From: chenxiang <chenxiang66@hisilicon.com>
To: <alex.williamson@redhat.com>, <maz@kernel.org>
Cc: <kvm@vger.kernel.org>, <qemu-devel@nongnu.org>,
<linuxarm@huawei.com>, Xiang Chen <chenxiang66@hisilicon.com>
Subject: [PATCH] KVM: Add system call KVM_VERIFY_MSI to verify MSI vector
Date: Tue, 8 Nov 2022 16:08:57 +0800 [thread overview]
Message-ID: <1667894937-175291-1-git-send-email-chenxiang66@hisilicon.com> (raw)
From: Xiang Chen <chenxiang66@hisilicon.com>
Currently the numbers of MSI vectors come from register PCI_MSI_FLAGS
which should be power-of-2, but in some scenaries it is not the same as
the number that driver requires in guest, for example, a PCI driver wants
to allocate 6 MSI vecotrs in guest, but as the limitation, it will allocate
8 MSI vectors. So it requires 8 MSI vectors in qemu while the driver in
guest only wants to allocate 6 MSI vectors.
When GICv4.1 is enabled, we can see some exception print as following for
above scenaro:
vfio-pci 0000:3a:00.1: irq bypass producer (token 000000008f08224d) registration fails:66311
In order to verify whether a MSI vector is valid, add KVM_VERIFY_MSI to do
that. If there is a mapping, return 0, otherwise return negative value.
This is the kernel part of adding system call KVM_VERIFY_MSI.
Signed-off-by: Xiang Chen <chenxiang66@hisilicon.com>
---
arch/arm64/kvm/vgic/vgic-irqfd.c | 5 +++++
arch/arm64/kvm/vgic/vgic-its.c | 36 ++++++++++++++++++++++++++++++++++++
arch/arm64/kvm/vgic/vgic.h | 1 +
include/linux/kvm_host.h | 2 +-
include/uapi/linux/kvm.h | 2 ++
virt/kvm/kvm_main.c | 9 +++++++++
6 files changed, 54 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/kvm/vgic/vgic-irqfd.c b/arch/arm64/kvm/vgic/vgic-irqfd.c
index 475059b..2312da6 100644
--- a/arch/arm64/kvm/vgic/vgic-irqfd.c
+++ b/arch/arm64/kvm/vgic/vgic-irqfd.c
@@ -98,6 +98,11 @@ int kvm_set_msi(struct kvm_kernel_irq_routing_entry *e,
return vgic_its_inject_msi(kvm, &msi);
}
+int kvm_verify_msi(struct kvm *kvm, struct kvm_msi *msi)
+{
+ return vgic_its_verify_msi(kvm, msi);
+}
+
/**
* kvm_arch_set_irq_inatomic: fast-path for irqfd injection
*/
diff --git a/arch/arm64/kvm/vgic/vgic-its.c b/arch/arm64/kvm/vgic/vgic-its.c
index 24d7778..cae6183 100644
--- a/arch/arm64/kvm/vgic/vgic-its.c
+++ b/arch/arm64/kvm/vgic/vgic-its.c
@@ -767,6 +767,42 @@ int vgic_its_inject_cached_translation(struct kvm *kvm, struct kvm_msi *msi)
return 0;
}
+int vgic_its_verify_msi(struct kvm *kvm, struct kvm_msi *msi)
+{
+ struct vgic_its *its;
+ struct its_ite *ite;
+ struct kvm_vcpu *vcpu;
+ int ret = 0;
+
+ if (!irqchip_in_kernel(kvm) || (msi->flags & ~KVM_MSI_VALID_DEVID))
+ return -EINVAL;
+
+ if (!vgic_has_its(kvm))
+ return -ENODEV;
+
+ its = vgic_msi_to_its(kvm, msi);
+ if (IS_ERR(its))
+ return PTR_ERR(its);
+
+ mutex_lock(&its->its_lock);
+ if (!its->enabled) {
+ ret = -EBUSY;
+ goto unlock;
+ }
+ ite = find_ite(its, msi->devid, msi->data);
+ if (!ite || !its_is_collection_mapped(ite->collection)) {
+ ret = -E_ITS_INT_UNMAPPED_INTERRUPT;
+ goto unlock;
+ }
+
+ vcpu = kvm_get_vcpu(kvm, ite->collection->target_addr);
+ if (!vcpu)
+ ret = -E_ITS_INT_UNMAPPED_INTERRUPT;
+unlock:
+ mutex_unlock(&its->its_lock);
+ return ret;
+}
+
/*
* Queries the KVM IO bus framework to get the ITS pointer from the given
* doorbell address.
diff --git a/arch/arm64/kvm/vgic/vgic.h b/arch/arm64/kvm/vgic/vgic.h
index 0c8da72..d452150 100644
--- a/arch/arm64/kvm/vgic/vgic.h
+++ b/arch/arm64/kvm/vgic/vgic.h
@@ -240,6 +240,7 @@ int kvm_vgic_register_its_device(void);
void vgic_enable_lpis(struct kvm_vcpu *vcpu);
void vgic_flush_pending_lpis(struct kvm_vcpu *vcpu);
int vgic_its_inject_msi(struct kvm *kvm, struct kvm_msi *msi);
+int vgic_its_verify_msi(struct kvm *kvm, struct kvm_msi *msi);
int vgic_v3_has_attr_regs(struct kvm_device *dev, struct kvm_device_attr *attr);
int vgic_v3_dist_uaccess(struct kvm_vcpu *vcpu, bool is_write,
int offset, u32 *val);
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index 32f259f..7923352 100644
--- a/include/linux/kvm_host.h
+++ b/include/linux/kvm_host.h
@@ -1597,7 +1597,7 @@ void kvm_unregister_irq_ack_notifier(struct kvm *kvm,
int kvm_request_irq_source_id(struct kvm *kvm);
void kvm_free_irq_source_id(struct kvm *kvm, int irq_source_id);
bool kvm_arch_irqfd_allowed(struct kvm *kvm, struct kvm_irqfd *args);
-
+int kvm_verify_msi(struct kvm *kvm, struct kvm_msi *msi);
/*
* Returns a pointer to the memslot if it contains gfn.
* Otherwise returns NULL.
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index 0d5d441..72b28f8 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -1543,6 +1543,8 @@ struct kvm_s390_ucas_mapping {
#define KVM_PPC_SVM_OFF _IO(KVMIO, 0xb3)
#define KVM_ARM_MTE_COPY_TAGS _IOR(KVMIO, 0xb4, struct kvm_arm_copy_mte_tags)
+#define KVM_VERIFY_MSI _IOW(KVMIO, 0xb5, struct kvm_msi)
+
/* ioctl for vm fd */
#define KVM_CREATE_DEVICE _IOWR(KVMIO, 0xe0, struct kvm_create_device)
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index e30f1b4..439bdd7 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -4728,6 +4728,15 @@ static long kvm_vm_ioctl(struct file *filp,
r = kvm_send_userspace_msi(kvm, &msi);
break;
}
+ case KVM_VERIFY_MSI: {
+ struct kvm_msi msi;
+
+ r = -EFAULT;
+ if (copy_from_user(&msi, argp, sizeof(msi)))
+ goto out;
+ r = kvm_verify_msi(kvm, &msi);
+ break;
+ }
#endif
#ifdef __KVM_HAVE_IRQ_LINE
case KVM_IRQ_LINE_STATUS:
--
2.8.1
WARNING: multiple messages have this Message-ID (diff)
From: chenxiang via <qemu-devel@nongnu.org>
To: <alex.williamson@redhat.com>, <maz@kernel.org>
Cc: <kvm@vger.kernel.org>, <qemu-devel@nongnu.org>,
<linuxarm@huawei.com>, Xiang Chen <chenxiang66@hisilicon.com>
Subject: [PATCH] KVM: Add system call KVM_VERIFY_MSI to verify MSI vector
Date: Tue, 8 Nov 2022 16:08:57 +0800 [thread overview]
Message-ID: <1667894937-175291-1-git-send-email-chenxiang66@hisilicon.com> (raw)
From: Xiang Chen <chenxiang66@hisilicon.com>
Currently the numbers of MSI vectors come from register PCI_MSI_FLAGS
which should be power-of-2, but in some scenaries it is not the same as
the number that driver requires in guest, for example, a PCI driver wants
to allocate 6 MSI vecotrs in guest, but as the limitation, it will allocate
8 MSI vectors. So it requires 8 MSI vectors in qemu while the driver in
guest only wants to allocate 6 MSI vectors.
When GICv4.1 is enabled, we can see some exception print as following for
above scenaro:
vfio-pci 0000:3a:00.1: irq bypass producer (token 000000008f08224d) registration fails:66311
In order to verify whether a MSI vector is valid, add KVM_VERIFY_MSI to do
that. If there is a mapping, return 0, otherwise return negative value.
This is the kernel part of adding system call KVM_VERIFY_MSI.
Signed-off-by: Xiang Chen <chenxiang66@hisilicon.com>
---
arch/arm64/kvm/vgic/vgic-irqfd.c | 5 +++++
arch/arm64/kvm/vgic/vgic-its.c | 36 ++++++++++++++++++++++++++++++++++++
arch/arm64/kvm/vgic/vgic.h | 1 +
include/linux/kvm_host.h | 2 +-
include/uapi/linux/kvm.h | 2 ++
virt/kvm/kvm_main.c | 9 +++++++++
6 files changed, 54 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/kvm/vgic/vgic-irqfd.c b/arch/arm64/kvm/vgic/vgic-irqfd.c
index 475059b..2312da6 100644
--- a/arch/arm64/kvm/vgic/vgic-irqfd.c
+++ b/arch/arm64/kvm/vgic/vgic-irqfd.c
@@ -98,6 +98,11 @@ int kvm_set_msi(struct kvm_kernel_irq_routing_entry *e,
return vgic_its_inject_msi(kvm, &msi);
}
+int kvm_verify_msi(struct kvm *kvm, struct kvm_msi *msi)
+{
+ return vgic_its_verify_msi(kvm, msi);
+}
+
/**
* kvm_arch_set_irq_inatomic: fast-path for irqfd injection
*/
diff --git a/arch/arm64/kvm/vgic/vgic-its.c b/arch/arm64/kvm/vgic/vgic-its.c
index 24d7778..cae6183 100644
--- a/arch/arm64/kvm/vgic/vgic-its.c
+++ b/arch/arm64/kvm/vgic/vgic-its.c
@@ -767,6 +767,42 @@ int vgic_its_inject_cached_translation(struct kvm *kvm, struct kvm_msi *msi)
return 0;
}
+int vgic_its_verify_msi(struct kvm *kvm, struct kvm_msi *msi)
+{
+ struct vgic_its *its;
+ struct its_ite *ite;
+ struct kvm_vcpu *vcpu;
+ int ret = 0;
+
+ if (!irqchip_in_kernel(kvm) || (msi->flags & ~KVM_MSI_VALID_DEVID))
+ return -EINVAL;
+
+ if (!vgic_has_its(kvm))
+ return -ENODEV;
+
+ its = vgic_msi_to_its(kvm, msi);
+ if (IS_ERR(its))
+ return PTR_ERR(its);
+
+ mutex_lock(&its->its_lock);
+ if (!its->enabled) {
+ ret = -EBUSY;
+ goto unlock;
+ }
+ ite = find_ite(its, msi->devid, msi->data);
+ if (!ite || !its_is_collection_mapped(ite->collection)) {
+ ret = -E_ITS_INT_UNMAPPED_INTERRUPT;
+ goto unlock;
+ }
+
+ vcpu = kvm_get_vcpu(kvm, ite->collection->target_addr);
+ if (!vcpu)
+ ret = -E_ITS_INT_UNMAPPED_INTERRUPT;
+unlock:
+ mutex_unlock(&its->its_lock);
+ return ret;
+}
+
/*
* Queries the KVM IO bus framework to get the ITS pointer from the given
* doorbell address.
diff --git a/arch/arm64/kvm/vgic/vgic.h b/arch/arm64/kvm/vgic/vgic.h
index 0c8da72..d452150 100644
--- a/arch/arm64/kvm/vgic/vgic.h
+++ b/arch/arm64/kvm/vgic/vgic.h
@@ -240,6 +240,7 @@ int kvm_vgic_register_its_device(void);
void vgic_enable_lpis(struct kvm_vcpu *vcpu);
void vgic_flush_pending_lpis(struct kvm_vcpu *vcpu);
int vgic_its_inject_msi(struct kvm *kvm, struct kvm_msi *msi);
+int vgic_its_verify_msi(struct kvm *kvm, struct kvm_msi *msi);
int vgic_v3_has_attr_regs(struct kvm_device *dev, struct kvm_device_attr *attr);
int vgic_v3_dist_uaccess(struct kvm_vcpu *vcpu, bool is_write,
int offset, u32 *val);
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index 32f259f..7923352 100644
--- a/include/linux/kvm_host.h
+++ b/include/linux/kvm_host.h
@@ -1597,7 +1597,7 @@ void kvm_unregister_irq_ack_notifier(struct kvm *kvm,
int kvm_request_irq_source_id(struct kvm *kvm);
void kvm_free_irq_source_id(struct kvm *kvm, int irq_source_id);
bool kvm_arch_irqfd_allowed(struct kvm *kvm, struct kvm_irqfd *args);
-
+int kvm_verify_msi(struct kvm *kvm, struct kvm_msi *msi);
/*
* Returns a pointer to the memslot if it contains gfn.
* Otherwise returns NULL.
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index 0d5d441..72b28f8 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -1543,6 +1543,8 @@ struct kvm_s390_ucas_mapping {
#define KVM_PPC_SVM_OFF _IO(KVMIO, 0xb3)
#define KVM_ARM_MTE_COPY_TAGS _IOR(KVMIO, 0xb4, struct kvm_arm_copy_mte_tags)
+#define KVM_VERIFY_MSI _IOW(KVMIO, 0xb5, struct kvm_msi)
+
/* ioctl for vm fd */
#define KVM_CREATE_DEVICE _IOWR(KVMIO, 0xe0, struct kvm_create_device)
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index e30f1b4..439bdd7 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -4728,6 +4728,15 @@ static long kvm_vm_ioctl(struct file *filp,
r = kvm_send_userspace_msi(kvm, &msi);
break;
}
+ case KVM_VERIFY_MSI: {
+ struct kvm_msi msi;
+
+ r = -EFAULT;
+ if (copy_from_user(&msi, argp, sizeof(msi)))
+ goto out;
+ r = kvm_verify_msi(kvm, &msi);
+ break;
+ }
#endif
#ifdef __KVM_HAVE_IRQ_LINE
case KVM_IRQ_LINE_STATUS:
--
2.8.1
next reply other threads:[~2022-11-08 7:39 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-08 8:08 chenxiang [this message]
2022-11-08 8:08 ` [PATCH] KVM: Add system call KVM_VERIFY_MSI to verify MSI vector chenxiang via
2022-11-08 12:47 ` Marc Zyngier
2022-11-09 6:21 ` chenxiang (M)
2022-11-09 6:21 ` chenxiang (M) via
2022-11-10 10:28 ` Marc Zyngier
2022-11-15 7:56 ` chenxiang (M)
2022-11-15 7:56 ` chenxiang (M) via
2022-11-08 17:57 ` kernel test robot
2022-11-09 4:34 ` kernel test robot
2022-11-09 8:37 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1667894937-175291-1-git-send-email-chenxiang66@hisilicon.com \
--to=chenxiang66@hisilicon.com \
--cc=alex.williamson@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=linuxarm@huawei.com \
--cc=maz@kernel.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.