From patchwork Tue Sep 3 14:29:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Graf X-Patchwork-Id: 11128073 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C05E214F7 for ; Tue, 3 Sep 2019 14:30:25 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id A039C23711 for ; Tue, 3 Sep 2019 14:30:25 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="macv1Uxw" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729719AbfICOaW (ORCPT ); Tue, 3 Sep 2019 10:30:22 -0400 Received: from smtp-fw-4101.amazon.com ([72.21.198.25]:62499 "EHLO smtp-fw-4101.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727667AbfICOaW (ORCPT ); Tue, 3 Sep 2019 10:30:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1567521020; x=1599057020; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=Y3tldZVleS6/uO69vfM735Y3BEnG4rxL1Yj6ScUvmq0=; b=macv1UxwCGEVyvQfJR/io6n5m1vjtuHFrPWhHECa/ZdGpUPIS0QA2ctk T85FmjZn+0dGo4Qo4RwCIJbDz3LeyR8IA/rvBzrgMLQz3Z42kyNvEzEwr c5yv93W1wqcm4XmphBm6g2A7wt5j/Js+N54EGBRYMRXfPBgw/DiViqCOo 0=; X-IronPort-AV: E=Sophos;i="5.64,463,1559520000"; d="scan'208";a="783035776" Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-2b-859fe132.us-west-2.amazon.com) ([10.124.125.6]) by smtp-border-fw-out-4101.iad4.amazon.com with ESMTP; 03 Sep 2019 14:30:18 +0000 Received: from EX13MTAUWC001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan2.pdx.amazon.com [10.170.41.162]) by email-inbound-relay-2b-859fe132.us-west-2.amazon.com (Postfix) with ESMTPS id 25247221C0E; Tue, 3 Sep 2019 14:30:17 +0000 (UTC) Received: from EX13D20UWC001.ant.amazon.com (10.43.162.244) by EX13MTAUWC001.ant.amazon.com (10.43.162.135) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 3 Sep 2019 14:30:08 +0000 Received: from u79c5a0a55de558.ant.amazon.com (10.43.162.242) by EX13D20UWC001.ant.amazon.com (10.43.162.244) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 3 Sep 2019 14:30:05 +0000 From: Alexander Graf To: CC: , , "H. Peter Anvin" , Borislav Petkov , Ingo Molnar , Thomas Gleixner , Joerg Roedel , Jim Mattson , Wanpeng Li , Vitaly Kuznetsov , "Sean Christopherson" , =?utf-8?b?UmFkaW0g?= =?utf-8?b?S3LEjW3DocWZ?= , Paolo Bonzini Subject: [PATCH 1/2] KVM: VMX: Disable posted interrupts for odd IRQs Date: Tue, 3 Sep 2019 16:29:53 +0200 Message-ID: <20190903142954.3429-2-graf@amazon.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190903142954.3429-1-graf@amazon.com> References: <20190903142954.3429-1-graf@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.242] X-ClientProxiedBy: EX13D27UWA002.ant.amazon.com (10.43.160.30) To EX13D20UWC001.ant.amazon.com (10.43.162.244) Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org We can easily route hardware interrupts directly into VM context when they target the "Fixed" or "LowPriority" delivery modes. However, on modes such as "SMI" or "Init", we need to go via KVM code to actually put the vCPU into a different mode of operation, so we can not post the interrupt Add code in the VMX PI logic to explicitly refuse to establish posted mappings for advanced IRQ deliver modes. This fixes a bug I have with code which configures real hardware to inject virtual SMIs into my guest. Signed-off-by: Alexander Graf Reviewed-by: Liran Alon --- arch/x86/kvm/vmx/vmx.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 570a233e272b..d16c4ae8f685 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7401,6 +7401,28 @@ static int vmx_update_pi_irte(struct kvm *kvm, unsigned int host_irq, continue; } + switch (irq.delivery_mode) { + case dest_Fixed: + case dest_LowestPrio: + break; + default: + /* + * For non-trivial interrupt events, we need to go + * through the full KVM IRQ code, so refuse to take + * any direct PI assignments here. + */ + + ret = irq_set_vcpu_affinity(host_irq, NULL); + if (ret < 0) { + printk(KERN_INFO + "failed to back to remapped mode, irq: %u\n", + host_irq); + goto out; + } + + continue; + } + vcpu_info.pi_desc_addr = __pa(vcpu_to_pi_desc(vcpu)); vcpu_info.vector = irq.vector; From patchwork Tue Sep 3 14:29:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Graf X-Patchwork-Id: 11128079 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A7DB81399 for ; Tue, 3 Sep 2019 14:30:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 8B4672377D for ; Tue, 3 Sep 2019 14:30:46 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="vfmCkPa9" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729580AbfICOaj (ORCPT ); Tue, 3 Sep 2019 10:30:39 -0400 Received: from smtp-fw-2101.amazon.com ([72.21.196.25]:30282 "EHLO smtp-fw-2101.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727667AbfICOai (ORCPT ); Tue, 3 Sep 2019 10:30:38 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1567521037; x=1599057037; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=TsVQ4YmQUOxpHUFBpHr6G7zfIEU+Q8EKLJiiqblwGRM=; b=vfmCkPa9b2A9Jz4PsTGp2yQ+T2ucJ4f6CmAb7GiZkUhXOI8Zqv6YTXne RFUQIXq/ToQiRX/KcQHY31bPy8QLBIGsGWGfQOjmZ8Yafg2NGltqn1vbk 3GPpnhYiVsUx2sQDKpQYUAPF0bCg0Q5UXMhk+VEyR8hOJgK6H0IP6ogNu o=; X-IronPort-AV: E=Sophos;i="5.64,463,1559520000"; d="scan'208";a="748773588" Received: from iad6-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-2a-538b0bfb.us-west-2.amazon.com) ([10.124.125.2]) by smtp-border-fw-out-2101.iad2.amazon.com with ESMTP; 03 Sep 2019 14:30:35 +0000 Received: from EX13MTAUWC001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan3.pdx.amazon.com [10.170.41.166]) by email-inbound-relay-2a-538b0bfb.us-west-2.amazon.com (Postfix) with ESMTPS id 3294EA2DEE; Tue, 3 Sep 2019 14:30:34 +0000 (UTC) Received: from EX13D20UWC001.ant.amazon.com (10.43.162.244) by EX13MTAUWC001.ant.amazon.com (10.43.162.135) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 3 Sep 2019 14:30:11 +0000 Received: from u79c5a0a55de558.ant.amazon.com (10.43.162.242) by EX13D20UWC001.ant.amazon.com (10.43.162.244) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 3 Sep 2019 14:30:08 +0000 From: Alexander Graf To: CC: , , "H. Peter Anvin" , Borislav Petkov , Ingo Molnar , Thomas Gleixner , Joerg Roedel , Jim Mattson , Wanpeng Li , Vitaly Kuznetsov , "Sean Christopherson" , =?utf-8?b?UmFkaW0g?= =?utf-8?b?S3LEjW3DocWZ?= , Paolo Bonzini Subject: [PATCH 2/2] KVM: SVM: Disable posted interrupts for odd IRQs Date: Tue, 3 Sep 2019 16:29:54 +0200 Message-ID: <20190903142954.3429-3-graf@amazon.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190903142954.3429-1-graf@amazon.com> References: <20190903142954.3429-1-graf@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.242] X-ClientProxiedBy: EX13D27UWA002.ant.amazon.com (10.43.160.30) To EX13D20UWC001.ant.amazon.com (10.43.162.244) Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org We can easily route hardware interrupts directly into VM context when they target the "Fixed" or "LowPriority" delivery modes. However, on modes such as "SMI" or "Init", we need to go via KVM code to actually put the vCPU into a different mode of operation, so we can not post the interrupt Add code in the SVM PI logic to explicitly refuse to establish posted mappings for advanced IRQ deliver modes. This fixes a bug I have with code which configures real hardware to inject virtual SMIs into my guest. Signed-off-by: Alexander Graf Reviewed-by: Liran Alon --- arch/x86/kvm/svm.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 1f220a85514f..9a6ea78c3239 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -5266,6 +5266,21 @@ get_pi_vcpu_info(struct kvm *kvm, struct kvm_kernel_irq_routing_entry *e, return -1; } + switch (irq.delivery_mode) { + case dest_Fixed: + case dest_LowestPrio: + break; + default: + /* + * For non-trivial interrupt events, we need to go + * through the full KVM IRQ code, so refuse to take + * any direct PI assignments here. + */ + pr_debug("SVM: %s: use legacy intr remap mode for irq %u\n", + __func__, irq.vector); + return -1; + } + pr_debug("SVM: %s: use GA mode for irq %u\n", __func__, irq.vector); *svm = to_svm(vcpu); @@ -5314,6 +5329,7 @@ static int svm_update_pi_irte(struct kvm *kvm, unsigned int host_irq, * 1. When cannot target interrupt to a specific vcpu. * 2. Unsetting posted interrupt. * 3. APIC virtialization is disabled for the vcpu. + * 4. IRQ has extended delivery mode (SMI, INIT, etc) */ if (!get_pi_vcpu_info(kvm, e, &vcpu_info, &svm) && set && kvm_vcpu_apicv_active(&svm->vcpu)) {