[PATCH 0/2] x86/hyper-v: cope with VP_INVAL in PV TLB flush code

[PATCH 0/2] x86/hyper-v: cope with VP_INVAL in PV TLB flush code

[Vitaly Kuznetsov]

Commit 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI
 enlightenment") made it possible to observe VP_INVAL returned from 
hv_cpu_number_to_vp_number() and cpumask_to_vpset() and PV TLB flush
code needs to be adjusted.

The window when VP_INVAL is observable is very short, I'm not even sure
we do TLB flushes during this period (secodary CPUs bringup on boot, there
is no CPU hotplug on Hyper-V yet). This, however, may change in future so
let's fix this now.

Thomas, Ingo: these patches are for 'tip/x86/hyperv'. I don't think we have
a real issue in 4.18 but I can definitely prepare fixes for it if you think
this is needed.

Vitaly Kuznetsov (2):
  x86/hyper-v: check cpumask_to_vpset() return value in
    hyperv_flush_tlb_others_ex()
  x86/hyper-v: check for VP_INVAL in hyperv_flush_tlb_others()

 arch/x86/hyperv/mmu.c | 7 +++++++
 1 file changed, 7 insertions(+)

-- 
2.14.4

[PATCH 1/2] x86/hyper-v: check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex()

[Vitaly Kuznetsov]

Commit 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI
enlightenment") made cpumask_to_vpset() return '-1' when there is a CPU
with unknown VP index in the supplied set. This needs to be checked before
we pass 'nr_bank' to hypercall.

Fixes: 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI enlightenment")
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
---
 arch/x86/hyperv/mmu.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/x86/hyperv/mmu.c b/arch/x86/hyperv/mmu.c
index 0d90e515ec98..453d2355cd61 100644
--- a/arch/x86/hyperv/mmu.c
+++ b/arch/x86/hyperv/mmu.c
@@ -186,6 +186,8 @@ static u64 hyperv_flush_tlb_others_ex(const struct cpumask *cpus,
 
 	flush->hv_vp_set.format = HV_GENERIC_SET_SPARSE_4K;
 	nr_bank = cpumask_to_vpset(&(flush->hv_vp_set), cpus);
+	if (nr_bank < 0)
+		return U64_MAX;
 
 	/*
 	 * We can flush not more than max_gvas with one hypercall. Flush the
-- 
2.14.4

RE: [PATCH 1/2] x86/hyper-v: check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex()

[Michael Kelley (EOSG)]

From: Vitaly Kuznetsov <vkuznets@redhat.com> Monday, July 9, 2018 10:40 AM
> Commit 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI
> enlightenment") made cpumask_to_vpset() return '-1' when there is a CPU
> with unknown VP index in the supplied set. This needs to be checked before
> we pass 'nr_bank' to hypercall.
> 
> Fixes: 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI enlightenment")
> Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
> ---
>  arch/x86/hyperv/mmu.c | 2 ++
>  1 file changed, 2 insertions(+)

Reviewed-by: Michael Kelley <mikelley@microsoft.com>

[tip:x86/hyperv] x86/hyper-v: Check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex()

[tip-bot for Vitaly Kuznetsov]

Commit-ID:  0f0caa52cd4a48a44f6cdc77bf83272bbb450727
Gitweb:     https://git.kernel.org/tip/0f0caa52cd4a48a44f6cdc77bf83272bbb450727
Author:     Vitaly Kuznetsov <vkuznets@redhat.com>
AuthorDate: Mon, 9 Jul 2018 19:40:11 +0200
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Mon, 16 Jul 2018 11:19:48 +0200

x86/hyper-v: Check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex()

Commit 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI
enlightenment") made cpumask_to_vpset() return '-1' when there is a CPU
with unknown VP index in the supplied set. This needs to be checked before
we pass 'nr_bank' to hypercall.

Fixes: 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI enlightenment")
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Michael Kelley <mikelley@microsoft.com>
Cc: "K. Y. Srinivasan" <kys@microsoft.com>
Cc: Haiyang Zhang <haiyangz@microsoft.com>
Cc: Stephen Hemminger <sthemmin@microsoft.com>
Cc: "Michael Kelley (EOSG)" <Michael.H.Kelley@microsoft.com>
Cc: devel@linuxdriverproject.org
Cc: "H. Peter Anvin" <hpa@zytor.com>
Link: https://lkml.kernel.org/r/20180709174012.17429-2-vkuznets@redhat.com

---
 arch/x86/hyperv/mmu.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/x86/hyperv/mmu.c b/arch/x86/hyperv/mmu.c
index 0d90e515ec98..453d2355cd61 100644
--- a/arch/x86/hyperv/mmu.c
+++ b/arch/x86/hyperv/mmu.c
@@ -186,6 +186,8 @@ static u64 hyperv_flush_tlb_others_ex(const struct cpumask *cpus,
 
 	flush->hv_vp_set.format = HV_GENERIC_SET_SPARSE_4K;
 	nr_bank = cpumask_to_vpset(&(flush->hv_vp_set), cpus);
+	if (nr_bank < 0)
+		return U64_MAX;
 
 	/*
 	 * We can flush not more than max_gvas with one hypercall. Flush the

[PATCH 2/2] x86/hyper-v: check for VP_INVAL in hyperv_flush_tlb_others()

[Vitaly Kuznetsov]

Commit 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI
 enlightenment") pre-filled hv_vp_index with VP_INVAL so it is now
(theoretically) possible to observe hv_cpu_number_to_vp_number()
returning VP_INVAL. We need to check for that in hyperv_flush_tlb_others().

Not checking for VP_INVAL on the first call site where we do

 if (hv_cpu_number_to_vp_number(cpumask_last(cpus)) >= 64)
                        goto do_ex_hypercall;

is OK, in case we're eligible for non-ex hypercall we'll catch the
issue later in for_each_cpu() cycle and in case we'll be doing ex-
hypercall cpumask_to_vpset() will fail.

It would be nice to change hv_cpu_number_to_vp_number() return
value's type to 'u32' but this will likely be a bigger change as
all call sites need to be checked first.

Fixes: 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI enlightenment")
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
---
 arch/x86/hyperv/mmu.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/arch/x86/hyperv/mmu.c b/arch/x86/hyperv/mmu.c
index 453d2355cd61..1147e1fed7ff 100644
--- a/arch/x86/hyperv/mmu.c
+++ b/arch/x86/hyperv/mmu.c
@@ -111,6 +111,11 @@ static void hyperv_flush_tlb_others(const struct cpumask *cpus,
 
 		for_each_cpu(cpu, cpus) {
 			vcpu = hv_cpu_number_to_vp_number(cpu);
+			if (vcpu == VP_INVAL) {
+				local_irq_restore(flags);
+				goto do_native;
+			}
+
 			if (vcpu >= 64)
 				goto do_ex_hypercall;
 
-- 
2.14.4

RE: [PATCH 2/2] x86/hyper-v: check for VP_INVAL in hyperv_flush_tlb_others()

[Michael Kelley (EOSG)]

From: Vitaly Kuznetsov <vkuznets@redhat.com>  Monday, July 9, 2018 10:40 AM
> Commit 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI
>  enlightenment") pre-filled hv_vp_index with VP_INVAL so it is now
> (theoretically) possible to observe hv_cpu_number_to_vp_number()
> returning VP_INVAL. We need to check for that in hyperv_flush_tlb_others().
> 
> Not checking for VP_INVAL on the first call site where we do
> 
>  if (hv_cpu_number_to_vp_number(cpumask_last(cpus)) >= 64)
>                         goto do_ex_hypercall;
> 
> is OK, in case we're eligible for non-ex hypercall we'll catch the
> issue later in for_each_cpu() cycle and in case we'll be doing ex-
> hypercall cpumask_to_vpset() will fail.
> 
> It would be nice to change hv_cpu_number_to_vp_number() return
> value's type to 'u32' but this will likely be a bigger change as
> all call sites need to be checked first.
> 
> Fixes: 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI enlightenment")
> Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
> ---
>  arch/x86/hyperv/mmu.c | 5 +++++
>  1 file changed, 5 insertions(+)

Reviewed-by: Michael Kelley <mikelley@microsoft.com>

[tip:x86/hyperv] x86/hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others()

[tip-bot for Vitaly Kuznetsov]

Commit-ID:  110d2a7fc39725d2c29d2fede4f34a35a4f98882
Gitweb:     https://git.kernel.org/tip/110d2a7fc39725d2c29d2fede4f34a35a4f98882
Author:     Vitaly Kuznetsov <vkuznets@redhat.com>
AuthorDate: Mon, 9 Jul 2018 19:40:12 +0200
Committer:  Thomas Gleixner <tglx@linutronix.de>
CommitDate: Mon, 16 Jul 2018 11:19:49 +0200

x86/hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others()

Commit 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI
 enlightenment") pre-filled hv_vp_index with VP_INVAL so it is now
(theoretically) possible to observe hv_cpu_number_to_vp_number()
returning VP_INVAL. We need to check for that in hyperv_flush_tlb_others().

Not checking for VP_INVAL on the first call site where we do

 if (hv_cpu_number_to_vp_number(cpumask_last(cpus)) >= 64)
                        goto do_ex_hypercall;

is OK, in case we're eligible for non-ex hypercall we'll catch the
issue later in for_each_cpu() cycle and in case we'll be doing ex-
hypercall cpumask_to_vpset() will fail.

It would be nice to change hv_cpu_number_to_vp_number() return
value's type to 'u32' but this will likely be a bigger change as
all call sites need to be checked first.

Fixes: 1268ed0c474a ("x86/hyper-v: Fix the circular dependency in IPI enlightenment")
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Michael Kelley <mikelley@microsoft.com>
Cc: "K. Y. Srinivasan" <kys@microsoft.com>
Cc: Haiyang Zhang <haiyangz@microsoft.com>
Cc: Stephen Hemminger <sthemmin@microsoft.com>
Cc: "Michael Kelley (EOSG)" <Michael.H.Kelley@microsoft.com>
Cc: devel@linuxdriverproject.org
Cc: "H. Peter Anvin" <hpa@zytor.com>
Link: https://lkml.kernel.org/r/20180709174012.17429-3-vkuznets@redhat.com

---
 arch/x86/hyperv/mmu.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/arch/x86/hyperv/mmu.c b/arch/x86/hyperv/mmu.c
index 453d2355cd61..1147e1fed7ff 100644
--- a/arch/x86/hyperv/mmu.c
+++ b/arch/x86/hyperv/mmu.c
@@ -111,6 +111,11 @@ static void hyperv_flush_tlb_others(const struct cpumask *cpus,
 
 		for_each_cpu(cpu, cpus) {
 			vcpu = hv_cpu_number_to_vp_number(cpu);
+			if (vcpu == VP_INVAL) {
+				local_irq_restore(flags);
+				goto do_native;
+			}
+
 			if (vcpu >= 64)
 				goto do_ex_hypercall;