From: Cornelia Huck <cohuck@redhat.com>
To: Sean Christopherson <sean.j.christopherson@intel.com>
Cc: linux-s390@vger.kernel.org, Janosch Frank <frankja@linux.ibm.com>,
kvm@vger.kernel.org, Marc Zyngier <marc.zyngier@arm.com>,
James Hogan <jhogan@kernel.org>,
David Hildenbrand <david@redhat.com>,
kvm-ppc@vger.kernel.org, linux-mips@vger.kernel.org,
Paul Mackerras <paulus@ozlabs.org>,
Christian Borntraeger <borntraeger@de.ibm.com>,
Xiao Guangrong <guangrong.xiao@gmail.com>,
Paolo Bonzini <pbonzini@redhat.com>,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v2 01/27] KVM: Call kvm_arch_memslots_updated() before updating memslots
Date: Wed, 06 Feb 2019 09:12:11 +0000 [thread overview]
Message-ID: <20190206101211.253cfbd9.cohuck@redhat.com> (raw)
In-Reply-To: <20190205205443.1059-2-sean.j.christopherson@intel.com>
On Tue, 5 Feb 2019 12:54:17 -0800
Sean Christopherson <sean.j.christopherson@intel.com> wrote:
> kvm_arch_memslots_updated() is at this point in time an x86-specific
> hook for handling MMIO generation wraparound. x86 stashes 19 bits of
> the memslots generation number in its MMIO sptes in order to avoid
> full page fault walks for repeat faults on emulated MMIO addresses.
> Because only 19 bits are used, wrapping the MMIO generation number is
> possible, if unlikely. kvm_arch_memslots_updated() alerts x86 that
> the generation has changed so that it can invalidate all MMIO sptes in
> case the effective MMIO generation has wrapped so as to avoid using a
> stale spte, e.g. a (very) old spte that was created with generation=0.
>
> Given that the purpose of kvm_arch_memslots_updated() is to prevent
> consuming stale entries, it needs to be called before the new generation
> is propagated to memslots. Invalidating the MMIO sptes after updating
> memslots means that there is a window where a vCPU could dereference
> the new memslots generation, e.g. 0, and incorrectly reuse an old MMIO
> spte that was created with (pre-wrap) generation=0.
>
> Fixes: e59dbe09f8e6 ("KVM: Introduce kvm_arch_memslots_updated()")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> ---
> arch/mips/include/asm/kvm_host.h | 2 +-
> arch/powerpc/include/asm/kvm_host.h | 2 +-
> arch/s390/include/asm/kvm_host.h | 2 +-
> arch/x86/include/asm/kvm_host.h | 2 +-
> arch/x86/kvm/mmu.c | 4 ++--
> arch/x86/kvm/x86.c | 4 ++--
> include/linux/kvm_host.h | 2 +-
> virt/kvm/arm/mmu.c | 2 +-
> virt/kvm/kvm_main.c | 7 +++++--
> 9 files changed, 15 insertions(+), 12 deletions(-)
Not an x86 person, but I think that makes sense.
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
WARNING: multiple messages have this Message-ID (diff)
From: Cornelia Huck <cohuck@redhat.com>
To: Sean Christopherson <sean.j.christopherson@intel.com>
Cc: linux-s390@vger.kernel.org, Janosch Frank <frankja@linux.ibm.com>,
kvm@vger.kernel.org, Marc Zyngier <marc.zyngier@arm.com>,
James Hogan <jhogan@kernel.org>,
David Hildenbrand <david@redhat.com>,
kvm-ppc@vger.kernel.org, linux-mips@vger.kernel.org,
Paul Mackerras <paulus@ozlabs.org>,
Christian Borntraeger <borntraeger@de.ibm.com>,
Xiao Guangrong <guangrong.xiao@gmail.com>,
Paolo Bonzini <pbonzini@redhat.com>,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v2 01/27] KVM: Call kvm_arch_memslots_updated() before updating memslots
Date: Wed, 6 Feb 2019 10:12:11 +0100 [thread overview]
Message-ID: <20190206101211.253cfbd9.cohuck@redhat.com> (raw)
In-Reply-To: <20190205205443.1059-2-sean.j.christopherson@intel.com>
On Tue, 5 Feb 2019 12:54:17 -0800
Sean Christopherson <sean.j.christopherson@intel.com> wrote:
> kvm_arch_memslots_updated() is at this point in time an x86-specific
> hook for handling MMIO generation wraparound. x86 stashes 19 bits of
> the memslots generation number in its MMIO sptes in order to avoid
> full page fault walks for repeat faults on emulated MMIO addresses.
> Because only 19 bits are used, wrapping the MMIO generation number is
> possible, if unlikely. kvm_arch_memslots_updated() alerts x86 that
> the generation has changed so that it can invalidate all MMIO sptes in
> case the effective MMIO generation has wrapped so as to avoid using a
> stale spte, e.g. a (very) old spte that was created with generation==0.
>
> Given that the purpose of kvm_arch_memslots_updated() is to prevent
> consuming stale entries, it needs to be called before the new generation
> is propagated to memslots. Invalidating the MMIO sptes after updating
> memslots means that there is a window where a vCPU could dereference
> the new memslots generation, e.g. 0, and incorrectly reuse an old MMIO
> spte that was created with (pre-wrap) generation==0.
>
> Fixes: e59dbe09f8e6 ("KVM: Introduce kvm_arch_memslots_updated()")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> ---
> arch/mips/include/asm/kvm_host.h | 2 +-
> arch/powerpc/include/asm/kvm_host.h | 2 +-
> arch/s390/include/asm/kvm_host.h | 2 +-
> arch/x86/include/asm/kvm_host.h | 2 +-
> arch/x86/kvm/mmu.c | 4 ++--
> arch/x86/kvm/x86.c | 4 ++--
> include/linux/kvm_host.h | 2 +-
> virt/kvm/arm/mmu.c | 2 +-
> virt/kvm/kvm_main.c | 7 +++++--
> 9 files changed, 15 insertions(+), 12 deletions(-)
Not an x86 person, but I think that makes sense.
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
WARNING: multiple messages have this Message-ID (diff)
From: Cornelia Huck <cohuck@redhat.com>
To: Sean Christopherson <sean.j.christopherson@intel.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"James Hogan" <jhogan@kernel.org>,
"Paul Mackerras" <paulus@ozlabs.org>,
"Christian Borntraeger" <borntraeger@de.ibm.com>,
"Janosch Frank" <frankja@linux.ibm.com>,
"Christoffer Dall" <christoffer.dall@arm.com>,
"Marc Zyngier" <marc.zyngier@arm.com>,
"David Hildenbrand" <david@redhat.com>,
kvm@vger.kernel.org, linux-mips@vger.kernel.org,
kvm-ppc@vger.kernel.org, linux-s390@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
kvmarm@lists.cs.columbia.edu,
"Xiao Guangrong" <guangrong.xiao@gmail.com>
Subject: Re: [PATCH v2 01/27] KVM: Call kvm_arch_memslots_updated() before updating memslots
Date: Wed, 6 Feb 2019 10:12:11 +0100 [thread overview]
Message-ID: <20190206101211.253cfbd9.cohuck@redhat.com> (raw)
In-Reply-To: <20190205205443.1059-2-sean.j.christopherson@intel.com>
On Tue, 5 Feb 2019 12:54:17 -0800
Sean Christopherson <sean.j.christopherson@intel.com> wrote:
> kvm_arch_memslots_updated() is at this point in time an x86-specific
> hook for handling MMIO generation wraparound. x86 stashes 19 bits of
> the memslots generation number in its MMIO sptes in order to avoid
> full page fault walks for repeat faults on emulated MMIO addresses.
> Because only 19 bits are used, wrapping the MMIO generation number is
> possible, if unlikely. kvm_arch_memslots_updated() alerts x86 that
> the generation has changed so that it can invalidate all MMIO sptes in
> case the effective MMIO generation has wrapped so as to avoid using a
> stale spte, e.g. a (very) old spte that was created with generation==0.
>
> Given that the purpose of kvm_arch_memslots_updated() is to prevent
> consuming stale entries, it needs to be called before the new generation
> is propagated to memslots. Invalidating the MMIO sptes after updating
> memslots means that there is a window where a vCPU could dereference
> the new memslots generation, e.g. 0, and incorrectly reuse an old MMIO
> spte that was created with (pre-wrap) generation==0.
>
> Fixes: e59dbe09f8e6 ("KVM: Introduce kvm_arch_memslots_updated()")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> ---
> arch/mips/include/asm/kvm_host.h | 2 +-
> arch/powerpc/include/asm/kvm_host.h | 2 +-
> arch/s390/include/asm/kvm_host.h | 2 +-
> arch/x86/include/asm/kvm_host.h | 2 +-
> arch/x86/kvm/mmu.c | 4 ++--
> arch/x86/kvm/x86.c | 4 ++--
> include/linux/kvm_host.h | 2 +-
> virt/kvm/arm/mmu.c | 2 +-
> virt/kvm/kvm_main.c | 7 +++++--
> 9 files changed, 15 insertions(+), 12 deletions(-)
Not an x86 person, but I think that makes sense.
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
WARNING: multiple messages have this Message-ID (diff)
From: Cornelia Huck <cohuck@redhat.com>
To: Sean Christopherson <sean.j.christopherson@intel.com>
Cc: linux-s390@vger.kernel.org,
"Janosch Frank" <frankja@linux.ibm.com>,
kvm@vger.kernel.org, "Radim Krčmář" <rkrcmar@redhat.com>,
"Marc Zyngier" <marc.zyngier@arm.com>,
"James Hogan" <jhogan@kernel.org>,
"David Hildenbrand" <david@redhat.com>,
"Christoffer Dall" <christoffer.dall@arm.com>,
kvm-ppc@vger.kernel.org, linux-mips@vger.kernel.org,
"Paul Mackerras" <paulus@ozlabs.org>,
"Christian Borntraeger" <borntraeger@de.ibm.com>,
"Xiao Guangrong" <guangrong.xiao@gmail.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
kvmarm@lists.cs.columbia.edu,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v2 01/27] KVM: Call kvm_arch_memslots_updated() before updating memslots
Date: Wed, 6 Feb 2019 10:12:11 +0100 [thread overview]
Message-ID: <20190206101211.253cfbd9.cohuck@redhat.com> (raw)
In-Reply-To: <20190205205443.1059-2-sean.j.christopherson@intel.com>
On Tue, 5 Feb 2019 12:54:17 -0800
Sean Christopherson <sean.j.christopherson@intel.com> wrote:
> kvm_arch_memslots_updated() is at this point in time an x86-specific
> hook for handling MMIO generation wraparound. x86 stashes 19 bits of
> the memslots generation number in its MMIO sptes in order to avoid
> full page fault walks for repeat faults on emulated MMIO addresses.
> Because only 19 bits are used, wrapping the MMIO generation number is
> possible, if unlikely. kvm_arch_memslots_updated() alerts x86 that
> the generation has changed so that it can invalidate all MMIO sptes in
> case the effective MMIO generation has wrapped so as to avoid using a
> stale spte, e.g. a (very) old spte that was created with generation==0.
>
> Given that the purpose of kvm_arch_memslots_updated() is to prevent
> consuming stale entries, it needs to be called before the new generation
> is propagated to memslots. Invalidating the MMIO sptes after updating
> memslots means that there is a window where a vCPU could dereference
> the new memslots generation, e.g. 0, and incorrectly reuse an old MMIO
> spte that was created with (pre-wrap) generation==0.
>
> Fixes: e59dbe09f8e6 ("KVM: Introduce kvm_arch_memslots_updated()")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> ---
> arch/mips/include/asm/kvm_host.h | 2 +-
> arch/powerpc/include/asm/kvm_host.h | 2 +-
> arch/s390/include/asm/kvm_host.h | 2 +-
> arch/x86/include/asm/kvm_host.h | 2 +-
> arch/x86/kvm/mmu.c | 4 ++--
> arch/x86/kvm/x86.c | 4 ++--
> include/linux/kvm_host.h | 2 +-
> virt/kvm/arm/mmu.c | 2 +-
> virt/kvm/kvm_main.c | 7 +++++--
> 9 files changed, 15 insertions(+), 12 deletions(-)
Not an x86 person, but I think that makes sense.
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-02-06 9:12 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-05 20:54 [PATCH v2 00/27] KVM: x86/mmu: Remove fast invalidate mechanism Sean Christopherson
2019-02-05 20:54 ` Sean Christopherson
2019-02-05 20:54 ` Sean Christopherson
2019-02-05 20:54 ` Sean Christopherson
2019-02-05 20:54 ` [PATCH v2 01/27] KVM: Call kvm_arch_memslots_updated() before updating memslots Sean Christopherson
2019-02-05 20:54 ` Sean Christopherson
2019-02-05 20:54 ` Sean Christopherson
2019-02-05 20:54 ` Sean Christopherson
2019-02-06 9:12 ` Cornelia Huck [this message]
2019-02-06 9:12 ` Cornelia Huck
2019-02-06 9:12 ` Cornelia Huck
2019-02-06 9:12 ` Cornelia Huck
2019-02-12 12:36 ` [PATCH v2 00/27] KVM: x86/mmu: Remove fast invalidate mechanism Paolo Bonzini
2019-02-12 12:36 ` Paolo Bonzini
2019-02-12 12:36 ` Paolo Bonzini
2019-02-12 12:36 ` Paolo Bonzini
[not found] ` <20190205210137.1377-11-sean.j.christopherson@intel.com>
2019-08-13 16:04 ` [PATCH v2 11/27] KVM: x86/mmu: Zap only the relevant pages when removing a memslot Alex Williamson
2019-08-13 17:04 ` Sean Christopherson
2019-08-13 17:57 ` Alex Williamson
2019-08-13 19:33 ` Alex Williamson
2019-08-13 20:19 ` Sean Christopherson
2019-08-13 20:37 ` Paolo Bonzini
2019-08-13 21:14 ` Alex Williamson
2019-08-13 21:15 ` Paolo Bonzini
2019-08-13 22:10 ` Alex Williamson
2019-08-15 14:46 ` Sean Christopherson
2019-08-15 15:23 ` Alex Williamson
2019-08-15 16:00 ` Sean Christopherson
2019-08-15 18:16 ` Alex Williamson
2019-08-15 19:25 ` Sean Christopherson
2019-08-15 20:11 ` Alex Williamson
2019-08-19 16:03 ` Paolo Bonzini
2019-08-20 20:03 ` Sean Christopherson
2019-08-20 20:42 ` Alex Williamson
2019-08-20 21:02 ` Sean Christopherson
2019-08-21 19:08 ` Alex Williamson
2019-08-21 19:35 ` Alex Williamson
2019-08-21 20:30 ` Sean Christopherson
2019-08-23 2:25 ` Sean Christopherson
2019-08-23 22:05 ` Alex Williamson
2019-08-21 20:10 ` Sean Christopherson
2019-08-26 7:36 ` Tian, Kevin
2019-08-26 14:56 ` Sean Christopherson
2020-06-26 17:32 ` Sean Christopherson
2022-10-20 18:31 ` Alexander Graf
2022-10-20 20:37 ` Sean Christopherson
2022-10-20 21:06 ` Alexander Graf
2022-10-21 19:40 ` Sean Christopherson
2022-10-24 6:12 ` Alexander Graf
2022-10-24 15:55 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190206101211.253cfbd9.cohuck@redhat.com \
--to=cohuck@redhat.com \
--cc=borntraeger@de.ibm.com \
--cc=david@redhat.com \
--cc=frankja@linux.ibm.com \
--cc=guangrong.xiao@gmail.com \
--cc=jhogan@kernel.org \
--cc=kvm-ppc@vger.kernel.org \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=marc.zyngier@arm.com \
--cc=paulus@ozlabs.org \
--cc=pbonzini@redhat.com \
--cc=sean.j.christopherson@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.