From patchwork Sat Jan 18 00:55:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944072 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CDBDBFC08 for ; Sat, 18 Jan 2025 00:55:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161759; cv=none; b=JpGWvDe9ycVn8iL7yrRKKlFp4IRhXr8+cWNy2mKOQiUG+EUHVYseBMAkn6tNOypGLh6T1iHOMHmUbGC6MiZv2xKy5wve6uL/ygy5B7nC6x3XiYLcw2wIA4YNWsz+nwTDKda/SaDEHFICB0ZZZU9KiZHcPYrEEm7JdF8YVTeeQIw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161759; c=relaxed/simple; bh=3W53J50+PZqHyOi55W21xUUEtSE7zym4UMN7fIOYvUU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=XCwGlD2WMJ3TI3NJnqUS5mEyL781VaPT+kmoV/flJ+09S2KSmsSaOpn312CdHlzGB+BNScuLgNLlS/186K7e14eGCNhBcALkOLUdVjeYpHzOzKQyQ8G+13je+KD0CW7Jtk+DpJySKpGJvWzjGCh5+o8tA26cyzwQXF/a6lHO+Mw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=fOl8pk3G; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="fOl8pk3G" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2163dc0f5dbso52507715ad.2 for ; Fri, 17 Jan 2025 16:55:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161757; x=1737766557; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=w3jKkxzKwjJ8beEIQ08OLVGokkXfzypP1bi1T3wcCZk=; b=fOl8pk3GeIhpBhmTBcUxejdcBwyvnm8a2Hw85KbH0PzW/a23oOIkq4QW7LLvYKtA1J dvGrMXLOowC/swIsWYXAIs4hhEQL6eQbrkuEq4gum3QeNlZ+rbr+ul32LhUhbfiaMgXR PTlrnNZmEmXxI7S97EJqftcCNSugoc/V22uOjhgepi6nLNIpG00zVX1k/szjd+efQkEx 93U9iClKWDJPoiPHmdR4GNqnlCPkqCES2/Pewtb43rEjA42DAEp8v+v1gXXBW3iKdp++ sHT/Zlj5nx15orHH0Hvj2NKSeCDn3ZX/E1VT9/9idDwp3Et3nO+LrYE/DQIH45+FFiqC I5Bg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161757; x=1737766557; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=w3jKkxzKwjJ8beEIQ08OLVGokkXfzypP1bi1T3wcCZk=; b=WnX4qxlO34ondJA156pUU5nox8pBAyD+W0c3odVFs/ptAl2bjKwi59/6psQjQZrIr3 c86TfGrNl+rqewBpYAgv+dX1xJqUv6E42mf565H0tfkRc24as4o4ddYzJEmCm6cPtptf YFwVLn74+GLhOR34a/GXg1PFVsf+C/k1a/9cI+qwA1uaMRjk12i3hBTLyJuNc5dDRRM8 5vsHfQ73shEl/4zqeTQtBWPyyLQP/kkIsUDw4XZqKRfWUTjb+EkfG38s2cxa5rlQAQ7y 7VBJPdlrlUAUYO6afHE4PbgUIzBywGBR/vAoQR/RLHZQk42XA+O5/Z/dI5D49oPRTMWq plUQ== X-Gm-Message-State: AOJu0Yy2dLf0mPVCO7HJGw+6GJJKx9WFjJ1HWxadMLOYz+YP29ivs0Qx gNCeBhic5IY/5QrgdZjnkbPtrb2dKsjD6YXy6n8eBpkgjWTkfE3BC8qRXA7cynHzp/BcCURrqO5 iHg== X-Google-Smtp-Source: AGHT+IHDT9joR9cdsp+VvTozeNXaSD2eBRPEOZSTTQK4J+0dAHY/ZBseFJage8oAqq/8EXcrwND5x/Ijih8= X-Received: from plhs6.prod.google.com ([2002:a17:903:3206:b0:216:69eb:bd08]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:2342:b0:216:725c:a137 with SMTP id d9443c01a7336-21c3556b038mr70332835ad.28.1737161757140; Fri, 17 Jan 2025 16:55:57 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:43 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-2-seanjc@google.com> Subject: [PATCH 01/10] KVM: x86: Don't take kvm->lock when iterating over vCPUs in suspend notifier From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov When queueing vCPU PVCLOCK updates in response to SUSPEND or HIBERNATE, don't take kvm->lock as doing so can trigger a largely theoretical deadlock, it is perfectly safe to iterate over the xarray of vCPUs without holding kvm->lock, and kvm->lock doesn't protect kvm_set_guest_paused() in any way (pv_time.active and pvclock_set_guest_stopped_request are protected by vcpu->mutex, not kvm->lock). Reported-by: syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/677c0f36.050a0220.3b3668.0014.GAE@google.com Fixes: 7d62874f69d7 ("kvm: x86: implement KVM PM-notifier") Signed-off-by: Sean Christopherson Reviewed-by: Paul Durrant --- arch/x86/kvm/x86.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index b2d9a16fd4d3..26e18c9b0375 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -6907,7 +6907,6 @@ static int kvm_arch_suspend_notifier(struct kvm *kvm) unsigned long i; int ret = 0; - mutex_lock(&kvm->lock); kvm_for_each_vcpu(i, vcpu, kvm) { if (!vcpu->arch.pv_time.active) continue; @@ -6919,7 +6918,6 @@ static int kvm_arch_suspend_notifier(struct kvm *kvm) break; } } - mutex_unlock(&kvm->lock); return ret ? NOTIFY_BAD : NOTIFY_DONE; } From patchwork Sat Jan 18 00:55:44 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944073 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A45572AF11 for ; Sat, 18 Jan 2025 00:55:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161761; cv=none; b=JDscJmvSX7aVSPOc4/ly1O1n1IsGDdZ4RzOO7tk+fj7s9TwTtS5QKWXILU2qvnPaBjkYoL2B9ykNw/vqlowNNrPQZTD0TiRK7p79y1GqiSjd+KMTaGVM2Dd60d4CRAX73azdhLxEz37g9+VFVp8leD16kPGt0MKviHikL9jYcBY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161761; c=relaxed/simple; bh=Re6JaOfMeqW7zBx1kUqXmRuRyZAeQXxa2/azIap9LI4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=DsZt22iea+P34VEqqEhvz+z8FOjSbUxVryZhnqSXanJAIeWH4nXHFYEypgUwD1ISWvtxisXNgTgkGZloZPRPrkiV+0qrvzrK+TTzxVbnyyKoSfyCXDlaEHFjZvjVF422Vd2PmMUr1mnQoziGL3MYqQpMSuD6sUrLXt9+PO2bm9g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=1AKUcypY; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="1AKUcypY" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2f2a9f056a8so5225219a91.2 for ; Fri, 17 Jan 2025 16:55:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161759; x=1737766559; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=BWg391tw9c+kOeFxLTnt1zsgTfqyDcOA+e1U4rmehPY=; b=1AKUcypYIc07ODfK/u0JsYMka1Ui6vfk/ecTE8uiRQoNtZEyINbfJYWS83IKhvsKWr +vTf6eexhB4o0W083deUmYWbXIcrP90HVQnc5xGDQiWEQrKlx/yd91xAQN28dG7OGxwg LoF0ZQLkvQPvANBU+VB7bXn2AZAtpsltsIdgfd7hTmRfVAKsnJV/lU40KtDtBvTh8jPc o5EEZ7hZr+RZDG9b4alm8dPTFAXJxu4vJFaMNiebPS4TRWY3fdQ8cLjsPToyYfWJEk0D y77WAC+10S7djittZP0nCQYSZqX4CDiCIUgMjoUFqdcEWPtC4hm5hDJ7DGQ1nL7yGZHo +dRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161759; x=1737766559; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=BWg391tw9c+kOeFxLTnt1zsgTfqyDcOA+e1U4rmehPY=; b=Bk85G2Aj6vODpcQo1U4BicZxxImwUcsRQyWxKErPoCrgkyxxR5fksclYSysrmh8+LQ 25698Kbxp+qjtMCYQr9RpvecgYsLNQD54CJ8+Q12CcqnrZOrGGjcf7PBl28wtNzTFfXV DdjY2UlenVZGU6NnGVNrZhuLYnYsbYzKBQb4nC5ZPZaDvfRTpcw+SlWbAkS88bLKFKcU be+X43I53LNZe4oUxbdHWb3vtFOtJ4pHzYQopXzWnHzP1GzI4tjOWVADyEodq3wTGsZK qauI0ah6wGQ+dL78uTKJmiKz51cXRR8pHfq28oRDgmg9/FuuICdXJN+QTWyNA09Bg6nP X0NQ== X-Gm-Message-State: AOJu0YwTYj0+s4HfCqk13JNYBAHXx0On2i+Euy6i3M4iSOn/CAk+eJgS 7tyegMtkR7kNl7YRrTs8YN9oliF9nELo7ZM0AEa5B6+O6HMNQ+XtVXVZXz/0mxBbZgUpRYYGhxS N3A== X-Google-Smtp-Source: AGHT+IF91N/E24CDCeKFDja0F3kfDaJYkCm4ZjErhAsLwyG21uJ4YMyaWeGoc4lBz6gpAs6skETxGTCOn1E= X-Received: from pjvb5.prod.google.com ([2002:a17:90a:d885:b0:2ea:6b84:3849]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2b8e:b0:2f6:f107:faf8 with SMTP id 98e67ed59e1d1-2f782d2e546mr7359245a91.24.1737161758948; Fri, 17 Jan 2025 16:55:58 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:44 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-3-seanjc@google.com> Subject: [PATCH 02/10] KVM: x86: Eliminate "handling" of impossible errors during SUSPEND From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov Drop KVM's handling of kvm_set_guest_paused() failure when reacting to a SUSPEND notification, as kvm_set_guest_paused() only "fails" if the vCPU isn't using kvmclock, and KVM's notifier callback pre-checks that kvmclock is active. I.e. barring some bizarre edge case that shouldn't be treated as an error in the first place, kvm_arch_suspend_notifier() can't fail. Signed-off-by: Sean Christopherson Reviewed-by: Paul Durrant --- arch/x86/kvm/x86.c | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 26e18c9b0375..ef21158ec6b2 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -6905,21 +6905,15 @@ static int kvm_arch_suspend_notifier(struct kvm *kvm) { struct kvm_vcpu *vcpu; unsigned long i; - int ret = 0; - kvm_for_each_vcpu(i, vcpu, kvm) { - if (!vcpu->arch.pv_time.active) - continue; + /* + * Ignore the return, marking the guest paused only "fails" if the vCPU + * isn't using kvmclock; continuing on is correct and desirable. + */ + kvm_for_each_vcpu(i, vcpu, kvm) + (void)kvm_set_guest_paused(vcpu); - ret = kvm_set_guest_paused(vcpu); - if (ret) { - kvm_err("Failed to pause guest VCPU%d: %d\n", - vcpu->vcpu_id, ret); - break; - } - } - - return ret ? NOTIFY_BAD : NOTIFY_DONE; + return NOTIFY_DONE; } int kvm_arch_pm_notifier(struct kvm *kvm, unsigned long state) From patchwork Sat Jan 18 00:55:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944074 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3C7A3664C6 for ; Sat, 18 Jan 2025 00:56:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161762; cv=none; b=V3gy9l5sl6qIkL/tV9V5zsycE3Y8IKlZeQ5WtKTF7XdVXdfjTwND4ZkoLF7/YfDjP6Kix1XokWz6bMalSKIqDmngBAl4NSdtEPEFPDQmgAHi+fs6a21uaEfizB1rJEPSJRJaTu/zyN/k+Rr8B6BQ4a8q0h1vCmqV8V0PMhQ5oRk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161762; c=relaxed/simple; bh=ZbA6yFmveNa2D14lROm2tOREBu6NBfrC1MBvad9WdvE=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=scYU7xeXiGdGcyG2C8Q7t84RnjwD00/7WPjXLlFtDFH9wM98kORKmSAtk51cAwCpOqx68qlf57tgIrNYMVAb6CN85Lg6Ak4Tztn3Uc+ovAS3yxBOp8HHFqsKgRZes/qa8GysfWzoLvi7FNr/hySujlGthqrz3MlKROHrMSpa+gs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=3DkzWhMz; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="3DkzWhMz" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2f780a3d6e5so2457072a91.0 for ; Fri, 17 Jan 2025 16:56:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161760; x=1737766560; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=kw+zxikeNBB4FodaQVXX0L8BbFo8TDEqg90JZgmWMqc=; b=3DkzWhMzh5MCMfV4hjsZjK96P3/bkvNY3EY3Ho5lKjGmCnZ2xzHPFnMlRQBDe05xVq WZ0OGosKwxB2JvWL70rgVxIHQxvuzPXiSmCCYY/TXutGYyOD6AaMfvzay3afCvC/Fb1/ mD+djN8c2O5ZyS8U5OKWK9FpkzPgsEMjG3XpmpitN+rYvtvIT70p1QixlYQM5QkVOAuR 1csML90bR1wL0gXAXmHDhHH9vBvWqTYEhVw165+nfEgCiNrac5AK2G61tqVBgk2xm+mI 9uYsjHyYn7b04OuFoJRSauUZl8wTvCuRPo12Mojc9C8vi2Ym+RsIT4pW99ZwEIl156SY qIfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161760; x=1737766560; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=kw+zxikeNBB4FodaQVXX0L8BbFo8TDEqg90JZgmWMqc=; b=aHSf3Aufu5Dr8t6/xpllXOY+bIu3vfoO+leVtb9u9p0PI50r02zj8qSuBkiFzKftL2 5Lha4BtyE4Jz6NBaemZ8srkDgDXGO8SBHorsHegOxB5q3mKGGkaAND0cJ4j2kENBX5YP cawApajirioLdc8eEsC7xsoKlK1RPJc/EeUVjHiyxQXKaDY3n86uj7yelNFPAwNCPQ3U p+Ryb7JH0Y586q0+2CCiQN1Si4v9vUVaYxhuT023fYYbdWK/hQ8bZACO2inq4CXU3gER xc0TfHJH/RPy25kbP/4VJrL7O4OryZ0LLmJPtqrouHB/wphlBWCIF8yjWIUc6CLmFiES SRdA== X-Gm-Message-State: AOJu0Yxa/5axPqfmHbbbz3AhLgfnOHGq2IqXPz2i2CJBvECUuELV5Y7h QF3rguuHIErQsyQDbmxCMiP29qLo4d8M6yJubtoArvZeicUtL2LaWVYqPBvom7XHfIoDmw1Ay6l iQw== X-Google-Smtp-Source: AGHT+IGfcOLREVLx3eFzOTyVZ8snWmsSCngywovuBzuufyEWLRxg05P9VTYADZ/kr8UTj0njLqkpQzzSyEs= X-Received: from pji12.prod.google.com ([2002:a17:90b:3fcc:b0:2ee:4b37:f869]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:5211:b0:2ee:4513:f1d1 with SMTP id 98e67ed59e1d1-2f782d4f34cmr5876571a91.23.1737161760718; Fri, 17 Jan 2025 16:56:00 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:45 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-4-seanjc@google.com> Subject: [PATCH 03/10] KVM: x86: Drop local pvclock_flags variable in kvm_guest_time_update() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov Drop the local pvclock_flags in kvm_guest_time_update(), the local variable is immediately shoved into the per-vCPU "cache", i.e. the local variable serves no purpose. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Paul Durrant --- arch/x86/kvm/x86.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index ef21158ec6b2..d8ee37dd2b57 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3178,7 +3178,6 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) struct kvm_arch *ka = &v->kvm->arch; s64 kernel_ns; u64 tsc_timestamp, host_tsc; - u8 pvclock_flags; bool use_master_clock; #ifdef CONFIG_KVM_XEN /* @@ -3261,11 +3260,9 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) vcpu->last_guest_tsc = tsc_timestamp; /* If the host uses TSC clocksource, then it is stable */ - pvclock_flags = 0; + vcpu->hv_clock.flags = 0; if (use_master_clock) - pvclock_flags |= PVCLOCK_TSC_STABLE_BIT; - - vcpu->hv_clock.flags = pvclock_flags; + vcpu->hv_clock.flags |= PVCLOCK_TSC_STABLE_BIT; if (vcpu->pv_time.active) kvm_setup_guest_pvclock(v, &vcpu->pv_time, 0, false); From patchwork Sat Jan 18 00:55:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944075 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 04A0C13633F for ; Sat, 18 Jan 2025 00:56:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161764; cv=none; b=aDj7Mrs7VqVOiwAfhqNkngq+SrnWVDGLNSAycIlU5bRBk/ys9LwP/54wz+sABprB7H49K0UFIJz7gPF87nLTdqsQw3J2tx+Sq8qJMo22VDNAGQzH6OSy9/rT8ItYH/7yLGiudmo0tsHreO/RiqB9pAwKRKr/8B8kGDiCNkoniCA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161764; c=relaxed/simple; bh=sA0hS9Id9jjgEzQ/Xw9LNPSamWlk+dIcdiS07KzlWPU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=CUaAhngw58CeCxYRkFc3HnDsv+v7HgEu4UOt9DZwYO79Urgf/WAz3x1PjVIC18Ot7SgiOt7r6LdZ1HWOENOKya5wi1cFlkvbW0JjwvEUCY0riIE51rebsfACENSlZQGScuQ0ogKYTdHYLvvyj7nC/rjCIvYWNZZyNc6N8w9po9Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=IbMLZtDm; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="IbMLZtDm" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ee46799961so7692577a91.2 for ; Fri, 17 Jan 2025 16:56:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161762; x=1737766562; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=TtGZFtu7QgB0Mt5t6w7JlRT99J1dCdQK9yh6ZvZlQk8=; b=IbMLZtDm+GLDjVyG+YspLHQBY6W3r0mRQpJhQ0YxloifoGPPqVpOXB881Rw8oK3kvr NqXQ2eRvR95szs+PLy9yAtC5Hj2o3YF40X/z63fhvrH1SCgDYxu2wvSl7hU6Y81ypCJx 3xn6yGMeENgXsfFS5vu7PpXapLNXyKA1NC9gnbKS19jWD9+hh4hdGcjKm28vDGnKrU0l HhWYWasMN8seAXgZOKn8YJbSmbES+QYE9gqvnUeVh2BHfwNN/HDmTOIc89I+mv6Kgccz FYSjcTFvvuRZxm3NB+JhU9sFVL/Hgmvngf4ouROkDTRz2wDnEC3LM9RAzc5QpvejzOZ+ CXCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161762; x=1737766562; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TtGZFtu7QgB0Mt5t6w7JlRT99J1dCdQK9yh6ZvZlQk8=; b=snsMhCV4og8F+KMl/XWOgbW892jZHlij0uUQMLvEOGRrzuMPpJHxeShst+Tn7YWN4g rsyeOCjqETMyE2cZxIljGqtQCu4EwViApLbdaCIy/3VpklaMIghfMlUALSNZ1xvANPPk cIEAFI71cHjtptcIO8D/LVpm8kwwRjzGvEdXLAV12KQwCbl8J2fTosLEBolLdRwroVV0 +SWM/jg7+N+7KgEDPcAV4R3vYMLBh16Y0ZFJtaMleucPfeILeSIMJRhNdnnwHCwOqMSe Vehahtnp0+5vqx7jmhLNZVVTwoGqnhZVqTey2IYS1vuxFN+2MTFuPxOY9ju6fJ7esZs9 SKrA== X-Gm-Message-State: AOJu0YzjNro+OknCfT/5UuLHT90kAmcTIbrpqk+0apkYzuGLD9KMUQ95 p/A4xe/FCXiVAbLTlcRt+PkLkNk2JldXDyk+Nw805N3+wtMP2fstH33SFfPFLmXK28NzFuw8BRm PiQ== X-Google-Smtp-Source: AGHT+IHDYfqDDUj6f3R/znriaiY2WAmKD2wdWDEcZoF0YWTsbhbe/fN7Idxp7RtwGR0Ou3LzEh3pKLjTXLA= X-Received: from pjz13.prod.google.com ([2002:a17:90b:56cd:b0:2f4:3eb4:f8bf]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:3cd0:b0:2ee:aed6:9ec2 with SMTP id 98e67ed59e1d1-2f782c926d5mr7786710a91.14.1737161762414; Fri, 17 Jan 2025 16:56:02 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:46 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-5-seanjc@google.com> Subject: [PATCH 04/10] KVM: x86: Set PVCLOCK_GUEST_STOPPED only for kvmclock, not for Xen PV clock From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov Handle "guest stopped" propagation only for kvmclock, as the flag is set if and only if kvmclock is "active", i.e. can only be set for Xen PV clock if kvmclock *and* Xen PV clock are in-use by the guest, which creates very bizarre behavior for the guest. Simply restrict the flag to kvmclock, e.g. instead of trying to handle Xen PV clock, as propagation of PVCLOCK_GUEST_STOPPED was unintentionally added during a refactoring, and while Xen proper defines XEN_PVCLOCK_GUEST_STOPPED, there's no evidence that Xen guests actually support the flag. Check and clear pvclock_set_guest_stopped_request if and only if kvmclock is active to preserve the original behavior, i.e. keep the flag pending if kvmclock happens to be disabled when KVM processes the initial request. Fixes: aa096aa0a05f ("KVM: x86/xen: setup pvclock updates") Cc: Paul Durrant Cc: David Woodhouse Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index d8ee37dd2b57..3c4d210e8a9e 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3150,11 +3150,6 @@ static void kvm_setup_guest_pvclock(struct kvm_vcpu *v, /* retain PVCLOCK_GUEST_STOPPED if set in guest copy */ vcpu->hv_clock.flags |= (guest_hv_clock->flags & PVCLOCK_GUEST_STOPPED); - if (vcpu->pvclock_set_guest_stopped_request) { - vcpu->hv_clock.flags |= PVCLOCK_GUEST_STOPPED; - vcpu->pvclock_set_guest_stopped_request = false; - } - memcpy(guest_hv_clock, &vcpu->hv_clock, sizeof(*guest_hv_clock)); if (force_tsc_unstable) @@ -3264,8 +3259,21 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) if (use_master_clock) vcpu->hv_clock.flags |= PVCLOCK_TSC_STABLE_BIT; - if (vcpu->pv_time.active) + if (vcpu->pv_time.active) { + /* + * GUEST_STOPPED is only supported by kvmclock, and KVM's + * historic behavior is to only process the request if kvmclock + * is active/enabled. + */ + if (vcpu->pvclock_set_guest_stopped_request) { + vcpu->hv_clock.flags |= PVCLOCK_GUEST_STOPPED; + vcpu->pvclock_set_guest_stopped_request = false; + } kvm_setup_guest_pvclock(v, &vcpu->pv_time, 0, false); + + vcpu->hv_clock.flags &= ~PVCLOCK_GUEST_STOPPED; + } + #ifdef CONFIG_KVM_XEN if (vcpu->xen.vcpu_info_cache.active) kvm_setup_guest_pvclock(v, &vcpu->xen.vcpu_info_cache, From patchwork Sat Jan 18 00:55:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944076 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A232813D281 for ; Sat, 18 Jan 2025 00:56:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161766; cv=none; b=cutQXkSG+rpL+L8RYDdtSwYH/DfeHrFqgxSu7yMpM3il16GBtHQrGLFDV8d6XTtNGRMdVDJwr4hPKYutXoMH4K8WMUBGAhYImHfpITRSzZIOm8VQTkRyUpREXpDYbPd0/eRXAJN/rpNg+MWa1n4ymJmv/TAQib33Kq+6GKiQcVI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161766; c=relaxed/simple; bh=jxOTL3Mkz2NS4RNUG54+cI/ehiSamB2ybhpUJeSXWsQ=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ArBi0cmJOsw9NsxHUViYnrbWZeVkybkkVUH/Jdn4RaHuAbgRIvM9t37NrDjxjESoAU8xwTbby5qZn/kmw3g4zGCnz4SlAfrYKq8QrvBp23Lc/xiEF1G6xGwoheX5BUN+d31KId7Ay5n4qXAFon7m3xputRTT32L4btejpy88QX0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=GTTA0MIP; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="GTTA0MIP" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ef909597d9so7399229a91.3 for ; Fri, 17 Jan 2025 16:56:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161764; x=1737766564; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=0gOhEmCjiyxgrlBTDB8zGSt/z/LMmY8p2MSVMeH6TEk=; b=GTTA0MIPojQyzISgTgsXfzLVYQPRMK+4azqIp7g6PkWBj1ADA4mh1NOqo7+UsWcjFX Xg16dHSTBaWZLEjA/2v4wSGAL6rxYlSN2aZQSCxYAGBgiUchq+i6ElL7C+2NMAGuFjyn LFzSOX5Wo3DiuTRdTJboqVxZ/w/maC0nVPdrTnJwix9T3lq9er0pCcp+Cy11BRnH7ExO +XrcUx1ski4D6u0+x/pVWO1C4Mu22IrhofNhRIqgDmOTpo1rS6DJ4e98lhlzd5k6ySMT sFE76eldvy1PCU+Xw1b332saQpaJ6ma7/1QL4VcLPuwrVddrWn1JKpvmKXDHCpOtyNld D3uQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161764; x=1737766564; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0gOhEmCjiyxgrlBTDB8zGSt/z/LMmY8p2MSVMeH6TEk=; b=BlmIXAlD02rsjIthubeIADMia0Zk8VP9wAU3sN+IxOnZXyXojgHrai6+rTf/69M6Uh S6lskjWDawNdVHy6BbKRBVjU+NXhaftBh/bIMXDA4pswsxv36PGOdNxbdEJXX78x3Y7/ 6+0Z4VHWGMlHz9Q2PN/EbVutipVLnWUNSpnysu3gTlmNFuoRVbxAm5EnjIik92vA3CCd XFSpo4OOsjOd0G5LuspDCphdA1IfFk34ipzlAU+38SvAGFg0DcBLcQdZzTnn00hkAs+1 gUR0NxJPcAkEEXVOhIC4IjNAGe2PBc3rd+2tqgD4Y0kWBRBbx0knAviSaE0rv1qrffVh 78DQ== X-Gm-Message-State: AOJu0YxldjDjR9/XGykawHr64VnOcH8Aj/ZGsgBc30QLSuP2um8X9E27 cDtEVS9iWFgVxd+6b5VjNBfEz/58K0bB4n1c5OrJFcAzdRRMy0Xdb5CNr6i7LjJ2x/BLgZh5Kjn KSw== X-Google-Smtp-Source: AGHT+IFP/HSzy1wggki71dxrmmf0OyWe6VJQJ5CZsz8GbMTSoEoP0MgDzbq9mRwzPywuTYdjBynpIvGphIM= X-Received: from pjh5.prod.google.com ([2002:a17:90b:3f85:b0:2ef:6ef8:6567]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:6c3:b0:2ee:59af:a432 with SMTP id 98e67ed59e1d1-2f782d862famr6115793a91.31.1737161764011; Fri, 17 Jan 2025 16:56:04 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:47 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-6-seanjc@google.com> Subject: [PATCH 05/10] KVM: x86: Don't bleed PVCLOCK_GUEST_STOPPED across PV clocks From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov When updating a specific PV clock, make a full copy of KVM's reference copy/cache so that PVCLOCK_GUEST_STOPPED doesn't bleed across clocks. E.g. in the unlikely scenario the guest has enabled both kvmclock and Xen PV clock, a dangling GUEST_STOPPED in kvmclock would bleed into Xen PV clock. Using a local copy of the pvclock structure also sets the stage for eliminating the per-vCPU copy/cache (only the TSC frequency information actually "needs" to be cached/persisted). Fixes: aa096aa0a05f ("KVM: x86/xen: setup pvclock updates") Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 3c4d210e8a9e..5f3ad13a8ac7 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3123,8 +3123,11 @@ static void kvm_setup_guest_pvclock(struct kvm_vcpu *v, { struct kvm_vcpu_arch *vcpu = &v->arch; struct pvclock_vcpu_time_info *guest_hv_clock; + struct pvclock_vcpu_time_info hv_clock; unsigned long flags; + memcpy(&hv_clock, &vcpu->hv_clock, sizeof(hv_clock)); + read_lock_irqsave(&gpc->lock, flags); while (!kvm_gpc_check(gpc, offset + sizeof(*guest_hv_clock))) { read_unlock_irqrestore(&gpc->lock, flags); @@ -3144,25 +3147,25 @@ static void kvm_setup_guest_pvclock(struct kvm_vcpu *v, * it is consistent. */ - guest_hv_clock->version = vcpu->hv_clock.version = (guest_hv_clock->version + 1) | 1; + guest_hv_clock->version = hv_clock.version = (guest_hv_clock->version + 1) | 1; smp_wmb(); /* retain PVCLOCK_GUEST_STOPPED if set in guest copy */ - vcpu->hv_clock.flags |= (guest_hv_clock->flags & PVCLOCK_GUEST_STOPPED); + hv_clock.flags |= (guest_hv_clock->flags & PVCLOCK_GUEST_STOPPED); - memcpy(guest_hv_clock, &vcpu->hv_clock, sizeof(*guest_hv_clock)); + memcpy(guest_hv_clock, &hv_clock, sizeof(*guest_hv_clock)); if (force_tsc_unstable) guest_hv_clock->flags &= ~PVCLOCK_TSC_STABLE_BIT; smp_wmb(); - guest_hv_clock->version = ++vcpu->hv_clock.version; + guest_hv_clock->version = ++hv_clock.version; kvm_gpc_mark_dirty_in_slot(gpc); read_unlock_irqrestore(&gpc->lock, flags); - trace_kvm_pvclock_update(v->vcpu_id, &vcpu->hv_clock); + trace_kvm_pvclock_update(v->vcpu_id, &hv_clock); } static int kvm_guest_time_update(struct kvm_vcpu *v) From patchwork Sat Jan 18 00:55:48 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944077 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 82EBC154430 for ; Sat, 18 Jan 2025 00:56:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161768; cv=none; b=MihShCLHHdvnzZ1ehjVV+429rWeuLHsHI59ZPbxJfzzMop3AfDro11LBMPdXz2UsjeZIkVw/5gIf4ZpRMtNDXnjUZDkc6PfWI8h6w6uZ+K0X4RM7Us7zvykjnirvQpciOYWH6h2WeYm+vnZvOv8S1Inf3ShRBJEI2xUAV1hYBZI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161768; c=relaxed/simple; bh=VtQ/uqkwmoTxSj1yTfi+T7RgX+mctOvQzgcA4AyF1HI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=fjvQgyzPB+UJ4BO8qPgdoI5NZWM9ylRelkxhQITeAq/OPbrNYAPbs8Sav21dvSsJ1+P3FencfGSSl1aV3GFybhDIYDcOY1NMarAQHQhzk+cbnp0WPVnLFRZwqptJnc2q4uRBCbt8uL/ELs7DfhIUWSTxX/Uf3Xu2NZl5MhUMS7U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=mhrHTauo; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="mhrHTauo" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ef9dbeb848so5128045a91.0 for ; Fri, 17 Jan 2025 16:56:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161766; x=1737766566; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=VKxrwiqgrub7pQIzreEa3TDPAdQtjV/84avIRIDcu/4=; b=mhrHTauoTn3tMM4pxb2nNq3XhTbJbkx/KQaolLbKB8SwYDcTpzRm4CpdUVPOe0WtXK 9PlEkgIu9kC5rvGq3zUamxm6wSCp0EzgqWwB4j+T4G5QN+vlRG+hsJDG7LejdIwXPX1o o1nTM9UZqDhgiwj2dtiM2oxk7fps8jg8BB0aItib4FOtRAxfTuHSnKP5umyjQY9J+4+J S9e8Z9SlBJpJWcyX3PAtEcOIhiOL5gfHrIEaTUih2BPCLmuOFhxSVTUNoQuwnGh7nD5G 9BkibsAX0nLYTeY1aupv98zxk6PnmabDyrB5oPeCya2OV76dBjFoQUADI7/f1RSLK72U Q69w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161766; x=1737766566; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=VKxrwiqgrub7pQIzreEa3TDPAdQtjV/84avIRIDcu/4=; b=RkSKow/Fnxi21uHjYREUlOj67QMqg6x9pzrY64DO6Z2jE1JfFeHUjngXQGT7eNy5a1 8nBmasyoqtWm/sMVSB5A2/MQHBKjpj6WhYiVOhxsEvLp5a4dksTmcx7wbTH+tNklyVJO 4a5v0xKXYXDhQT+H+rEZofaiDZoSAUWZoZ+HTL6UimIHUMU1knFc32HoW5SmXFSjyqS0 D6yG+9uG9BEc5nu1URlL1EIIAx4c/F7avszYm9OcSLeLA//X/kPEgzANwEuWjA3QaSyA 4ouuiCJ3bVSqZXj8ENAPi8u7UlEfjHVCGJ0VYbGLrwgBEoHRhNcI26DqkMBc+Odnz+aM Q27A== X-Gm-Message-State: AOJu0YwZ6rQH6L5xbnq+Uw3lqq3SrP0Ph6ft0jDNn45NT1vaFXxoQdpP fl6h7//sFrwfqOtA1d9gdHEjQxJlngk/gmxIzqGaQk27955OmlIdloNKa54e+g/KcaEF6ufW1Ci k3A== X-Google-Smtp-Source: AGHT+IEYHrG1aHDK2uQ013E8rTso2F2zxpvLHYLI5gh7s2mkwRcNqmAGvyXElMRFxpqYTHTdnDRcju0UmxE= X-Received: from pjboh12.prod.google.com ([2002:a17:90b:3a4c:b0:2ea:9d23:79a0]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90a:e18f:b0:2ee:d7d3:3019 with SMTP id 98e67ed59e1d1-2f782c7a769mr8071130a91.12.1737161765797; Fri, 17 Jan 2025 16:56:05 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:48 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-7-seanjc@google.com> Subject: [PATCH 06/10] KVM: x86/xen: Use guest's copy of pvclock when starting timer From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov Use the guest's copy of its pvclock when starting a Xen timer, as KVM's reference copy may not be up-to-date, i.e. may yield a false positive of sorts. In the unlikely scenario that the guest is starting a Xen timer and has used a Xen pvclock in the past, but has since but turned it "off", then vcpu->arch.hv_clock may be stale, as KVM's reference copy is updated if and only if at least pvclock is enabled. Furthermore, vcpu->arch.hv_clock is currently used by three different pvclocks: kvmclock, Xen, and Xen compat. While it's extremely unlikely a guest would ever enable multiple pvclocks, effectively sharing KVM's reference clock could yield very weird behavior. Using the guest's active Xen pvclock instead of KVM's reference will allow dropping KVM's reference copy. Fixes: 451a707813ae ("KVM: x86/xen: improve accuracy of Xen timers") Cc: Paul Durrant Cc: David Woodhouse Signed-off-by: Sean Christopherson --- arch/x86/kvm/xen.c | 58 ++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 53 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c index a909b817b9c0..b82c28223585 100644 --- a/arch/x86/kvm/xen.c +++ b/arch/x86/kvm/xen.c @@ -150,11 +150,46 @@ static enum hrtimer_restart xen_timer_callback(struct hrtimer *timer) return HRTIMER_NORESTART; } +static int xen_get_guest_pvclock(struct kvm_vcpu *vcpu, + struct pvclock_vcpu_time_info *hv_clock, + struct gfn_to_pfn_cache *gpc, + unsigned int offset) +{ + struct pvclock_vcpu_time_info *guest_hv_clock; + unsigned long flags; + int r; + + read_lock_irqsave(&gpc->lock, flags); + while (!kvm_gpc_check(gpc, offset + sizeof(*guest_hv_clock))) { + read_unlock_irqrestore(&gpc->lock, flags); + + r = kvm_gpc_refresh(gpc, offset + sizeof(*guest_hv_clock)); + if (r) + return r; + + read_lock_irqsave(&gpc->lock, flags); + } + + memcpy(hv_clock, guest_hv_clock, sizeof(*hv_clock)); + read_unlock_irqrestore(&gpc->lock, flags); + + /* + * Sanity check TSC shift+multiplier to verify the guest's view of time + * is more or less consistent. + */ + if (hv_clock->tsc_shift != vcpu->arch.hv_clock.tsc_shift || + hv_clock->tsc_to_system_mul != vcpu->arch.hv_clock.tsc_to_system_mul) + return -EINVAL; + return 0; +} + static void kvm_xen_start_timer(struct kvm_vcpu *vcpu, u64 guest_abs, bool linux_wa) { + struct kvm_vcpu_xen *xen; int64_t kernel_now, delta; uint64_t guest_now; + int r = -EOPNOTSUPP; /* * The guest provides the requested timeout in absolute nanoseconds @@ -173,10 +208,22 @@ static void kvm_xen_start_timer(struct kvm_vcpu *vcpu, u64 guest_abs, * the absolute CLOCK_MONOTONIC time at which the timer should * fire. */ - if (vcpu->arch.hv_clock.version && vcpu->kvm->arch.use_master_clock && - static_cpu_has(X86_FEATURE_CONSTANT_TSC)) { + do { + struct pvclock_vcpu_time_info hv_clock; uint64_t host_tsc, guest_tsc; + if (!static_cpu_has(X86_FEATURE_CONSTANT_TSC) || + !vcpu->kvm->arch.use_master_clock) + break; + + if (xen->vcpu_info_cache.active) + r = xen_get_guest_pvclock(vcpu, &hv_clock, &xen->vcpu_info_cache, + offsetof(struct compat_vcpu_info, time)); + else if (xen->vcpu_time_info_cache.active) + r = xen_get_guest_pvclock(vcpu, &hv_clock, &xen->vcpu_time_info_cache, 0); + if (r) + break; + if (!IS_ENABLED(CONFIG_64BIT) || !kvm_get_monotonic_and_clockread(&kernel_now, &host_tsc)) { /* @@ -197,9 +244,10 @@ static void kvm_xen_start_timer(struct kvm_vcpu *vcpu, u64 guest_abs, /* Calculate the guest kvmclock as the guest would do it. */ guest_tsc = kvm_read_l1_tsc(vcpu, host_tsc); - guest_now = __pvclock_read_cycles(&vcpu->arch.hv_clock, - guest_tsc); - } else { + guest_now = __pvclock_read_cycles(&hv_clock, guest_tsc); + } while (0); + + if (r) { /* * Without CONSTANT_TSC, get_kvmclock_ns() is the only option. * From patchwork Sat Jan 18 00:55:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944078 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CAB1C1632E4 for ; Sat, 18 Jan 2025 00:56:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161769; cv=none; b=XNrbcpCZ3DXyUk8Ifj7JCqUN/liFzlFucfgwMzBfgJPvQvZML3nUIBXyYXkOC5eRh32HmXBMezN04WmEw2vGnsONZWFl9lRwsP1CsDxqTfJ8coPSuAohusY+CymvUT+El9F+T9wdG8my0v6doIcnjQu1W+KAWU3D8o6FoZb/g0M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161769; c=relaxed/simple; bh=d5eTYZ8nA+eny2dlNR6wc75KXRvXh76kClSBvOeXHgs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=r1CpXMrZHY4HLu+E+vRx0DgoH3WNV6GKBQvDCX+jFTUd2Ye3vx0Ia3BTrBbvD04UXmsf1OgJe70Ybz2IDMzj/xrY+3Ur57FM7fPySzkT6l1qW/npuEpiD8hB1YNIFEd/XKBlSKIVT5vzCfVqFTN/tbdeObgkag6j3PVWJBKY/lk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=n97VhTZ5; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="n97VhTZ5" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2eebfd6d065so7680890a91.3 for ; Fri, 17 Jan 2025 16:56:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161767; x=1737766567; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=Ob51wzRnvvlVEAc5sJP3Qw2cprvn1V49Q6RmU7YLzHo=; b=n97VhTZ5AWGyo8Y5vEnH4a1p6lQPgq/pQ68SUvTc36dunzUw++HJJu0OAFgflN3trB g6Li8BFXI7ILcpVT3N9p7wfOPpKza6BIncAEzCpMXZLZiSOTtnW7xl1WkcXip/20h0av KGbdMGSYepIU9RsLv33lufAcfYOd3QeK4ABOTJk2/+fHT3HNC+5sTMc7ygu1GtVM0zzT Lk3GstfdINAQ+Rd5g9ejCeauflsw3qCPkGVd3rLcpzaBrkeMMFpjqHeO5+5HF8G58EmK s/d9q+sp2Rw2x4er/zgcgFUjUJGjPWcECpW4PS9WEGARfLXLycu3R/4CwuX1dQpf9FQZ 16Iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161767; x=1737766567; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Ob51wzRnvvlVEAc5sJP3Qw2cprvn1V49Q6RmU7YLzHo=; b=rnrCjjiyM4MiGDr+QM76h9asCRKJ1iqClub1eDl3NodrhHD/zQgHEPzuKOaHNop+LU 5rjbKfhFPd/qB+SeVDfplasdOptWB8V2ySXSXrPqPq3isOWQc8LRLm6/IFDeA9mlk+28 NyY019Q4ZsXVVzqOpk5+I4XCvUeP8cybzUwZtPawkt7hhVF1PtRkT4jTcB1d7mhn+0FO TSiWwVR4bMokqy6/qKllVIZALDaB7GBTFDWQZVWg32t78QAtQc+eO5nnUtZLDSG3qubt hMYeyz2nq4bMM4SGCfh49+Wf3UL0rSYbd1UH9tSzuZDgB+5VgDjucmZt2zfUvG/T716R LcNw== X-Gm-Message-State: AOJu0Yy5h+lvAdxQkqUmx4yX7zU4B2Ea1bNFb5oQ4OlG2z20d6+4S5iR qkbB4uDejEah3FeA9svFgHqjk9S/fvH+RyJLKZPvA5k049C0P3wI/vwCLjox2U9wyvZAdkapUG5 IiQ== X-Google-Smtp-Source: AGHT+IFJ/KP3omneRh37cgcPi/MY3vB6qbRxqQ5KBdluhT/QtFH6d0BYfKGKr1KEUpIGhlgHK/uF2kMkV1E= X-Received: from pfhx22.prod.google.com ([2002:a05:6a00:1896:b0:725:e05b:5150]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:180c:b0:725:e309:7110 with SMTP id d2e1a72fcca58-72daf9a53acmr6846276b3a.5.1737161767271; Fri, 17 Jan 2025 16:56:07 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:49 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-8-seanjc@google.com> Subject: [PATCH 07/10] KVM: x86: Pass reference pvclock as a param to kvm_setup_guest_pvclock() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov Pass the reference pvclock structure that's used to setup each individual pvclock as a parameter to kvm_setup_guest_pvclock() as a preparatory step toward removing kvm_vcpu_arch.hv_clock. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Paul Durrant --- arch/x86/kvm/x86.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 5f3ad13a8ac7..06d27b3cc207 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3116,17 +3116,17 @@ u64 get_kvmclock_ns(struct kvm *kvm) return data.clock; } -static void kvm_setup_guest_pvclock(struct kvm_vcpu *v, +static void kvm_setup_guest_pvclock(struct pvclock_vcpu_time_info *ref_hv_clock, + struct kvm_vcpu *vcpu, struct gfn_to_pfn_cache *gpc, unsigned int offset, bool force_tsc_unstable) { - struct kvm_vcpu_arch *vcpu = &v->arch; struct pvclock_vcpu_time_info *guest_hv_clock; struct pvclock_vcpu_time_info hv_clock; unsigned long flags; - memcpy(&hv_clock, &vcpu->hv_clock, sizeof(hv_clock)); + memcpy(&hv_clock, ref_hv_clock, sizeof(hv_clock)); read_lock_irqsave(&gpc->lock, flags); while (!kvm_gpc_check(gpc, offset + sizeof(*guest_hv_clock))) { @@ -3165,7 +3165,7 @@ static void kvm_setup_guest_pvclock(struct kvm_vcpu *v, kvm_gpc_mark_dirty_in_slot(gpc); read_unlock_irqrestore(&gpc->lock, flags); - trace_kvm_pvclock_update(v->vcpu_id, &hv_clock); + trace_kvm_pvclock_update(vcpu->vcpu_id, &hv_clock); } static int kvm_guest_time_update(struct kvm_vcpu *v) @@ -3272,18 +3272,18 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) vcpu->hv_clock.flags |= PVCLOCK_GUEST_STOPPED; vcpu->pvclock_set_guest_stopped_request = false; } - kvm_setup_guest_pvclock(v, &vcpu->pv_time, 0, false); + kvm_setup_guest_pvclock(&vcpu->hv_clock, v, &vcpu->pv_time, 0, false); vcpu->hv_clock.flags &= ~PVCLOCK_GUEST_STOPPED; } #ifdef CONFIG_KVM_XEN if (vcpu->xen.vcpu_info_cache.active) - kvm_setup_guest_pvclock(v, &vcpu->xen.vcpu_info_cache, + kvm_setup_guest_pvclock(&vcpu->hv_clock, v, &vcpu->xen.vcpu_info_cache, offsetof(struct compat_vcpu_info, time), xen_pvclock_tsc_unstable); if (vcpu->xen.vcpu_time_info_cache.active) - kvm_setup_guest_pvclock(v, &vcpu->xen.vcpu_time_info_cache, 0, + kvm_setup_guest_pvclock(&vcpu->hv_clock, v, &vcpu->xen.vcpu_time_info_cache, 0, xen_pvclock_tsc_unstable); #endif kvm_hv_setup_tsc_page(v->kvm, &vcpu->hv_clock); From patchwork Sat Jan 18 00:55:50 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944079 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A4D901850B5 for ; Sat, 18 Jan 2025 00:56:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161772; cv=none; b=i9bRjmSRDXyzlPbl9Gwg9dT9a4iOAWVOnW8gPrHLGtOxY8XGXXLCBeyQX84E/p4T1DNwUB2aTxzbCPc0Myhrmn+085PY9QrZBaNdkEJILRI4rus+cn2rn+KZV3tW5mYe+9qIN1zVj8rxOF0QbHHsRhyyRZNT+vSBjyWLIXitPoY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161772; c=relaxed/simple; bh=MlMCaN4C4GVV0w3D6Tva9o5mp4aTS3X/nOMX8xQEZzw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=dWo1KuV6qDFeZbWrdRDJGyk76zSkQ7anb2sfN4a0oPZ+ac6NmMunsTH0NGGUzrHgjSpZ2hGQCDqCHfHvSq3lfPqpfnmHmMB8POGdtz/w+wpmKkv4aXlZ8O8+Y/msGeSsR71aEdwa8XGi3Dbz0EdNHpm0C00FkGmgd15NnURmoMU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=UBVy+9Ps; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="UBVy+9Ps" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-21a7cbe3b56so38013885ad.0 for ; Fri, 17 Jan 2025 16:56:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161769; x=1737766569; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=Xe76inQQED+VDi+GOM1bZpRo/JAeJ3yY7og1Pn73/dU=; b=UBVy+9Ps2M5R+xEiXeKdfcOMLAarv0KF69bYAKJxCx36PzgudtsDma+uXfrXtRCDDk YQBvouZcn7mqbTxdznfVmHK/gtGTdfhhlvxhhLiAcEtEsI9e1U9m6H7HHGpLdr1HEyKv pCeCcZqIaJObAchCvxlF5qrePz8M2LnAZULXJFsZPcnU/W7yiU4GIPUMlM0y8yu3Hzfl yXcu4JHwFKruTer4f3lkrHKBH8bmvRiIlqZji6ZtHfw19VLxiIQIX0ePqj9zlsfRqq/P e922EgMI0/7C/lqB4l2aO8ABD4iYu0J381zXcnvIakMpvShM9K951DIZfB6qsO3hvU+v bq0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161769; x=1737766569; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Xe76inQQED+VDi+GOM1bZpRo/JAeJ3yY7og1Pn73/dU=; b=uvw2wDcFD7Ns/fmv6WXoX+oyMUyUI9r6aGfgCI6iGrs66xM/CGO5vngM4k5MY1X5MS Y57nF1bYQ7c+4vmFqkCEQdFH+oDZ+hI3d+rUriYxBntKhlfuOSe0+xFiCew3GT0YlhOg fpJvC9NRYUyZJ9jhBQRR0t4+9NIph7byfMLfbBlS6mZ5n014piGkwcL3Mrp7+Oyn77ha qreIkA1SerDgaq1hiPKtGPP4NBEDZ/a/xn0P0IpnONktGzb+Azfnfu9iCy3ljMGWk0JJ nGmhmX9ZScC2VozCJNnv+mHnEZct3NkEgpa5JWqQVGnbp3H1ehHAP+x7KK0SgoY2yy0Q MXiw== X-Gm-Message-State: AOJu0YyNgPUdFwSjvx+3R9u8dVjHvdaLGulGpaEBpdpHda5ACPVlMCA6 nDtY4gI+8sGrP/KzsBuA+nWSt/rHOzgSHNJWYu28C+/12fPJohCHMBjAbf5/KIl0J/5hDFrGx3D Ykg== X-Google-Smtp-Source: AGHT+IEwP7oMktyaCLjiLHcanbI8N9janBfFwvH46GF7ZKFwrHrokmvqDB/j3xfVz2pJ9k+Y3S5lFTl0l78= X-Received: from pjbsf7.prod.google.com ([2002:a17:90b:51c7:b0:2ef:71b9:f22f]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:da88:b0:216:69ca:773b with SMTP id d9443c01a7336-21c352c7b99mr77384315ad.5.1737161768921; Fri, 17 Jan 2025 16:56:08 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:50 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-9-seanjc@google.com> Subject: [PATCH 08/10] KVM: x86: Remove per-vCPU "cache" of its reference pvclock From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov Remove the per-vCPU "cache" of the reference pvclock and instead cache only the TSC shift+multiplier. All other fields in pvclock are fully recomputed by kvm_guest_time_update(), i.e. aren't actually persisted. In addition to shaving a few bytes, explicitly tracking the TSC shift/mul fields makes it easier to see that those fields are tied to hw_tsc_khz (they exist to avoid having to do expensive math in the common case). And conversely, not tracking the other fields makes it easier to see that things like the version number are pulled from the guest's copy, not from KVM's reference. Signed-off-by: Sean Christopherson Reviewed-by: Paul Durrant --- arch/x86/include/asm/kvm_host.h | 3 ++- arch/x86/kvm/x86.c | 27 +++++++++++++++------------ arch/x86/kvm/xen.c | 8 ++++---- 3 files changed, 21 insertions(+), 17 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 5193c3dfbce1..f26105654ec4 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -900,7 +900,8 @@ struct kvm_vcpu_arch { int (*complete_userspace_io)(struct kvm_vcpu *vcpu); gpa_t time; - struct pvclock_vcpu_time_info hv_clock; + u8 pvclock_tsc_shift; + u32 pvclock_tsc_mul; unsigned int hw_tsc_khz; struct gfn_to_pfn_cache pv_time; /* set guest stopped flag in pvclock flags field */ diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 06d27b3cc207..9eabd70891dd 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3170,6 +3170,7 @@ static void kvm_setup_guest_pvclock(struct pvclock_vcpu_time_info *ref_hv_clock, static int kvm_guest_time_update(struct kvm_vcpu *v) { + struct pvclock_vcpu_time_info hv_clock = {}; unsigned long flags, tgt_tsc_khz; unsigned seq; struct kvm_vcpu_arch *vcpu = &v->arch; @@ -3247,20 +3248,22 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) if (unlikely(vcpu->hw_tsc_khz != tgt_tsc_khz)) { kvm_get_time_scale(NSEC_PER_SEC, tgt_tsc_khz * 1000LL, - &vcpu->hv_clock.tsc_shift, - &vcpu->hv_clock.tsc_to_system_mul); + &vcpu->pvclock_tsc_shift, + &vcpu->pvclock_tsc_mul); vcpu->hw_tsc_khz = tgt_tsc_khz; kvm_xen_update_tsc_info(v); } - vcpu->hv_clock.tsc_timestamp = tsc_timestamp; - vcpu->hv_clock.system_time = kernel_ns + v->kvm->arch.kvmclock_offset; + hv_clock.tsc_shift = vcpu->pvclock_tsc_shift; + hv_clock.tsc_to_system_mul = vcpu->pvclock_tsc_mul; + hv_clock.tsc_timestamp = tsc_timestamp; + hv_clock.system_time = kernel_ns + v->kvm->arch.kvmclock_offset; vcpu->last_guest_tsc = tsc_timestamp; /* If the host uses TSC clocksource, then it is stable */ - vcpu->hv_clock.flags = 0; + hv_clock.flags = 0; if (use_master_clock) - vcpu->hv_clock.flags |= PVCLOCK_TSC_STABLE_BIT; + hv_clock.flags |= PVCLOCK_TSC_STABLE_BIT; if (vcpu->pv_time.active) { /* @@ -3269,24 +3272,24 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) * is active/enabled. */ if (vcpu->pvclock_set_guest_stopped_request) { - vcpu->hv_clock.flags |= PVCLOCK_GUEST_STOPPED; + hv_clock.flags |= PVCLOCK_GUEST_STOPPED; vcpu->pvclock_set_guest_stopped_request = false; } - kvm_setup_guest_pvclock(&vcpu->hv_clock, v, &vcpu->pv_time, 0, false); + kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->pv_time, 0, false); - vcpu->hv_clock.flags &= ~PVCLOCK_GUEST_STOPPED; + hv_clock.flags &= ~PVCLOCK_GUEST_STOPPED; } #ifdef CONFIG_KVM_XEN if (vcpu->xen.vcpu_info_cache.active) - kvm_setup_guest_pvclock(&vcpu->hv_clock, v, &vcpu->xen.vcpu_info_cache, + kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->xen.vcpu_info_cache, offsetof(struct compat_vcpu_info, time), xen_pvclock_tsc_unstable); if (vcpu->xen.vcpu_time_info_cache.active) - kvm_setup_guest_pvclock(&vcpu->hv_clock, v, &vcpu->xen.vcpu_time_info_cache, 0, + kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->xen.vcpu_time_info_cache, 0, xen_pvclock_tsc_unstable); #endif - kvm_hv_setup_tsc_page(v->kvm, &vcpu->hv_clock); + kvm_hv_setup_tsc_page(v->kvm, &hv_clock); return 0; } diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c index b82c28223585..7c6e4172527a 100644 --- a/arch/x86/kvm/xen.c +++ b/arch/x86/kvm/xen.c @@ -177,8 +177,8 @@ static int xen_get_guest_pvclock(struct kvm_vcpu *vcpu, * Sanity check TSC shift+multiplier to verify the guest's view of time * is more or less consistent. */ - if (hv_clock->tsc_shift != vcpu->arch.hv_clock.tsc_shift || - hv_clock->tsc_to_system_mul != vcpu->arch.hv_clock.tsc_to_system_mul) + if (hv_clock->tsc_shift != vcpu->arch.pvclock_tsc_shift || + hv_clock->tsc_to_system_mul != vcpu->arch.pvclock_tsc_mul) return -EINVAL; return 0; } @@ -2309,8 +2309,8 @@ void kvm_xen_update_tsc_info(struct kvm_vcpu *vcpu) entry = kvm_find_cpuid_entry_index(vcpu, function, 1); if (entry) { - entry->ecx = vcpu->arch.hv_clock.tsc_to_system_mul; - entry->edx = vcpu->arch.hv_clock.tsc_shift; + entry->ecx = vcpu->arch.pvclock_tsc_mul; + entry->edx = vcpu->arch.pvclock_tsc_shift; } entry = kvm_find_cpuid_entry_index(vcpu, function, 2); From patchwork Sat Jan 18 00:55:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944080 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5C85618873E for ; Sat, 18 Jan 2025 00:56:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161772; cv=none; b=ogI2mp7zNSZYo9Oa4sKtFppa5I5IaZekfc32Q9a2d/LwRUxiRFH1wYIqpIJNVUb32BsS/iw3erjNA9dVxqU2hZvoLlsnFM9iS+9nmQc08AdBl7c1Hd5/1ca5/tDV+oDUD5jgl+akHqN4a10fYyyXX31YEVVaz+tpQJJ/5+VUGJQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161772; c=relaxed/simple; bh=txU0Sdtz7R3MmtsACbSPDEzo0mLxEJccpBB/mvDYcac=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Xz6IEEfUGuuDX/9uDGMfS1iiXnls8wn7vcijYIZjr0lm9lR7tjiEGdmfotqSMziLJ1cw8tavIlkJYZDp2dhK5v8i4+0Oz71P0D7G3iRAZ4hSNBzrMPLWDw+x5jRBlJNBeh8tNRGF5AUh/ITKIlTs4uzDKQNoDJ27lmReo0fovp0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Qb4vxX3r; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Qb4vxX3r" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ef9e4c5343so7454113a91.0 for ; Fri, 17 Jan 2025 16:56:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161770; x=1737766570; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=BNpJzsrfz02JUJg/g5Nzqh1wopYI8C0whV/EdhFSCqQ=; b=Qb4vxX3rI5wA9tiy4SGJi0Y/S1BkhVKmYzOzS4il9lb+HJpdVlb72pE6Gfi2COMtbu Ka/FgsBhcLE4f15koLzRRX/0jxGII6TFmrybPVLYAK8I+yshG1qBH9HgMM1rrmMbF0zV xjYvJbPA74HU7SIbTEcsuGXy2MirZaDlAZ50zfwKXAbdD5L148QBQE0+9H1KTgFCOHC0 4ummBe3jy/9OUhLz1XaVZMY1YTHZcnOQkw4B5A4gaybg8u7QGiB6gCSA5MOoBXs0Ju4+ dnxnmfVKUqWfHzvG4AI0ywDB+uyrzf7FAOTxcsOJ36tYvCN2BIUK47IyY+8HzyHibTe2 8UKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161771; x=1737766571; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=BNpJzsrfz02JUJg/g5Nzqh1wopYI8C0whV/EdhFSCqQ=; b=bfdjDuXCNUy/UOlXigp0ObpjZVOngGS8BUPqprgDTbmfg1J7Mr0yE+lW4pGdN44bL7 ngagYu3pibzTjeuyv7E4U9rCf3V8iH31380g740RCVQTBrDEAIQUdKICd9X0bDl/dTGa U4wFumcVSwgLrnQq6xr+HXLjLdL3xOnDC3MLsIYkn5yqetEqPfgO/pv5Lst9dosoMTMx v5nQ4nbRxX2wI0NPy+FP1VyLJs7g7Qw7Dxf0Te6+sia3zzYCr2dweKXad9uHSgkHkk/p zsIB6agIumU/auL+EEzXlbOmlAjqAtMcvN9V+/AgC55DWLiWNt5xkaO1G4tZ7QH6t0lh K0gA== X-Gm-Message-State: AOJu0Yydc9xDg9C5RIs/e3AaqoNld0qXlkVseeCYNonQLMvtvMr1zpip NtQwB1yWXmepeNK0F4i+muiUB4Ab9/5ZyfvfCduD2/2s26MZ6fRH9uxagtEAG7Ty54OPT2v6cqI WVA== X-Google-Smtp-Source: AGHT+IHRvX0tflrgzrkpmk1b+MjqWug+G8ZrQ8JrlQY749G6+HLxwwSomleOR6ZkhT0jJLPFBCxCbbf+MWg= X-Received: from pjuj3.prod.google.com ([2002:a17:90a:d003:b0:2f5:63a:4513]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:1f8a:b0:2ee:f687:6acb with SMTP id 98e67ed59e1d1-2f782c94b50mr6683883a91.13.1737161770741; Fri, 17 Jan 2025 16:56:10 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:51 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-10-seanjc@google.com> Subject: [PATCH 09/10] KVM: x86: Setup Hyper-V TSC page before Xen PV clocks (during clock update) From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov When updating paravirtual clocks, setup the Hyper-V TSC page before Xen PV clocks. This will allow dropping xen_pvclock_tsc_unstable in favor of simply clearing PVCLOCK_TSC_STABLE_BIT in the reference flags. Cc: Vitaly Kuznetsov Signed-off-by: Sean Christopherson Reviewed-by: Vitaly Kuznetsov Reviewed-by: Paul Durrant --- arch/x86/kvm/x86.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 9eabd70891dd..c68e7f7ba69d 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3280,6 +3280,8 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) hv_clock.flags &= ~PVCLOCK_GUEST_STOPPED; } + kvm_hv_setup_tsc_page(v->kvm, &hv_clock); + #ifdef CONFIG_KVM_XEN if (vcpu->xen.vcpu_info_cache.active) kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->xen.vcpu_info_cache, @@ -3289,7 +3291,6 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->xen.vcpu_time_info_cache, 0, xen_pvclock_tsc_unstable); #endif - kvm_hv_setup_tsc_page(v->kvm, &hv_clock); return 0; } From patchwork Sat Jan 18 00:55:52 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13944081 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D9EE318A6BA for ; Sat, 18 Jan 2025 00:56:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161774; cv=none; b=Dl3sT1uy/WuNAeji80/d3LCz1O4R8u5UQJeK6LIIRR1barUFGOUrnyFF1KgGO/GezDDiNCsEtpZVhrd3RW3nAcGXdeRNiq+21D8i1IgIn+3i58qUImpAoCMnB+51GALfvMc1id0Pqe4KfQiz4ZHaUY+Fnth0TL0TyVSd0Ta3sPY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737161774; c=relaxed/simple; bh=oF0sBicAPPhUq72I5vlh3+SWBQ+gF99lBN9gOBit1as=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=m3hKUHyL6x0CD3WEltD0nAqipu/0Zk07zN5yewksa6lgLLVwGKR7Wui+KXYQqG8/lOaKMa0HyTqBNCQpKjJ4PWCkGKyg1/6MpeH+72A2pb7C58xqz6UYXOWdEU5Jd6wybgtZSzAKAMb9hMp6ssHIjHi6KKLMuXdQKxN5m991OeY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=XpzwarFr; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="XpzwarFr" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ef79403c5eso7454108a91.0 for ; Fri, 17 Jan 2025 16:56:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737161772; x=1737766572; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=sJCtQ5uAUri7iGFBLSXX36fSE63Q0nPcAnEP4m7LVa8=; b=XpzwarFrh+X2MWjTOkiaudMxp05TEx+sjzew/6Wc5Y89tGkq8Raz0jIExKGMbiN0P1 PngG+XR/w6ynQ9vUwPJdHwM3Y30zyhATRjAbQOgHDfFJHZTzIAjGzZpJ/iPggwG10Qvf Ssik1ENGOtj0ehLJ4gunOVB2EEEGA4+MXcKpV3pl8ZxVodN8ipm5IBXkE9mwQnddOejI l/XIkO+W9kugR/xTO+XVMYUb90T8jkrC4YFo9UHnDY2XcEj93dajF8j2bpcY3sqxI7vw zCAMj3hd5Q55aw7vhwJuPwwZI94i59SpChj268V4C/6/yr7ktwT5AqJGa/vdrIHtiS4/ 9VxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737161772; x=1737766572; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sJCtQ5uAUri7iGFBLSXX36fSE63Q0nPcAnEP4m7LVa8=; b=R1Ug9lIC+DUPasyE1cmhL3LpB2EkGN8CAJ80rEnwPjZ39f9uAIq+1J8w7E5VxFyFil OEl9BSmXXFnWYh6cVU4kHy4jQCkOP541xEScuGFPbWFo5BcVUxPcJgQlFNatd4SIE/TV 7FLm23pHZUF7bot5sIvNNAs9dnTCUeP5I0494JvRo4dFJviSyAUjOTRonx3dpRftd7kz BowoTZejyDnlbeiD9cUHvNMwxYAU/SUl5JhAjPy+63Uu9YDW0Lqa7jmcYiKiuxeQXBzI 8Y4Gth0x97rHWcx9ajo4hAD/t1449hrAjReGLCx7aOzuk0WBt6FhWtCbmaoKD/77XUMQ /v5w== X-Gm-Message-State: AOJu0YxZ3s/unmTD3QgNNnQbnJ3P/LA3s0+QbVXr9R/sXAOEQOdPdV8x EdruFlFHbws944bQcIC4NPTgFiWknftXKFFzBzF+pZTKOjDOKALy05R0mifnfgtBRNii7n0BK91 swg== X-Google-Smtp-Source: AGHT+IEdhNCZ24yUQLqPJww/GZu7srCGFAMCewMWioVRnJRojuDg8lwZ2z7ZAQPhZ3+MlNApu7cBlbpgUxU= X-Received: from pja3.prod.google.com ([2002:a17:90b:5483:b0:2ea:5be5:da6]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90a:da8e:b0:2ee:d024:e4fc with SMTP id 98e67ed59e1d1-2f782d860d5mr7587139a91.33.1737161772463; Fri, 17 Jan 2025 16:56:12 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:55:52 -0800 In-Reply-To: <20250118005552.2626804-1-seanjc@google.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118005552.2626804-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118005552.2626804-11-seanjc@google.com> Subject: [PATCH 10/10] KVM: x86: Override TSC_STABLE flag for Xen PV clocks in kvm_guest_time_update() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , David Woodhouse , Paul Durrant Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, syzbot+352e553a86e0d75f5120@syzkaller.appspotmail.com, Paul Durrant , David Woodhouse , Vitaly Kuznetsov When updating PV clocks, handle the Xen-specific UNSTABLE_TSC override in the main kvm_guest_time_update() by simply clearing PVCLOCK_TSC_STABLE_BIT in the flags of the reference pvclock structure. Expand the comment to (hopefully) make it obvious that Xen clocks need to be processed after all clocks that care about the TSC_STABLE flag. No functional change intended. Cc: Paul Durrant Cc: David Woodhouse Signed-off-by: Sean Christopherson Reviewed-by: Paul Durrant --- arch/x86/kvm/x86.c | 35 +++++++++++++++-------------------- 1 file changed, 15 insertions(+), 20 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index c68e7f7ba69d..065b349a0218 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3119,8 +3119,7 @@ u64 get_kvmclock_ns(struct kvm *kvm) static void kvm_setup_guest_pvclock(struct pvclock_vcpu_time_info *ref_hv_clock, struct kvm_vcpu *vcpu, struct gfn_to_pfn_cache *gpc, - unsigned int offset, - bool force_tsc_unstable) + unsigned int offset) { struct pvclock_vcpu_time_info *guest_hv_clock; struct pvclock_vcpu_time_info hv_clock; @@ -3155,9 +3154,6 @@ static void kvm_setup_guest_pvclock(struct pvclock_vcpu_time_info *ref_hv_clock, memcpy(guest_hv_clock, &hv_clock, sizeof(*guest_hv_clock)); - if (force_tsc_unstable) - guest_hv_clock->flags &= ~PVCLOCK_TSC_STABLE_BIT; - smp_wmb(); guest_hv_clock->version = ++hv_clock.version; @@ -3178,16 +3174,6 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) s64 kernel_ns; u64 tsc_timestamp, host_tsc; bool use_master_clock; -#ifdef CONFIG_KVM_XEN - /* - * For Xen guests we may need to override PVCLOCK_TSC_STABLE_BIT as unless - * explicitly told to use TSC as its clocksource Xen will not set this bit. - * This default behaviour led to bugs in some guest kernels which cause - * problems if they observe PVCLOCK_TSC_STABLE_BIT in the pvclock flags. - */ - bool xen_pvclock_tsc_unstable = - ka->xen_hvm_config.flags & KVM_XEN_HVM_CONFIG_PVCLOCK_TSC_UNSTABLE; -#endif kernel_ns = 0; host_tsc = 0; @@ -3275,7 +3261,7 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) hv_clock.flags |= PVCLOCK_GUEST_STOPPED; vcpu->pvclock_set_guest_stopped_request = false; } - kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->pv_time, 0, false); + kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->pv_time, 0); hv_clock.flags &= ~PVCLOCK_GUEST_STOPPED; } @@ -3283,13 +3269,22 @@ static int kvm_guest_time_update(struct kvm_vcpu *v) kvm_hv_setup_tsc_page(v->kvm, &hv_clock); #ifdef CONFIG_KVM_XEN + /* + * For Xen guests we may need to override PVCLOCK_TSC_STABLE_BIT as unless + * explicitly told to use TSC as its clocksource Xen will not set this bit. + * This default behaviour led to bugs in some guest kernels which cause + * problems if they observe PVCLOCK_TSC_STABLE_BIT in the pvclock flags. + * + * Note! Clear TSC_STABLE only for Xen clocks, i.e. the order matters! + */ + if (ka->xen_hvm_config.flags & KVM_XEN_HVM_CONFIG_PVCLOCK_TSC_UNSTABLE) + hv_clock.flags &= ~PVCLOCK_TSC_STABLE_BIT; + if (vcpu->xen.vcpu_info_cache.active) kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->xen.vcpu_info_cache, - offsetof(struct compat_vcpu_info, time), - xen_pvclock_tsc_unstable); + offsetof(struct compat_vcpu_info, time)); if (vcpu->xen.vcpu_time_info_cache.active) - kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->xen.vcpu_time_info_cache, 0, - xen_pvclock_tsc_unstable); + kvm_setup_guest_pvclock(&hv_clock, v, &vcpu->xen.vcpu_time_info_cache, 0); #endif return 0; }