renegade-project/linux-next
2
0
Fork 0
mirror of https://github.com/edk2-porting/linux-next.git synced 2025-01-08 05:34:29 +08:00
Code
f210f7572b
linux-next/arch/x86/kvm
History
Nadav Amit f210f7572b KVM: x86: Fix lost interrupt on irr_pending race 
apic_find_highest_irr assumes irr_pending is set if any vector in APIC_IRR is
set.  If this assumption is broken and apicv is disabled, the injection of
interrupts may be deferred until another interrupt is delivered to the guest.
Ultimately, if no other interrupt should be injected to that vCPU, the pending
interrupt may be lost.

commit 56cc2406d6 ("KVM: nVMX: fix "acknowledge interrupt on exit" when APICv
is in use") changed the behavior of apic_clear_irr so irr_pending is cleared
after setting APIC_IRR vector. After this commit, if apic_set_irr and
apic_clear_irr run simultaneously, a race may occur, resulting in APIC_IRR
vector set, and irr_pending cleared. In the following example, assume a single
vector is set in IRR prior to calling apic_clear_irr:

apic_set_irr				apic_clear_irr
------------				--------------
apic->irr_pending = true;
					apic_clear_vector(...);
					vec = apic_search_irr(apic);
					// => vec == -1
apic_set_vector(...);
					apic->irr_pending = (vec != -1);
					// => apic->irr_pending == false

Nonetheless, it appears the race might even occur prior to this commit:

apic_set_irr				apic_clear_irr
------------				--------------
apic->irr_pending = true;
					apic->irr_pending = false;
					apic_clear_vector(...);
					if (apic_search_irr(apic) != -1)
						apic->irr_pending = true;
					// => apic->irr_pending == false
apic_set_vector(...);

Fixing this issue by:
1. Restoring the previous behavior of apic_clear_irr: clear irr_pending, call
   apic_clear_vector, and then if APIC_IRR is non-zero, set irr_pending.
2. On apic_set_irr: first call apic_set_vector, then set irr_pending.

Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-11-17 12:16:20 +01:00
..
cpuid.c KVM: x86: Enable Intel AVX-512 for guest 2014-11-03 12:07:30 +01:00
cpuid.h KVM: x86: Warn if guest virtual address space is not 48-bits 2014-09-24 14:07:48 +02:00
emulate.c KVM: x86: MOVNTI emulation min opsize is not respected 2014-11-08 08:20:54 +01:00
i8254.c KVM: x86: Improve thread safety in pit 2014-10-24 13:21:14 +02:00
i8254.h KVM: fold kvm_pit_timer into kvm_kpit_state 2012-08-01 00:21:07 -03:00
i8259.c KVM: inject ExtINT interrupt before APIC interrupts 2012-12-13 23:05:21 -02:00
irq.c KVM: nVMX: fix "acknowledge interrupt on exit" when APICv is in use 2014-08-05 15:00:24 +02:00
irq.h KVM: switch to symbolic name for irq_states size 2012-07-20 16:12:16 -03:00
Kconfig KVM: Give IRQFD its own separate enabling Kconfig option 2014-08-05 14:26:28 +02:00
kvm_cache_regs.h KVM: MMU: Do not unconditionally read PDPTE from guest memory 2011-09-25 19:18:01 +03:00
lapic.c KVM: x86: Fix lost interrupt on irr_pending race 2014-11-17 12:16:20 +01:00
lapic.h KVM: x86: optimize some accesses to LVTT and SPIV 2014-11-03 12:07:32 +01:00
Makefile kvm: Add VFIO device 2013-10-30 19:02:03 +01:00
mmu_audit.c arch/x86: replace strict_strto calls 2014-08-08 15:57:28 -07:00
mmu.c Merge branch 'for-3.18' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu 2014-10-10 07:26:02 -04:00
mmu.h KVM: mmio: cleanup kvm_set_mmio_spte_mask 2014-09-03 10:04:10 +02:00
mmutrace.h x86/kvm: Resolve shadow warnings in macro expansion 2014-07-31 16:33:29 +02:00
paging_tmpl.h KVM: x86: Wrong assertion on paging_tmpl.h 2014-10-24 13:30:37 +02:00
pmu.c KVM: x86: Clarify PMU related features bit manipulation 2014-08-20 13:01:25 +02:00
svm.c kvm: svm: move WARN_ON in svm_adjust_tsc_offset 2014-11-13 11:56:11 +01:00
trace.h kvm: x86: add trace event for pvclock updates 2014-11-08 08:20:55 +01:00
tss.h
vmx.c x86, kvm, vmx: Don't set LOAD_IA32_EFER when host and guest match 2014-11-12 16:27:21 +01:00
x86.c kvm: svm: move WARN_ON in svm_adjust_tsc_offset 2014-11-13 11:56:11 +01:00
x86.h KVM: x86: Enable Intel AVX-512 for guest 2014-11-03 12:07:30 +01:00