All of lore.kernel.org
 help / color / mirror / Atom feed
From: Nikita Leshenko <nikita.leshchenko@oracle.com>
To: kvm@vger.kernel.org, pbonzini@redhat.com, rkrcmar@redhat.com
Cc: idan.brown@oracle.com,
	Nikita Leshenko <nikita.leshchenko@oracle.com>,
	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Subject: [PATCH 1/5] KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race
Date: Sun,  5 Nov 2017 15:52:29 +0200	[thread overview]
Message-ID: <20171105135233.34572-2-nikita.leshchenko@oracle.com> (raw)
In-Reply-To: <20171105135233.34572-1-nikita.leshchenko@oracle.com>

KVM uses ioapic_handled_vectors to track vectors that need to notify the
IOAPIC on EOI. The problem is that IOAPIC can be reconfigured while an
interrupt with old configuration is pending or running and
ioapic_handled_vectors only remembers the newest configuration;
thus EOI from the old interrupt is not delievered to the IOAPIC.

A previous commit db2bdcbbbd32
("KVM: x86: fix edge EOI and IOAPIC reconfig race")
addressed this issue by adding pending edge-triggered interrupts to
ioapic_handled_vectors, fixing this race for edge-triggered interrupts.
The commit explicitly ignored level-triggered interrupts,
but this race applies to them as well:

1) IOAPIC sends a level triggered interrupt vector to VCPU0
2) VCPU0's handler deasserts the irq line and reconfigures the IOAPIC
   to route the vector to VCPU1. The reconfiguration rewrites only the
   upper 32 bits of the IOREDTBLn register. (Causes KVM to update
   ioapic_handled_vectors for VCPU0 and it no longer includes the vector.)
3) VCPU0 sends EOI for the vector, but it's not delievered to the
   IOAPIC because the ioapic_handled_vectors doesn't include the vector.
4) New interrupts are not delievered to VCPU1 because remote_irr bit
   is set forever.

Therefore, the correct behavior is to add all pending and running
interrupts to ioapic_handled_vectors.

This commit introduces a slight performance hit similar to
commit db2bdcbbbd32 ("KVM: x86: fix edge EOI and IOAPIC reconfig race")
for the rare case that the vector is reused by a non-IOAPIC source on
VCPU0. We prefer to keep solution simple and not handle this case just
as the original commit does.

Fixes: db2bdcbbbd32 ("KVM: x86: fix edge EOI and IOAPIC reconfig race")

Signed-off-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Reviewed-by: Liran Alon <liran.alon@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
 arch/x86/kvm/ioapic.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/arch/x86/kvm/ioapic.c b/arch/x86/kvm/ioapic.c
index bdff437acbcb..ae0a7dc318b2 100644
--- a/arch/x86/kvm/ioapic.c
+++ b/arch/x86/kvm/ioapic.c
@@ -257,8 +257,7 @@ void kvm_ioapic_scan_entry(struct kvm_vcpu *vcpu, ulong *ioapic_handled_vectors)
 		    index == RTC_GSI) {
 			if (kvm_apic_match_dest(vcpu, NULL, 0,
 			             e->fields.dest_id, e->fields.dest_mode) ||
-			    (e->fields.trig_mode == IOAPIC_EDGE_TRIG &&
-			     kvm_apic_pending_eoi(vcpu, e->fields.vector)))
+			    kvm_apic_pending_eoi(vcpu, e->fields.vector))
 				__set_bit(e->fields.vector,
 					  ioapic_handled_vectors);
 		}
-- 
2.13.3

  reply	other threads:[~2017-11-05 13:53 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-11-05 13:52 [PATCH 0/5] KVM: x86: Various IOAPIC improvements Nikita Leshenko
2017-11-05 13:52 ` Nikita Leshenko [this message]
2017-11-06  2:00   ` [PATCH 1/5] KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race Wanpeng Li
2017-11-06 13:53     ` Nikita Leshchenko
2017-11-06 14:05       ` Paolo Bonzini
2017-11-07  8:13         ` Nikita Leshchenko
2017-11-07 10:18           ` Paolo Bonzini
2017-11-07 23:09             ` Steve Rutherford
2017-11-05 13:52 ` [PATCH 2/5] KVM: x86: ioapic: Don't fire level irq when Remote IRR set Nikita Leshenko
2017-11-06  2:50   ` Wanpeng Li
2017-11-05 13:52 ` [PATCH 3/5] KVM: x86: ioapic: Remove redundant check for Remote IRR in ioapic_set_irq Nikita Leshenko
2017-11-06  3:16   ` Wanpeng Li
2017-11-05 13:52 ` [PATCH 4/5] KVM: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered Nikita Leshenko
2017-11-06  3:30   ` Wanpeng Li
2017-11-08  0:16     ` Steve Rutherford
2017-11-08  9:52       ` Nikita Leshchenko
2017-11-08 21:24         ` Steve Rutherford
2017-11-08 21:25           ` Steve Rutherford
2017-11-05 13:52 ` [PATCH 5/5] KVM: x86: ioapic: Preserve read-only values in the redirection table Nikita Leshenko
2017-11-06  3:20   ` Wanpeng Li
2017-11-08  0:18     ` Steve Rutherford
2017-11-10 21:42 ` [PATCH 0/5] KVM: x86: Various IOAPIC improvements Radim Krčmář

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171105135233.34572-2-nikita.leshchenko@oracle.com \
    --to=nikita.leshchenko@oracle.com \
    --cc=idan.brown@oracle.com \
    --cc=konrad.wilk@oracle.com \
    --cc=kvm@vger.kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=rkrcmar@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.