Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c465fc11 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm 

Pull KVM fixes from Radim Krčmář:
 "ARM:
   - A number of issues in the vgic discovered using SMATCH
   - A bit one-off calculation in out stage base address mask (32-bit
     and 64-bit)
   - Fixes to single-step debugging instructions that trap for other
     reasons such as MMMIO aborts
   - Printing unavailable hyp mode as error
   - Potential spinlock deadlock in the vgic
   - Avoid calling vgic vcpu free more than once
   - Broken bit calculation for big endian systems

 s390:
   - SPDX tags
   - Fence storage key accesses from problem state
   - Make sure that irq_state.flags is not used in the future

  x86:
   - Intercept port 0x80 accesses to prevent host instability (CVE)
   - Use userspace FPU context for guest FPU (mainly an optimization
     that fixes a double use of kernel FPU)
   - Do not leak one page per module load
   - Flush APIC page address cache from MMU invalidation notifiers"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (28 commits)
  KVM: x86: fix APIC page invalidation
  KVM: s390: Fix skey emulation permission check
  KVM: s390: mark irq_state.flags as non-usable
  KVM: s390: Remove redundant license text
  KVM: s390: add SPDX identifiers to the remaining files
  KVM: VMX: fix page leak in hardware_setup()
  KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
  x86,kvm: remove KVM emulator get_fpu / put_fpu
  x86,kvm: move qemu/guest FPU switching out to vcpu_run
  KVM: arm/arm64: Fix broken GICH_ELRSR big endian conversion
  KVM: arm/arm64: kvm_arch_destroy_vm cleanups
  KVM: arm/arm64: Fix spinlock acquisition in vgic_set_owner
  kvm: arm: don't treat unavailable HYP mode as an error
  KVM: arm/arm64: Avoid attempting to load timer vgic state without a vgic
  kvm: arm64: handle single-step of hyp emulated mmio instructions
  kvm: arm64: handle single-step during SError exceptions
  kvm: arm64: handle single-step of userspace mmio instructions
  kvm: arm64: handle single-stepping trapped instructions
  KVM: arm/arm64: debug: Introduce helper for single-step
  arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one
  ...
parents 4ded3bec b1394e74

Documentation/virtual/kvm/api.txt

+12 −3
Original line number Diff line number Diff line
@@ -2901,14 +2901,19 @@ userspace buffer and its length: 


struct kvm_s390_irq_state {

	__u64 buf;

	__u32 flags;

	__u32 flags;        /* will stay unused for compatibility reasons */

	__u32 len;

	__u32 reserved[4];

	__u32 reserved[4];  /* will stay unused for compatibility reasons */

};



Userspace passes in the above struct and for each pending interrupt a

struct kvm_s390_irq is copied to the provided buffer.



The structure contains a flags and a reserved field for future extensions. As

the kernel never checked for flags == 0 and QEMU never pre-zeroed flags and

reserved, these fields can not be used in the future without breaking

compatibility.



If -ENOBUFS is returned the buffer provided was too small and userspace

may retry with a bigger buffer.
@@ -2932,10 +2937,14 @@ containing a struct kvm_s390_irq_state: 


struct kvm_s390_irq_state {

	__u64 buf;

	__u32 flags;        /* will stay unused for compatibility reasons */

	__u32 len;

	__u32 pad;

	__u32 reserved[4];  /* will stay unused for compatibility reasons */

};



The restrictions for flags and reserved apply as well.

(see KVM_S390_GET_IRQ_STATE)



The userspace memory referenced by buf contains a struct kvm_s390_irq

for each interrupt to be injected into the guest.

If one of the interrupts could not be injected for some reason the

arch/arm/include/asm/kvm_arm.h

+1 −2
Original line number Diff line number Diff line
@@ -161,8 +161,7 @@ 
#else

#define VTTBR_X		(5 - KVM_T0SZ)

#endif

#define VTTBR_BADDR_SHIFT (VTTBR_X - 1)

#define VTTBR_BADDR_MASK  (((_AC(1, ULL) << (40 - VTTBR_X)) - 1) << VTTBR_BADDR_SHIFT)

#define VTTBR_BADDR_MASK  (((_AC(1, ULL) << (40 - VTTBR_X)) - 1) << VTTBR_X)

#define VTTBR_VMID_SHIFT  _AC(48, ULL)

#define VTTBR_VMID_MASK(size)	(_AT(u64, (1 << size) - 1) << VTTBR_VMID_SHIFT)

arch/arm/include/asm/kvm_host.h

+5 −0
Original line number Diff line number Diff line
@@ -285,6 +285,11 @@ static inline void kvm_arm_init_debug(void) {} 
static inline void kvm_arm_setup_debug(struct kvm_vcpu *vcpu) {}

static inline void kvm_arm_clear_debug(struct kvm_vcpu *vcpu) {}

static inline void kvm_arm_reset_debug_ptr(struct kvm_vcpu *vcpu) {}

static inline bool kvm_arm_handle_step_debug(struct kvm_vcpu *vcpu,

					     struct kvm_run *run)

{

	return false;

}



int kvm_arm_vcpu_arch_set_attr(struct kvm_vcpu *vcpu,

			       struct kvm_device_attr *attr);

arch/arm64/include/asm/kvm_arm.h

+1 −2
Original line number Diff line number Diff line
@@ -170,8 +170,7 @@ 
#define VTCR_EL2_FLAGS			(VTCR_EL2_COMMON_BITS | VTCR_EL2_TGRAN_FLAGS)

#define VTTBR_X				(VTTBR_X_TGRAN_MAGIC - VTCR_EL2_T0SZ_IPA)



#define VTTBR_BADDR_SHIFT (VTTBR_X - 1)

#define VTTBR_BADDR_MASK  (((UL(1) << (PHYS_MASK_SHIFT - VTTBR_X)) - 1) << VTTBR_BADDR_SHIFT)

#define VTTBR_BADDR_MASK  (((UL(1) << (PHYS_MASK_SHIFT - VTTBR_X)) - 1) << VTTBR_X)

#define VTTBR_VMID_SHIFT  (UL(48))

#define VTTBR_VMID_MASK(size) (_AT(u64, (1 << size) - 1) << VTTBR_VMID_SHIFT)

arch/arm64/include/asm/kvm_host.h

+1 −0
Original line number Diff line number Diff line
@@ -370,6 +370,7 @@ void kvm_arm_init_debug(void); 
void kvm_arm_setup_debug(struct kvm_vcpu *vcpu);

void kvm_arm_clear_debug(struct kvm_vcpu *vcpu);

void kvm_arm_reset_debug_ptr(struct kvm_vcpu *vcpu);

bool kvm_arm_handle_step_debug(struct kvm_vcpu *vcpu, struct kvm_run *run);

int kvm_arm_vcpu_arch_set_attr(struct kvm_vcpu *vcpu,

			       struct kvm_device_attr *attr);

int kvm_arm_vcpu_arch_get_attr(struct kvm_vcpu *vcpu,