[GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Paul Mackerras]

Hi Paolo,

Please do a pull from my paulus/powerpc tree to get a fix for a bug
that can cause the host to crash when a guest resizes its hashed page
table.  I would like this to go into 4.14 if that is still possible.

I have done a signed tag this time.  It is signed with a new signing
sub-key (2C63719F) that I made today, so you will need to fetch it if
you want to check the signature.  It is a sub-key on my key EC9DBB8C
which had expired, but I have set the expiry to "never" now, so you
will need to re-fetch that one too.

I am going to do an equivalent fix on my kvm-ppc-next branch also, but
it will look different because the fix touches the same code that my
recent HPT-on-radix patch series touches.

Thanks,
Paul.

The following changes since commit ad98dd1a75ac6a8b68cd2f7bf4676b65734f2a43:

  KVM: PPC: Book3S HV: Add more barriers in XIVE load/unload code (2017-10-16 08:46:46 +1100)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.14-2

for you to fetch changes up to 38c53af853069adf87181684370d7b8866d6387b:

  KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates (2017-11-08 15:14:02 +1100)

----------------------------------------------------------------
PPC KVM fixes for 4.14

Just one fix here for a host crash that can occur with HV KVM
as a result of resizing the guest hashed page table (HPT).

----------------------------------------------------------------
Paul Mackerras (1):
      KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates

 arch/powerpc/kvm/book3s_64_mmu_hv.c | 10 ++++++++++
 arch/powerpc/kvm/book3s_hv.c        | 29 +++++++++++++++++++----------
 2 files changed, 29 insertions(+), 10 deletions(-)

[GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Paul Mackerras]

Hi Paolo,

Please do a pull from my paulus/powerpc tree to get a fix for a bug
that can cause the host to crash when a guest resizes its hashed page
table.  I would like this to go into 4.14 if that is still possible.

I have done a signed tag this time.  It is signed with a new signing
sub-key (2C63719F) that I made today, so you will need to fetch it if
you want to check the signature.  It is a sub-key on my key EC9DBB8C
which had expired, but I have set the expiry to "never" now, so you
will need to re-fetch that one too.

I am going to do an equivalent fix on my kvm-ppc-next branch also, but
it will look different because the fix touches the same code that my
recent HPT-on-radix patch series touches.

Thanks,
Paul.

The following changes since commit ad98dd1a75ac6a8b68cd2f7bf4676b65734f2a43:

  KVM: PPC: Book3S HV: Add more barriers in XIVE load/unload code (2017-10-16 08:46:46 +1100)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.14-2

for you to fetch changes up to 38c53af853069adf87181684370d7b8866d6387b:

  KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates (2017-11-08 15:14:02 +1100)

----------------------------------------------------------------
PPC KVM fixes for 4.14

Just one fix here for a host crash that can occur with HV KVM
as a result of resizing the guest hashed page table (HPT).

----------------------------------------------------------------
Paul Mackerras (1):
      KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates

 arch/powerpc/kvm/book3s_64_mmu_hv.c | 10 ++++++++++
 arch/powerpc/kvm/book3s_hv.c        | 29 +++++++++++++++++++----------
 2 files changed, 29 insertions(+), 10 deletions(-)

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Paolo Bonzini]

On 08/11/2017 12:03, Paul Mackerras wrote:
> Hi Paolo,
> 
> Please do a pull from my paulus/powerpc tree to get a fix for a bug
> that can cause the host to crash when a guest resizes its hashed page
> table.  I would like this to go into 4.14 if that is still possible.
> 
> I have done a signed tag this time.  It is signed with a new signing
> sub-key (2C63719F) that I made today, so you will need to fetch it if
> you want to check the signature.  It is a sub-key on my key EC9DBB8C
> which had expired, but I have set the expiry to "never" now, so you
> will need to re-fetch that one too.
> 
> I am going to do an equivalent fix on my kvm-ppc-next branch also, but
> it will look different because the fix touches the same code that my
> recent HPT-on-radix patch series touches.

This would introduce conflicts that are a bit unnecessary.  Could you
redo the fix on top of an older tag (e.g. on top of 4.14-rc3), and then:

- I pull the fix from you for 4.14

- you pull the fix yourself into kvm-ppc-next, and fix the conflicts?

Thanks,

Paolo

> 
> Thanks,
> Paul.
> 
> The following changes since commit ad98dd1a75ac6a8b68cd2f7bf4676b65734f2a43:
> 
>   KVM: PPC: Book3S HV: Add more barriers in XIVE load/unload code (2017-10-16 08:46:46 +1100)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.14-2
> 
> for you to fetch changes up to 38c53af853069adf87181684370d7b8866d6387b:
> 
>   KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates (2017-11-08 15:14:02 +1100)
> 
> ----------------------------------------------------------------
> PPC KVM fixes for 4.14
> 
> Just one fix here for a host crash that can occur with HV KVM
> as a result of resizing the guest hashed page table (HPT).
> 
> ----------------------------------------------------------------
> Paul Mackerras (1):
>       KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates
> 
>  arch/powerpc/kvm/book3s_64_mmu_hv.c | 10 ++++++++++
>  arch/powerpc/kvm/book3s_hv.c        | 29 +++++++++++++++++++----------
>  2 files changed, 29 insertions(+), 10 deletions(-)
> 

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Paolo Bonzini]

On 08/11/2017 12:03, Paul Mackerras wrote:
> Hi Paolo,
> 
> Please do a pull from my paulus/powerpc tree to get a fix for a bug
> that can cause the host to crash when a guest resizes its hashed page
> table.  I would like this to go into 4.14 if that is still possible.
> 
> I have done a signed tag this time.  It is signed with a new signing
> sub-key (2C63719F) that I made today, so you will need to fetch it if
> you want to check the signature.  It is a sub-key on my key EC9DBB8C
> which had expired, but I have set the expiry to "never" now, so you
> will need to re-fetch that one too.
> 
> I am going to do an equivalent fix on my kvm-ppc-next branch also, but
> it will look different because the fix touches the same code that my
> recent HPT-on-radix patch series touches.

This would introduce conflicts that are a bit unnecessary.  Could you
redo the fix on top of an older tag (e.g. on top of 4.14-rc3), and then:

- I pull the fix from you for 4.14

- you pull the fix yourself into kvm-ppc-next, and fix the conflicts?

Thanks,

Paolo

> 
> Thanks,
> Paul.
> 
> The following changes since commit ad98dd1a75ac6a8b68cd2f7bf4676b65734f2a43:
> 
>   KVM: PPC: Book3S HV: Add more barriers in XIVE load/unload code (2017-10-16 08:46:46 +1100)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.14-2
> 
> for you to fetch changes up to 38c53af853069adf87181684370d7b8866d6387b:
> 
>   KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates (2017-11-08 15:14:02 +1100)
> 
> ----------------------------------------------------------------
> PPC KVM fixes for 4.14
> 
> Just one fix here for a host crash that can occur with HV KVM
> as a result of resizing the guest hashed page table (HPT).
> 
> ----------------------------------------------------------------
> Paul Mackerras (1):
>       KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates
> 
>  arch/powerpc/kvm/book3s_64_mmu_hv.c | 10 ++++++++++
>  arch/powerpc/kvm/book3s_hv.c        | 29 +++++++++++++++++++----------
>  2 files changed, 29 insertions(+), 10 deletions(-)
> 

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Paul Mackerras]

On Wed, Nov 08, 2017 at 02:17:34PM +0100, Paolo Bonzini wrote:
> On 08/11/2017 12:03, Paul Mackerras wrote:
> > Hi Paolo,
> > 
> > Please do a pull from my paulus/powerpc tree to get a fix for a bug
> > that can cause the host to crash when a guest resizes its hashed page
> > table.  I would like this to go into 4.14 if that is still possible.
> > 
> > I have done a signed tag this time.  It is signed with a new signing
> > sub-key (2C63719F) that I made today, so you will need to fetch it if
> > you want to check the signature.  It is a sub-key on my key EC9DBB8C
> > which had expired, but I have set the expiry to "never" now, so you
> > will need to re-fetch that one too.
> > 
> > I am going to do an equivalent fix on my kvm-ppc-next branch also, but
> > it will look different because the fix touches the same code that my
> > recent HPT-on-radix patch series touches.
> 
> This would introduce conflicts that are a bit unnecessary.  Could you
> redo the fix on top of an older tag (e.g. on top of 4.14-rc3), and then:
> 
> - I pull the fix from you for 4.14
> 
> - you pull the fix yourself into kvm-ppc-next, and fix the conflicts?

My kvm-ppc-fixes branch is based directly on 4.14-rc4, which is prior
to the changes in the kvm next branch and my kvm-ppc-next branch, so I
don't see that I need to redo the fix.

I have merged kvm-ppc-fixes into kvm-ppc-next, resolved the conflicts,
and then applied another cosmetic patch on top to make the result look
nicer (with no functional change in that patch).  Doing that merge
also resolved another conflict (in arch/powerpc/kvm/powerpc.c).

So please do the pull from the existing kvm-ppc-fixes-4.14-2 tag for
4.14, and I'll send you a pull request for kvm-ppc-next.

Thanks,
Paul.

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Paul Mackerras]

On Wed, Nov 08, 2017 at 02:17:34PM +0100, Paolo Bonzini wrote:
> On 08/11/2017 12:03, Paul Mackerras wrote:
> > Hi Paolo,
> > 
> > Please do a pull from my paulus/powerpc tree to get a fix for a bug
> > that can cause the host to crash when a guest resizes its hashed page
> > table.  I would like this to go into 4.14 if that is still possible.
> > 
> > I have done a signed tag this time.  It is signed with a new signing
> > sub-key (2C63719F) that I made today, so you will need to fetch it if
> > you want to check the signature.  It is a sub-key on my key EC9DBB8C
> > which had expired, but I have set the expiry to "never" now, so you
> > will need to re-fetch that one too.
> > 
> > I am going to do an equivalent fix on my kvm-ppc-next branch also, but
> > it will look different because the fix touches the same code that my
> > recent HPT-on-radix patch series touches.
> 
> This would introduce conflicts that are a bit unnecessary.  Could you
> redo the fix on top of an older tag (e.g. on top of 4.14-rc3), and then:
> 
> - I pull the fix from you for 4.14
> 
> - you pull the fix yourself into kvm-ppc-next, and fix the conflicts?

My kvm-ppc-fixes branch is based directly on 4.14-rc4, which is prior
to the changes in the kvm next branch and my kvm-ppc-next branch, so I
don't see that I need to redo the fix.

I have merged kvm-ppc-fixes into kvm-ppc-next, resolved the conflicts,
and then applied another cosmetic patch on top to make the result look
nicer (with no functional change in that patch).  Doing that merge
also resolved another conflict (in arch/powerpc/kvm/powerpc.c).

So please do the pull from the existing kvm-ppc-fixes-4.14-2 tag for
4.14, and I'll send you a pull request for kvm-ppc-next.

Thanks,
Paul.

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Paolo Bonzini]

On 09/11/2017 06:25, Paul Mackerras wrote:
>> Could you
>> redo the fix on top of an older tag (e.g. on top of 4.14-rc3), and then:
>>
>> - I pull the fix from you for 4.14
>>
>> - you pull the fix yourself into kvm-ppc-next, and fix the conflicts?
> My kvm-ppc-fixes branch is based directly on 4.14-rc4, which is prior
> to the changes in the kvm next branch and my kvm-ppc-next branch, so I
> don't see that I need to redo the fix.
> 
> I have merged kvm-ppc-fixes into kvm-ppc-next, resolved the conflicts,
> and then applied another cosmetic patch on top to make the result look
> nicer (with no functional change in that patch).  Doing that merge
> also resolved another conflict (in arch/powerpc/kvm/powerpc.c).
> 
> So please do the pull from the existing kvm-ppc-fixes-4.14-2 tag for
> 4.14, and I'll send you a pull request for kvm-ppc-next.

Sounds good.  Radim is probably going to do the pull.

Paolo

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Paolo Bonzini]

On 09/11/2017 06:25, Paul Mackerras wrote:
>> Could you
>> redo the fix on top of an older tag (e.g. on top of 4.14-rc3), and then:
>>
>> - I pull the fix from you for 4.14
>>
>> - you pull the fix yourself into kvm-ppc-next, and fix the conflicts?
> My kvm-ppc-fixes branch is based directly on 4.14-rc4, which is prior
> to the changes in the kvm next branch and my kvm-ppc-next branch, so I
> don't see that I need to redo the fix.
> 
> I have merged kvm-ppc-fixes into kvm-ppc-next, resolved the conflicts,
> and then applied another cosmetic patch on top to make the result look
> nicer (with no functional change in that patch).  Doing that merge
> also resolved another conflict (in arch/powerpc/kvm/powerpc.c).
> 
> So please do the pull from the existing kvm-ppc-fixes-4.14-2 tag for
> 4.14, and I'll send you a pull request for kvm-ppc-next.

Sounds good.  Radim is probably going to do the pull.

Paolo

[GIT PULL] Please pull paulus/powerpc kvm-ppc-next-4.15-2 tag

[Paul Mackerras]

Paolo or Radim,

Please do a pull from the kvm-ppc-next-4.15-2 tag in my tree, because
I have merged in my kvm-ppc-fixes branch and then done a little
tidying up after that.  The recent patch "KVM: PPC: Book3S HV: Fix
exclusion between HPT resizing and other HPT updates" on my
kvm-ppc-fixes branch modified code that was very substantially
rearranged in my patch series to implement HPT guests on radix hosts
on POWER9, so the conflict was non-trivial to resolve.  There was also
a conflict between two changes to the code for the KVM_CAP_PPC_HTM
capability that I resolved.

Thanks,
Paul.

The following changes since commit c01015091a77035de1939ef106bfbcaf9a21395f:

  KVM: PPC: Book3S HV: Run HPT guests on POWER9 radix hosts (2017-11-01 15:36:41 +1100)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-next-4.15-2

for you to fetch changes up to 432953b4455d8a48af0500a77826c71871671161:

  KVM: PPC: Book3S HV: Cosmetic post-merge cleanups (2017-11-09 15:37:10 +1100)

----------------------------------------------------------------
Second PPC KVM update for 4.15

This merges in my kvm-ppc-fixes branch to resolve the conflicts
between the fixes that have been applied there and the changes
made in my patch series to allow HPT guests to run on a radix
host on POWER9.  It also resolves another conflict in the code
for the KVM_CAP_PPC_HTM capability.

----------------------------------------------------------------
Alexey Kardashevskiy (1):
      KVM: PPC: Book3S: Protect kvmppc_gpa_to_ua() with SRCU

Benjamin Herrenschmidt (1):
      KVM: PPC: Book3S HV: Add more barriers in XIVE load/unload code

Greg Kurz (1):
      KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM

Nicholas Piggin (1):
      KVM: PPC: Book3S HV: POWER9 more doorbell fixes

Paul Mackerras (3):
      KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates
      Merge branch 'kvm-ppc-fixes' into kvm-ppc-next
      KVM: PPC: Book3S HV: Cosmetic post-merge cleanups

 arch/powerpc/kvm/book3s_64_mmu_hv.c     | 10 ++++++
 arch/powerpc/kvm/book3s_64_vio.c        | 23 +++++++-----
 arch/powerpc/kvm/book3s_hv.c            | 64 ++++++++++++++++++++-------------
 arch/powerpc/kvm/book3s_hv_rmhandlers.S | 13 +++++--
 arch/powerpc/kvm/powerpc.c              |  2 +-
 5 files changed, 75 insertions(+), 37 deletions(-)

[GIT PULL] Please pull paulus/powerpc kvm-ppc-next-4.15-2 tag

[Paul Mackerras]

Paolo or Radim,

Please do a pull from the kvm-ppc-next-4.15-2 tag in my tree, because
I have merged in my kvm-ppc-fixes branch and then done a little
tidying up after that.  The recent patch "KVM: PPC: Book3S HV: Fix
exclusion between HPT resizing and other HPT updates" on my
kvm-ppc-fixes branch modified code that was very substantially
rearranged in my patch series to implement HPT guests on radix hosts
on POWER9, so the conflict was non-trivial to resolve.  There was also
a conflict between two changes to the code for the KVM_CAP_PPC_HTM
capability that I resolved.

Thanks,
Paul.

The following changes since commit c01015091a77035de1939ef106bfbcaf9a21395f:

  KVM: PPC: Book3S HV: Run HPT guests on POWER9 radix hosts (2017-11-01 15:36:41 +1100)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-next-4.15-2

for you to fetch changes up to 432953b4455d8a48af0500a77826c71871671161:

  KVM: PPC: Book3S HV: Cosmetic post-merge cleanups (2017-11-09 15:37:10 +1100)

----------------------------------------------------------------
Second PPC KVM update for 4.15

This merges in my kvm-ppc-fixes branch to resolve the conflicts
between the fixes that have been applied there and the changes
made in my patch series to allow HPT guests to run on a radix
host on POWER9.  It also resolves another conflict in the code
for the KVM_CAP_PPC_HTM capability.

----------------------------------------------------------------
Alexey Kardashevskiy (1):
      KVM: PPC: Book3S: Protect kvmppc_gpa_to_ua() with SRCU

Benjamin Herrenschmidt (1):
      KVM: PPC: Book3S HV: Add more barriers in XIVE load/unload code

Greg Kurz (1):
      KVM: PPC: Fix oops when checking KVM_CAP_PPC_HTM

Nicholas Piggin (1):
      KVM: PPC: Book3S HV: POWER9 more doorbell fixes

Paul Mackerras (3):
      KVM: PPC: Book3S HV: Fix exclusion between HPT resizing and other HPT updates
      Merge branch 'kvm-ppc-fixes' into kvm-ppc-next
      KVM: PPC: Book3S HV: Cosmetic post-merge cleanups

 arch/powerpc/kvm/book3s_64_mmu_hv.c     | 10 ++++++
 arch/powerpc/kvm/book3s_64_vio.c        | 23 +++++++-----
 arch/powerpc/kvm/book3s_hv.c            | 64 ++++++++++++++++++++-------------
 arch/powerpc/kvm/book3s_hv_rmhandlers.S | 13 +++++--
 arch/powerpc/kvm/powerpc.c              |  2 +-
 5 files changed, 75 insertions(+), 37 deletions(-)

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-next-4.15-2 tag

[Radim Krčmář]

2017-11-09 21:50+1100, Paul Mackerras:
> Paolo or Radim,
> 
> Please do a pull from the kvm-ppc-next-4.15-2 tag in my tree, because
> I have merged in my kvm-ppc-fixes branch and then done a little
> tidying up after that.  The recent patch "KVM: PPC: Book3S HV: Fix
> exclusion between HPT resizing and other HPT updates" on my
> kvm-ppc-fixes branch modified code that was very substantially
> rearranged in my patch series to implement HPT guests on radix hosts
> on POWER9, so the conflict was non-trivial to resolve.  There was also
> a conflict between two changes to the code for the KVM_CAP_PPC_HTM
> capability that I resolved.

Pulled, thanks.

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-next-4.15-2 tag

[Radim Krčmář]

2017-11-09 21:50+1100, Paul Mackerras:
> Paolo or Radim,
> 
> Please do a pull from the kvm-ppc-next-4.15-2 tag in my tree, because
> I have merged in my kvm-ppc-fixes branch and then done a little
> tidying up after that.  The recent patch "KVM: PPC: Book3S HV: Fix
> exclusion between HPT resizing and other HPT updates" on my
> kvm-ppc-fixes branch modified code that was very substantially
> rearranged in my patch series to implement HPT guests on radix hosts
> on POWER9, so the conflict was non-trivial to resolve.  There was also
> a conflict between two changes to the code for the KVM_CAP_PPC_HTM
> capability that I resolved.

Pulled, thanks.

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Radim Krčmář]

2017-11-09 10:46+0100, Paolo Bonzini:
> On 09/11/2017 06:25, Paul Mackerras wrote:
> >> Could you
> >> redo the fix on top of an older tag (e.g. on top of 4.14-rc3), and then:
> >>
> >> - I pull the fix from you for 4.14
> >>
> >> - you pull the fix yourself into kvm-ppc-next, and fix the conflicts?
> > My kvm-ppc-fixes branch is based directly on 4.14-rc4, which is prior
> > to the changes in the kvm next branch and my kvm-ppc-next branch, so I
> > don't see that I need to redo the fix.
> > 
> > I have merged kvm-ppc-fixes into kvm-ppc-next, resolved the conflicts,
> > and then applied another cosmetic patch on top to make the result look
> > nicer (with no functional change in that patch).  Doing that merge
> > also resolved another conflict (in arch/powerpc/kvm/powerpc.c).
> > 
> > So please do the pull from the existing kvm-ppc-fixes-4.14-2 tag for
> > 4.14, and I'll send you a pull request for kvm-ppc-next.
> 
> Sounds good.  Radim is probably going to do the pull.

Pulled both and sending this one to Linus tomorrow, thanks.

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.14-2 tag

[Radim Krčmář]

2017-11-09 10:46+0100, Paolo Bonzini:
> On 09/11/2017 06:25, Paul Mackerras wrote:
> >> Could you
> >> redo the fix on top of an older tag (e.g. on top of 4.14-rc3), and then:
> >>
> >> - I pull the fix from you for 4.14
> >>
> >> - you pull the fix yourself into kvm-ppc-next, and fix the conflicts?
> > My kvm-ppc-fixes branch is based directly on 4.14-rc4, which is prior
> > to the changes in the kvm next branch and my kvm-ppc-next branch, so I
> > don't see that I need to redo the fix.
> > 
> > I have merged kvm-ppc-fixes into kvm-ppc-next, resolved the conflicts,
> > and then applied another cosmetic patch on top to make the result look
> > nicer (with no functional change in that patch).  Doing that merge
> > also resolved another conflict (in arch/powerpc/kvm/powerpc.c).
> > 
> > So please do the pull from the existing kvm-ppc-fixes-4.14-2 tag for
> > 4.14, and I'll send you a pull request for kvm-ppc-next.
> 
> Sounds good.  Radim is probably going to do the pull.

Pulled both and sending this one to Linus tomorrow, thanks.

[GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.15-1 tag

[Paul Mackerras]

Hi Paolo,

Please do a pull from my kvm-ppc-fixes-4.15-1 tag to get one commit
which I would like to have merged upstream for 4.15.  It fixes a
couple of bugs relating to the patch series that was merged for 4.15
to enable HPT guests to run on radix hosts on POWER9.

Thanks,
Paul.

The following changes since commit cf9b0772f2e410645fece13b749bd56505b998b8:

  Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc (2017-11-16 16:05:01 -0800)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.15-1

for you to fetch changes up to ded13fc11b71fd1351e57c68a130d89a0285f1b6:

  KVM: PPC: Book3S HV: Fix migration and HPT resizing of HPT guests on radix hosts (2017-11-23 14:17:54 +1100)

----------------------------------------------------------------
PPC KVM fixes for 4.15

One commit here, that fixes a couple of bugs relating to the patch
series that enables HPT guests to run on a radix host on POWER9
systems.  This patch series went upstream in the 4.15 merge window,
so no stable backport is required.

----------------------------------------------------------------
Paul Mackerras (1):
      KVM: PPC: Book3S HV: Fix migration and HPT resizing of HPT guests on radix hosts

 arch/powerpc/include/asm/kvm_ppc.h  |  1 +
 arch/powerpc/kvm/book3s_64_mmu_hv.c | 37 +++++++++++++++++++++++--------------
 arch/powerpc/kvm/book3s_hv.c        |  3 +--
 3 files changed, 25 insertions(+), 16 deletions(-)

[GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.15-1 tag

[Paul Mackerras]

Hi Paolo,

Please do a pull from my kvm-ppc-fixes-4.15-1 tag to get one commit
which I would like to have merged upstream for 4.15.  It fixes a
couple of bugs relating to the patch series that was merged for 4.15
to enable HPT guests to run on radix hosts on POWER9.

Thanks,
Paul.

The following changes since commit cf9b0772f2e410645fece13b749bd56505b998b8:

  Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc (2017-11-16 16:05:01 -0800)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.15-1

for you to fetch changes up to ded13fc11b71fd1351e57c68a130d89a0285f1b6:

  KVM: PPC: Book3S HV: Fix migration and HPT resizing of HPT guests on radix hosts (2017-11-23 14:17:54 +1100)

----------------------------------------------------------------
PPC KVM fixes for 4.15

One commit here, that fixes a couple of bugs relating to the patch
series that enables HPT guests to run on a radix host on POWER9
systems.  This patch series went upstream in the 4.15 merge window,
so no stable backport is required.

----------------------------------------------------------------
Paul Mackerras (1):
      KVM: PPC: Book3S HV: Fix migration and HPT resizing of HPT guests on radix hosts

 arch/powerpc/include/asm/kvm_ppc.h  |  1 +
 arch/powerpc/kvm/book3s_64_mmu_hv.c | 37 +++++++++++++++++++++++--------------
 arch/powerpc/kvm/book3s_hv.c        |  3 +--
 3 files changed, 25 insertions(+), 16 deletions(-)

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.15-1 tag

[Paolo Bonzini]

On 25/11/2017 00:21, Paul Mackerras wrote:
> Hi Paolo,
> 
> Please do a pull from my kvm-ppc-fixes-4.15-1 tag to get one commit
> which I would like to have merged upstream for 4.15.  It fixes a
> couple of bugs relating to the patch series that was merged for 4.15
> to enable HPT guests to run on radix hosts on POWER9.
> 
> Thanks,
> Paul.
> 
> The following changes since commit cf9b0772f2e410645fece13b749bd56505b998b8:
> 
>   Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc (2017-11-16 16:05:01 -0800)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.15-1
> 
> for you to fetch changes up to ded13fc11b71fd1351e57c68a130d89a0285f1b6:
> 
>   KVM: PPC: Book3S HV: Fix migration and HPT resizing of HPT guests on radix hosts (2017-11-23 14:17:54 +1100)
> 
> ----------------------------------------------------------------
> PPC KVM fixes for 4.15
> 
> One commit here, that fixes a couple of bugs relating to the patch
> series that enables HPT guests to run on a radix host on POWER9
> systems.  This patch series went upstream in the 4.15 merge window,
> so no stable backport is required.
> 
> ----------------------------------------------------------------
> Paul Mackerras (1):
>       KVM: PPC: Book3S HV: Fix migration and HPT resizing of HPT guests on radix hosts
> 
>  arch/powerpc/include/asm/kvm_ppc.h  |  1 +
>  arch/powerpc/kvm/book3s_64_mmu_hv.c | 37 +++++++++++++++++++++++--------------
>  arch/powerpc/kvm/book3s_hv.c        |  3 +--
>  3 files changed, 25 insertions(+), 16 deletions(-)
> 

Pulled, though only locally for now.  Thanks for switching to signed
tags!  That will save me a minute when pulling for you, and hopefully it
will save you a little time when sending pull requests as well.

Thanks,

Paolo

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.15-1 tag

[Paolo Bonzini]

On 25/11/2017 00:21, Paul Mackerras wrote:
> Hi Paolo,
> 
> Please do a pull from my kvm-ppc-fixes-4.15-1 tag to get one commit
> which I would like to have merged upstream for 4.15.  It fixes a
> couple of bugs relating to the patch series that was merged for 4.15
> to enable HPT guests to run on radix hosts on POWER9.
> 
> Thanks,
> Paul.
> 
> The following changes since commit cf9b0772f2e410645fece13b749bd56505b998b8:
> 
>   Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc (2017-11-16 16:05:01 -0800)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.15-1
> 
> for you to fetch changes up to ded13fc11b71fd1351e57c68a130d89a0285f1b6:
> 
>   KVM: PPC: Book3S HV: Fix migration and HPT resizing of HPT guests on radix hosts (2017-11-23 14:17:54 +1100)
> 
> ----------------------------------------------------------------
> PPC KVM fixes for 4.15
> 
> One commit here, that fixes a couple of bugs relating to the patch
> series that enables HPT guests to run on a radix host on POWER9
> systems.  This patch series went upstream in the 4.15 merge window,
> so no stable backport is required.
> 
> ----------------------------------------------------------------
> Paul Mackerras (1):
>       KVM: PPC: Book3S HV: Fix migration and HPT resizing of HPT guests on radix hosts
> 
>  arch/powerpc/include/asm/kvm_ppc.h  |  1 +
>  arch/powerpc/kvm/book3s_64_mmu_hv.c | 37 +++++++++++++++++++++++--------------
>  arch/powerpc/kvm/book3s_hv.c        |  3 +--
>  3 files changed, 25 insertions(+), 16 deletions(-)
> 

Pulled, though only locally for now.  Thanks for switching to signed
tags!  That will save me a minute when pulling for you, and hopefully it
will save you a little time when sending pull requests as well.

Thanks,

Paolo

[GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.15-3 tag

[Paul Mackerras]

Paolo,

Please do a pull from my kvm-ppc-fixes-4.15-3 tag to get four commits
which I would like to have merged upstream for 4.15 if possible.
Three of them fix bugs in the hashed page table resizing code,
including a user-triggerable use-after-free bug.  The other one fixes
a bug that prevents PR KVM guests from running at all when PR KVM is
used to provide nested virtualization under PowerVM.

There is a kvm-ppc-fixes-4.15-2 tag in there that I did a month ago,
but I never got around to sending you a pull request before I went on
vacation.  This pull request includes those commits.

Thanks,
Paul.

The following changes since commit a63dd7480d8f3c2b52e1e2bcab83e3e64c7c61a1:

  Merge tag 'kvm-ppc-fixes-4.15-1' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc into kvm-master (2017-11-27 17:54:13 +0100)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.15-3

for you to fetch changes up to ecba8297aafd50db6ae867e90844eead1611ef1c:

  KVM: PPC: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt() (2018-01-10 20:45:41 +1100)

----------------------------------------------------------------
PPC KVM fixes for 4.15

Four commits here, including two that were tagged but never merged.
Three of them are for the HPT resizing code; two of those fix a
user-triggerable use-after-free in the host, and one that fixes
stale TLB entries in the guest.  The remaining commit fixes a bug
causing PR KVM guests under PowerVM to fail to start.

----------------------------------------------------------------
Alexey Kardashevskiy (1):
      KVM: PPC: Book3S PR: Fix WIMG handling under pHyp

David Gibson (1):
      KVM: PPC: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt()

Serhii Popovych (2):
      KVM: PPC: Book3S HV: Drop prepare_done from struct kvm_resize_hpt
      KVM: PPC: Book3S HV: Fix use after free in case of multiple resize requests

 arch/powerpc/kvm/book3s_64_mmu.c    |  1 +
 arch/powerpc/kvm/book3s_64_mmu_hv.c | 90 +++++++++++++++++++++++++------------
 arch/powerpc/kvm/book3s_pr.c        |  2 +
 3 files changed, 64 insertions(+), 29 deletions(-)

[GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.15-3 tag

[Paul Mackerras]

Paolo,

Please do a pull from my kvm-ppc-fixes-4.15-3 tag to get four commits
which I would like to have merged upstream for 4.15 if possible.
Three of them fix bugs in the hashed page table resizing code,
including a user-triggerable use-after-free bug.  The other one fixes
a bug that prevents PR KVM guests from running at all when PR KVM is
used to provide nested virtualization under PowerVM.

There is a kvm-ppc-fixes-4.15-2 tag in there that I did a month ago,
but I never got around to sending you a pull request before I went on
vacation.  This pull request includes those commits.

Thanks,
Paul.

The following changes since commit a63dd7480d8f3c2b52e1e2bcab83e3e64c7c61a1:

  Merge tag 'kvm-ppc-fixes-4.15-1' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc into kvm-master (2017-11-27 17:54:13 +0100)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.15-3

for you to fetch changes up to ecba8297aafd50db6ae867e90844eead1611ef1c:

  KVM: PPC: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt() (2018-01-10 20:45:41 +1100)

----------------------------------------------------------------
PPC KVM fixes for 4.15

Four commits here, including two that were tagged but never merged.
Three of them are for the HPT resizing code; two of those fix a
user-triggerable use-after-free in the host, and one that fixes
stale TLB entries in the guest.  The remaining commit fixes a bug
causing PR KVM guests under PowerVM to fail to start.

----------------------------------------------------------------
Alexey Kardashevskiy (1):
      KVM: PPC: Book3S PR: Fix WIMG handling under pHyp

David Gibson (1):
      KVM: PPC: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt()

Serhii Popovych (2):
      KVM: PPC: Book3S HV: Drop prepare_done from struct kvm_resize_hpt
      KVM: PPC: Book3S HV: Fix use after free in case of multiple resize requests

 arch/powerpc/kvm/book3s_64_mmu.c    |  1 +
 arch/powerpc/kvm/book3s_64_mmu_hv.c | 90 +++++++++++++++++++++++++------------
 arch/powerpc/kvm/book3s_pr.c        |  2 +
 3 files changed, 64 insertions(+), 29 deletions(-)

[GIT PULL] Please pull paulus/powerpc kvm-ppc-cve-4.15 tag

[Paul Mackerras]

Hi Paolo,

This is a pull request for a commit that adds three new KVM
capabilities as part of the mitigation for the recently announced
exploits CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (also known as
meltdown and spectre).  These capabilities tell userspace about
whether the host machine has the vulnerabilities, and if so, whether
it has updated firmware that enables the machine to provide
instructions to help work around the vulnerabilities.

Michael Ellerman has put the changes needed for kernels to use the
workaround instructions to work around CVE-2017-5754 (meltdown) into
his fixes branch and intends to ask Linus to pull them for 4.15.  In a
guest kernel, the workarounds depend on getting information from the
platform from a new H_GET_CPU_CHARACTERISTICS hypercall.  These
capabilities provide the information that userspace (e.g. QEMU) needs
in order to implement that hypercall.  In the absence of the
hypercall, patched guest kernels will assume the machine is vulnerable
and will use a (slow) displacement flush loop to flush the L1 cache
each time the kernel exits to userspace.

I leave it to your discretion as to whether to push it to Linus to go
in 4.15, or merge it in the 4.16 merge window.  If it was up to me, I
would go for 4.15.  In either case, please merge it to the kvm tree so
that the capability numbers get stabilized and the corresponding QEMU
patches can get merged.

The pull request includes one commit from Michael Ellerman's tree via
his topic/ppc-kvm branch, because that commit adds definitions that
are used in implementing the capability tests.

Thanks,
Paul.

The following changes since commit ae64f9bd1d3621b5e60d7363bc20afb46aede215:

  Linux 4.15-rc2 (2017-12-03 11:01:47 -0500)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-cve-4.15

for you to fetch changes up to f6021f88d8ffefae616c33f70063e435209dad92:

  KVM: PPC: Book3S: Add capabilities for hardware/firmware CVE workarounds (2018-01-11 20:04:57 +1100)

----------------------------------------------------------------
One commit, that adds three new KVM capabilities, which inform
userspace about the machine's vulnerability to recently-announced
vulnerabilities CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754.
This gives userspace information needed to implement the new
H_GET_CPU_CHARACTERISTICS hypercall for pseries VMs.

----------------------------------------------------------------
Michael Neuling (1):
      powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper

Paul Mackerras (1):
      KVM: PPC: Book3S: Add capabilities for hardware/firmware CVE workarounds

 Documentation/virtual/kvm/api.txt         |  36 ++++++
 arch/powerpc/include/asm/hvcall.h         |  17 +++
 arch/powerpc/include/asm/plpar_wrappers.h |  14 +++
 arch/powerpc/kvm/powerpc.c                | 200 ++++++++++++++++++++++++++++++
 include/uapi/linux/kvm.h                  |   3 +
 5 files changed, 270 insertions(+)

[GIT PULL] Please pull paulus/powerpc kvm-ppc-cve-4.15 tag

[Paul Mackerras]

Hi Paolo,

This is a pull request for a commit that adds three new KVM
capabilities as part of the mitigation for the recently announced
exploits CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (also known as
meltdown and spectre).  These capabilities tell userspace about
whether the host machine has the vulnerabilities, and if so, whether
it has updated firmware that enables the machine to provide
instructions to help work around the vulnerabilities.

Michael Ellerman has put the changes needed for kernels to use the
workaround instructions to work around CVE-2017-5754 (meltdown) into
his fixes branch and intends to ask Linus to pull them for 4.15.  In a
guest kernel, the workarounds depend on getting information from the
platform from a new H_GET_CPU_CHARACTERISTICS hypercall.  These
capabilities provide the information that userspace (e.g. QEMU) needs
in order to implement that hypercall.  In the absence of the
hypercall, patched guest kernels will assume the machine is vulnerable
and will use a (slow) displacement flush loop to flush the L1 cache
each time the kernel exits to userspace.

I leave it to your discretion as to whether to push it to Linus to go
in 4.15, or merge it in the 4.16 merge window.  If it was up to me, I
would go for 4.15.  In either case, please merge it to the kvm tree so
that the capability numbers get stabilized and the corresponding QEMU
patches can get merged.

The pull request includes one commit from Michael Ellerman's tree via
his topic/ppc-kvm branch, because that commit adds definitions that
are used in implementing the capability tests.

Thanks,
Paul.

The following changes since commit ae64f9bd1d3621b5e60d7363bc20afb46aede215:

  Linux 4.15-rc2 (2017-12-03 11:01:47 -0500)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-cve-4.15

for you to fetch changes up to f6021f88d8ffefae616c33f70063e435209dad92:

  KVM: PPC: Book3S: Add capabilities for hardware/firmware CVE workarounds (2018-01-11 20:04:57 +1100)

----------------------------------------------------------------
One commit, that adds three new KVM capabilities, which inform
userspace about the machine's vulnerability to recently-announced
vulnerabilities CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754.
This gives userspace information needed to implement the new
H_GET_CPU_CHARACTERISTICS hypercall for pseries VMs.

----------------------------------------------------------------
Michael Neuling (1):
      powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper

Paul Mackerras (1):
      KVM: PPC: Book3S: Add capabilities for hardware/firmware CVE workarounds

 Documentation/virtual/kvm/api.txt         |  36 ++++++
 arch/powerpc/include/asm/hvcall.h         |  17 +++
 arch/powerpc/include/asm/plpar_wrappers.h |  14 +++
 arch/powerpc/kvm/powerpc.c                | 200 ++++++++++++++++++++++++++++++
 include/uapi/linux/kvm.h                  |   3 +
 5 files changed, 270 insertions(+)

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-cve-4.15 tag

[Paolo Bonzini]

On 11/01/2018 10:31, Paul Mackerras wrote:
> Hi Paolo,
> 
> This is a pull request for a commit that adds three new KVM
> capabilities as part of the mitigation for the recently announced
> exploits CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (also known as
> meltdown and spectre).  These capabilities tell userspace about
> whether the host machine has the vulnerabilities, and if so, whether
> it has updated firmware that enables the machine to provide
> instructions to help work around the vulnerabilities.
> 
> Michael Ellerman has put the changes needed for kernels to use the
> workaround instructions to work around CVE-2017-5754 (meltdown) into
> his fixes branch and intends to ask Linus to pull them for 4.15.  In a
> guest kernel, the workarounds depend on getting information from the
> platform from a new H_GET_CPU_CHARACTERISTICS hypercall.  These
> capabilities provide the information that userspace (e.g. QEMU) needs
> in order to implement that hypercall.  In the absence of the
> hypercall, patched guest kernels will assume the machine is vulnerable
> and will use a (slow) displacement flush loop to flush the L1 cache
> each time the kernel exits to userspace.

Why three capabilities?  Could KVM just return
KVM_PPC_GET_HOST_CPU_CHARACTERISTICS (perhaps only the characteristics
word and not the behavior ones)?

I agree this can go in for 4.15 though.

Thanks,

Paolo

> 
> I leave it to your discretion as to whether to push it to Linus to go
> in 4.15, or merge it in the 4.16 merge window.  If it was up to me, I
> would go for 4.15.  In either case, please merge it to the kvm tree so
> that the capability numbers get stabilized and the corresponding QEMU
> patches can get merged.
> 
> The pull request includes one commit from Michael Ellerman's tree via
> his topic/ppc-kvm branch, because that commit adds definitions that
> are used in implementing the capability tests.
> 
> Thanks,
> Paul.
> 
> The following changes since commit ae64f9bd1d3621b5e60d7363bc20afb46aede215:
> 
>   Linux 4.15-rc2 (2017-12-03 11:01:47 -0500)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-cve-4.15
> 
> for you to fetch changes up to f6021f88d8ffefae616c33f70063e435209dad92:
> 
>   KVM: PPC: Book3S: Add capabilities for hardware/firmware CVE workarounds (2018-01-11 20:04:57 +1100)
> 
> ----------------------------------------------------------------
> One commit, that adds three new KVM capabilities, which inform
> userspace about the machine's vulnerability to recently-announced
> vulnerabilities CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754.
> This gives userspace information needed to implement the new
> H_GET_CPU_CHARACTERISTICS hypercall for pseries VMs.
> 
> ----------------------------------------------------------------
> Michael Neuling (1):
>       powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper
> 
> Paul Mackerras (1):
>       KVM: PPC: Book3S: Add capabilities for hardware/firmware CVE workarounds
> 
>  Documentation/virtual/kvm/api.txt         |  36 ++++++
>  arch/powerpc/include/asm/hvcall.h         |  17 +++
>  arch/powerpc/include/asm/plpar_wrappers.h |  14 +++
>  arch/powerpc/kvm/powerpc.c                | 200 ++++++++++++++++++++++++++++++
>  include/uapi/linux/kvm.h                  |   3 +
>  5 files changed, 270 insertions(+)
> 
> 
-

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-cve-4.15 tag

[Paolo Bonzini]

On 11/01/2018 10:31, Paul Mackerras wrote:
> Hi Paolo,
> 
> This is a pull request for a commit that adds three new KVM
> capabilities as part of the mitigation for the recently announced
> exploits CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (also known as
> meltdown and spectre).  These capabilities tell userspace about
> whether the host machine has the vulnerabilities, and if so, whether
> it has updated firmware that enables the machine to provide
> instructions to help work around the vulnerabilities.
> 
> Michael Ellerman has put the changes needed for kernels to use the
> workaround instructions to work around CVE-2017-5754 (meltdown) into
> his fixes branch and intends to ask Linus to pull them for 4.15.  In a
> guest kernel, the workarounds depend on getting information from the
> platform from a new H_GET_CPU_CHARACTERISTICS hypercall.  These
> capabilities provide the information that userspace (e.g. QEMU) needs
> in order to implement that hypercall.  In the absence of the
> hypercall, patched guest kernels will assume the machine is vulnerable
> and will use a (slow) displacement flush loop to flush the L1 cache
> each time the kernel exits to userspace.

Why three capabilities?  Could KVM just return
KVM_PPC_GET_HOST_CPU_CHARACTERISTICS (perhaps only the characteristics
word and not the behavior ones)?

I agree this can go in for 4.15 though.

Thanks,

Paolo

> 
> I leave it to your discretion as to whether to push it to Linus to go
> in 4.15, or merge it in the 4.16 merge window.  If it was up to me, I
> would go for 4.15.  In either case, please merge it to the kvm tree so
> that the capability numbers get stabilized and the corresponding QEMU
> patches can get merged.
> 
> The pull request includes one commit from Michael Ellerman's tree via
> his topic/ppc-kvm branch, because that commit adds definitions that
> are used in implementing the capability tests.
> 
> Thanks,
> Paul.
> 
> The following changes since commit ae64f9bd1d3621b5e60d7363bc20afb46aede215:
> 
>   Linux 4.15-rc2 (2017-12-03 11:01:47 -0500)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-cve-4.15
> 
> for you to fetch changes up to f6021f88d8ffefae616c33f70063e435209dad92:
> 
>   KVM: PPC: Book3S: Add capabilities for hardware/firmware CVE workarounds (2018-01-11 20:04:57 +1100)
> 
> ----------------------------------------------------------------
> One commit, that adds three new KVM capabilities, which inform
> userspace about the machine's vulnerability to recently-announced
> vulnerabilities CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754.
> This gives userspace information needed to implement the new
> H_GET_CPU_CHARACTERISTICS hypercall for pseries VMs.
> 
> ----------------------------------------------------------------
> Michael Neuling (1):
>       powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper
> 
> Paul Mackerras (1):
>       KVM: PPC: Book3S: Add capabilities for hardware/firmware CVE workarounds
> 
>  Documentation/virtual/kvm/api.txt         |  36 ++++++
>  arch/powerpc/include/asm/hvcall.h         |  17 +++
>  arch/powerpc/include/asm/plpar_wrappers.h |  14 +++
>  arch/powerpc/kvm/powerpc.c                | 200 ++++++++++++++++++++++++++++++
>  include/uapi/linux/kvm.h                  |   3 +
>  5 files changed, 270 insertions(+)
> 
> 
-

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.15-3 tag

[Paolo Bonzini]

On 11/01/2018 03:42, Paul Mackerras wrote:
>   git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.15-3

Pulled, thanks.

Paolo

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-fixes-4.15-3 tag

[Paolo Bonzini]

On 11/01/2018 03:42, Paul Mackerras wrote:
>   git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc tags/kvm-ppc-fixes-4.15-3

Pulled, thanks.

Paolo

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-cve-4.15 tag

[Paul Mackerras]

On Thu, Jan 11, 2018 at 11:51:53AM +0100, Paolo Bonzini wrote:
> On 11/01/2018 10:31, Paul Mackerras wrote:
> > Hi Paolo,
> > 
> > This is a pull request for a commit that adds three new KVM
> > capabilities as part of the mitigation for the recently announced
> > exploits CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (also known as
> > meltdown and spectre).  These capabilities tell userspace about
> > whether the host machine has the vulnerabilities, and if so, whether
> > it has updated firmware that enables the machine to provide
> > instructions to help work around the vulnerabilities.
> > 
> > Michael Ellerman has put the changes needed for kernels to use the
> > workaround instructions to work around CVE-2017-5754 (meltdown) into
> > his fixes branch and intends to ask Linus to pull them for 4.15.  In a
> > guest kernel, the workarounds depend on getting information from the
> > platform from a new H_GET_CPU_CHARACTERISTICS hypercall.  These
> > capabilities provide the information that userspace (e.g. QEMU) needs
> > in order to implement that hypercall.  In the absence of the
> > hypercall, patched guest kernels will assume the machine is vulnerable
> > and will use a (slow) displacement flush loop to flush the L1 cache
> > each time the kernel exits to userspace.
> 
> Why three capabilities?  Could KVM just return
> KVM_PPC_GET_HOST_CPU_CHARACTERISTICS (perhaps only the characteristics
> word and not the behavior ones)?

The three capabilities were what came out of a discussion with David
Gibson about how QEMU would implement the H_GET_CPU_CHARACTERISTICS
hypercall.  David wanted to be able to set a required minimum level of
capability across a cluster of machines (i.e. migration domain) so
that a guest that was expecting a certain level of security could rely
on getting that regardless of which host it got migrated to.
Expressing the host capability in terms of broken/workaround/fixed
for each of the potential vulnerabilities seemed like the clearest way
to represent the situation.

QEMU can then have a minimum security level set on the command line,
check that against the host capabilities, and only advertise the
minimum level to guests.  Thus QEMU might tell the guest via the
H_GET_CPU_CHARACTERISTICS hypercall that it needs to apply workarounds
even on a host which is actually fixed (the workaround instructions
would be no-ops in that case), so that the guest can then be migrated
to a host which needs the workarounds.

As to the representation, we could have defined an ioctl to return the
"character" and "behaviour" words just like H_GET_CPU_CHARACTERISTICS.
We would need the "behaviour" word because that's how we will tell the
guest which workarounds it doesn't need to implement, on machines
which don't have one or more of the vulnerabilities.  However, QEMU
can't pass that information unmodified to the guest in general, and I
think David felt the logic would be clearer working from a separate
state for each vulnerability rather than having to decode that
information from the "character" and "behaviour" words.

If you think that a new ioctl returning character+behaviour is
preferable, I can code that up easily enough.

Regards,
Paul.

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-cve-4.15 tag

[Paul Mackerras]

On Thu, Jan 11, 2018 at 11:51:53AM +0100, Paolo Bonzini wrote:
> On 11/01/2018 10:31, Paul Mackerras wrote:
> > Hi Paolo,
> > 
> > This is a pull request for a commit that adds three new KVM
> > capabilities as part of the mitigation for the recently announced
> > exploits CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (also known as
> > meltdown and spectre).  These capabilities tell userspace about
> > whether the host machine has the vulnerabilities, and if so, whether
> > it has updated firmware that enables the machine to provide
> > instructions to help work around the vulnerabilities.
> > 
> > Michael Ellerman has put the changes needed for kernels to use the
> > workaround instructions to work around CVE-2017-5754 (meltdown) into
> > his fixes branch and intends to ask Linus to pull them for 4.15.  In a
> > guest kernel, the workarounds depend on getting information from the
> > platform from a new H_GET_CPU_CHARACTERISTICS hypercall.  These
> > capabilities provide the information that userspace (e.g. QEMU) needs
> > in order to implement that hypercall.  In the absence of the
> > hypercall, patched guest kernels will assume the machine is vulnerable
> > and will use a (slow) displacement flush loop to flush the L1 cache
> > each time the kernel exits to userspace.
> 
> Why three capabilities?  Could KVM just return
> KVM_PPC_GET_HOST_CPU_CHARACTERISTICS (perhaps only the characteristics
> word and not the behavior ones)?

The three capabilities were what came out of a discussion with David
Gibson about how QEMU would implement the H_GET_CPU_CHARACTERISTICS
hypercall.  David wanted to be able to set a required minimum level of
capability across a cluster of machines (i.e. migration domain) so
that a guest that was expecting a certain level of security could rely
on getting that regardless of which host it got migrated to.
Expressing the host capability in terms of broken/workaround/fixed
for each of the potential vulnerabilities seemed like the clearest way
to represent the situation.

QEMU can then have a minimum security level set on the command line,
check that against the host capabilities, and only advertise the
minimum level to guests.  Thus QEMU might tell the guest via the
H_GET_CPU_CHARACTERISTICS hypercall that it needs to apply workarounds
even on a host which is actually fixed (the workaround instructions
would be no-ops in that case), so that the guest can then be migrated
to a host which needs the workarounds.

As to the representation, we could have defined an ioctl to return the
"character" and "behaviour" words just like H_GET_CPU_CHARACTERISTICS.
We would need the "behaviour" word because that's how we will tell the
guest which workarounds it doesn't need to implement, on machines
which don't have one or more of the vulnerabilities.  However, QEMU
can't pass that information unmodified to the guest in general, and I
think David felt the logic would be clearer working from a separate
state for each vulnerability rather than having to decode that
information from the "character" and "behaviour" words.

If you think that a new ioctl returning character+behaviour is
preferable, I can code that up easily enough.

Regards,
Paul.

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-cve-4.15 tag

[Paolo Bonzini]

On 11/01/2018 23:15, Paul Mackerras wrote:
> QEMU can then have a minimum security level set on the command line,
> check that against the host capabilities, and only advertise the
> minimum level to guests.  Thus QEMU might tell the guest via the
> H_GET_CPU_CHARACTERISTICS hypercall that it needs to apply workarounds
> even on a host which is actually fixed (the workaround instructions
> would be no-ops in that case), so that the guest can then be migrated
> to a host which needs the workarounds.

Agreed.

> As to the representation, we could have defined an ioctl to return the
> "character" and "behaviour" words just like H_GET_CPU_CHARACTERISTICS.
> We would need the "behaviour" word because that's how we will tell the
> guest which workarounds it doesn't need to implement, on machines
> which don't have one or more of the vulnerabilities.

Oh, my (probably wrong) understanding was that "behavior" can be chosen
exclusively by QEMU, while "characteristics" are dictated by the host CPU.

> However, QEMU
> can't pass that information unmodified to the guest in general, and I
> think David felt the logic would be clearer working from a separate
> state for each vulnerability rather than having to decode that
> information from the "character" and "behaviour" words.

I think converting from characteristics to single vulnerabilities is
QEMU's job.  For KVM I prefer an API that is easier to extend and
doesn't require a proliferation of capabilities.

Thanks,

Paolo

Re: [GIT PULL] Please pull paulus/powerpc kvm-ppc-cve-4.15 tag

[Paolo Bonzini]

On 11/01/2018 23:15, Paul Mackerras wrote:
> QEMU can then have a minimum security level set on the command line,
> check that against the host capabilities, and only advertise the
> minimum level to guests.  Thus QEMU might tell the guest via the
> H_GET_CPU_CHARACTERISTICS hypercall that it needs to apply workarounds
> even on a host which is actually fixed (the workaround instructions
> would be no-ops in that case), so that the guest can then be migrated
> to a host which needs the workarounds.

Agreed.

> As to the representation, we could have defined an ioctl to return the
> "character" and "behaviour" words just like H_GET_CPU_CHARACTERISTICS.
> We would need the "behaviour" word because that's how we will tell the
> guest which workarounds it doesn't need to implement, on machines
> which don't have one or more of the vulnerabilities.

Oh, my (probably wrong) understanding was that "behavior" can be chosen
exclusively by QEMU, while "characteristics" are dictated by the host CPU.

> However, QEMU
> can't pass that information unmodified to the guest in general, and I
> think David felt the logic would be clearer working from a separate
> state for each vulnerability rather than having to decode that
> information from the "character" and "behaviour" words.

I think converting from characteristics to single vulnerabilities is
QEMU's job.  For KVM I prefer an API that is easier to extend and
doesn't require a proliferation of capabilities.

Thanks,

Paolo