From: Tianyu Lan <ltykernel@gmail.com>
To: luto@kernel.org, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org,
hpa@zytor.com, seanjc@google.com, pbonzini@redhat.com,
jgross@suse.com, tiala@microsoft.com, kirill@shutemov.name,
jiangshan.ljs@antgroup.com, peterz@infradead.org,
ashish.kalra@amd.com, srutherford@google.com,
akpm@linux-foundation.org, anshuman.khandual@arm.com,
pawan.kumar.gupta@linux.intel.com, adrian.hunter@intel.com,
daniel.sneddon@linux.intel.com,
alexander.shishkin@linux.intel.com, sandipan.das@amd.com,
ray.huang@amd.com, brijesh.singh@amd.com, michael.roth@amd.com,
thomas.lendacky@amd.com, venu.busireddy@oracle.com,
sterritt@google.com, tony.luck@intel.com,
samitolvanen@google.com, fenghua.yu@intel.com
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
linux-hyperv@vger.kernel.org, linux-arch@vger.kernel.org
Subject: [RFC PATCH V2 18/18] x86/sev: Fix interrupt exit code paths from #HV exception
Date: Fri, 18 Nov 2022 22:46:32 -0500 [thread overview]
Message-ID: <20221119034633.1728632-19-ltykernel@gmail.com> (raw)
In-Reply-To: <20221119034633.1728632-1-ltykernel@gmail.com>
From: Ashish Kalra <ashish.kalra@amd.com>
Add checks in interrupt exit code paths in case of returns
to user mode to check if currently executing the #HV handler
then don't follow the irqentry_exit_to_user_mode path as
that can potentially cause the #HV handler to be
preempted and rescheduled on another CPU. Rescheduled #HV
handler on another cpu will cause interrupts to be handled
on a different cpu than the injected one, causing
invalid EOIs and missed/lost guest interrupts and
corresponding hangs and/or per-cpu IRQs handled on
non-intended cpu.
Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
---
arch/x86/include/asm/idtentry.h | 66 +++++++++++++++++++++++++++++++++
arch/x86/kernel/sev.c | 30 +++++++++++++++
2 files changed, 96 insertions(+)
diff --git a/arch/x86/include/asm/idtentry.h b/arch/x86/include/asm/idtentry.h
index 652fea10d377..45b47132be7c 100644
--- a/arch/x86/include/asm/idtentry.h
+++ b/arch/x86/include/asm/idtentry.h
@@ -13,6 +13,10 @@
#include <asm/irq_stack.h>
+#ifdef CONFIG_AMD_MEM_ENCRYPT
+noinstr void irqentry_exit_hv_cond(struct pt_regs *regs, irqentry_state_t state);
+#endif
+
/**
* DECLARE_IDTENTRY - Declare functions for simple IDT entry points
* No error code pushed by hardware
@@ -176,6 +180,7 @@ __visible noinstr void func(struct pt_regs *regs, unsigned long error_code)
#define DECLARE_IDTENTRY_IRQ(vector, func) \
DECLARE_IDTENTRY_ERRORCODE(vector, func)
+#ifndef CONFIG_AMD_MEM_ENCRYPT
/**
* DEFINE_IDTENTRY_IRQ - Emit code for device interrupt IDT entry points
* @func: Function name of the entry point
@@ -205,6 +210,26 @@ __visible noinstr void func(struct pt_regs *regs, \
} \
\
static noinline void __##func(struct pt_regs *regs, u32 vector)
+#else
+
+#define DEFINE_IDTENTRY_IRQ(func) \
+static void __##func(struct pt_regs *regs, u32 vector); \
+ \
+__visible noinstr void func(struct pt_regs *regs, \
+ unsigned long error_code) \
+{ \
+ irqentry_state_t state = irqentry_enter(regs); \
+ u32 vector = (u32)(u8)error_code; \
+ \
+ instrumentation_begin(); \
+ kvm_set_cpu_l1tf_flush_l1d(); \
+ run_irq_on_irqstack_cond(__##func, regs, vector); \
+ instrumentation_end(); \
+ irqentry_exit_hv_cond(regs, state); \
+} \
+ \
+static noinline void __##func(struct pt_regs *regs, u32 vector)
+#endif
/**
* DECLARE_IDTENTRY_SYSVEC - Declare functions for system vector entry points
@@ -221,6 +246,7 @@ static noinline void __##func(struct pt_regs *regs, u32 vector)
#define DECLARE_IDTENTRY_SYSVEC(vector, func) \
DECLARE_IDTENTRY(vector, func)
+#ifndef CONFIG_AMD_MEM_ENCRYPT
/**
* DEFINE_IDTENTRY_SYSVEC - Emit code for system vector IDT entry points
* @func: Function name of the entry point
@@ -245,6 +271,26 @@ __visible noinstr void func(struct pt_regs *regs) \
} \
\
static noinline void __##func(struct pt_regs *regs)
+#else
+
+#define DEFINE_IDTENTRY_SYSVEC(func) \
+static void __##func(struct pt_regs *regs); \
+ \
+__visible noinstr void func(struct pt_regs *regs) \
+{ \
+ irqentry_state_t state = irqentry_enter(regs); \
+ \
+ instrumentation_begin(); \
+ kvm_set_cpu_l1tf_flush_l1d(); \
+ run_sysvec_on_irqstack_cond(__##func, regs); \
+ instrumentation_end(); \
+ irqentry_exit_hv_cond(regs, state); \
+} \
+ \
+static noinline void __##func(struct pt_regs *regs)
+#endif
+
+#ifndef CONFIG_AMD_MEM_ENCRYPT
/**
* DEFINE_IDTENTRY_SYSVEC_SIMPLE - Emit code for simple system vector IDT
@@ -274,6 +320,26 @@ __visible noinstr void func(struct pt_regs *regs) \
} \
\
static __always_inline void __##func(struct pt_regs *regs)
+#else
+
+#define DEFINE_IDTENTRY_SYSVEC_SIMPLE(func) \
+static __always_inline void __##func(struct pt_regs *regs); \
+ \
+__visible noinstr void func(struct pt_regs *regs) \
+{ \
+ irqentry_state_t state = irqentry_enter(regs); \
+ \
+ instrumentation_begin(); \
+ __irq_enter_raw(); \
+ kvm_set_cpu_l1tf_flush_l1d(); \
+ __##func(regs); \
+ __irq_exit_raw(); \
+ instrumentation_end(); \
+ irqentry_exit_hv_cond(regs, state); \
+} \
+ \
+static __always_inline void __##func(struct pt_regs *regs)
+#endif
/**
* DECLARE_IDTENTRY_XENCB - Declare functions for XEN HV callback entry point
diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
index 5a2f59022c98..ef6a123c50fe 100644
--- a/arch/x86/kernel/sev.c
+++ b/arch/x86/kernel/sev.c
@@ -153,6 +153,10 @@ struct sev_hv_doorbell_page {
struct sev_snp_runtime_data {
struct sev_hv_doorbell_page hv_doorbell_page;
+ /*
+ * Indication that we are currently handling #HV events.
+ */
+ bool hv_handling_events;
};
static DEFINE_PER_CPU(struct sev_snp_runtime_data*, snp_runtime_data);
@@ -206,6 +210,8 @@ static void do_exc_hv(struct pt_regs *regs)
union hv_pending_events pending_events;
u8 vector;
+ this_cpu_read(snp_runtime_data)->hv_handling_events = true;
+
while (sev_hv_pending()) {
asm volatile("cli" : : : "memory");
@@ -244,6 +250,8 @@ static void do_exc_hv(struct pt_regs *regs)
asm volatile("sti" : : : "memory");
}
+
+ this_cpu_read(snp_runtime_data)->hv_handling_events = false;
}
void check_hv_pending(struct pt_regs *regs)
@@ -2541,3 +2549,25 @@ static int __init snp_init_platform_device(void)
return 0;
}
device_initcall(snp_init_platform_device);
+
+noinstr void irqentry_exit_hv_cond(struct pt_regs *regs, irqentry_state_t state)
+{
+ /*
+ * Check whether this returns to user mode, if so and if
+ * we are currently executing the #HV handler then we don't
+ * want to follow the irqentry_exit_to_user_mode path as
+ * that can potentially cause the #HV handler to be
+ * preempted and rescheduled on another CPU. Rescheduled #HV
+ * handler on another cpu will cause interrupts to be handled
+ * on a different cpu than the injected one, causing
+ * invalid EOIs and missed/lost guest interrupts and
+ * corresponding hangs and/or per-cpu IRQs handled on
+ * non-intended cpu.
+ */
+ if (user_mode(regs) &&
+ this_cpu_read(snp_runtime_data)->hv_handling_events)
+ return;
+
+ /* follow normal interrupt return/exit path */
+ irqentry_exit(regs, state);
+}
--
2.25.1
next prev parent reply other threads:[~2022-11-19 3:49 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-19 3:46 [RFC PATCH V2 00/18] x86/hyperv/sev: Add AMD sev-snp enlightened guest support on hyperv Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 01/18] x86/sev: Pvalidate memory gab for decompressing kernel Tianyu Lan
2022-11-29 12:56 ` Borislav Petkov
2022-11-29 14:42 ` Tianyu Lan
2022-11-29 15:22 ` Borislav Petkov
2022-12-28 19:15 ` Michael Kelley (LINUX)
2022-12-06 9:16 ` Gupta, Pankaj
2022-12-08 13:04 ` Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 02/18] x86/hyperv: Add sev-snp enlightened guest specific config Tianyu Lan
2022-12-12 17:56 ` Michael Kelley (LINUX)
2022-12-13 9:58 ` Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 03/18] x86/hyperv: apic change for sev-snp enlightened guest Tianyu Lan
2022-12-12 19:00 ` Michael Kelley (LINUX)
2022-11-19 3:46 ` [RFC PATCH V2 04/18] x86/hyperv: Decrypt hv vp assist page in " Tianyu Lan
2022-12-12 19:41 ` Michael Kelley (LINUX)
2022-12-13 15:21 ` Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 05/18] x86/hyperv: Get Virtual Trust Level via hvcall Tianyu Lan
2022-12-12 23:41 ` Michael Kelley (LINUX)
2022-11-19 3:46 ` [RFC PATCH V2 06/18] x86/hyperv: Use vmmcall to implement hvcall in sev-snp enlightened guest Tianyu Lan
2022-12-13 17:19 ` Michael Kelley (LINUX)
2022-12-14 16:02 ` Tianyu Lan
2023-01-09 7:24 ` Dexuan Cui
2022-11-19 3:46 ` [RFC PATCH V2 07/18] clocksource: hyper-v: decrypt hyperv tsc page " Tianyu Lan
2022-12-13 17:30 ` Michael Kelley (LINUX)
2022-12-14 16:05 ` Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 08/18] x86/hyperv: decrypt vmbus pages for " Tianyu Lan
2022-12-13 18:08 ` Michael Kelley (LINUX)
2022-12-26 4:19 ` Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 09/18] x86/hyperv: set target vtl in the vmbus init message Tianyu Lan
2022-12-14 18:12 ` Michael Kelley (LINUX)
2022-11-19 3:46 ` [RFC PATCH V2 10/18] drivers: hv: Decrypt percpu hvcall input arg page in sev-snp enlightened guest Tianyu Lan
2022-12-08 21:52 ` Dexuan Cui
2022-12-09 2:26 ` Tianyu Lan
2022-12-14 18:16 ` Michael Kelley (LINUX)
2022-12-26 7:26 ` Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 11/18] Drivers: hv: vmbus: Decrypt vmbus ring buffer Tianyu Lan
2022-12-14 18:25 ` Michael Kelley (LINUX)
2022-12-26 7:59 ` Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 12/18] x86/hyperv: Initialize cpu and memory for sev-snp enlightened guest Tianyu Lan
2022-12-28 17:07 ` Michael Kelley (LINUX)
2022-11-19 3:46 ` [RFC PATCH V2 13/18] x86/hyperv: Add smp support for sev-snp guest Tianyu Lan
2022-12-28 18:14 ` Michael Kelley (LINUX)
2022-11-19 3:46 ` [RFC PATCH V2 14/18] x86/hyperv: Add hyperv-specific hadling for VMMCALL under SEV-ES Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 15/18] x86/sev: Add a #HV exception handler Tianyu Lan
2023-01-10 12:47 ` Gupta, Pankaj
2023-01-10 13:43 ` Tianyu Lan
2023-01-12 7:43 ` Gupta, Pankaj
2022-11-19 3:46 ` [RFC PATCH V2 16/18] x86/sev: Initialize #HV doorbell and handle interrupt requests Tianyu Lan
2022-11-21 15:05 ` Kalra, Ashish
2022-11-22 13:46 ` Tianyu Lan
2022-11-22 19:17 ` Kalra, Ashish
2022-11-23 18:36 ` Tom Lendacky
2022-11-25 3:36 ` Tianyu Lan
2022-11-25 11:49 ` Christophe de Dinechin
2022-11-28 5:47 ` Tianyu Lan
2022-12-07 14:13 ` Gupta, Pankaj
2022-12-08 14:21 ` Tianyu Lan
2022-12-08 14:36 ` Gupta, Pankaj
2022-12-08 11:47 ` Gupta, Pankaj
2022-12-08 14:25 ` Tianyu Lan
2022-11-19 3:46 ` [RFC PATCH V2 17/18] x86/sev: optimize system vector processing invoked from #HV exception Tianyu Lan
2022-11-19 3:46 ` Tianyu Lan [this message]
2022-12-13 7:37 ` [RFC PATCH V2 18/18] x86/sev: Fix interrupt exit code paths " Gupta, Pankaj
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221119034633.1728632-19-ltykernel@gmail.com \
--to=ltykernel@gmail.com \
--cc=adrian.hunter@intel.com \
--cc=akpm@linux-foundation.org \
--cc=alexander.shishkin@linux.intel.com \
--cc=anshuman.khandual@arm.com \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=daniel.sneddon@linux.intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=fenghua.yu@intel.com \
--cc=hpa@zytor.com \
--cc=jgross@suse.com \
--cc=jiangshan.ljs@antgroup.com \
--cc=kirill@shutemov.name \
--cc=kvm@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=ray.huang@amd.com \
--cc=samitolvanen@google.com \
--cc=sandipan.das@amd.com \
--cc=seanjc@google.com \
--cc=srutherford@google.com \
--cc=sterritt@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tiala@microsoft.com \
--cc=tony.luck@intel.com \
--cc=venu.busireddy@oracle.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.