linux/include
Marc Zyngier 5eeaf10eec KVM: arm/arm64: Sync ICH_VMCR_EL2 back when about to block
Since commit commit 328e566479 ("KVM: arm/arm64: vgic: Defer
touching GICH_VMCR to vcpu_load/put"), we leave ICH_VMCR_EL2 (or
its GICv2 equivalent) loaded as long as we can, only syncing it
back when we're scheduled out.

There is a small snag with that though: kvm_vgic_vcpu_pending_irq(),
which is indirectly called from kvm_vcpu_check_block(), needs to
evaluate the guest's view of ICC_PMR_EL1. At the point were we
call kvm_vcpu_check_block(), the vcpu is still loaded, and whatever
changes to PMR is not visible in memory until we do a vcpu_put().

Things go really south if the guest does the following:

	mov x0, #0	// or any small value masking interrupts
	msr ICC_PMR_EL1, x0

	[vcpu preempted, then rescheduled, VMCR sampled]

	mov x0, #ff	// allow all interrupts
	msr ICC_PMR_EL1, x0
	wfi		// traps to EL2, so samping of VMCR

	[interrupt arrives just after WFI]

Here, the hypervisor's view of PMR is zero, while the guest has enabled
its interrupts. kvm_vgic_vcpu_pending_irq() will then say that no
interrupts are pending (despite an interrupt being received) and we'll
block for no reason. If the guest doesn't have a periodic interrupt
firing once it has blocked, it will stay there forever.

To avoid this unfortuante situation, let's resync VMCR from
kvm_arch_vcpu_blocking(), ensuring that a following kvm_vcpu_check_block()
will observe the latest value of PMR.

This has been found by booting an arm64 Linux guest with the pseudo NMI
feature, and thus using interrupt priorities to mask interrupts instead
of the usual PSTATE masking.

Cc: stable@vger.kernel.org # 4.12
Fixes: 328e566479 ("KVM: arm/arm64: vgic: Defer touching GICH_VMCR to vcpu_load/put")
Signed-off-by: Marc Zyngier <maz@kernel.org>
2019-08-05 15:36:46 +01:00
..
acpi It's been a relatively busy cycle for docs: 2019-07-09 12:34:26 -07:00
asm-generic Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2019-07-17 13:13:41 -07:00
clocksource clocksource/drivers: Continue making Hyper-V clocksource ISA agnostic 2019-07-03 11:00:59 +02:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2019-07-08 20:57:08 -07:00
drm drm fixes for -rc1: 2019-07-19 12:29:43 -07:00
dt-bindings ARM: Device-tree updates 2019-07-19 17:19:24 -07:00
keys request_key improvements 2019-07-08 19:19:37 -07:00
kvm KVM: arm/arm64: Sync ICH_VMCR_EL2 back when about to block 2019-08-05 15:36:46 +01:00
linux New feature to add support for NTB virtual MSI interrupts, the ability 2019-07-21 09:46:59 -07:00
math-emu
media media updates for v5.3-rc1 2019-07-09 09:47:22 -07:00
misc powerpc updates for 5.3 2019-07-13 16:08:36 -07:00
net tcp: fix tcp_set_congestion_control() use from bpf hook 2019-07-18 20:33:48 -07:00
pcmcia It's been a relatively busy cycle for docs: 2019-07-09 12:34:26 -07:00
ras
rdma RDMA/core: Make rdma_counter.h compile stand alone 2019-07-09 09:44:47 -03:00
scsi SCSI fixes on 20190720 2019-07-20 10:04:58 -07:00
soc ARM: SoC-related driver updates 2019-07-19 17:13:56 -07:00
sound ALSA: hda - Don't resume forcibly i915 HDMI/DP codec 2019-07-16 22:46:13 +02:00
target
trace NFS client updates for Linux 5.3 2019-07-18 14:32:33 -07:00
uapi drm fixes for -rc1: 2019-07-19 12:29:43 -07:00
vdso
video drm main pull request for v5.3-rc1 (sans mm changes) 2019-07-15 19:04:27 -07:00
xen xen: remove tmem driver 2019-07-17 08:09:58 +02:00
Kbuild kbuild: update compile-test header list for v5.3-rc1 2019-07-20 11:19:29 +09:00