* [PATCH stable-5.8] KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch
@ 2020-09-28 17:18 Marc Zyngier
2020-09-28 17:46 ` Greg KH
0 siblings, 1 reply; 5+ messages in thread
From: Marc Zyngier @ 2020-09-28 17:18 UTC (permalink / raw)
To: stable; +Cc: Will Deacon, gregkh, kernel-team
Commit c4ad98e4b72cb5be30ea282fce935248f2300e62 upstream.
KVM currently assumes that an instruction abort can never be a write.
This is in general true, except when the abort is triggered by
a S1PTW on instruction fetch that tries to update the S1 page tables
(to set AF, for example).
This can happen if the page tables have been paged out and brought
back in without seeing a direct write to them (they are thus marked
read only), and the fault handling code will make the PT executable(!)
instead of writable. The guest gets stuck forever.
In these conditions, the permission fault must be considered as
a write so that the Stage-1 update can take place. This is essentially
the I-side equivalent of the problem fixed by 60e21a0ef54c ("arm64: KVM:
Take S1 walks into account when determining S2 write faults").
Update kvm_is_write_fault() to return true on IABT+S1PTW, and introduce
kvm_vcpu_trap_is_exec_fault() that only return true when no faulting
on a S1 fault. Additionally, kvm_vcpu_dabt_iss1tw() is renamed to
kvm_vcpu_abt_iss1tw(), as the above makes it plain that it isn't
specific to data abort.
Signed-off-by: Marc Zyngier <maz@kernel.org>
Reviewed-by: Will Deacon <will@kernel.org>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20200915104218.1284701-2-maz@kernel.org
---
arch/arm64/include/asm/kvm_emulate.h | 12 ++++++++++--
arch/arm64/kvm/hyp/switch.c | 2 +-
arch/arm64/kvm/mmio.c | 2 +-
arch/arm64/kvm/mmu.c | 2 +-
4 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/arch/arm64/include/asm/kvm_emulate.h b/arch/arm64/include/asm/kvm_emulate.h
index 4d0f8ea600ba..e1254e55835b 100644
--- a/arch/arm64/include/asm/kvm_emulate.h
+++ b/arch/arm64/include/asm/kvm_emulate.h
@@ -319,7 +319,7 @@ static __always_inline int kvm_vcpu_dabt_get_rd(const struct kvm_vcpu *vcpu)
return (kvm_vcpu_get_hsr(vcpu) & ESR_ELx_SRT_MASK) >> ESR_ELx_SRT_SHIFT;
}
-static __always_inline bool kvm_vcpu_dabt_iss1tw(const struct kvm_vcpu *vcpu)
+static __always_inline bool kvm_vcpu_abt_iss1tw(const struct kvm_vcpu *vcpu)
{
return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_S1PTW);
}
@@ -327,7 +327,7 @@ static __always_inline bool kvm_vcpu_dabt_iss1tw(const struct kvm_vcpu *vcpu)
static __always_inline bool kvm_vcpu_dabt_iswrite(const struct kvm_vcpu *vcpu)
{
return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_WNR) ||
- kvm_vcpu_dabt_iss1tw(vcpu); /* AF/DBM update */
+ kvm_vcpu_abt_iss1tw(vcpu); /* AF/DBM update */
}
static inline bool kvm_vcpu_dabt_is_cm(const struct kvm_vcpu *vcpu)
@@ -356,6 +356,11 @@ static inline bool kvm_vcpu_trap_is_iabt(const struct kvm_vcpu *vcpu)
return kvm_vcpu_trap_get_class(vcpu) == ESR_ELx_EC_IABT_LOW;
}
+static inline bool kvm_vcpu_trap_is_exec_fault(const struct kvm_vcpu *vcpu)
+{
+ return kvm_vcpu_trap_is_iabt(vcpu) && !kvm_vcpu_abt_iss1tw(vcpu);
+}
+
static __always_inline u8 kvm_vcpu_trap_get_fault(const struct kvm_vcpu *vcpu)
{
return kvm_vcpu_get_hsr(vcpu) & ESR_ELx_FSC;
@@ -393,6 +398,9 @@ static __always_inline int kvm_vcpu_sys_get_rt(struct kvm_vcpu *vcpu)
static inline bool kvm_is_write_fault(struct kvm_vcpu *vcpu)
{
+ if (kvm_vcpu_abt_iss1tw(vcpu))
+ return true;
+
if (kvm_vcpu_trap_is_iabt(vcpu))
return false;
diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c
index ba225e09aaf1..8564742948d3 100644
--- a/arch/arm64/kvm/hyp/switch.c
+++ b/arch/arm64/kvm/hyp/switch.c
@@ -599,7 +599,7 @@ static bool __hyp_text fixup_guest_exit(struct kvm_vcpu *vcpu, u64 *exit_code)
kvm_vcpu_trap_get_fault_type(vcpu) == FSC_FAULT &&
kvm_vcpu_dabt_isvalid(vcpu) &&
!kvm_vcpu_dabt_isextabt(vcpu) &&
- !kvm_vcpu_dabt_iss1tw(vcpu);
+ !kvm_vcpu_abt_iss1tw(vcpu);
if (valid) {
int ret = __vgic_v2_perform_cpuif_access(vcpu);
diff --git a/arch/arm64/kvm/mmio.c b/arch/arm64/kvm/mmio.c
index 4e0366759726..07e9b6eab59e 100644
--- a/arch/arm64/kvm/mmio.c
+++ b/arch/arm64/kvm/mmio.c
@@ -146,7 +146,7 @@ int io_mem_abort(struct kvm_vcpu *vcpu, struct kvm_run *run,
}
/* Page table accesses IO mem: tell guest to fix its TTBR */
- if (kvm_vcpu_dabt_iss1tw(vcpu)) {
+ if (kvm_vcpu_abt_iss1tw(vcpu)) {
kvm_inject_dabt(vcpu, kvm_vcpu_get_hfar(vcpu));
return 1;
}
diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c
index d906350d543d..1677107b74de 100644
--- a/arch/arm64/kvm/mmu.c
+++ b/arch/arm64/kvm/mmu.c
@@ -1845,7 +1845,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa,
unsigned long vma_pagesize, flags = 0;
write_fault = kvm_is_write_fault(vcpu);
- exec_fault = kvm_vcpu_trap_is_iabt(vcpu);
+ exec_fault = kvm_vcpu_trap_is_exec_fault(vcpu);
VM_BUG_ON(write_fault && exec_fault);
if (fault_status == FSC_PERM && !write_fault && !exec_fault) {
--
2.28.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH stable-5.8] KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch
2020-09-28 17:18 [PATCH stable-5.8] KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch Marc Zyngier
@ 2020-09-28 17:46 ` Greg KH
2020-09-28 19:46 ` Naresh Kamboju
0 siblings, 1 reply; 5+ messages in thread
From: Greg KH @ 2020-09-28 17:46 UTC (permalink / raw)
To: Marc Zyngier; +Cc: stable, Will Deacon, kernel-team
On Mon, Sep 28, 2020 at 06:18:50PM +0100, Marc Zyngier wrote:
> Commit c4ad98e4b72cb5be30ea282fce935248f2300e62 upstream.
>
> KVM currently assumes that an instruction abort can never be a write.
> This is in general true, except when the abort is triggered by
> a S1PTW on instruction fetch that tries to update the S1 page tables
> (to set AF, for example).
>
> This can happen if the page tables have been paged out and brought
> back in without seeing a direct write to them (they are thus marked
> read only), and the fault handling code will make the PT executable(!)
> instead of writable. The guest gets stuck forever.
>
> In these conditions, the permission fault must be considered as
> a write so that the Stage-1 update can take place. This is essentially
> the I-side equivalent of the problem fixed by 60e21a0ef54c ("arm64: KVM:
> Take S1 walks into account when determining S2 write faults").
>
> Update kvm_is_write_fault() to return true on IABT+S1PTW, and introduce
> kvm_vcpu_trap_is_exec_fault() that only return true when no faulting
> on a S1 fault. Additionally, kvm_vcpu_dabt_iss1tw() is renamed to
> kvm_vcpu_abt_iss1tw(), as the above makes it plain that it isn't
> specific to data abort.
>
> Signed-off-by: Marc Zyngier <maz@kernel.org>
> Reviewed-by: Will Deacon <will@kernel.org>
> Cc: stable@vger.kernel.org
> Link: https://lore.kernel.org/r/20200915104218.1284701-2-maz@kernel.org
Thanks for all 3 of these, now queued up!
greg k-h
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH stable-5.8] KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch
2020-09-28 17:46 ` Greg KH
@ 2020-09-28 19:46 ` Naresh Kamboju
2020-09-29 7:01 ` Greg KH
0 siblings, 1 reply; 5+ messages in thread
From: Naresh Kamboju @ 2020-09-28 19:46 UTC (permalink / raw)
To: Greg KH, linux- stable, Marc Zyngier
Cc: Will Deacon, kernel-team, lkft-triage
On Mon, 28 Sep 2020 at 23:16, Greg KH <gregkh@linuxfoundation.org> wrote:
>
> On Mon, Sep 28, 2020 at 06:18:50PM +0100, Marc Zyngier wrote:
> > Commit c4ad98e4b72cb5be30ea282fce935248f2300e62 upstream.
> >
> > KVM currently assumes that an instruction abort can never be a write.
> > This is in general true, except when the abort is triggered by
> > a S1PTW on instruction fetch that tries to update the S1 page tables
> > (to set AF, for example).
> >
> > This can happen if the page tables have been paged out and brought
> > back in without seeing a direct write to them (they are thus marked
> > read only), and the fault handling code will make the PT executable(!)
> > instead of writable. The guest gets stuck forever.
> >
> > In these conditions, the permission fault must be considered as
> > a write so that the Stage-1 update can take place. This is essentially
> > the I-side equivalent of the problem fixed by 60e21a0ef54c ("arm64: KVM:
> > Take S1 walks into account when determining S2 write faults").
> >
> > Update kvm_is_write_fault() to return true on IABT+S1PTW, and introduce
> > kvm_vcpu_trap_is_exec_fault() that only return true when no faulting
> > on a S1 fault. Additionally, kvm_vcpu_dabt_iss1tw() is renamed to
> > kvm_vcpu_abt_iss1tw(), as the above makes it plain that it isn't
> > specific to data abort.
> >
> > Signed-off-by: Marc Zyngier <maz@kernel.org>
> > Reviewed-by: Will Deacon <will@kernel.org>
> > Cc: stable@vger.kernel.org
> > Link: https://lore.kernel.org/r/20200915104218.1284701-2-maz@kernel.org
>
> Thanks for all 3 of these, now queued up!
stable rc branch 4.19 arm64 build broken.
../arch/arm64/kvm/../../../virt/kvm/arm/mmu.c:1283:13: error:
redefinition of ‘kvm_is_write_fault’
1283 | static bool kvm_is_write_fault(struct kvm_vcpu *vcpu)
| ^~~~~~~~~~~~~~~~~~
Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
build log,
make -sk KBUILD_BUILD_USER=TuxBuild -C/linux -j16 ARCH=arm64
CROSS_COMPILE=aarch64-linux-gnu- HOSTCC=gcc CC="sccache
aarch64-linux-gnu-gcc" O=build Image
#
In file included from
../arch/arm64/kvm/hyp/../../../../virt/kvm/arm/hyp/vgic-v3-sr.c:22:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from
../arch/arm64/kvm/hyp/../../../../virt/kvm/arm/hyp/aarch32.c:14:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/hyp/vgic-v2-cpuif-proxy.c:23:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/hyp/sysreg-sr.c:23:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/hyp/switch.c:29:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/../../../virt/kvm/arm/arm.c:51:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/../../../virt/kvm/arm/mmio.c:21:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/../../../virt/kvm/arm/psci.c:25:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/../../../virt/kvm/arm/perf.c:23:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/regmap.c:24:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/inject_fault.c:25:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/../../../virt/kvm/arm/mmu.c:31:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
../arch/arm64/kvm/../../../virt/kvm/arm/mmu.c: At top level:
../arch/arm64/kvm/../../../virt/kvm/arm/mmu.c:1283:13: error:
redefinition of ‘kvm_is_write_fault’
1283 | static bool kvm_is_write_fault(struct kvm_vcpu *vcpu)
| ^~~~~~~~~~~~~~~~~~
In file included from ../arch/arm64/kvm/../../../virt/kvm/arm/mmu.c:31:
../arch/arm64/include/asm/kvm_emulate.h:382:20: note: previous
definition of ‘kvm_is_write_fault’ was here
382 | static inline bool kvm_is_write_fault(struct kvm_vcpu *vcpu)
| ^~~~~~~~~~~~~~~~~~
make[2]: *** [../scripts/Makefile.build:303:
arch/arm64/kvm/../../../virt/kvm/arm/mmu.o] Error 1
In file included from ../arch/arm64/kvm/handle_exit.c:31:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/guest.c:32:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/debug.c:26:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/reset.c:34:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/sys_regs_generic_v8.c:27:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/vgic-sys-reg-v3.c:17:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/sys_regs.c:35:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/../../../virt/kvm/arm/aarch32.c:26:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from
../arch/arm64/kvm/../../../virt/kvm/arm/vgic/vgic-init.c:22:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from
../arch/arm64/kvm/../../../virt/kvm/arm/vgic/vgic-mmio-v3.c:20:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from
../arch/arm64/kvm/../../../virt/kvm/arm/vgic/vgic-its.c:30:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
In file included from ../arch/arm64/kvm/../../../virt/kvm/arm/pmu.c:23:
../arch/arm64/include/asm/kvm_emulate.h: In function ‘kvm_vcpu_sys_get_rt’:
../arch/arm64/include/asm/kvm_emulate.h:379:6: warning: unused
variable ‘esr’ [-Wunused-variable]
379 | u32 esr = kvm_vcpu_get_hsr(vcpu);
| ^~~
../arch/arm64/include/asm/kvm_emulate.h:380:1: warning: no return
statement in function returning non-void [-Wreturn-type]
380 | }
| ^
make[2]: Target '__build' not remade because of errors.
make[1]: *** [/linux/Makefile:1074: arch/arm64/kvm] Error 2
--
Linaro LKFT
https://lkft.linaro.org
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH stable-5.8] KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch
2020-09-28 19:46 ` Naresh Kamboju
@ 2020-09-29 7:01 ` Greg KH
2020-09-29 7:36 ` Marc Zyngier
0 siblings, 1 reply; 5+ messages in thread
From: Greg KH @ 2020-09-29 7:01 UTC (permalink / raw)
To: Naresh Kamboju
Cc: linux- stable, Marc Zyngier, Will Deacon, kernel-team, lkft-triage
On Tue, Sep 29, 2020 at 01:16:34AM +0530, Naresh Kamboju wrote:
> On Mon, 28 Sep 2020 at 23:16, Greg KH <gregkh@linuxfoundation.org> wrote:
> >
> > On Mon, Sep 28, 2020 at 06:18:50PM +0100, Marc Zyngier wrote:
> > > Commit c4ad98e4b72cb5be30ea282fce935248f2300e62 upstream.
> > >
> > > KVM currently assumes that an instruction abort can never be a write.
> > > This is in general true, except when the abort is triggered by
> > > a S1PTW on instruction fetch that tries to update the S1 page tables
> > > (to set AF, for example).
> > >
> > > This can happen if the page tables have been paged out and brought
> > > back in without seeing a direct write to them (they are thus marked
> > > read only), and the fault handling code will make the PT executable(!)
> > > instead of writable. The guest gets stuck forever.
> > >
> > > In these conditions, the permission fault must be considered as
> > > a write so that the Stage-1 update can take place. This is essentially
> > > the I-side equivalent of the problem fixed by 60e21a0ef54c ("arm64: KVM:
> > > Take S1 walks into account when determining S2 write faults").
> > >
> > > Update kvm_is_write_fault() to return true on IABT+S1PTW, and introduce
> > > kvm_vcpu_trap_is_exec_fault() that only return true when no faulting
> > > on a S1 fault. Additionally, kvm_vcpu_dabt_iss1tw() is renamed to
> > > kvm_vcpu_abt_iss1tw(), as the above makes it plain that it isn't
> > > specific to data abort.
> > >
> > > Signed-off-by: Marc Zyngier <maz@kernel.org>
> > > Reviewed-by: Will Deacon <will@kernel.org>
> > > Cc: stable@vger.kernel.org
> > > Link: https://lore.kernel.org/r/20200915104218.1284701-2-maz@kernel.org
> >
> > Thanks for all 3 of these, now queued up!
>
> stable rc branch 4.19 arm64 build broken.
>
> ../arch/arm64/kvm/../../../virt/kvm/arm/mmu.c:1283:13: error:
> redefinition of ‘kvm_is_write_fault’
> 1283 | static bool kvm_is_write_fault(struct kvm_vcpu *vcpu)
> | ^~~~~~~~~~~~~~~~~~
>
> Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
Thanks, I'll go drop this patch from the 4.19.y queue and wait for a
fixed up version from Marc.
greg k-h
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH stable-5.8] KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch
2020-09-29 7:01 ` Greg KH
@ 2020-09-29 7:36 ` Marc Zyngier
0 siblings, 0 replies; 5+ messages in thread
From: Marc Zyngier @ 2020-09-29 7:36 UTC (permalink / raw)
To: Greg KH
Cc: Naresh Kamboju, linux- stable, Will Deacon, kernel-team, lkft-triage
On 2020-09-29 08:01, Greg KH wrote:
> On Tue, Sep 29, 2020 at 01:16:34AM +0530, Naresh Kamboju wrote:
>> On Mon, 28 Sep 2020 at 23:16, Greg KH <gregkh@linuxfoundation.org>
>> wrote:
>> >
>> > On Mon, Sep 28, 2020 at 06:18:50PM +0100, Marc Zyngier wrote:
>> > > Commit c4ad98e4b72cb5be30ea282fce935248f2300e62 upstream.
>> > >
>> > > KVM currently assumes that an instruction abort can never be a write.
>> > > This is in general true, except when the abort is triggered by
>> > > a S1PTW on instruction fetch that tries to update the S1 page tables
>> > > (to set AF, for example).
>> > >
>> > > This can happen if the page tables have been paged out and brought
>> > > back in without seeing a direct write to them (they are thus marked
>> > > read only), and the fault handling code will make the PT executable(!)
>> > > instead of writable. The guest gets stuck forever.
>> > >
>> > > In these conditions, the permission fault must be considered as
>> > > a write so that the Stage-1 update can take place. This is essentially
>> > > the I-side equivalent of the problem fixed by 60e21a0ef54c ("arm64: KVM:
>> > > Take S1 walks into account when determining S2 write faults").
>> > >
>> > > Update kvm_is_write_fault() to return true on IABT+S1PTW, and introduce
>> > > kvm_vcpu_trap_is_exec_fault() that only return true when no faulting
>> > > on a S1 fault. Additionally, kvm_vcpu_dabt_iss1tw() is renamed to
>> > > kvm_vcpu_abt_iss1tw(), as the above makes it plain that it isn't
>> > > specific to data abort.
>> > >
>> > > Signed-off-by: Marc Zyngier <maz@kernel.org>
>> > > Reviewed-by: Will Deacon <will@kernel.org>
>> > > Cc: stable@vger.kernel.org
>> > > Link: https://lore.kernel.org/r/20200915104218.1284701-2-maz@kernel.org
>> >
>> > Thanks for all 3 of these, now queued up!
>>
>> stable rc branch 4.19 arm64 build broken.
>>
>> ../arch/arm64/kvm/../../../virt/kvm/arm/mmu.c:1283:13: error:
>> redefinition of ‘kvm_is_write_fault’
>> 1283 | static bool kvm_is_write_fault(struct kvm_vcpu *vcpu)
>> | ^~~~~~~~~~~~~~~~~~
>>
>> Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
>
> Thanks, I'll go drop this patch from the 4.19.y queue and wait for a
> fixed up version from Marc.
Right. I have no idea what I tested yesterday, but clearly this didn't
stand a chance to even compile on arm64... :-( Funnily enough, 32bit ARM
(which nobody cares about when it comes to KVM) was just fine. Bah.
Apologies for the noise, v2 coming once I have had my second coffee...
M.
--
Jazz is not dead. It just smells funny...
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-09-29 7:36 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-28 17:18 [PATCH stable-5.8] KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch Marc Zyngier
2020-09-28 17:46 ` Greg KH
2020-09-28 19:46 ` Naresh Kamboju
2020-09-29 7:01 ` Greg KH
2020-09-29 7:36 ` Marc Zyngier
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).