From: "Joel Fernandes (Google)" <joel@joelfernandes.org>
To: Nishanth Aravamudan <naravamudan@digitalocean.com>,
Julien Desfossez <jdesfossez@digitalocean.com>,
Peter Zijlstra <peterz@infradead.org>,
Tim Chen <tim.c.chen@linux.intel.com>,
Vineeth Pillai <viremana@linux.microsoft.com>,
Aaron Lu <aaron.lwe@gmail.com>,
Aubrey Li <aubrey.intel@gmail.com>,
tglx@linutronix.de, linux-kernel@vger.kernel.org
Cc: mingo@kernel.org, torvalds@linux-foundation.org,
fweisbec@gmail.com, keescook@chromium.org, kerrnel@google.com,
Phil Auld <pauld@redhat.com>,
Valentin Schneider <valentin.schneider@arm.com>,
Mel Gorman <mgorman@techsingularity.net>,
Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Paolo Bonzini <pbonzini@redhat.com>,
joel@joelfernandes.org, vineeth@bitbyteword.org,
Chen Yu <yu.c.chen@intel.com>,
Christian Brauner <christian.brauner@ubuntu.com>,
Agata Gruza <agata.gruza@intel.com>,
Antonio Gomez Iglesias <antonio.gomez.iglesias@intel.com>,
graf@amazon.com, konrad.wilk@oracle.com, dfaggioli@suse.com,
pjt@google.com, rostedt@goodmis.org, derkling@google.com,
benbjiang@tencent.com,
Alexandre Chartre <alexandre.chartre@oracle.com>,
James.Bottomley@hansenpartnership.com, OWeisse@umich.edu,
Dhaval Giani <dhaval.giani@oracle.com>,
Junaid Shahid <junaids@google.com>,
jsbarnes@google.com, chris.hyser@oracle.com,
Aubrey Li <aubrey.li@linux.intel.com>,
"Paul E. McKenney" <paulmck@kernel.org>,
Tim Chen <tim.c.chen@intel.com>
Subject: [PATCH v8 -tip 15/26] entry/kvm: Protect the kernel when entering from guest
Date: Mon, 19 Oct 2020 21:43:25 -0400 [thread overview]
Message-ID: <20201020014336.2076526-16-joel@joelfernandes.org> (raw)
In-Reply-To: <20201020014336.2076526-1-joel@joelfernandes.org>
From: Vineeth Pillai <viremana@linux.microsoft.com>
Similar to how user to kernel mode transitions are protected in earlier
patches, protect the entry into kernel from guest mode as well.
Tested-by: Julien Desfossez <jdesfossez@digitalocean.com>
Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
---
arch/x86/kvm/x86.c | 3 +++
include/linux/entry-kvm.h | 12 ++++++++++++
kernel/entry/kvm.c | 13 +++++++++++++
3 files changed, 28 insertions(+)
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index ce856e0ece84..05a281f3ef28 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -8540,6 +8540,8 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
*/
smp_mb__after_srcu_read_unlock();
+ kvm_exit_to_guest_mode(vcpu);
+
/*
* This handles the case where a posted interrupt was
* notified with kvm_vcpu_kick.
@@ -8633,6 +8635,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
}
}
+ kvm_enter_from_guest_mode(vcpu);
local_irq_enable();
preempt_enable();
diff --git a/include/linux/entry-kvm.h b/include/linux/entry-kvm.h
index 0cef17afb41a..32aabb7f3e6d 100644
--- a/include/linux/entry-kvm.h
+++ b/include/linux/entry-kvm.h
@@ -77,4 +77,16 @@ static inline bool xfer_to_guest_mode_work_pending(void)
}
#endif /* CONFIG_KVM_XFER_TO_GUEST_WORK */
+/**
+ * kvm_enter_from_guest_mode - Hook called just after entering kernel from guest.
+ * @vcpu: Pointer to the current VCPU data
+ */
+void kvm_enter_from_guest_mode(struct kvm_vcpu *vcpu);
+
+/**
+ * kvm_exit_to_guest_mode - Hook called just before entering guest from kernel.
+ * @vcpu: Pointer to the current VCPU data
+ */
+void kvm_exit_to_guest_mode(struct kvm_vcpu *vcpu);
+
#endif
diff --git a/kernel/entry/kvm.c b/kernel/entry/kvm.c
index eb1a8a4c867c..b0b7facf4374 100644
--- a/kernel/entry/kvm.c
+++ b/kernel/entry/kvm.c
@@ -49,3 +49,16 @@ int xfer_to_guest_mode_handle_work(struct kvm_vcpu *vcpu)
return xfer_to_guest_mode_work(vcpu, ti_work);
}
EXPORT_SYMBOL_GPL(xfer_to_guest_mode_handle_work);
+
+void kvm_enter_from_guest_mode(struct kvm_vcpu *vcpu)
+{
+ sched_core_unsafe_enter();
+}
+EXPORT_SYMBOL_GPL(kvm_enter_from_guest_mode);
+
+void kvm_exit_to_guest_mode(struct kvm_vcpu *vcpu)
+{
+ sched_core_unsafe_exit();
+ sched_core_wait_till_safe(XFER_TO_GUEST_MODE_WORK);
+}
+EXPORT_SYMBOL_GPL(kvm_exit_to_guest_mode);
--
2.29.0.rc1.297.gfa9743e501-goog
next prev parent reply other threads:[~2020-10-20 1:45 UTC|newest]
Thread overview: 98+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-20 1:43 [PATCH v8 -tip 00/26] Core scheduling Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 01/26] sched: Wrap rq::lock access Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 02/26] sched: Introduce sched_class::pick_task() Joel Fernandes (Google)
2020-10-22 7:59 ` Li, Aubrey
2020-10-22 15:25 ` Joel Fernandes
2020-10-23 5:25 ` Li, Aubrey
2020-10-23 21:47 ` Joel Fernandes
2020-10-24 2:48 ` Li, Aubrey
2020-10-24 11:10 ` Vineeth Pillai
2020-10-24 12:27 ` Vineeth Pillai
2020-10-24 23:48 ` Li, Aubrey
2020-10-26 9:01 ` Peter Zijlstra
2020-10-27 3:17 ` Li, Aubrey
2020-10-27 14:19 ` Joel Fernandes
2020-10-27 15:23 ` Joel Fernandes
2020-10-27 14:14 ` Joel Fernandes
2020-10-20 1:43 ` [PATCH v8 -tip 03/26] sched: Core-wide rq->lock Joel Fernandes (Google)
2020-10-26 11:59 ` Peter Zijlstra
2020-10-27 16:27 ` Joel Fernandes
2020-10-20 1:43 ` [PATCH v8 -tip 04/26] sched/fair: Add a few assertions Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 05/26] sched: Basic tracking of matching tasks Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 06/26] sched: Add core wide task selection and scheduling Joel Fernandes (Google)
2020-10-23 13:51 ` Peter Zijlstra
2020-10-23 13:54 ` Peter Zijlstra
2020-10-23 17:57 ` Joel Fernandes
2020-10-23 19:26 ` Peter Zijlstra
2020-10-23 21:31 ` Joel Fernandes
2020-10-26 8:28 ` Peter Zijlstra
2020-10-27 16:58 ` Joel Fernandes
2020-10-26 9:31 ` Peter Zijlstra
2020-11-05 18:50 ` Joel Fernandes
2020-11-05 22:07 ` Joel Fernandes
2020-10-23 15:05 ` Peter Zijlstra
2020-10-23 17:59 ` Joel Fernandes
2020-10-20 1:43 ` [PATCH v8 -tip 07/26] sched/fair: Fix forced idle sibling starvation corner case Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 08/26] sched/fair: Snapshot the min_vruntime of CPUs on force idle Joel Fernandes (Google)
2020-10-26 12:47 ` Peter Zijlstra
2020-10-28 15:29 ` Joel Fernandes
2020-10-28 18:39 ` Joel Fernandes
2020-10-29 16:59 ` Joel Fernandes
2020-10-29 18:24 ` Joel Fernandes
2020-10-29 18:59 ` Peter Zijlstra
2020-10-30 2:36 ` Joel Fernandes
2020-10-30 2:42 ` Joel Fernandes
2020-10-30 8:41 ` Peter Zijlstra
2020-10-31 21:41 ` Joel Fernandes
2020-10-20 1:43 ` [PATCH v8 -tip 09/26] sched: Trivial forced-newidle balancer Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 10/26] sched: migration changes for core scheduling Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 11/26] irq_work: Cleanup Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 12/26] arch/x86: Add a new TIF flag for untrusted tasks Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 13/26] kernel/entry: Add support for core-wide protection of kernel-mode Joel Fernandes (Google)
2020-10-20 3:41 ` Randy Dunlap
2020-11-03 0:20 ` Joel Fernandes
2020-10-22 5:48 ` Li, Aubrey
2020-11-03 0:50 ` Joel Fernandes
2020-10-30 10:29 ` Alexandre Chartre
2020-11-03 1:20 ` Joel Fernandes
2020-11-06 16:57 ` Alexandre Chartre
2020-11-06 17:43 ` Joel Fernandes
2020-11-06 18:07 ` Alexandre Chartre
2020-11-10 9:35 ` Alexandre Chartre
2020-11-10 22:42 ` Joel Fernandes
2020-11-16 10:08 ` Alexandre Chartre
2020-11-16 14:50 ` Joel Fernandes
2020-11-16 15:43 ` Joel Fernandes
2020-10-20 1:43 ` [PATCH v8 -tip 14/26] entry/idle: Enter and exit kernel protection during idle entry and exit Joel Fernandes (Google)
2020-10-20 1:43 ` Joel Fernandes (Google) [this message]
2020-10-20 1:43 ` [PATCH v8 -tip 16/26] sched: cgroup tagging interface for core scheduling Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 17/26] sched: Split the cookie and setup per-task cookie on fork Joel Fernandes (Google)
2020-11-04 22:30 ` chris hyser
2020-11-05 14:49 ` Joel Fernandes
2020-11-09 23:30 ` chris hyser
2020-10-20 1:43 ` [PATCH v8 -tip 18/26] sched: Add a per-thread core scheduling interface Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 19/26] sched: Add a second-level tag for nested CGroup usecase Joel Fernandes (Google)
2020-10-31 0:42 ` Josh Don
2020-11-03 2:54 ` Joel Fernandes
[not found] ` <6c07e70d-52f2-69ff-e1fa-690cd2c97f3d@linux.intel.com>
2020-11-05 15:52 ` Joel Fernandes
2020-10-20 1:43 ` [PATCH v8 -tip 20/26] sched: Release references to the per-task cookie on exit Joel Fernandes (Google)
2020-11-04 21:50 ` chris hyser
2020-11-05 15:46 ` Joel Fernandes
2020-10-20 1:43 ` [PATCH v8 -tip 21/26] sched: Handle task addition to CGroup Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 22/26] sched/debug: Add CGroup node for printing group cookie if SCHED_DEBUG Joel Fernandes (Google)
2020-10-20 1:43 ` [PATCH v8 -tip 23/26] kselftest: Add tests for core-sched interface Joel Fernandes (Google)
2020-10-30 22:20 ` [PATCH] sched: Change all 4 space tabs to actual tabs John B. Wyatt IV
2020-10-20 1:43 ` [PATCH v8 -tip 24/26] sched: Move core-scheduler interfacing code to a new file Joel Fernandes (Google)
2020-10-26 1:05 ` Li, Aubrey
2020-11-03 2:58 ` Joel Fernandes
2020-10-20 1:43 ` [PATCH v8 -tip 25/26] Documentation: Add core scheduling documentation Joel Fernandes (Google)
2020-10-20 3:36 ` Randy Dunlap
2020-11-12 16:11 ` Joel Fernandes
2020-10-20 1:43 ` [PATCH v8 -tip 26/26] sched: Debug bits Joel Fernandes (Google)
2020-10-30 13:26 ` [PATCH v8 -tip 00/26] Core scheduling Ning, Hongyu
2020-11-06 2:58 ` Li, Aubrey
2020-11-06 17:54 ` Joel Fernandes
2020-11-09 6:04 ` Li, Aubrey
2020-11-06 20:55 ` [RFT for v9] (Was Re: [PATCH v8 -tip 00/26] Core scheduling) Joel Fernandes
2020-11-13 9:22 ` Ning, Hongyu
2020-11-13 10:01 ` Ning, Hongyu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201020014336.2076526-16-joel@joelfernandes.org \
--to=joel@joelfernandes.org \
--cc=James.Bottomley@hansenpartnership.com \
--cc=OWeisse@umich.edu \
--cc=aaron.lwe@gmail.com \
--cc=agata.gruza@intel.com \
--cc=alexandre.chartre@oracle.com \
--cc=antonio.gomez.iglesias@intel.com \
--cc=aubrey.intel@gmail.com \
--cc=aubrey.li@linux.intel.com \
--cc=benbjiang@tencent.com \
--cc=chris.hyser@oracle.com \
--cc=christian.brauner@ubuntu.com \
--cc=derkling@google.com \
--cc=dfaggioli@suse.com \
--cc=dhaval.giani@oracle.com \
--cc=fweisbec@gmail.com \
--cc=graf@amazon.com \
--cc=jdesfossez@digitalocean.com \
--cc=jsbarnes@google.com \
--cc=junaids@google.com \
--cc=keescook@chromium.org \
--cc=kerrnel@google.com \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mgorman@techsingularity.net \
--cc=mingo@kernel.org \
--cc=naravamudan@digitalocean.com \
--cc=pauld@redhat.com \
--cc=paulmck@kernel.org \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=pjt@google.com \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
--cc=tim.c.chen@intel.com \
--cc=tim.c.chen@linux.intel.com \
--cc=torvalds@linux-foundation.org \
--cc=valentin.schneider@arm.com \
--cc=vineeth@bitbyteword.org \
--cc=viremana@linux.microsoft.com \
--cc=yu.c.chen@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).