- * [PATCH 1/2] KVM: arm/arm64: Fix reference to uninitialised VGIC
  2016-02-11 15:59 [PULL] KVM/ARM fixes for 4.5-rc4 Marc Zyngier
@ 2016-02-11 15:59 ` Marc Zyngier
  2016-02-11 15:59 ` [PATCH 2/2] arm64: KVM: Configure TCR_EL2.PS at runtime Marc Zyngier
  2016-02-11 21:47 ` [PULL] KVM/ARM fixes for 4.5-rc4 Paolo Bonzini
  2 siblings, 0 replies; 4+ messages in thread
From: Marc Zyngier @ 2016-02-11 15:59 UTC (permalink / raw)
  To: Paolo Bonzini
  Cc: Andre Przywara, Cosmin Gorgovan, Christoffer Dall,
	Tirumalesh Chalamarla, linux-arm-kernel, kvm, kvmarm,
	Gleb Natapov
From: Andre Przywara <andre.przywara@arm.com>
Commit 4b4b4512da2a ("arm/arm64: KVM: Rework the arch timer to use
level-triggered semantics") brought the virtual architected timer
closer to the VGIC. There is one occasion were we don't properly
check for the VGIC actually having been initialized before, but
instead go on to check the active state of some IRQ number.
If userland hasn't instantiated a virtual GIC, we end up with a
kernel NULL pointer dereference:
=========
Unable to handle kernel NULL pointer dereference at virtual address 00000000
pgd = ffffffc9745c5000
[00000000] *pgd=00000009f631e003, *pud=00000009f631e003, *pmd=0000000000000000
Internal error: Oops: 96000006 [#2] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 2144 Comm: kvm_simplest-ar Tainted: G      D 4.5.0-rc2+ #1300
Hardware name: ARM Juno development board (r1) (DT)
task: ffffffc976da8000 ti: ffffffc976e28000 task.ti: ffffffc976e28000
PC is at vgic_bitmap_get_irq_val+0x78/0x90
LR is at kvm_vgic_map_is_active+0xac/0xc8
pc : [<ffffffc0000b7e28>] lr : [<ffffffc0000b972c>] pstate: 20000145
....
=========
Fix this by bailing out early of kvm_timer_flush_hwstate() if we don't
have a VGIC at all.
Reported-by: Cosmin Gorgovan <cosmin@linux-geek.org>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Cc: <stable@vger.kernel.org> # 4.4.x
---
 virt/kvm/arm/arch_timer.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/virt/kvm/arm/arch_timer.c b/virt/kvm/arm/arch_timer.c
index 69bca18..ea60646 100644
--- a/virt/kvm/arm/arch_timer.c
+++ b/virt/kvm/arm/arch_timer.c
@@ -143,7 +143,7 @@ static void kvm_timer_update_irq(struct kvm_vcpu *vcpu, bool new_level)
  * Check if there was a change in the timer state (should we raise or lower
  * the line level to the GIC).
  */
-static void kvm_timer_update_state(struct kvm_vcpu *vcpu)
+static int kvm_timer_update_state(struct kvm_vcpu *vcpu)
 {
 	struct arch_timer_cpu *timer = &vcpu->arch.timer_cpu;
 
@@ -154,10 +154,12 @@ static void kvm_timer_update_state(struct kvm_vcpu *vcpu)
 	 * until we call this function from kvm_timer_flush_hwstate.
 	 */
 	if (!vgic_initialized(vcpu->kvm))
-	    return;
+		return -ENODEV;
 
 	if (kvm_timer_should_fire(vcpu) != timer->irq.level)
 		kvm_timer_update_irq(vcpu, !timer->irq.level);
+
+	return 0;
 }
 
 /*
@@ -218,7 +220,8 @@ void kvm_timer_flush_hwstate(struct kvm_vcpu *vcpu)
 	bool phys_active;
 	int ret;
 
-	kvm_timer_update_state(vcpu);
+	if (kvm_timer_update_state(vcpu))
+		return;
 
 	/*
 	* If we enter the guest with the virtual input level to the VGIC
-- 
2.1.4
^ permalink raw reply related	[flat|nested] 4+ messages in thread
- * [PATCH 2/2] arm64: KVM: Configure TCR_EL2.PS at runtime
  2016-02-11 15:59 [PULL] KVM/ARM fixes for 4.5-rc4 Marc Zyngier
  2016-02-11 15:59 ` [PATCH 1/2] KVM: arm/arm64: Fix reference to uninitialised VGIC Marc Zyngier
@ 2016-02-11 15:59 ` Marc Zyngier
  2016-02-11 21:47 ` [PULL] KVM/ARM fixes for 4.5-rc4 Paolo Bonzini
  2 siblings, 0 replies; 4+ messages in thread
From: Marc Zyngier @ 2016-02-11 15:59 UTC (permalink / raw)
  To: Paolo Bonzini
  Cc: Tirumalesh Chalamarla, Christoffer Dall, Andre Przywara,
	Cosmin Gorgovan, linux-arm-kernel, kvm, kvmarm, Gleb Natapov
From: Tirumalesh Chalamarla <tchalamarla@caviumnetworks.com>
Setting TCR_EL2.PS to 40 bits is wrong on systems with less that
less than 40 bits of physical addresses. and breaks KVM on systems
where the RAM is above 40 bits.
This patch uses ID_AA64MMFR0_EL1.PARange to set TCR_EL2.PS dynamically,
just like we already do for VTCR_EL2.PS.
[Marc: rewrote commit message, patch tidy up]
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Tirumalesh Chalamarla <tchalamarla@caviumnetworks.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
 arch/arm64/include/asm/kvm_arm.h |  2 --
 arch/arm64/kvm/hyp-init.S        | 12 +++++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/arch/arm64/include/asm/kvm_arm.h b/arch/arm64/include/asm/kvm_arm.h
index bef6e92..d201d4b 100644
--- a/arch/arm64/include/asm/kvm_arm.h
+++ b/arch/arm64/include/asm/kvm_arm.h
@@ -107,8 +107,6 @@
 #define TCR_EL2_MASK	(TCR_EL2_TG0 | TCR_EL2_SH0 | \
 			 TCR_EL2_ORGN0 | TCR_EL2_IRGN0 | TCR_EL2_T0SZ)
 
-#define TCR_EL2_FLAGS	(TCR_EL2_RES1 | TCR_EL2_PS_40B)
-
 /* VTCR_EL2 Registers bits */
 #define VTCR_EL2_RES1		(1 << 31)
 #define VTCR_EL2_PS_MASK	(7 << 16)
diff --git a/arch/arm64/kvm/hyp-init.S b/arch/arm64/kvm/hyp-init.S
index 3e568dc..d073b5a 100644
--- a/arch/arm64/kvm/hyp-init.S
+++ b/arch/arm64/kvm/hyp-init.S
@@ -64,7 +64,7 @@ __do_hyp_init:
 	mrs	x4, tcr_el1
 	ldr	x5, =TCR_EL2_MASK
 	and	x4, x4, x5
-	ldr	x5, =TCR_EL2_FLAGS
+	mov	x5, #TCR_EL2_RES1
 	orr	x4, x4, x5
 
 #ifndef CONFIG_ARM64_VA_BITS_48
@@ -85,15 +85,17 @@ __do_hyp_init:
 	ldr_l	x5, idmap_t0sz
 	bfi	x4, x5, TCR_T0SZ_OFFSET, TCR_TxSZ_WIDTH
 #endif
-	msr	tcr_el2, x4
-
-	ldr	x4, =VTCR_EL2_FLAGS
 	/*
 	 * Read the PARange bits from ID_AA64MMFR0_EL1 and set the PS bits in
-	 * VTCR_EL2.
+	 * TCR_EL2 and VTCR_EL2.
 	 */
 	mrs	x5, ID_AA64MMFR0_EL1
 	bfi	x4, x5, #16, #3
+
+	msr	tcr_el2, x4
+
+	ldr	x4, =VTCR_EL2_FLAGS
+	bfi	x4, x5, #16, #3
 	/*
 	 * Read the VMIDBits bits from ID_AA64MMFR1_EL1 and set the VS bit in
 	 * VTCR_EL2.
-- 
2.1.4
^ permalink raw reply related	[flat|nested] 4+ messages in thread 
- * Re: [PULL] KVM/ARM fixes for 4.5-rc4
  2016-02-11 15:59 [PULL] KVM/ARM fixes for 4.5-rc4 Marc Zyngier
  2016-02-11 15:59 ` [PATCH 1/2] KVM: arm/arm64: Fix reference to uninitialised VGIC Marc Zyngier
  2016-02-11 15:59 ` [PATCH 2/2] arm64: KVM: Configure TCR_EL2.PS at runtime Marc Zyngier
@ 2016-02-11 21:47 ` Paolo Bonzini
  2 siblings, 0 replies; 4+ messages in thread
From: Paolo Bonzini @ 2016-02-11 21:47 UTC (permalink / raw)
  To: Marc Zyngier
  Cc: Christoffer Dall, Andre Przywara, Cosmin Gorgovan,
	Tirumalesh Chalamarla, linux-arm-kernel, kvm, kvmarm,
	Gleb Natapov
On 11/02/2016 16:59, Marc Zyngier wrote:
> Hi Paolo,
> 
> Please find below the KVM/ARM updates for 4.5-rc4. One fix for the
> timer, and another for the HYP MMU setup.
> 
> Please pull!
> 
> Thanks,
> 
> 	M.
> 
> The following changes since commit 6327f35a2010c06a3bc2bfb14202a38764fb9920:
> 
>   arm64: KVM: Fix guest dead loop when register accessor returns false (2016-01-24 21:56:01 +0000)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git tags/kvm-arm-for-4.5-rc4
> 
> for you to fetch changes up to 3c5b1d92b3b02be07873d611a27950addff544d3:
> 
>   arm64: KVM: Configure TCR_EL2.PS at runtime (2016-02-11 13:16:47 +0000)
> 
> ----------------------------------------------------------------
> KVM/ARM fixes for 4.5-rc4
> 
> - Fix for an unpleasant crash when the VM is created without a timer
> - Allow HYP mode to access the full PA space, and not only 40bit
> 
> ----------------------------------------------------------------
> Andre Przywara (1):
>       KVM: arm/arm64: Fix reference to uninitialised VGIC
> 
> Tirumalesh Chalamarla (1):
>       arm64: KVM: Configure TCR_EL2.PS at runtime
> 
>  arch/arm64/include/asm/kvm_arm.h |  2 --
>  arch/arm64/kvm/hyp-init.S        | 12 +++++++-----
>  virt/kvm/arm/arch_timer.c        |  9 ++++++---
>  3 files changed, 13 insertions(+), 10 deletions(-)
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
Pulled, thanks (but I'll probably delay it to rc5).
Paolo
^ permalink raw reply	[flat|nested] 4+ messages in thread