From: Fuad Tabba <tabba@google.com>
To: kvmarm@lists.linux.dev
Cc: maz@kernel.org, will@kernel.org, qperret@google.com,
tabba@google.com, seanjc@google.com, alexandru.elisei@arm.com,
catalin.marinas@arm.com, philmd@linaro.org, james.morse@arm.com,
suzuki.poulose@arm.com, oliver.upton@linux.dev,
mark.rutland@arm.com, broonie@kernel.org, joey.gouly@arm.com,
rananta@google.com, smostafa@google.com
Subject: [PATCH v4 06/30] KVM: arm64: Avoid BUG-ing from the host abort path
Date: Tue, 23 Apr 2024 16:05:14 +0100 [thread overview]
Message-ID: <20240423150538.2103045-7-tabba@google.com> (raw)
In-Reply-To: <20240423150538.2103045-1-tabba@google.com>
From: Quentin Perret <qperret@google.com>
Under certain circumstances __get_fault_info() may resolve the faulting
address using the AT instruction. Given that this is being done outside
of the host lock critical section, it is racy and the resolution via AT
may fail. We currently BUG() in this situation, which is obviously less
than ideal. Moving the address resolution to the critical section may
have a performance impact, so let's keep it where it is, but bail out
and return to the host to try a second time.
Signed-off-by: Quentin Perret <qperret@google.com>
Signed-off-by: Fuad Tabba <tabba@google.com>
---
arch/arm64/kvm/hyp/nvhe/mem_protect.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
index 861c76021a25..caba3e4bd09e 100644
--- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
+++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
@@ -533,7 +533,13 @@ void handle_host_mem_abort(struct kvm_cpu_context *host_ctxt)
int ret = 0;
esr = read_sysreg_el2(SYS_ESR);
- BUG_ON(!__get_fault_info(esr, &fault));
+ if (!__get_fault_info(esr, &fault)) {
+ /*
+ * We've presumably raced with a page-table change which caused
+ * AT to fail, try again.
+ */
+ return;
+ }
addr = (fault.hpfar_el2 & HPFAR_MASK) << 8;
ret = host_stage2_idmap(addr);
--
2.44.0.769.g3c40516874-goog
next prev parent reply other threads:[~2024-04-23 15:05 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-23 15:05 [PATCH v4 00/30] KVM: arm64: Preamble for pKVM Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 01/30] KVM: arm64: Initialize the kvm host data's fpsimd_state pointer in pKVM Fuad Tabba
2024-05-09 14:09 ` Zenghui Yu
2024-05-09 17:46 ` Fuad Tabba
2024-05-10 2:39 ` Zenghui Yu
2024-05-10 6:44 ` Fuad Tabba
2024-05-10 7:59 ` Marc Zyngier
2024-05-10 8:00 ` Fuad Tabba
2024-05-10 10:49 ` Zenghui Yu
2024-05-11 18:15 ` Oliver Upton
2024-05-12 15:46 ` Fuad Tabba
2024-05-13 9:51 ` Marc Zyngier
2024-04-23 15:05 ` [PATCH v4 02/30] KVM: arm64: Move guest_owns_fp_regs() to increase its scope Fuad Tabba
2024-05-01 14:16 ` Mark Brown
2024-04-23 15:05 ` [PATCH v4 03/30] KVM: arm64: Refactor checks for FP state ownership Fuad Tabba
2024-05-01 14:17 ` Mark Brown
2024-04-23 15:05 ` [PATCH v4 04/30] KVM: arm64: Do not re-initialize the KVM lock Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 05/30] KVM: arm64: Issue CMOs when tearing down guest s2 pages Fuad Tabba
2024-04-23 15:05 ` Fuad Tabba [this message]
2024-04-23 15:05 ` [PATCH v4 07/30] KVM: arm64: Check for PTE validity when checking for executable/cacheable Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 08/30] KVM: arm64: Avoid BBM when changing only s/w bits in Stage-2 PTE Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 09/30] KVM: arm64: Support TLB invalidation in guest context Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 10/30] KVM: arm64: Rename __tlb_switch_to_{guest,host}() in VHE Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 11/30] KVM: arm64: Do not map the host fpsimd state to hyp in pKVM Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 12/30] KVM: arm64: Prevent kmemleak from accessing .hyp.data Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 13/30] KVM: arm64: Fix comment for __pkvm_vcpu_init_traps() Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 14/30] KVM: arm64: Change kvm_handle_mmio_return() return polarity Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 15/30] KVM: arm64: Move setting the page as dirty out of the critical section Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 16/30] KVM: arm64: Simplify vgic-v3 hypercalls Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 17/30] KVM: arm64: Add is_pkvm_initialized() helper Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 18/30] KVM: arm64: Introduce and use predicates that check for protected VMs Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 19/30] KVM: arm64: Move pstate reset value definitions to kvm_arm.h Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 20/30] KVM: arm64: Clarify rationale for ZCR_EL1 value restored on guest exit Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 21/30] KVM: arm64: Refactor calculating SVE state size to use helpers Fuad Tabba
2024-04-25 22:55 ` Oliver Upton
2024-04-26 2:05 ` Mark Brown
2024-04-26 7:20 ` Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 22/30] KVM: arm64: Move some kvm_psci functions to a shared header Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 23/30] KVM: arm64: Refactor reset_mpidr() to extract its computation Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 24/30] KVM: arm64: Refactor kvm_vcpu_enable_ptrauth() for hyp use Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 25/30] KVM: arm64: Reformat/beautify PTP hypercall documentation Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 26/30] KVM: arm64: Rename firmware pseudo-register documentation file Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 27/30] KVM: arm64: Document the KVM/arm64-specific calls in hypercalls.rst Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 28/30] KVM: arm64: Refactor setting the return value in kvm_vm_ioctl_enable_cap() Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 29/30] KVM: arm64: Restrict supported capabilities for protected VMs Fuad Tabba
2024-04-23 15:05 ` [PATCH v4 30/30] KVM: arm64: Force injection of a data abort on NISV MMIO exit Fuad Tabba
2024-04-30 8:12 ` [PATCH v4 00/30] KVM: arm64: Preamble for pKVM Oliver Upton
2024-04-30 15:36 ` Fuad Tabba
2024-05-01 15:43 ` Marc Zyngier
2024-05-01 16:01 ` (subset) " Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240423150538.2103045-7-tabba@google.com \
--to=tabba@google.com \
--cc=alexandru.elisei@arm.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=joey.gouly@arm.com \
--cc=kvmarm@lists.linux.dev \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=philmd@linaro.org \
--cc=qperret@google.com \
--cc=rananta@google.com \
--cc=seanjc@google.com \
--cc=smostafa@google.com \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.