From patchwork Sun Nov 21 12:54:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: David Woodhouse X-Patchwork-Id: 12693209 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 16025C433FE for ; Sun, 21 Nov 2021 12:57:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=PptaV+Q5VJ2hIoDI798+vfB32BDChJbGef2sWPuX/10=; b=ogWWKdZ/4aJ0/9 vxSBkRFR51b0MHN1rMJcaAruck7FVlN8yrvABLvcbVN/rs+pOtFLmd6/Pw6Mao+hK2SXa9h9sVU3r 7r5AdhRvl6QonnoBJcbd6dmjH2+I1V/2YwYJKW4c/esOmTQOblbAVh32gWm7VRRf2/nV5EHanukTW +1YUn7i/dSTukmnmf5OJ7YT4bx84KxQxY4+cyELBKgjL1MztlqsvXLNZw5Fnq/ph9xj5c6G8/pv7G 91SS9ZB9td//N+qFhD0OLtFE5ZveVfY5fYmCB/zmfOwjEJkgNaopg8iGOSMLdYIOuhhRLK7sVTbgj /NucjKIhGO4/9nL55i4g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1momNa-00DchH-VX; Sun, 21 Nov 2021 12:55:35 +0000 Received: from casper.infradead.org ([2001:8b0:10b:1236::1]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1momNC-00DcZe-QK; Sun, 21 Nov 2021 12:55:10 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:MIME-Version:Message-Id:Date:Subject:Cc:To:From:Reply-To: Content-ID:Content-Description:In-Reply-To:References; bh=IgNSXNY2TpIuc5DjPBel8XiPwVYxmuy/OdeenPYbteI=; b=Vu9vRhXy7bRTzRn551qpp2Sl2x zCtr/gMJ4DW8RwOHmzxJxzo7vDlzWes4Hqvf8OhYVQvu8TgUnPYAkp+B7dwWJGxd4qa98SoZOYuWV 5bhHnd4moc54T+xIGj//+Ct1psMVjPk+Pdg32UPn83uTEm30Y2xWCWDUWG7zzQA8A9jiya3kArabf lHB8fd0S9GhuLNI6EX6C0akf58/mnAKpVwdY1c0zqvxOiNqI8W9eVWQtmP2IMzGzdVo5+UUmKjlgh pghg+NjWVpziG/dkvqPqodD+6axkmt7LKPKsHXKEoxT0UziAnHuI2HqKcy6sNMq8iwkWYu+xYx/tX kWDa6thg==; Received: from i7.infradead.org ([2001:8b0:10b:1:21e:67ff:fecb:7a92]) by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1momMv-00C3xt-Mo; Sun, 21 Nov 2021 12:54:54 +0000 Received: from dwoodhou by i7.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1momMv-0002Vv-R2; Sun, 21 Nov 2021 12:54:53 +0000 From: David Woodhouse To: Paolo Bonzini , kvm Cc: Boris Ostrovsky , Joao Martins , "jmattson @ google . com" , "wanpengli @ tencent . com" , "seanjc @ google . com" , "vkuznets @ redhat . com" , "mtosatti @ redhat . com" , "joro @ 8bytes . org" , karahmed@amazon.com, Marc Zyngier , James Morse , Alexandru Elisei , Suzuki K Poulose , Catalin Marinas , Will Deacon , Huacai Chen , Aleksandar Markovic , Michael Ellerman , Benjamin Herrenschmidt , Anup Patel , Christian Borntraeger , kvmarm@lists.cs.columbia.edu, linux-arm-kernel , linux-mips@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm-riscv@lists.infradead.org, linux-s390@vger.kernel.org, butt3rflyh4ck Subject: [PATCH v5 00/12] KVM: x86/xen: Add in-kernel Xen event channel delivery Date: Sun, 21 Nov 2021 12:54:39 +0000 Message-Id: <20211121125451.9489-1-dwmw2@infradead.org> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 X-SRS-Rewrite: SMTP reverse-path rewritten from by casper.infradead.org. See http://www.infradead.org/rpr.html X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Introduce the basic concept of 2 level event channels for kernel delivery, which is just a simple matter of a few test_and_set_bit calls on a mapped shared info page. This can be used for routing MSI of passthrough devices to PIRQ event channels in a Xen guest, and we can build on it for delivering IPIs and timers directly from the kernel too. v1: Use kvm_map_gfn() although I didn't quite see how it works. v2: Avoid kvm_map_gfn() and implement a safe mapping with invalidation support for myself. v3: Reinvent gfn_to_pfn_cache with sane invalidation semantics, for my use case as well as nesting. v4: Rework dirty handling, as it became apparently that we need an active vCPU context to mark pages dirty so it can't be done from the MMU notifier duing the invalidation; it has to happen on unmap. v5: Fix sparse warnings reported by kernel test robot . Fix revalidation when memslots change but the resulting HVA stays the same. We can use the same kernel mapping in that case, if the HVA → PFN translation was valid before. So that probably means we shouldn't unmap the "old_hva". Augment the test case to exercise that one too. Include the fix for the dirty ring vs. Xen shinfo oops reported by butt3rflyh4ck . As in the previous two rounds, the last patch (this time patch 12) is included as illustration of how we *might* use this for fixing the UAF bugs in nesting, but isn't intended to be applied as-is. Patches 1-11 are. David Woodhouse (12): KVM: Introduce CONFIG_HAVE_KVM_DIRTY_RING KVM: Add Makefile.kvm for common files, use it for x86 KVM: s390: Use Makefile.kvm for common files KVM: mips: Use Makefile.kvm for common files KVM: RISC-V: Use Makefile.kvm for common files KVM: powerpc: Use Makefile.kvm for common files KVM: arm64: Use Makefile.kvm for common files KVM: Reinstate gfn_to_pfn_cache with invalidation support KVM: x86/xen: Maintain valid mapping of Xen shared_info page KVM: x86/xen: Add KVM_IRQ_ROUTING_XEN_EVTCHN and event channel delivery KVM: x86: Fix wall clock writes in Xen shared_info not to mark page dirty KVM: x86: First attempt at converting nested virtual APIC page to gpc Documentation/virt/kvm/api.rst | 33 ++ arch/arm64/kvm/Makefile | 6 +- arch/mips/kvm/Makefile | 3 +- arch/powerpc/kvm/Makefile | 6 +- arch/riscv/kvm/Makefile | 6 +- arch/s390/kvm/Makefile | 6 +- arch/x86/include/asm/kvm_host.h | 4 +- arch/x86/kvm/Kconfig | 2 + arch/x86/kvm/Makefile | 7 +- arch/x86/kvm/irq_comm.c | 12 + arch/x86/kvm/vmx/nested.c | 50 ++- arch/x86/kvm/vmx/vmx.c | 12 +- arch/x86/kvm/vmx/vmx.h | 2 +- arch/x86/kvm/x86.c | 15 +- arch/x86/kvm/x86.h | 1 - arch/x86/kvm/xen.c | 341 +++++++++++++++++++-- arch/x86/kvm/xen.h | 9 + include/linux/kvm_dirty_ring.h | 8 +- include/linux/kvm_host.h | 110 +++++++ include/linux/kvm_types.h | 18 ++ include/uapi/linux/kvm.h | 11 + .../testing/selftests/kvm/x86_64/xen_shinfo_test.c | 184 ++++++++++- virt/kvm/Kconfig | 6 + virt/kvm/Makefile.kvm | 14 + virt/kvm/dirty_ring.c | 2 +- virt/kvm/kvm_main.c | 16 +- virt/kvm/kvm_mm.h | 44 +++ virt/kvm/mmu_lock.h | 23 -- virt/kvm/pfncache.c | 323 +++++++++++++++++++ 29 files changed, 1173 insertions(+), 101 deletions(-)