[PATCH] KVM: arm64: vgic-v5: Fold PPI state for all exposed PPIs

[Sascha Bischoff <Sascha.Bischoff@arm.com>]

GICv5 supports up to 128 PPIs, which would introduce a large amount of
overhead if all of them were actively tracked. Rather than keeping
track of all 128 potential PPIs, we instead only consider the set of
architected PPIs (the first 64). Moreover, we further reduce that set
by only exposing a subset of the PPIs to a guest. In practice, this
means that only 4 PPIs are typically exposed to a guest - the SW_PPI,
PMUIRQ, and the timers.

When folding the PPI state, changed bits in the active or pending were
used to choose which state to sync back. However, this breaks badly
for Edge interrupts when exiting the guest before it has consumed the
edge. There is no change in pending state detected, and the edge is
lost forever.

Given the reduced set of PPIs exposed to the guest, and the issues
around tracking the edges, drop the tracking of changed state, and
instead iterate over the limited subset of PPIs exposed to the guest
directly.

This change drops the second copy of the PPI pending state used for
detecting edges in the pending state, and reworks
vgic_v5_fold_ppi_state() to iterate over the VM's PPI mask instead.

Signed-off-by: Sascha Bischoff <sascha.bischoff@arm.com>
---
 arch/arm64/include/asm/kvm_host.h |  9 +--------
 arch/arm64/kvm/hyp/vgic-v5-sr.c   |  6 +++---
 arch/arm64/kvm/vgic/vgic-v5.c     | 28 +++++-----------------------
 3 files changed, 9 insertions(+), 34 deletions(-)

diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
index a7dc0aac3b934..729bd32207fa6 100644
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -803,14 +803,7 @@ struct kvm_host_data {
 
 	/* PPI state tracking for GICv5-based guests */
 	struct {
-		/*
-		 * For tracking the PPI pending state, we need both the entry
-		 * state and exit state to correctly detect edges as it is
-		 * possible that an interrupt has been injected in software in
-		 * the interim.
-		 */
-		DECLARE_BITMAP(pendr_entry, VGIC_V5_NR_PRIVATE_IRQS);
-		DECLARE_BITMAP(pendr_exit, VGIC_V5_NR_PRIVATE_IRQS);
+		DECLARE_BITMAP(pendr, VGIC_V5_NR_PRIVATE_IRQS);
 
 		/* The saved state of the regs when leaving the guest */
 		DECLARE_BITMAP(activer_exit, VGIC_V5_NR_PRIVATE_IRQS);
diff --git a/arch/arm64/kvm/hyp/vgic-v5-sr.c b/arch/arm64/kvm/hyp/vgic-v5-sr.c
index 2c4304ffa9f33..47e6bcd437029 100644
--- a/arch/arm64/kvm/hyp/vgic-v5-sr.c
+++ b/arch/arm64/kvm/hyp/vgic-v5-sr.c
@@ -37,7 +37,7 @@ void __vgic_v5_save_ppi_state(struct vgic_v5_cpu_if *cpu_if)
 
 	bitmap_write(host_data_ptr(vgic_v5_ppi_state)->activer_exit,
 		     read_sysreg_s(SYS_ICH_PPI_ACTIVER0_EL2), 0, 64);
-	bitmap_write(host_data_ptr(vgic_v5_ppi_state)->pendr_exit,
+	bitmap_write(host_data_ptr(vgic_v5_ppi_state)->pendr,
 		     read_sysreg_s(SYS_ICH_PPI_PENDR0_EL2), 0, 64);
 
 	cpu_if->vgic_ppi_priorityr[0] = read_sysreg_s(SYS_ICH_PPI_PRIORITYR0_EL2);
@@ -52,7 +52,7 @@ void __vgic_v5_save_ppi_state(struct vgic_v5_cpu_if *cpu_if)
 	if (VGIC_V5_NR_PRIVATE_IRQS == 128) {
 		bitmap_write(host_data_ptr(vgic_v5_ppi_state)->activer_exit,
 			     read_sysreg_s(SYS_ICH_PPI_ACTIVER1_EL2), 64, 64);
-		bitmap_write(host_data_ptr(vgic_v5_ppi_state)->pendr_exit,
+		bitmap_write(host_data_ptr(vgic_v5_ppi_state)->pendr,
 			     read_sysreg_s(SYS_ICH_PPI_PENDR1_EL2), 64, 64);
 
 		cpu_if->vgic_ppi_priorityr[8] = read_sysreg_s(SYS_ICH_PPI_PRIORITYR8_EL2);
@@ -87,7 +87,7 @@ void __vgic_v5_restore_ppi_state(struct vgic_v5_cpu_if *cpu_if)
 		       SYS_ICH_PPI_ENABLER0_EL2);
 
 	/* Update the pending state of the NON-DVI'd PPIs, only */
-	bitmap_andnot(pendr, host_data_ptr(vgic_v5_ppi_state)->pendr_entry,
+	bitmap_andnot(pendr, host_data_ptr(vgic_v5_ppi_state)->pendr,
 		      cpu_if->vgic_ppi_dvir, VGIC_V5_NR_PRIVATE_IRQS);
 	write_sysreg_s(bitmap_read(pendr, 0, 64), SYS_ICH_PPI_PENDR0_EL2);
 
diff --git a/arch/arm64/kvm/vgic/vgic-v5.c b/arch/arm64/kvm/vgic/vgic-v5.c
index 8680a8354db9d..fdd39ea7f83ec 100644
--- a/arch/arm64/kvm/vgic/vgic-v5.c
+++ b/arch/arm64/kvm/vgic/vgic-v5.c
@@ -385,24 +385,14 @@ bool vgic_v5_has_pending_ppi(struct kvm_vcpu *vcpu)
 void vgic_v5_fold_ppi_state(struct kvm_vcpu *vcpu)
 {
 	struct vgic_v5_cpu_if *cpu_if = &vcpu->arch.vgic_cpu.vgic_v5;
-	DECLARE_BITMAP(changed_active, VGIC_V5_NR_PRIVATE_IRQS);
-	DECLARE_BITMAP(changed_pending, VGIC_V5_NR_PRIVATE_IRQS);
-	DECLARE_BITMAP(changed_bits, VGIC_V5_NR_PRIVATE_IRQS);
-	unsigned long *activer, *pendr_entry, *pendr;
+	unsigned long *activer, *pendr;
 	int i;
 
 	activer = host_data_ptr(vgic_v5_ppi_state)->activer_exit;
-	pendr_entry = host_data_ptr(vgic_v5_ppi_state)->pendr_entry;
-	pendr = host_data_ptr(vgic_v5_ppi_state)->pendr_exit;
+	pendr = host_data_ptr(vgic_v5_ppi_state)->pendr;
 
-	bitmap_xor(changed_active, cpu_if->vgic_ppi_activer, activer,
-		   VGIC_V5_NR_PRIVATE_IRQS);
-	bitmap_xor(changed_pending, pendr_entry, pendr,
-		   VGIC_V5_NR_PRIVATE_IRQS);
-	bitmap_or(changed_bits, changed_active, changed_pending,
-		  VGIC_V5_NR_PRIVATE_IRQS);
-
-	for_each_set_bit(i, changed_bits, VGIC_V5_NR_PRIVATE_IRQS) {
+	for_each_set_bit(i, vcpu->kvm->arch.vgic.gicv5_vm.vgic_ppi_mask,
+			 VGIC_V5_NR_PRIVATE_IRQS) {
 		u32 intid = vgic_v5_make_ppi(i);
 		struct vgic_irq *irq;
 
@@ -462,15 +452,7 @@ void vgic_v5_flush_ppi_state(struct kvm_vcpu *vcpu)
 	 * incoming changes are merged with the outgoing changes on the return
 	 * path.
 	 */
-	bitmap_copy(host_data_ptr(vgic_v5_ppi_state)->pendr_entry, pendr,
-		    VGIC_V5_NR_PRIVATE_IRQS);
-
-	/*
-	 * Make sure that we can correctly detect "edges" in the PPI
-	 * state. There's a path where we never actually enter the guest, and
-	 * failure to do this risks losing pending state
-	 */
-	bitmap_copy(host_data_ptr(vgic_v5_ppi_state)->pendr_exit, pendr,
+	bitmap_copy(host_data_ptr(vgic_v5_ppi_state)->pendr, pendr,
 		    VGIC_V5_NR_PRIVATE_IRQS);
 }
 
-- 
2.34.1