tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull kvm fixes from Paolo Bonzini:
"ARM64:

- Fix a regression with pKVM when kmemleak is enabled

- Add Oliver Upton as an official KVM/arm64 reviewer

selftests:

- deal with compiler optimizations around hypervisor exits

x86:

- MAINTAINERS reorganization

- Two SEV fixes"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
KVM: SEV: Init target VMCBs in sev_migrate_from
KVM: x86/svm: add __GFP_ACCOUNT to __sev_dbg_{en,de}crypt_user()
MAINTAINERS: Reorganize KVM/x86 maintainership
selftests: KVM: Handle compiler optimizations in ucall
KVM: arm64: Add Oliver as a reviewer
KVM: arm64: Prevent kmemleak from accessing pKVM memory
tools/kvm_stat: fix display of error when multiple processes are found

Linus Torvalds e9465549 38bc4ac4

+95 -56
+33 -9
MAINTAINERS
··· 10846 10846 R: James Morse <james.morse@arm.com> 10847 10847 R: Alexandru Elisei <alexandru.elisei@arm.com> 10848 10848 R: Suzuki K Poulose <suzuki.poulose@arm.com> 10849 + R: Oliver Upton <oliver.upton@linux.dev> 10849 10850 L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers) 10850 10851 L: kvmarm@lists.cs.columbia.edu (moderated for non-subscribers) 10851 10852 S: Maintained ··· 10913 10912 F: tools/testing/selftests/kvm/s390x/ 10914 10913 10915 10914 KERNEL VIRTUAL MACHINE FOR X86 (KVM/x86) 10915 + M: Sean Christopherson <seanjc@google.com> 10916 10916 M: Paolo Bonzini <pbonzini@redhat.com> 10917 - R: Sean Christopherson <seanjc@google.com> 10918 - R: Vitaly Kuznetsov <vkuznets@redhat.com> 10919 - R: Wanpeng Li <wanpengli@tencent.com> 10920 - R: Jim Mattson <jmattson@google.com> 10921 - R: Joerg Roedel <joro@8bytes.org> 10922 10917 L: kvm@vger.kernel.org 10923 10918 S: Supported 10924 - W: http://www.linux-kvm.org 10925 10919 T: git git://git.kernel.org/pub/scm/virt/kvm/kvm.git 10926 10920 F: arch/x86/include/asm/kvm* 10927 - F: arch/x86/include/asm/pvclock-abi.h 10928 10921 F: arch/x86/include/asm/svm.h 10929 10922 F: arch/x86/include/asm/vmx*.h 10930 10923 F: arch/x86/include/uapi/asm/kvm* 10931 10924 F: arch/x86/include/uapi/asm/svm.h 10932 10925 F: arch/x86/include/uapi/asm/vmx.h 10933 - F: arch/x86/kernel/kvm.c 10934 - F: arch/x86/kernel/kvmclock.c 10935 10926 F: arch/x86/kvm/ 10936 10927 F: arch/x86/kvm/*/ 10928 + 10929 + KVM PARAVIRT (KVM/paravirt) 10930 + M: Paolo Bonzini <pbonzini@redhat.com> 10931 + R: Wanpeng Li <wanpengli@tencent.com> 10932 + R: Vitaly Kuznetsov <vkuznets@redhat.com> 10933 + L: kvm@vger.kernel.org 10934 + S: Supported 10935 + T: git git://git.kernel.org/pub/scm/virt/kvm/kvm.git 10936 + F: arch/x86/kernel/kvm.c 10937 + F: arch/x86/kernel/kvmclock.c 10938 + F: arch/x86/include/asm/pvclock-abi.h 10939 + F: include/linux/kvm_para.h 10940 + F: include/uapi/linux/kvm_para.h 10941 + F: include/uapi/asm-generic/kvm_para.h 10942 + F: include/asm-generic/kvm_para.h 10943 + F: arch/um/include/asm/kvm_para.h 10944 + F: arch/x86/include/asm/kvm_para.h 10945 + F: arch/x86/include/uapi/asm/kvm_para.h 10946 + 10947 + KVM X86 HYPER-V (KVM/hyper-v) 10948 + M: Vitaly Kuznetsov <vkuznets@redhat.com> 10949 + M: Sean Christopherson <seanjc@google.com> 10950 + M: Paolo Bonzini <pbonzini@redhat.com> 10951 + L: kvm@vger.kernel.org 10952 + S: Supported 10953 + T: git git://git.kernel.org/pub/scm/virt/kvm/kvm.git 10954 + F: arch/x86/kvm/hyperv.* 10955 + F: arch/x86/kvm/kvm_onhyperv.* 10956 + F: arch/x86/kvm/svm/hyperv.* 10957 + F: arch/x86/kvm/svm/svm_onhyperv.* 10958 + F: arch/x86/kvm/vmx/evmcs.* 10937 10959 10938 10960 KERNFS 10939 10961 M: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+3 -3
arch/arm64/kvm/arm.c
··· 2112 2112 return 0; 2113 2113 2114 2114 /* 2115 - * Exclude HYP BSS from kmemleak so that it doesn't get peeked 2116 - * at, which would end badly once the section is inaccessible. 2117 - * None of other sections should ever be introspected. 2115 + * Exclude HYP sections from kmemleak so that they don't get peeked 2116 + * at, which would end badly once inaccessible. 2118 2117 */ 2119 2118 kmemleak_free_part(__hyp_bss_start, __hyp_bss_end - __hyp_bss_start); 2119 + kmemleak_free_part(__va(hyp_mem_base), hyp_mem_size); 2120 2120 return pkvm_drop_host_privileges(); 2121 2121 } 2122 2122
+50 -28
arch/x86/kvm/svm/sev.c
··· 844 844 845 845 /* If source buffer is not aligned then use an intermediate buffer */ 846 846 if (!IS_ALIGNED((unsigned long)vaddr, 16)) { 847 - src_tpage = alloc_page(GFP_KERNEL); 847 + src_tpage = alloc_page(GFP_KERNEL_ACCOUNT); 848 848 if (!src_tpage) 849 849 return -ENOMEM; 850 850 ··· 865 865 if (!IS_ALIGNED((unsigned long)dst_vaddr, 16) || !IS_ALIGNED(size, 16)) { 866 866 int dst_offset; 867 867 868 - dst_tpage = alloc_page(GFP_KERNEL); 868 + dst_tpage = alloc_page(GFP_KERNEL_ACCOUNT); 869 869 if (!dst_tpage) { 870 870 ret = -ENOMEM; 871 871 goto e_free; ··· 1665 1665 { 1666 1666 struct kvm_sev_info *dst = &to_kvm_svm(dst_kvm)->sev_info; 1667 1667 struct kvm_sev_info *src = &to_kvm_svm(src_kvm)->sev_info; 1668 + struct kvm_vcpu *dst_vcpu, *src_vcpu; 1669 + struct vcpu_svm *dst_svm, *src_svm; 1668 1670 struct kvm_sev_info *mirror; 1671 + unsigned long i; 1669 1672 1670 1673 dst->active = true; 1671 1674 dst->asid = src->asid; 1672 1675 dst->handle = src->handle; 1673 1676 dst->pages_locked = src->pages_locked; 1674 1677 dst->enc_context_owner = src->enc_context_owner; 1678 + dst->es_active = src->es_active; 1675 1679 1676 1680 src->asid = 0; 1677 1681 src->active = false; 1678 1682 src->handle = 0; 1679 1683 src->pages_locked = 0; 1680 1684 src->enc_context_owner = NULL; 1685 + src->es_active = false; 1681 1686 1682 1687 list_cut_before(&dst->regions_list, &src->regions_list, &src->regions_list); 1683 1688 ··· 1709 1704 list_del(&src->mirror_entry); 1710 1705 list_add_tail(&dst->mirror_entry, &owner_sev_info->mirror_vms); 1711 1706 } 1712 - } 1713 1707 1714 - static int sev_es_migrate_from(struct kvm *dst, struct kvm *src) 1715 - { 1716 - unsigned long i; 1717 - struct kvm_vcpu *dst_vcpu, *src_vcpu; 1718 - struct vcpu_svm *dst_svm, *src_svm; 1719 - 1720 - if (atomic_read(&src->online_vcpus) != atomic_read(&dst->online_vcpus)) 1721 - return -EINVAL; 1722 - 1723 - kvm_for_each_vcpu(i, src_vcpu, src) { 1724 - if (!src_vcpu->arch.guest_state_protected) 1725 - return -EINVAL; 1726 - } 1727 - 1728 - kvm_for_each_vcpu(i, src_vcpu, src) { 1729 - src_svm = to_svm(src_vcpu); 1730 - dst_vcpu = kvm_get_vcpu(dst, i); 1708 + kvm_for_each_vcpu(i, dst_vcpu, dst_kvm) { 1731 1709 dst_svm = to_svm(dst_vcpu); 1710 + 1711 + sev_init_vmcb(dst_svm); 1712 + 1713 + if (!dst->es_active) 1714 + continue; 1715 + 1716 + /* 1717 + * Note, the source is not required to have the same number of 1718 + * vCPUs as the destination when migrating a vanilla SEV VM. 1719 + */ 1720 + src_vcpu = kvm_get_vcpu(dst_kvm, i); 1721 + src_svm = to_svm(src_vcpu); 1732 1722 1733 1723 /* 1734 1724 * Transfer VMSA and GHCB state to the destination. Nullify and ··· 1740 1740 src_svm->vmcb->control.vmsa_pa = INVALID_PAGE; 1741 1741 src_vcpu->arch.guest_state_protected = false; 1742 1742 } 1743 - to_kvm_svm(src)->sev_info.es_active = false; 1744 - to_kvm_svm(dst)->sev_info.es_active = true; 1743 + } 1744 + 1745 + static int sev_check_source_vcpus(struct kvm *dst, struct kvm *src) 1746 + { 1747 + struct kvm_vcpu *src_vcpu; 1748 + unsigned long i; 1749 + 1750 + if (!sev_es_guest(src)) 1751 + return 0; 1752 + 1753 + if (atomic_read(&src->online_vcpus) != atomic_read(&dst->online_vcpus)) 1754 + return -EINVAL; 1755 + 1756 + kvm_for_each_vcpu(i, src_vcpu, src) { 1757 + if (!src_vcpu->arch.guest_state_protected) 1758 + return -EINVAL; 1759 + } 1745 1760 1746 1761 return 0; 1747 1762 } ··· 1804 1789 if (ret) 1805 1790 goto out_dst_vcpu; 1806 1791 1807 - if (sev_es_guest(source_kvm)) { 1808 - ret = sev_es_migrate_from(kvm, source_kvm); 1809 - if (ret) 1810 - goto out_source_vcpu; 1811 - } 1792 + ret = sev_check_source_vcpus(kvm, source_kvm); 1793 + if (ret) 1794 + goto out_source_vcpu; 1812 1795 1813 1796 sev_migrate_from(kvm, source_kvm); 1814 1797 kvm_vm_dead(source_kvm); ··· 2927 2914 count, in); 2928 2915 } 2929 2916 2930 - void sev_es_init_vmcb(struct vcpu_svm *svm) 2917 + static void sev_es_init_vmcb(struct vcpu_svm *svm) 2931 2918 { 2932 2919 struct kvm_vcpu *vcpu = &svm->vcpu; 2933 2920 ··· 2978 2965 if (guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDTSCP)) 2979 2966 svm_clr_intercept(svm, INTERCEPT_RDTSCP); 2980 2967 } 2968 + } 2969 + 2970 + void sev_init_vmcb(struct vcpu_svm *svm) 2971 + { 2972 + svm->vmcb->control.nested_ctl |= SVM_NESTED_CTL_SEV_ENABLE; 2973 + clr_exception_intercept(svm, UD_VECTOR); 2974 + 2975 + if (sev_es_guest(svm->vcpu.kvm)) 2976 + sev_es_init_vmcb(svm); 2981 2977 } 2982 2978 2983 2979 void sev_es_vcpu_reset(struct vcpu_svm *svm)
+2 -9
arch/x86/kvm/svm/svm.c
··· 1212 1212 svm->vmcb->control.int_ctl |= V_GIF_ENABLE_MASK; 1213 1213 } 1214 1214 1215 - if (sev_guest(vcpu->kvm)) { 1216 - svm->vmcb->control.nested_ctl |= SVM_NESTED_CTL_SEV_ENABLE; 1217 - clr_exception_intercept(svm, UD_VECTOR); 1218 - 1219 - if (sev_es_guest(vcpu->kvm)) { 1220 - /* Perform SEV-ES specific VMCB updates */ 1221 - sev_es_init_vmcb(svm); 1222 - } 1223 - } 1215 + if (sev_guest(vcpu->kvm)) 1216 + sev_init_vmcb(svm); 1224 1217 1225 1218 svm_hv_init_vmcb(vmcb); 1226 1219 init_vmcb_after_set_cpuid(vcpu);
+1 -1
arch/x86/kvm/svm/svm.h
··· 649 649 void __init sev_hardware_setup(void); 650 650 void sev_hardware_unsetup(void); 651 651 int sev_cpu_init(struct svm_cpu_data *sd); 652 + void sev_init_vmcb(struct vcpu_svm *svm); 652 653 void sev_free_vcpu(struct kvm_vcpu *vcpu); 653 654 int sev_handle_vmgexit(struct kvm_vcpu *vcpu); 654 655 int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in); 655 - void sev_es_init_vmcb(struct vcpu_svm *svm); 656 656 void sev_es_vcpu_reset(struct vcpu_svm *svm); 657 657 void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector); 658 658 void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa);
+2 -1
tools/kvm/kvm_stat/kvm_stat
··· 1646 1646 .format(values)) 1647 1647 if len(pids) > 1: 1648 1648 sys.exit('Error: Multiple processes found (pids: {}). Use "-p"' 1649 - ' to specify the desired pid'.format(" ".join(pids))) 1649 + ' to specify the desired pid' 1650 + .format(" ".join(map(str, pids)))) 1650 1651 namespace.pid = pids[0] 1651 1652 1652 1653 argparser = argparse.ArgumentParser(description=description_text,
+4 -5
tools/testing/selftests/kvm/lib/aarch64/ucall.c
··· 73 73 74 74 void ucall(uint64_t cmd, int nargs, ...) 75 75 { 76 - struct ucall uc = { 77 - .cmd = cmd, 78 - }; 76 + struct ucall uc = {}; 79 77 va_list va; 80 78 int i; 81 79 80 + WRITE_ONCE(uc.cmd, cmd); 82 81 nargs = nargs <= UCALL_MAX_ARGS ? nargs : UCALL_MAX_ARGS; 83 82 84 83 va_start(va, nargs); 85 84 for (i = 0; i < nargs; ++i) 86 - uc.args[i] = va_arg(va, uint64_t); 85 + WRITE_ONCE(uc.args[i], va_arg(va, uint64_t)); 87 86 va_end(va); 88 87 89 - *ucall_exit_mmio_addr = (vm_vaddr_t)&uc; 88 + WRITE_ONCE(*ucall_exit_mmio_addr, (vm_vaddr_t)&uc); 90 89 } 91 90 92 91 uint64_t get_ucall(struct kvm_vm *vm, uint32_t vcpu_id, struct ucall *uc)