902ff0ce15ebe1a91a3dc5a48f448494dc00d06
Author: Russell King <rmk+kernel@arm.linux.org.uk>
Date: Fri Jun 15 17:53:36 2018

UPSTREAM: ARM: kvm: fix a bad BSYM() usage

BSYM() should only be used when refering to local symbols in the same
assembly file which are resolved by the assembler, and not for
linker-fixed up symbols.  The use of BSYM() with panic is incorrect as
the linker is involved in fixing up this relocation, and it knows
whether panic() is ARM or Thumb.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I686b1e6d907859b765bcb76f90af16a990c78a3a
Acked-by: Nicolas Pitre <nico@linaro.org>
Acked-by: Dave Martin <Dave.Martin@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
(cherry picked from commit 5890298a834c04aaa9b5fb576e5f2b77e79ab38d)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088091

[modify] https://crrev.com/d902ff0ce15ebe1a91a3dc5a48f448494dc00d06/arch/arm/kvm/interrupts.S

Project Member

Comment 83 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e7eee8ba3208a0e455135ff32c1a810ad8d4420d

commit e7eee8ba3208a0e455135ff32c1a810ad8d4420d
Author: Suzuki K. Poulose <suzuki.poulose@arm.com>
Date: Fri Jun 15 17:53:37 2018

UPSTREAM: arm64/kvm: Add generic v8 KVM target

This patch adds a generic ARM v8 KVM target cpu type for use
by the new CPUs which eventualy ends up using the common sys_reg
table. For backward compatibility the existing targets have been
preserved. Any new target CPU that can be covered by generic v8
sys_reg tables should make use of the new generic target.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I4948696787b18b2ae9a4d43671f8d1c266762180
Signed-off-by: Suzuki K. Poulose <suzuki.poulose@arm.com>
Acked-by: Marc Zyngier <Marc.Zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit bca556ac468ab4744692926b67cb525cdce850c9)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088092

[modify] https://crrev.com/e7eee8ba3208a0e455135ff32c1a810ad8d4420d/arch/arm64/include/uapi/asm/kvm.h
[modify] https://crrev.com/e7eee8ba3208a0e455135ff32c1a810ad8d4420d/arch/arm64/kvm/guest.c
[modify] https://crrev.com/e7eee8ba3208a0e455135ff32c1a810ad8d4420d/arch/arm64/kvm/sys_regs_generic_v8.c

Project Member

Comment 84 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e4b9193cba4d44b407eb80346e9fbf8e4f91ab1b

commit e4b9193cba4d44b407eb80346e9fbf8e4f91ab1b
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Fri Jun 15 17:53:39 2018

UPSTREAM: arm: KVM: force execution of HCPTR access on VM exit

On VM entry, we disable access to the VFP registers in order to
perform a lazy save/restore of these registers.

On VM exit, we restore access, test if we did enable them before,
and save/restore the guest/host registers if necessary. In this
sequence, the FPEXC register is always accessed, irrespective
of the trapping configuration.

If the guest didn't touch the VFP registers, then the HCPTR access
has now enabled such access, but we're missing a barrier to ensure
architectural execution of the new HCPTR configuration. If the HCPTR
access has been delayed/reordered, the subsequent access to FPEXC
will cause a trap, which we aren't prepared to handle at all.

The same condition exists when trapping to enable VFP for the guest.

The fix is to introduce a barrier after enabling VFP access. In the
vmexit case, it can be relaxed to only takes place if the guest hasn't
accessed its view of the VFP registers, making the access to FPEXC safe.

The set_hcptr macro is modified to deal with both vmenter/vmexit and
vmtrap operations, and now takes an optional label that is branched to
when the guest hasn't touched the VFP registers.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I4815474405d8e81d6631ec0ffb3a06db45108f14
Reported-by: Vikram Sethi <vikrams@codeaurora.org>
Cc: stable@kernel.org	# v3.9+
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 85e84ba31039595995dae80b277378213602891b)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088093

[modify] https://crrev.com/e4b9193cba4d44b407eb80346e9fbf8e4f91ab1b/arch/arm/kvm/interrupts.S
[modify] https://crrev.com/e4b9193cba4d44b407eb80346e9fbf8e4f91ab1b/arch/arm/kvm/interrupts_head.S

Project Member

Comment 85 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/5704321b65d8d59b2a47f08ae466dabb2aa2307b

commit 5704321b65d8d59b2a47f08ae466dabb2aa2307b
Author: Jason Wang <jasowang@redhat.com>
Date: Fri Jun 15 17:53:40 2018

UPSTREAM: kvm: don't try to register to KVM_FAST_MMIO_BUS for non mmio eventfd

[ Upstream commit 8453fecbecae26edb3f278627376caab05d9a88d ]

We only want zero length mmio eventfd to be registered on
KVM_FAST_MMIO_BUS. So check this explicitly when arg->len is zero to
make sure this.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I419261d4ae576fcbef443e220e4266cf4cd839b6
Cc: stable@vger.kernel.org
Cc: Gleb Natapov <gleb@kernel.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
(cherry picked from commit d758df24a58e5160270c74b467dfa6453fceb91b
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088094

[modify] https://crrev.com/5704321b65d8d59b2a47f08ae466dabb2aa2307b/virt/kvm/eventfd.c

Project Member

Comment 86 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/98b50f25520d3ad55fe30d5e62ebfef3ae4111a4

commit 98b50f25520d3ad55fe30d5e62ebfef3ae4111a4
Author: Jason Wang <jasowang@redhat.com>
Date: Fri Jun 15 17:53:42 2018

UPSTREAM: kvm: factor out core eventfd assign/deassign logic

[ Upstream commit 85da11ca587c8eb73993a1b503052391a73586f9 ]

This patch factors out core eventfd assign/deassign logic and leaves
the argument checking and bus index selection to callers.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I193d122f44b025b26ae8e5f838b1ecfdabb473a0
Cc: stable@vger.kernel.org
Cc: Gleb Natapov <gleb@kernel.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
(cherry picked from commit 7642b3f109228718f1bf57c35210c9a36696a465
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088095

[modify] https://crrev.com/98b50f25520d3ad55fe30d5e62ebfef3ae4111a4/virt/kvm/eventfd.c

Project Member

Comment 87 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/caf487f0ab16e960fb4bf0464644367a643def4f

commit caf487f0ab16e960fb4bf0464644367a643def4f
Author: Jason Wang <jasowang@redhat.com>
Date: Fri Jun 15 17:53:43 2018

UPSTREAM: kvm: fix double free for fast mmio eventfd

[ Upstream commit eefd6b06b17c5478e7c24bea6f64beaa2c431ca6 ]

We register wildcard mmio eventfd on two buses, once for KVM_MMIO_BUS
and once on KVM_FAST_MMIO_BUS but with a single iodev
instance. This will lead to an issue: kvm_io_bus_destroy() knows
nothing about the devices on two buses pointing to a single dev. Which
will lead to double free[1] during exit. Fix this by allocating two
instances of iodevs then registering one on KVM_MMIO_BUS and another
on KVM_FAST_MMIO_BUS.

CPU: 1 PID: 2894 Comm: qemu-system-x86 Not tainted 3.19.0-26-generic #28-Ubuntu
Hardware name: LENOVO 2356BG6/2356BG6, BIOS G7ET96WW (2.56 ) 09/12/2013
task: ffff88009ae0c4b0 ti: ffff88020e7f0000 task.ti: ffff88020e7f0000
RIP: 0010:[<ffffffffc07e25d8>]  [<ffffffffc07e25d8>] ioeventfd_release+0x28/0x60 [kvm]
RSP: 0018:ffff88020e7f3bc8  EFLAGS: 00010292
RAX: dead000000200200 RBX: ffff8801ec19c900 RCX: 000000018200016d
RDX: ffff8801ec19cf80 RSI: ffffea0008bf1d40 RDI: ffff8801ec19c900
RBP: ffff88020e7f3bd8 R08: 000000002fc75a01 R09: 000000018200016d
R10: ffffffffc07df6ae R11: ffff88022fc75a98 R12: ffff88021e7cc000
R13: ffff88021e7cca48 R14: ffff88021e7cca50 R15: ffff8801ec19c880
FS:  00007fc1ee3e6700(0000) GS:ffff88023e240000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f8f389d8000 CR3: 000000023dc13000 CR4: 00000000001427e0
Stack:
ffff88021e7cc000 0000000000000000 ffff88020e7f3be8 ffffffffc07e2622
ffff88020e7f3c38 ffffffffc07df69a ffff880232524160 ffff88020e792d80
 0000000000000000 ffff880219b78c00 0000000000000008 ffff8802321686a8
Call Trace:
[<ffffffffc07e2622>] ioeventfd_destructor+0x12/0x20 [kvm]
[<ffffffffc07df69a>] kvm_put_kvm+0xca/0x210 [kvm]
[<ffffffffc07df818>] kvm_vcpu_release+0x18/0x20 [kvm]
[<ffffffff811f69f7>] __fput+0xe7/0x250
[<ffffffff811f6bae>] ____fput+0xe/0x10
[<ffffffff81093f04>] task_work_run+0xd4/0xf0
[<ffffffff81079358>] do_exit+0x368/0xa50
[<ffffffff81082c8f>] ? recalc_sigpending+0x1f/0x60
[<ffffffff81079ad5>] do_group_exit+0x45/0xb0
[<ffffffff81085c71>] get_signal+0x291/0x750
[<ffffffff810144d8>] do_signal+0x28/0xab0
[<ffffffff810f3a3b>] ? do_futex+0xdb/0x5d0
[<ffffffff810b7028>] ? __wake_up_locked_key+0x18/0x20
[<ffffffff810f3fa6>] ? SyS_futex+0x76/0x170
[<ffffffff81014fc9>] do_notify_resume+0x69/0xb0
[<ffffffff817cb9af>] int_signal+0x12/0x17
Code: 5d c3 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb 48 83 ec 08 48 8b 7f 20 e8 06 d6 a5 c0 48 8b 43 08 48 8b 13 48 89 df 48 89 42 08 <48> 89 10 48 b8 00 01 10 00 00
 RIP  [<ffffffffc07e25d8>] ioeventfd_release+0x28/0x60 [kvm]
 RSP <ffff88020e7f3bc8>

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I01fc5035679c780c1d132e5dd18d3373b8be17cc
Cc: stable@vger.kernel.org
Cc: Gleb Natapov <gleb@kernel.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
(cherry picked from commit 0b5ee81826c2d98d40366c4fa435ebf73cfec8fd
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088096

[modify] https://crrev.com/caf487f0ab16e960fb4bf0464644367a643def4f/virt/kvm/eventfd.c

Project Member

Comment 88 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/74a98feeb108551654a0b3c5024d0ee84d317031

commit 74a98feeb108551654a0b3c5024d0ee84d317031
Author: Igor Mammedov <imammedo@redhat.com>
Date: Fri Jun 15 17:53:45 2018

UPSTREAM: kvm: avoid page allocation failure in kvm_set_memory_region()

[ Upstream commit 744961341d472db6272ed9b42319a90f5a2aa7c4 ]

KVM guest can fail to startup with following trace on host:

qemu-system-x86: page allocation failure: order:4, mode:0x40d0
Call Trace:
  dump_stack+0x47/0x67
  warn_alloc_failed+0xee/0x150
  __alloc_pages_direct_compact+0x14a/0x150
  __alloc_pages_nodemask+0x776/0xb80
  alloc_kmem_pages+0x3a/0x110
  kmalloc_order+0x13/0x50
  kmemdup+0x1b/0x40
  __kvm_set_memory_region+0x24a/0x9f0 [kvm]
  kvm_set_ioapic+0x130/0x130 [kvm]
  kvm_set_memory_region+0x21/0x40 [kvm]
  kvm_vm_ioctl+0x43f/0x750 [kvm]

Failure happens when attempting to allocate pages for
'struct kvm_memslots', however it doesn't have to be
present in physically contiguous (kmalloc-ed) address
space, change allocation to kvm_kvzalloc() so that
it will be vmalloc-ed when its size is more then a page.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I62f3fa5e3314547f9b54b39985e27d7edc484086
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
(cherry picked from commit b94e91cc2225ea311e6bb8500f492702e319b348
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088097

[modify] https://crrev.com/74a98feeb108551654a0b3c5024d0ee84d317031/virt/kvm/kvm_main.c

Project Member

Comment 89 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/86b7d4a5647b8d6837ffabc4dc67f606ec6caaf8

commit 86b7d4a5647b8d6837ffabc4dc67f606ec6caaf8
Author: Radim Krčmář <rkrcmar@redhat.com>
Date: Fri Jun 15 17:53:46 2018

UPSTREAM: KVM: use slowpath for cross page cached accesses

[ Upstream commit ca3f0874723fad81d0c701b63ae3a17a408d5f25 ]

kvm_write_guest_cached() does not mark all written pages as dirty and
code comments in kvm_gfn_to_hva_cache_init() talk about NULL memslot
with cross page accesses.  Fix all the easy way.

The check is '<= 1' to have the same result for 'len = 0' cache anywhere
in the page.  (nr_pages_needed is 0 on page boundary.)

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I95ffe795f15ef41a22c2e2b7c922d9735c48ee35
Fixes: 8f964525a121 ("KVM: Allow cross page reads and writes from cached translations.")
Signed-off-by: Radim Krm <rkrcmar@redhat.com>
Message-Id: <20150408121648.GA3519@potion.brq.redhat.com>
Reviewed-by: Wanpeng Li <wanpeng.li@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
(cherry picked from commit 35e1329264c8b2ff71d4c186aabb856710cf9b2f
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088098

[modify] https://crrev.com/86b7d4a5647b8d6837ffabc4dc67f606ec6caaf8/virt/kvm/kvm_main.c

Project Member

Comment 90 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/bdd0f1c1a30715b7e63b35016429418da5136d2d

commit bdd0f1c1a30715b7e63b35016429418da5136d2d
Author: Jason Wang <jasowang@redhat.com>
Date: Fri Jun 15 17:53:48 2018

UPSTREAM: kvm: fix zero length mmio searching

[ Upstream commit 8f4216c7d28976f7ec1b2bcbfa0a9f787133c45e ]

Currently, if we had a zero length mmio eventfd assigned on
KVM_MMIO_BUS. It will never be found by kvm_io_bus_cmp() since it
always compares the kvm_io_range() with the length that guest
wrote. This will cause e.g for vhost, kick will be trapped by qemu
userspace instead of vhost. Fixing this by using zero length if an
iodevice is zero length.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I49c4b669d6910041c502b2c0d46a6dad67ccbb5e
Cc: stable@vger.kernel.org
Cc: Gleb Natapov <gleb@kernel.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
(cherry picked from commit 7d765ce07eff78ab78d09d4acaa3aecb71e322a4
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088099

[modify] https://crrev.com/bdd0f1c1a30715b7e63b35016429418da5136d2d/virt/kvm/kvm_main.c

Project Member

Comment 91 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e39e5b905fb4d08f5b2ee90360b3755cb4dd601b

commit e39e5b905fb4d08f5b2ee90360b3755cb4dd601b
Author: Paolo Bonzini <pbonzini@redhat.com>
Date: Fri Jun 15 17:53:49 2018

UPSTREAM: KVM: fix spin_lock_init order on x86

[ Upstream commit e9ad4ec8379ad1ba6f68b8ca1c26b50b5ae0a327 ]

Moving the initialization earlier is needed in 4.6 because
kvm_arch_init_vm is now using mmu_lock, causing lockdep to
complain:

[  284.440294] INFO: trying to register non-static key.
[  284.445259] the code is fine but needs lockdep annotation.
[  284.450736] turning off the locking correctness validator.
...
[  284.528318]  [<ffffffff810aecc3>] lock_acquire+0xd3/0x240
[  284.533733]  [<ffffffffa0305aa0>] ? kvm_page_track_register_notifier+0x20/0x60 [kvm]
[  284.541467]  [<ffffffff81715581>] _raw_spin_lock+0x41/0x80
[  284.546960]  [<ffffffffa0305aa0>] ? kvm_page_track_register_notifier+0x20/0x60 [kvm]
[  284.554707]  [<ffffffffa0305aa0>] kvm_page_track_register_notifier+0x20/0x60 [kvm]
[  284.562281]  [<ffffffffa02ece70>] kvm_mmu_init_vm+0x20/0x30 [kvm]
[  284.568381]  [<ffffffffa02dbf7a>] kvm_arch_init_vm+0x1ea/0x200 [kvm]
[  284.574740]  [<ffffffffa02bff3f>] kvm_dev_ioctl+0xbf/0x4d0 [kvm]

However, it also helps fixing a preexisting problem, which is why this
patch is also good for stable kernels: kvm_create_vm was incrementing
current->mm->mm_count but not decrementing it at the out_err label (in
case kvm_init_mmu_notifier failed).  The new initialization order makes
it possible to add the required mmdrop without adding a new error label.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I9954d23d83cd3f362668fbf16a3f37746219fb98
Cc: stable@vger.kernel.org
Reported-by: Borislav Petkov <bp@alien8.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
(cherry picked from commit 241a9a816bc95d7bbc7c422c60e880491a59ac1b
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088100

[modify] https://crrev.com/e39e5b905fb4d08f5b2ee90360b3755cb4dd601b/virt/kvm/kvm_main.c

Project Member

Comment 92 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/3a700ff1a96b8b78889f46e54f98c46fbec22214

commit 3a700ff1a96b8b78889f46e54f98c46fbec22214
Author: Xiubo Li <lixiubo@cmss.chinamobile.com>
Date: Fri Jun 15 17:53:51 2018

UPSTREAM: kvm: Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES

[ Upstream commit caf1ff26e1aa178133df68ac3d40815fed2187d9 ]

These days, we experienced one guest crash with 8 cores and 3 disks,
with qemu error logs as bellow:

qemu-system-x86_64: /build/qemu-2.0.0/kvm-all.c:984:
kvm_irqchip_commit_routes: Assertion `ret == 0' failed.

And then we found one patch(bdf026317d) in qemu tree, which said
could fix this bug.

Execute the following script will reproduce the BUG quickly:

irq_affinity.sh
========================================================================

vda_irq_num=25
vdb_irq_num=27
while [ 1 ]
do
    for irq in {1,2,4,8,10,20,40,80}
        do
            echo $irq > /proc/irq/$vda_irq_num/smp_affinity
            echo $irq > /proc/irq/$vdb_irq_num/smp_affinity
            dd if=/dev/vda of=/dev/zero bs=4K count=100 iflag=direct
            dd if=/dev/vdb of=/dev/zero bs=4K count=100 iflag=direct
        done
done
========================================================================

The following qemu log is added in the qemu code and is displayed when
this bug reproduced:

kvm_irqchip_commit_routes: max gsi: 1008, nr_allocated_irq_routes: 1024,
irq_routes->nr: 1024, gsi_count: 1024.

That's to say when irq_routes->nr == 1024, there are 1024 routing entries,
but in the kernel code when routes->nr >= 1024, will just return -EINVAL;

The nr is the number of the routing entries which is in of
[1 ~ KVM_MAX_IRQ_ROUTES], not the index in [0 ~ KVM_MAX_IRQ_ROUTES - 1].

This patch fix the BUG above.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I4df4e08532d1e0c7219c0ab1a0be697d76fef685
Cc: stable@vger.kernel.org
Signed-off-by: Xiubo Li <lixiubo@cmss.chinamobile.com>
Signed-off-by: Wei Tang <tangwei@cmss.chinamobile.com>
Signed-off-by: Zhang Zhuoyu <zhangzhuoyu@cmss.chinamobile.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
(cherry picked from commit 4929b4934f7bf919a97bd8826c929f74915c8e9a
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088101

[modify] https://crrev.com/3a700ff1a96b8b78889f46e54f98c46fbec22214/virt/kvm/kvm_main.c

Project Member

Comment 93 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/0e8ae0aa45fea509c9998a2138d436052b232a3b

commit 0e8ae0aa45fea509c9998a2138d436052b232a3b
Author: Peter Xu <peterx@redhat.com>
Date: Fri Jun 15 17:53:52 2018

UPSTREAM: KVM: x86: clear bus pointer when destroyed

commit df630b8c1e851b5e265dc2ca9c87222e342c093b upstream.

When releasing the bus, let's clear the bus pointers to mark it out. If
any further device unregister happens on this bus, we know that we're
done if we found the bus being released already.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I4ed6cd4b794a6a9c31f12278f0268d128a504e0e
Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Radim Krm <rkrcmar@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit c6216a0f1e3da39f37aba3d43257c8cda172b414
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088102

[modify] https://crrev.com/0e8ae0aa45fea509c9998a2138d436052b232a3b/virt/kvm/kvm_main.c

Project Member

Comment 94 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/88baee0ac36bacfcad83ccddb349d0f520a80683

commit 88baee0ac36bacfcad83ccddb349d0f520a80683
Author: Eric Auger <eric.auger@linaro.org>
Date: Fri Jun 15 17:53:53 2018

UPSTREAM: KVM: introduce kvm_arch_intc_initialized and use it in irqfd

Introduce __KVM_HAVE_ARCH_INTC_INITIALIZED define and
associated kvm_arch_intc_initialized function. This latter
allows to test whether the virtual interrupt controller is initialized
and ready to accept virtual IRQ injection. On some architectures,
the virtual interrupt controller is dynamically instantiated, justifying
that kind of check.

The new function can now be used by irqfd to check whether the
virtual interrupt controller is ready on KVM_IRQFD request. If not,
KVM_IRQFD returns -EAGAIN.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I0de99770faddf56bd992b99b60360a99868da23e
Signed-off-by: Eric Auger <eric.auger@linaro.org>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Reviewed-by: Andre Przywara <andre.przywara@arm.com>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 01c94e64f5a6f298774bdbde435e577821119fc0)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088103

[modify] https://crrev.com/88baee0ac36bacfcad83ccddb349d0f520a80683/virt/kvm/eventfd.c
[modify] https://crrev.com/88baee0ac36bacfcad83ccddb349d0f520a80683/include/linux/kvm_host.h

Project Member

Comment 95 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/65e8d3fbd1c5303b94bb3d82f5979c149fee9950

commit 65e8d3fbd1c5303b94bb3d82f5979c149fee9950
Author: Radim Krcmar <rkrcmar@redhat.com>
Date: Fri Jun 15 17:53:55 2018

UPSTREAM: kvm: remove CONFIG_X86 #ifdefs from files formerly shared with ia64

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I6c0bf19f00d800ec08fefd6e0a6f576553b694aa
Signed-off-by: Radim Krcmar <rkrcmar@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 3bf58e9ae8802bbb6af722a2e7dc4c4d21110c5a)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088104

[modify] https://crrev.com/65e8d3fbd1c5303b94bb3d82f5979c149fee9950/arch/x86/kvm/irq_comm.c
[modify] https://crrev.com/65e8d3fbd1c5303b94bb3d82f5979c149fee9950/arch/x86/kvm/ioapic.c

Project Member

Comment 96 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/20002e923abe109fb6b1792c0e9a0631c4d989fb

commit 20002e923abe109fb6b1792c0e9a0631c4d989fb
Author: Will Deacon <will.deacon@arm.com>
Date: Fri Jun 15 17:53:56 2018

UPSTREAM: KVM: arm64: add workaround for Cortex-A57 erratum #852523

When restoring the system register state for an AArch32 guest at EL2,
writes to DACR32_EL2 may not be correctly synchronised by Cortex-A57,
which can lead to the guest effectively running with junk in the DACR
and running into unexpected domain faults.

This patch works around the issue by re-ordering our restoration of the
AArch32 register aliases so that they happen before the AArch64 system
registers. Ensuring that the registers are restored in this order
guarantees that they will be correctly synchronised by the core.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I608fa153e49751aaed9f13a6e7addf6ccc1fa98c
Cc: <stable@vger.kernel.org>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 43297dda0a51e4ffed0888ce727c218cfb7474b6)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088105

[modify] https://crrev.com/20002e923abe109fb6b1792c0e9a0631c4d989fb/arch/arm64/kvm/hyp.S

Project Member

Comment 97 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/585bb87a78900d095ec1c2173536d9408cada798

commit 585bb87a78900d095ec1c2173536d9408cada798
Author: Marek Majtyka <marek.majtyka@tieto.com>
Date: Fri Jun 15 17:53:58 2018

UPSTREAM: arm: KVM: Fix incorrect device to IPA mapping

A critical bug has been found in device memory stage1 translation for
VMs with more then 4GB of address space. Once vm_pgoff size is smaller
then pa (which is true for LPAE case, u32 and u64 respectively) some
more significant bits of pa may be lost as a shift operation is performed
on u32 and later cast onto u64.

Example: vm_pgoff(u32)=0x00210030, PAGE_SHIFT=12
        expected pa(u64):   0x0000002010030000
        produced pa(u64):   0x0000000010030000

The fix is to change the order of operations (casting first onto phys_addr_t
and then shifting).

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Icb17c157d30720bbb4cde4735a68e1ef5d5caa4c
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
[maz: fixed changelog and patch formatting]
Cc: stable@vger.kernel.org
Signed-off-by: Marek Majtyka <marek.majtyka@tieto.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit ca09f02f122b2ecb0f5ddfc5fd47b29ed657d4fd)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088106

[modify] https://crrev.com/585bb87a78900d095ec1c2173536d9408cada798/arch/arm/kvm/mmu.c

Project Member

Comment 98 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/eda9c9d938509499ada3ece914bcc0a576ce4e4f

commit eda9c9d938509499ada3ece914bcc0a576ce4e4f
Author: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Fri Jun 15 17:53:59 2018

BACKPORT: ARM/arm64: KVM: test properly for a PTE's uncachedness

The open coded tests for checking whether a PTE maps a page as
uncached use a flawed '(pte_val(xxx) & CONST) != CONST' pattern,
which is not guaranteed to work since the type of a mapping is
not a set of mutually exclusive bits

For HYP mappings, the type is an index into the MAIR table (i.e, the
index itself does not contain any information whatsoever about the
type of the mapping), and for stage-2 mappings it is a bit field where
normal memory and device types are defined as follows:

    #define MT_S2_NORMAL            0xf
    #define MT_S2_DEVICE_nGnRE      0x1

I.e., masking *and* comparing with the latter matches on the former,
and we have been getting lucky merely because the S2 device mappings
also have the PTE_UXN bit set, or we would misidentify memory mappings
as device mappings.

Since the unmap_range() code path (which contains one instance of the
flawed test) is used both for HYP mappings and stage-2 mappings, and
considering the difference between the two, it is non-trivial to fix
this by rewriting the tests in place, as it would involve passing
down the type of mapping through all the functions.

However, since HYP mappings and stage-2 mappings both deal with host
physical addresses, we can simply check whether the mapping is backed
by memory that is managed by the host kernel, and only perform the
D-cache maintenance if this is the case.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Icf584d6f75d04e9fe1e13e080773d91315e5e470
Cc: stable@vger.kernel.org
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Tested-by: Pavel Fedin <p.fedin@samsung.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit e6fab54423450d699a09ec2b899473a541f61971)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: context from not having 15a49a44fc3620]
 Conflicts:
	arch/arm/kvm/mmu.c
Reviewed-on: https://chromium-review.googlesource.com/1088107
Reviewed-by: Dylan Reid <dgreid@chromium.org>

[modify] https://crrev.com/eda9c9d938509499ada3ece914bcc0a576ce4e4f/arch/arm/kvm/mmu.c

Project Member

Comment 99 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/5ce52f3aad46a9795f037cf8bcfa84ade962941e

commit 5ce52f3aad46a9795f037cf8bcfa84ade962941e
Author: Mark Rutland <mark.rutland@arm.com>
Date: Fri Jun 15 17:54:01 2018

UPSTREAM: arm64: kvm: avoid %p in __kvm_hyp_panic

Currently __kvm_hyp_panic uses %p for values which are not pointers,
such as the ESR value. This can confusingly lead to "(null)" being
printed for the value.

Use %x instead, and only use %p for host pointers.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ibc305353d30c1dd896b60a417809cb14b5a6bc89
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Cc: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 1d7a4e313abbc7200982e5a68121483a3aa32295)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088108

[modify] https://crrev.com/5ce52f3aad46a9795f037cf8bcfa84ade962941e/arch/arm64/kvm/hyp.S

Project Member

Comment 100 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/98e14b30ebf05afa735301f679bc78aca8b450a7

commit 98e14b30ebf05afa735301f679bc78aca8b450a7
Author: Mark Rutland <mark.rutland@arm.com>
Date: Fri Jun 15 17:54:02 2018

UPSTREAM: arm64: kvm: report original PAR_EL1 upon panic

If we call __kvm_hyp_panic while a guest context is active, we call
__restore_sysregs before acquiring the system register values for the
panic, in the process throwing away the PAR_EL1 value at the point of
the panic.

This patch modifies __kvm_hyp_panic to stash the PAR_EL1 value prior to
restoring host register values, enabling us to report the original
values at the point of the panic.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I4ae3b5e519321d215b9744bc5cd9657ead126f2c
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit fbb4574ce9a37e15a9872860bf202f2be5bdf6c4)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088109

[modify] https://crrev.com/98e14b30ebf05afa735301f679bc78aca8b450a7/arch/arm64/kvm/hyp.S

Project Member

Comment 101 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/3e95401c957e0be89f625f35d1bdb238d23e7118

commit 3e95401c957e0be89f625f35d1bdb238d23e7118
Author: Pavel Fedin <p.fedin@samsung.com>
Date: Fri Jun 15 17:54:04 2018

UPSTREAM: arm64: KVM: Correctly handle zero register during MMIO

On ARM64 register index of 31 corresponds to both zero register and SP.
However, all memory access instructions, use ZR as transfer register. SP
is used only as a base register in indirect memory addressing, or by
register-register arithmetics, which cannot be trapped here.

Correct emulation is achieved by introducing new register accessor
functions, which can do special handling for reg_num == 31. These new
accessors intentionally do not rely on old vcpu_reg() on ARM64, because
it is to be removed. Since the affected code is shared by both ARM
flavours, implementations of these accessors are also added to ARM32 code.

This patch fixes setting MMIO register to a random value (actually SP)
instead of zero by something like:

 *((volatile int *)reg) = 0;

compilers tend to generate "str wzr, [xx]" here

[Marc: Fixed 32bit splat]

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Id1f9f6e04df874a65b30c22fe0008a6020214397
Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit bc45a516fa90b43b1898758d8b53b74c24b954e4)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088110

[modify] https://crrev.com/3e95401c957e0be89f625f35d1bdb238d23e7118/arch/arm/include/asm/kvm_emulate.h
[modify] https://crrev.com/3e95401c957e0be89f625f35d1bdb238d23e7118/arch/arm64/include/asm/kvm_emulate.h
[modify] https://crrev.com/3e95401c957e0be89f625f35d1bdb238d23e7118/arch/arm/kvm/mmio.c

Project Member

Comment 102 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/92d242faeaf27c33b9b467c54bda3c91ffc1318d

commit 92d242faeaf27c33b9b467c54bda3c91ffc1318d
Author: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Fri Jun 15 17:54:05 2018

UPSTREAM: ARM/arm64: KVM: correct PTE uncachedness check

Commit e6fab5442345 ("ARM/arm64: KVM: test properly for a PTE's
uncachedness") modified the logic to test whether a HYP or stage-2
mapping needs flushing, from [incorrectly] interpreting the page table
attributes to [incorrectly] checking whether the PFN that backs the
mapping is covered by host system RAM. The PFN number is part of the
output of the translation, not the input, so we have to use pte_pfn()
on the contents of the PTE, not __phys_to_pfn() on the HYP virtual
address or stage-2 intermediate physical address.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I7237d9c49449de357c3709cc0c42f84bbd73b0e0
Fixes: e6fab5442345 ("ARM/arm64: KVM: test properly for a PTE's uncachedness")
Cc: stable@vger.kernel.org
Tested-by: Pavel Fedin <p.fedin@samsung.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 0de58f852875a0f0dcfb120bb8433e4e73c7803b)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088111

[modify] https://crrev.com/92d242faeaf27c33b9b467c54bda3c91ffc1318d/arch/arm/kvm/mmu.c

Project Member

Comment 103 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/6a43ef6b3b3044e35f605f8b04803b1d78e11bf0

commit 6a43ef6b3b3044e35f605f8b04803b1d78e11bf0
Author: Wei Huang <wei@redhat.com>
Date: Fri Jun 15 17:54:07 2018

BACKPORT: arm/arm64: KVM : Enable vhost device selection under KVM config menu

vhost drivers provide guest VMs with better I/O performance and lower
CPU utilization. This patch allows users to select vhost devices under
KVM configuration menu on ARM. This makes vhost support on arm/arm64
on a par with other architectures (e.g. x86, ppc).

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I48ea02f2c0160a809307b86b1a149c55d0319d2f
Signed-off-by: Wei Huang <wei@redhat.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 75755c6d02df9e9b959b3066c12de5494907e3d9)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: context conflicts]
 Conflicts:
	arch/arm/kvm/Kconfig
	arch/arm64/kvm/Kconfig
Reviewed-on: https://chromium-review.googlesource.com/1088112
Reviewed-by: Dylan Reid <dgreid@chromium.org>

[modify] https://crrev.com/6a43ef6b3b3044e35f605f8b04803b1d78e11bf0/arch/arm/kvm/Kconfig
[modify] https://crrev.com/6a43ef6b3b3044e35f605f8b04803b1d78e11bf0/arch/arm64/kvm/Kconfig

Project Member

Comment 104 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/88e8415d81d67f331660639c5edf6dc41056d44c

commit 88e8415d81d67f331660639c5edf6dc41056d44c
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Fri Jun 15 17:54:08 2018

UPSTREAM: arm64: KVM: Fix AArch32 to AArch64 register mapping

When running a 32bit guest under a 64bit hypervisor, the ARMv8
architecture defines a mapping of the 32bit registers in the 64bit
space. This includes banked registers that are being demultiplexed
over the 64bit ones.

On exceptions caused by an operation involving a 32bit register, the
HW exposes the register number in the ESR_EL2 register. It was so
far understood that SW had to distinguish between AArch32 and AArch64
accesses (based on the current AArch32 mode and register number).

It turns out that I misinterpreted the ARM ARM, and the clue is in
D1.20.1: "For some exceptions, the exception syndrome given in the
ESR_ELx identifies one or more register numbers from the issued
instruction that generated the exception. Where the exception is
taken from an Exception level using AArch32 these register numbers
give the AArch64 view of the register."

Which means that the HW is already giving us the translated version,
and that we shouldn't try to interpret it at all (for example, doing
an MMIO operation from the IRQ mode using the LR register leads to
very unexpected behaviours).

The fix is thus not to perform a call to vcpu_reg32() at all from
vcpu_reg(), and use whatever register number is supplied directly.
The only case we need to find out about the mapping is when we
actively generate a register access, which only occurs when injecting
a fault in a guest.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I70f44eb71c865d22d75988ffb002b414d8b7f488
Cc: stable@vger.kernel.org
Reviewed-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit c0f0963464c24e034b858441205455bf2a5d93ad)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088113

[modify] https://crrev.com/88e8415d81d67f331660639c5edf6dc41056d44c/arch/arm64/kvm/inject_fault.c
[modify] https://crrev.com/88e8415d81d67f331660639c5edf6dc41056d44c/arch/arm64/include/asm/kvm_emulate.h

Project Member

Comment 105 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/8e999bc5c65b35462378bdc0aa54c00497edf952

commit 8e999bc5c65b35462378bdc0aa54c00497edf952
Author: Tiejun Chen <tiejun.chen@intel.com>
Date: Fri Jun 15 17:54:10 2018

UPSTREAM: kvm: remove one useless check extension

We already check KVM_CAP_IRQFD in generic once enable CONFIG_HAVE_KVM_IRQFD,

kvm_vm_ioctl_check_extension_generic()
    |
    + switch (arg) {
    +   ...
    +   #ifdef CONFIG_HAVE_KVM_IRQFD
    +       case KVM_CAP_IRQFD:
    +   #endif
    +   ...
    +   return 1;
    +   ...
    + }
    |
    + kvm_vm_ioctl_check_extension()

So its not necessary to check this in arch again, and also fix one typo,
s/emlation/emulation.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I685c7a418777528890f95743f37160299b5bf6b2
Signed-off-by: Tiejun Chen <tiejun.chen@intel.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit ea2c6d9745c6698d9f820bc230aa1a80d9e908ac)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088114

[modify] https://crrev.com/8e999bc5c65b35462378bdc0aa54c00497edf952/include/uapi/linux/kvm.h
[modify] https://crrev.com/8e999bc5c65b35462378bdc0aa54c00497edf952/arch/arm/kvm/arm.c

Project Member

Comment 106 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/9b86763f07bc5781af6f959bc976aa1adaa88a45

commit 9b86763f07bc5781af6f959bc976aa1adaa88a45
Author: Christoffer Dall <christoffer.dall@linaro.org>
Date: Fri Jun 15 17:54:11 2018

BACKPORT: arm/arm64: KVM: Properly account for guest CPU time

Until now we have been calling kvm_guest_exit after re-enabling
interrupts when we come back from the guest, but this has the
unfortunate effect that CPU time accounting done in the context of timer
interrupts occurring while the guest is running doesn't properly notice
that the time since the last tick was spent in the guest.

Inspired by the comment in the x86 code, move the kvm_guest_exit() call
below the local_irq_enable() call and change __kvm_guest_exit() to
kvm_guest_exit(), because we are now calling this function with
interrupts enabled.  We have to now explicitly disable preemption and
not enable preemption before we've called kvm_guest_exit(), since
otherwise we could be preempted and everything happening before we
eventually get scheduled again would be accounted for as guest time.

At the same time, move the trace_kvm_exit() call outside of the atomic
section, since there is no reason for us to do that with interrupts
disabled.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I6d763052dcce0cfd84f5a1e72b19440489713204
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 1b3d546daf85ed2bc9966e12cee3e6435fb65eca)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
[SR: context from not having ccf73aaf5ad]
 Conflicts:
	arch/arm/kvm/arm.c
Reviewed-on: https://chromium-review.googlesource.com/1088115
Reviewed-by: Dylan Reid <dgreid@chromium.org>

[modify] https://crrev.com/9b86763f07bc5781af6f959bc976aa1adaa88a45/arch/arm/kvm/arm.c

Project Member

Comment 107 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/8196b67f580702dc06eb5c70635ce87c803c7840

commit 8196b67f580702dc06eb5c70635ce87c803c7840
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Fri Jun 15 17:54:12 2018

UPSTREAM: arm/arm64: KVM: Fix ordering of timer/GIC on guest entry

As we now inject the timer interrupt when we're about to enter
the guest, it makes a lot more sense to make sure this happens
before the vgic code queues the pending interrupts.

Otherwise, we get the interrupt on the following exit, which is
not great for latency (and leads to all kind of bizarre issues
when using with active interrupts at the HW level).

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I1f2ed9c288ee6d366de5a13447df7a800dd04dcf
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Reviewed-by: Alex Benne <alex.bennee@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 9a99d050705318d1cb27979e1c810464347db9db)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088116

[modify] https://crrev.com/8196b67f580702dc06eb5c70635ce87c803c7840/arch/arm/kvm/arm.c

Project Member

Comment 108 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/95f5ae90f59a28f847e3349c909c9cad86694460

commit 95f5ae90f59a28f847e3349c909c9cad86694460
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Fri Jun 15 17:54:14 2018

UPSTREAM: arm/arm64: KVM: Move vgic handling to a non-preemptible section

As we're about to introduce some serious GIC-poking to the vgic code,
it is important to make sure that we're going to poke the part of
the GIC that belongs to the CPU we're about to run on (otherwise,
we'd end up with some unexpected interrupts firing)...

Introducing a non-preemptible section in kvm_arch_vcpu_ioctl_run
prevents the problem from occuring.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Id3193c916625161b15520bb62879d62779fac968
Reviewed-by: Alex Benne <alex.bennee@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit abdf58438356c7baf34bdd98084b094ca3a6a23f)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088117

[modify] https://crrev.com/95f5ae90f59a28f847e3349c909c9cad86694460/arch/arm/kvm/arm.c

Project Member

Comment 109 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/b01c22181d32532c16ad7f90af8cb64f7ce26083

commit b01c22181d32532c16ad7f90af8cb64f7ce26083
Author: Marc Zyngier <marc.zyngier@arm.com>
Date: Fri Jun 15 17:54:15 2018

UPSTREAM: KVM: arm/arm64: vgic: Allow dynamic mapping of physical/virtual interrupts

In order to be able to feed physical interrupts to a guest, we need
to be able to establish the virtual-physical mapping between the two
worlds.

The mappings are kept in a set of RCU lists, indexed by virtual interrupts.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I99b66679aa0694f34cb55d236297bfa0245c8f94
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit 6c3d63c9a26ba56e2ca63a9f68d52f77ae551d91)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088118

[modify] https://crrev.com/b01c22181d32532c16ad7f90af8cb64f7ce26083/include/kvm/arm_vgic.h
[modify] https://crrev.com/b01c22181d32532c16ad7f90af8cb64f7ce26083/virt/kvm/arm/vgic.c
[modify] https://crrev.com/b01c22181d32532c16ad7f90af8cb64f7ce26083/arch/arm/kvm/arm.c

Project Member

Comment 110 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/ff0ca8693dda72f58008c7008ad5f4c96f47c603

commit ff0ca8693dda72f58008c7008ad5f4c96f47c603
Author: Pavel Fedin <p.fedin@samsung.com>
Date: Fri Jun 15 17:54:17 2018

UPSTREAM: arm/arm64: KVM: vgic: Check for !irqchip_in_kernel() when mapping resources

Until b26e5fdac43c ("arm/arm64: KVM: introduce per-VM ops"),
kvm_vgic_map_resources() used to include a check on irqchip_in_kernel(),
and vgic_v2_map_resources() still has it.

But now vm_ops are not initialized until we call kvm_vgic_create().
Therefore kvm_vgic_map_resources() can being called without a VGIC,
and we die because vm_ops.map_resources is NULL.

Fixing this restores QEMU's kernel-irqchip=off option to a working state,
allowing to use GIC emulation in userspace.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Ie9f0d8ef31c3910d442b79d98e368d4b395858a3
Fixes: b26e5fdac43c ("arm/arm64: KVM: introduce per-VM ops")
Cc: stable@vger.kernel.org
Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
[maz: reworked commit message]
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
(cherry picked from commit c2f58514cfb374d5368c9da945f1765cd48eb0da)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088119

[modify] https://crrev.com/ff0ca8693dda72f58008c7008ad5f4c96f47c603/arch/arm/kvm/arm.c

Project Member

Comment 111 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/96d394f5f563551924132c1137ec28d7e1be9bf0

commit 96d394f5f563551924132c1137ec28d7e1be9bf0
Author: Pavel Fedin <p.fedin@samsung.com>
Date: Fri Jun 15 17:54:18 2018

UPSTREAM: KVM: arm/arm64: Fix memory leak if timer initialization fails

Jump to correct label and free kvm_host_cpu_state

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I496996ef7426394984da880dcf06e1335b67ee5f
Reviewed-by: Wei Huang <wei@redhat.com>
Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
(cherry picked from commit 399ea0f6bcd318af94ec8e4ffe96703ed674f22e)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088120

[modify] https://crrev.com/96d394f5f563551924132c1137ec28d7e1be9bf0/arch/arm/kvm/arm.c

Project Member

Comment 112 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/0d5b8fdacbe7c46b4b92b1840c2fa6d4052d03ec

commit 0d5b8fdacbe7c46b4b92b1840c2fa6d4052d03ec
Author: Mark Rutland <mark.rutland@arm.com>
Date: Fri Jun 15 17:54:20 2018

UPSTREAM: arm: KVM: Survive unknown traps from guests

[ Upstream commit f050fe7a9164945dd1c28be05bf00e8cfb082ccf ]

Currently we BUG() if we see a HSR.EC value we don't recognise. As
configurable disables/enables are added to the architecture (controlled
by RES1/RES0 bits respectively), with associated synchronous exceptions,
it may be possible for a guest to trigger exceptions with classes that
we don't recognise.

While we can't service these exceptions in a manner useful to the guest,
we can avoid bringing down the host. Per ARM DDI 0406C.c, all currently
unallocated HSR EC encodings are reserved, and per ARM DDI
0487A.k_iss10775, page G6-4395, EC values within the range 0x00 - 0x2c
are reserved for future use with synchronous exceptions, and EC values
within the range 0x2d - 0x3f may be used for either synchronous or
asynchronous exceptions.

The patch makes KVM handle any unknown EC by injecting an UNDEFINED
exception into the guest, with a corresponding (ratelimited) warning in
the host dmesg. We could later improve on this with with a new (opt-in)
exit to the host userspace.

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: I8bfc36d0fd8c53d39493680fb1097e469ef1fa76
Cc: Dave Martin <dave.martin@arm.com>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 5dc5c8e6551541fa9502b15dd5532c01273fa1f3
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088121

[modify] https://crrev.com/0d5b8fdacbe7c46b4b92b1840c2fa6d4052d03ec/arch/arm/include/asm/kvm_arm.h
[modify] https://crrev.com/0d5b8fdacbe7c46b4b92b1840c2fa6d4052d03ec/arch/arm/kvm/handle_exit.c

Project Member

Comment 113 by bugdroid1@chromium.org, Jun 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/kernel/+/801e4a44dc3112a32db485708e83aaf17e332658

commit 801e4a44dc3112a32db485708e83aaf17e332658
Author: Wanpeng Li <wanpeng.li@hotmail.com>
Date: Fri Jun 15 17:54:21 2018

UPSTREAM: KVM: Fix stack-out-of-bounds read in write_mmio

commit e39d200fa5bf5b94a0948db0dae44c1b73b84a56 upstream.

Reported by syzkaller:

  BUG: KASAN: stack-out-of-bounds in write_mmio+0x11e/0x270 [kvm]
  Read of size 8 at addr ffff8803259df7f8 by task syz-executor/32298

  CPU: 6 PID: 32298 Comm: syz-executor Tainted: G           OE    4.15.0-rc2+ #18
  Hardware name: LENOVO ThinkCentre M8500t-N000/SHARKBAY, BIOS FBKTC1AUS 02/16/2016
  Call Trace:
   dump_stack+0xab/0xe1
   print_address_description+0x6b/0x290
   kasan_report+0x28a/0x370
   write_mmio+0x11e/0x270 [kvm]
   emulator_read_write_onepage+0x311/0x600 [kvm]
   emulator_read_write+0xef/0x240 [kvm]
   emulator_fix_hypercall+0x105/0x150 [kvm]
   em_hypercall+0x2b/0x80 [kvm]
   x86_emulate_insn+0x2b1/0x1640 [kvm]
   x86_emulate_instruction+0x39a/0xb90 [kvm]
   handle_exception+0x1b4/0x4d0 [kvm_intel]
   vcpu_enter_guest+0x15a0/0x2640 [kvm]
   kvm_arch_vcpu_ioctl_run+0x549/0x7d0 [kvm]
   kvm_vcpu_ioctl+0x479/0x880 [kvm]
   do_vfs_ioctl+0x142/0x9a0
   SyS_ioctl+0x74/0x80
   entry_SYSCALL_64_fastpath+0x23/0x9a

The path of patched vmmcall will patch 3 bytes opcode 0F 01 C1(vmcall)
to the guest memory, however, write_mmio tracepoint always prints 8 bytes
through *(u64 *)val since kvm splits the mmio access into 8 bytes. This
leaks 5 bytes from the kernel stack (CVE-2017-17741).  This patch fixes
it by just accessing the bytes which we operate on.

Before patch:

syz-executor-5567  [007] .... 51370.561696: kvm_mmio: mmio write len 3 gpa 0x10 val 0x1ffff10077c1010f

After patch:

syz-executor-13416 [002] .... 51302.299573: kvm_mmio: mmio write len 3 gpa 0x10 val 0xc1010f

BUG=chromium:846515
TEST=build/boot on hana with USE=kvm_host

Change-Id: Iecffb5fc7703164e5a312eb1246470ad63ef83f6
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Tested-by: Marc Zyngier <marc.zyngier@arm.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krm <rkrcmar@redhat.com>
Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit eb91461daa77eb0ddb4c24aa427051f3669ba1f3
 in https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/)
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1088122

[modify] https://crrev.com/801e4a44dc3112a32db485708e83aaf17e332658/arch/arm/kvm/mmio.c
[modify] https://crrev.com/801e4a44dc3112a32db485708e83aaf17e332658/arch/x86/kvm/x86.c
[modify] https://crrev.com/801e4a44dc3112a32db485708e83aaf17e332658/include/trace/events/kvm.h

Status: Fixed (was: Started)
Support has landed now.  I just need to get the Spectre v2 fixes backported to 3.18 now which has been more of a pain so far.
Showing comments 15 - 114 of 114 Older

Sign in to add a comment