[PATCH v4 0/2] Fix xen crash when starting HVM guest due to missing io handler

[PATCH v4 0/2] Fix xen crash when starting HVM guest due to missing io handler

[suravee.suthikulpanit]

From: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>

Hi All,

Changes from V3:
  * Remove calls to guest_iommu_init()/destroy() for now since
    the guest iommu feature is not functing and causing breakage. 
  * Do not change the ordering of the iommu_domain_init() and
    hvm_domain_init() for now until we agree on proper ordering.

OVERVIEW:
 
On systems with iommu v2 enabled, the hypervisor crashes when trying
to start up an HVM guest. 

Investigating shows that the guest_iommu_init() is called before the
HVM domain is initialized. It then tries to register_mmio_handler()
causing the hvm_next_io_handler() to increment the io_handler_count.
However, the registration fails silently and left the I/O handler
uninitialized.

At later time, hvm_find_io_handler() is called and iterate through
the registered handlered, but then resulting in referencing NULL
pointers.

This patch series proposes workaround for this issue.

Thanks,
Suravee

Suravee Suthikulpanit (2):
  AMD IOMMU: Removing currently non-functioning guest iommu feature
  x86/hvm: Add check when register io handler

 xen/arch/x86/hvm/intercept.c                | 2 ++
 xen/drivers/passthrough/amd/pci_amd_iommu.c | 4 ----
 2 files changed, 2 insertions(+), 4 deletions(-)

-- 
1.9.1


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

[PATCH v4 1/2] AMD IOMMU: Removing currently non-functioning guest iommu feature

[suravee.suthikulpanit]

From: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>

The guest IOMMU feature is currently not functioning. However,
the current guest_iommu_init() is causing issue when it tries to
register mmio handler because the it is currently called by the
following code path:

  arch/x86/domain.c: arch_domain_create()
    ]- drivers/passthrough/iommu.c: iommu_domain_init()
      |- drivers/passthrough/amd/pci_amd_iommu.c: amd_iommu_domain_init();
        |- drivers/passthrough/amd/iommu_guest.c: guest_iommu_init()

At this point, the hvm_domain_initialised() has not been called.
So register_mmio_handler() in guest_iommu_init() silently fails.

This patch removes the guest IOMMU feature for now until we can properly
support it.

Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
---
 xen/drivers/passthrough/amd/pci_amd_iommu.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/xen/drivers/passthrough/amd/pci_amd_iommu.c b/xen/drivers/passthrough/amd/pci_amd_iommu.c
index 70b7475..fce9827 100644
--- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
+++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
@@ -272,9 +272,6 @@ static int amd_iommu_domain_init(struct domain *d)
     hd->arch.paging_mode = is_hvm_domain(d) ?
                       IOMMU_PAGING_MODE_LEVEL_2 :
                       get_paging_mode(max_page);
-
-    guest_iommu_init(d);
-
     return 0;
 }
 
@@ -474,7 +471,6 @@ static void deallocate_iommu_page_tables(struct domain *d)
 
 static void amd_iommu_domain_destroy(struct domain *d)
 {
-    guest_iommu_destroy(d);
     deallocate_iommu_page_tables(d);
     amd_iommu_flush_all_pages(d);
 }
-- 
1.9.1


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

[PATCH v4 2/2] x86/hvm: Add check when register io handler

[suravee.suthikulpanit]

From: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>

At the time of registering HVM I/O handler, the HVM domain might
not have been initialized, which means the hvm_domain.io_handler
would be NULL. In the hvm_next_io_handler(), this should be asserted.

Reviewed-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
---
 xen/arch/x86/hvm/intercept.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/xen/arch/x86/hvm/intercept.c b/xen/arch/x86/hvm/intercept.c
index fc757d0..bf141c9 100644
--- a/xen/arch/x86/hvm/intercept.c
+++ b/xen/arch/x86/hvm/intercept.c
@@ -258,6 +258,8 @@ struct hvm_io_handler *hvm_next_io_handler(struct domain *d)
 {
     unsigned int i = d->arch.hvm_domain.io_handler_count++;
 
+    ASSERT(d->arch.hvm_domain.io_handler);
+
     if ( i == NR_IO_HANDLERS )
     {
         domain_crash(d);
-- 
1.9.1


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: [PATCH v4 1/2] AMD IOMMU: Removing currently non-functioning guest iommu feature

[Paul Durrant]

> -----Original Message-----
> From: suravee.suthikulpanit@amd.com
> [mailto:suravee.suthikulpanit@amd.com]
> Sent: 01 June 2016 20:53
> To: xen-devel@lists.xen.org; Paul Durrant; jbeulich@suse.com; George
> Dunlap
> Cc: Keir (Xen.org); Suravee Suthikulpanit; Suravee Suthikulpanit
> Subject: [PATCH v4 1/2] AMD IOMMU: Removing currently non-functioning
> guest iommu feature
> 
> From: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
> 
> The guest IOMMU feature is currently not functioning. However,
> the current guest_iommu_init() is causing issue when it tries to
> register mmio handler because the it is currently called by the
> following code path:
> 
>   arch/x86/domain.c: arch_domain_create()
>     ]- drivers/passthrough/iommu.c: iommu_domain_init()
>       |- drivers/passthrough/amd/pci_amd_iommu.c:
> amd_iommu_domain_init();
>         |- drivers/passthrough/amd/iommu_guest.c: guest_iommu_init()
> 
> At this point, the hvm_domain_initialised() has not been called.
> So register_mmio_handler() in guest_iommu_init() silently fails.
> 
> This patch removes the guest IOMMU feature for now until we can properly
> support it.
> 
> Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>

Reviewed-by: Paul Durrant <paul.durrant@citrix.com>

> ---
>  xen/drivers/passthrough/amd/pci_amd_iommu.c | 4 ----
>  1 file changed, 4 deletions(-)
> 
> diff --git a/xen/drivers/passthrough/amd/pci_amd_iommu.c
> b/xen/drivers/passthrough/amd/pci_amd_iommu.c
> index 70b7475..fce9827 100644
> --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
> +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
> @@ -272,9 +272,6 @@ static int amd_iommu_domain_init(struct domain *d)
>      hd->arch.paging_mode = is_hvm_domain(d) ?
>                        IOMMU_PAGING_MODE_LEVEL_2 :
>                        get_paging_mode(max_page);
> -
> -    guest_iommu_init(d);
> -
>      return 0;
>  }
> 
> @@ -474,7 +471,6 @@ static void deallocate_iommu_page_tables(struct
> domain *d)
> 
>  static void amd_iommu_domain_destroy(struct domain *d)
>  {
> -    guest_iommu_destroy(d);
>      deallocate_iommu_page_tables(d);
>      amd_iommu_flush_all_pages(d);
>  }
> --
> 1.9.1


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: [PATCH v4 1/2] AMD IOMMU: Removing currently non-functioning guest iommu feature

[Jan Beulich]

>>> On 01.06.16 at 21:52, <suravee.suthikulpanit@amd.com> wrote:
> From: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
> 
> The guest IOMMU feature is currently not functioning. However,
> the current guest_iommu_init() is causing issue when it tries to
> register mmio handler because the it is currently called by the
> following code path:
> 
>   arch/x86/domain.c: arch_domain_create()
>     ]- drivers/passthrough/iommu.c: iommu_domain_init()
>       |- drivers/passthrough/amd/pci_amd_iommu.c: amd_iommu_domain_init();
>         |- drivers/passthrough/amd/iommu_guest.c: guest_iommu_init()
> 
> At this point, the hvm_domain_initialised() has not been called.
> So register_mmio_handler() in guest_iommu_init() silently fails.
> 
> This patch removes the guest IOMMU feature for now until we can properly
> support it.
> 
> Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>

Thanks, quite reasonable. And imo actually a 4.7 candidate. Wei?

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: [PATCH v4 1/2] AMD IOMMU: Removing currently non-functioning guest iommu feature

[Wei Liu]

On Thu, Jun 02, 2016 at 03:55:41AM -0600, Jan Beulich wrote:
> >>> On 01.06.16 at 21:52, <suravee.suthikulpanit@amd.com> wrote:
> > From: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
> > 
> > The guest IOMMU feature is currently not functioning. However,
> > the current guest_iommu_init() is causing issue when it tries to
> > register mmio handler because the it is currently called by the
> > following code path:
> > 
> >   arch/x86/domain.c: arch_domain_create()
> >     ]- drivers/passthrough/iommu.c: iommu_domain_init()
> >       |- drivers/passthrough/amd/pci_amd_iommu.c: amd_iommu_domain_init();
> >         |- drivers/passthrough/amd/iommu_guest.c: guest_iommu_init()
> > 
> > At this point, the hvm_domain_initialised() has not been called.
> > So register_mmio_handler() in guest_iommu_init() silently fails.
> > 
> > This patch removes the guest IOMMU feature for now until we can properly
> > support it.
> > 
> > Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
> 
> Thanks, quite reasonable. And imo actually a 4.7 candidate. Wei?
> 

Release-acked-by: Wei Liu <wei.liu2@citrix.com>

Please apply this series within this week.

> Jan
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: [PATCH v4 1/2] AMD IOMMU: Removing currently non-functioning guest iommu feature

[Jan Beulich]

>>> On 02.06.16 at 12:26, <wei.liu2@citrix.com> wrote:
> On Thu, Jun 02, 2016 at 03:55:41AM -0600, Jan Beulich wrote:
>> >>> On 01.06.16 at 21:52, <suravee.suthikulpanit@amd.com> wrote:
>> > From: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
>> > 
>> > The guest IOMMU feature is currently not functioning. However,
>> > the current guest_iommu_init() is causing issue when it tries to
>> > register mmio handler because the it is currently called by the
>> > following code path:
>> > 
>> >   arch/x86/domain.c: arch_domain_create()
>> >     ]- drivers/passthrough/iommu.c: iommu_domain_init()
>> >       |- drivers/passthrough/amd/pci_amd_iommu.c: amd_iommu_domain_init();
>> >         |- drivers/passthrough/amd/iommu_guest.c: guest_iommu_init()
>> > 
>> > At this point, the hvm_domain_initialised() has not been called.
>> > So register_mmio_handler() in guest_iommu_init() silently fails.
>> > 
>> > This patch removes the guest IOMMU feature for now until we can properly
>> > support it.
>> > 
>> > Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
>> 
>> Thanks, quite reasonable. And imo actually a 4.7 candidate. Wei?
>> 
> 
> Release-acked-by: Wei Liu <wei.liu2@citrix.com>
> 
> Please apply this series within this week.

Series? Also the other one, which is pretty benign imo?

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: [PATCH v4 1/2] AMD IOMMU: Removing currently non-functioning guest iommu feature

[Wei Liu]

On Thu, Jun 02, 2016 at 04:43:32AM -0600, Jan Beulich wrote:
> >>> On 02.06.16 at 12:26, <wei.liu2@citrix.com> wrote:
> > On Thu, Jun 02, 2016 at 03:55:41AM -0600, Jan Beulich wrote:
> >> >>> On 01.06.16 at 21:52, <suravee.suthikulpanit@amd.com> wrote:
> >> > From: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
> >> > 
> >> > The guest IOMMU feature is currently not functioning. However,
> >> > the current guest_iommu_init() is causing issue when it tries to
> >> > register mmio handler because the it is currently called by the
> >> > following code path:
> >> > 
> >> >   arch/x86/domain.c: arch_domain_create()
> >> >     ]- drivers/passthrough/iommu.c: iommu_domain_init()
> >> >       |- drivers/passthrough/amd/pci_amd_iommu.c: amd_iommu_domain_init();
> >> >         |- drivers/passthrough/amd/iommu_guest.c: guest_iommu_init()
> >> > 
> >> > At this point, the hvm_domain_initialised() has not been called.
> >> > So register_mmio_handler() in guest_iommu_init() silently fails.
> >> > 
> >> > This patch removes the guest IOMMU feature for now until we can properly
> >> > support it.
> >> > 
> >> > Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
> >> 
> >> Thanks, quite reasonable. And imo actually a 4.7 candidate. Wei?
> >> 
> > 
> > Release-acked-by: Wei Liu <wei.liu2@citrix.com>
> > 
> > Please apply this series within this week.
> 
> Series? Also the other one, which is pretty benign imo?
> 

Yes, the other one as well. I thought it you wanted this whole series in.

But if you only want this one in, that's of course fine by me.

Wei.

> Jan
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel