From 8576b9d220ed4f6b60b8ad50e83ca8914df3fa65 Mon Sep 17 00:00:00 2001 From: jc_gargma Date: Wed, 6 May 2020 15:49:54 -0700 Subject: Updated to 5.6.11 --- ...y-EOI-update-to-edge-triggered-interrupts.patch | 78 ++++++++++++++++++++++ PKGBUILD | 7 +- 2 files changed, 83 insertions(+), 2 deletions(-) create mode 100644 0002-kvm-ioapic-Restrict-lazy-EOI-update-to-edge-triggered-interrupts.patch diff --git a/0002-kvm-ioapic-Restrict-lazy-EOI-update-to-edge-triggered-interrupts.patch b/0002-kvm-ioapic-Restrict-lazy-EOI-update-to-edge-triggered-interrupts.patch new file mode 100644 index 0000000..b887a12 --- /dev/null +++ b/0002-kvm-ioapic-Restrict-lazy-EOI-update-to-edge-triggered-interrupts.patch @@ -0,0 +1,78 @@ +From da707adaee9ff035c943178160be54a90de00cb3 Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Mon, 4 May 2020 12:19:45 -0400 +Subject: kvm: ioapic: Restrict lazy EOI update to edge-triggered interrupts + +Commit f458d039db7e ("kvm: ioapic: Lazy update IOAPIC EOI") introduces +the following infinite loop: + +BUG: stack guard page was hit at 000000008f595917 \ +(stack is 00000000bdefe5a4..00000000ae2b06f5) +kernel stack overflow (double-fault): 0000 [#1] SMP NOPTI +RIP: 0010:kvm_set_irq+0x51/0x160 [kvm] +Call Trace: + irqfd_resampler_ack+0x32/0x90 [kvm] + kvm_notify_acked_irq+0x62/0xd0 [kvm] + kvm_ioapic_update_eoi_one.isra.0+0x30/0x120 [kvm] + ioapic_set_irq+0x20e/0x240 [kvm] + kvm_ioapic_set_irq+0x5c/0x80 [kvm] + kvm_set_irq+0xbb/0x160 [kvm] + ? kvm_hv_set_sint+0x20/0x20 [kvm] + irqfd_resampler_ack+0x32/0x90 [kvm] + kvm_notify_acked_irq+0x62/0xd0 [kvm] + kvm_ioapic_update_eoi_one.isra.0+0x30/0x120 [kvm] + ioapic_set_irq+0x20e/0x240 [kvm] + kvm_ioapic_set_irq+0x5c/0x80 [kvm] + kvm_set_irq+0xbb/0x160 [kvm] + ? kvm_hv_set_sint+0x20/0x20 [kvm] +.... + +The re-entrancy happens because the irq state is the OR of +the interrupt state and the resamplefd state. That is, we don't +want to show the state as 0 until we've had a chance to set the +resamplefd. But if the interrupt has _not_ gone low then +ioapic_set_irq is invoked again, causing an infinite loop. + +This can only happen for a level-triggered interrupt, otherwise +irqfd_inject would immediately set the KVM_USERSPACE_IRQ_SOURCE_ID high +and then low. Fortunately, in the case of level-triggered interrupts the VMEXIT already happens because +TMR is set. Thus, fix the bug by restricting the lazy invocation +of the ack notifier to edge-triggered interrupts, the only ones that +need it. + +Tested-by: Suravee Suthikulpanit +Reported-by: borisvk@bstnet.org +Suggested-by: Paolo Bonzini +Link: https://www.spinics.net/lists/kvm/msg213512.html +Fixes: f458d039db7e ("kvm: ioapic: Lazy update IOAPIC EOI") +Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=207489 +Signed-off-by: Paolo Bonzini +--- + arch/x86/kvm/ioapic.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/arch/x86/kvm/ioapic.c b/arch/x86/kvm/ioapic.c +index 750ff0b29404..d057376bd3d3 100644 +--- a/arch/x86/kvm/ioapic.c ++++ b/arch/x86/kvm/ioapic.c +@@ -225,12 +225,12 @@ static int ioapic_set_irq(struct kvm_ioapic *ioapic, unsigned int irq, + } + + /* +- * AMD SVM AVIC accelerate EOI write and do not trap, +- * in-kernel IOAPIC will not be able to receive the EOI. +- * In this case, we do lazy update of the pending EOI when +- * trying to set IOAPIC irq. ++ * AMD SVM AVIC accelerate EOI write iff the interrupt is edge ++ * triggered, in which case the in-kernel IOAPIC will not be able ++ * to receive the EOI. In this case, we do a lazy update of the ++ * pending EOI when trying to set IOAPIC irq. + */ +- if (kvm_apicv_activated(ioapic->kvm)) ++ if (edge && kvm_apicv_activated(ioapic->kvm)) + ioapic_lazy_update_eoi(ioapic, irq); + + /* +-- +cgit v1.2.3-1-gf6bb5 + diff --git a/PKGBUILD b/PKGBUILD index 87da49b..c45c11f 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -19,7 +19,7 @@ pkgbase=linux-ck _supver=5 _majver=6 -_minver=10 +_minver=11 _gccpatchver='20191217' _gccpatchger='9.1' _gccpatchker='5.5' @@ -44,6 +44,7 @@ _srcname=linux-${pkgver} source=( https://www.kernel.org/pub/linux/kernel/v${_supver}.x/${_srcname}.tar.{xz,sign} 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch + 0002-kvm-ioapic-Restrict-lazy-EOI-update-to-edge-triggered-interrupts.patch linux-ck-patch-${_supver}.${_majver}-${_ckpatchversion}.xz::http://ck.kolivas.org/patches/${_supver}.0/${_supver}.${_majver}/${_supver}.${_majver}-${_ckpatchversion}/patch-${_supver}.${_majver}-${_ckpatchversion}.xz graysky_bdver2-hotfix.patch kernel_gcc_patch-${_gccpatchver}.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/${_gccpatchver}.tar.gz @@ -57,9 +58,10 @@ validpgpkeys=( '647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman ) # https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc -b2sums=('86d457ca12d80f0c1130af7a0e18fd77308815d7d3e4da48ac392cd801ee8463fb3bad9e1432f989f1122cf0c85c4932912415e748d48bb828e18fa25c8a1adb' +b2sums=('0b483cea53eade0e0f74dfc7230c79c0df8b383f1bcbaa71c6bcfa05a06f15e3c8b7ad2ffd0fb096d091cc3d191ffa91c984b60377f28c8fd77873ed8751668a' 'SKIP' 'ab1fb19c67d4c107f75767581c33d9c1458b4d9fdb88f4adb41d30a36f5a2f95f1c48ef079eb87e1e6e8ce2f98b293195cb2c0f2a8ec975aa817453289158c6e' + 'a620c0ea33d0613916d1876de0d2e2f6ac501ff264d1ee4ce63ba9792d5c05268694c27d94d250d42826e05f8893b4f19c305d1ac8a37fc9c6935b1abe4feab0' '20dba509c16cf41226414c2e70e2a3434573638bf93ce25786c2cd4663c98bfa04845cda780c750afbfa26918cffa394d905d16bd687d6145acb8dbd2489fdd0' '1892bd22775eac3bcc4d37f4fd30c95346bf3a0888cbbff57fd614973b525390dff2e315ce35b2e498523cceaab94ff21a80475dee8df3de4dd8fc0fab07d74e' 'd76bd0bf237ea2bb7999fd3715cb664d89148cb0ade8057d57cdb40bc0a7954336e50ee077312e5e192398b0f35f055786deb98af9130d57e60f2ea040fbb66f' @@ -85,6 +87,7 @@ prepare() { # Hotfixes echo "Applying hotfixes" patch -p1 -i ../0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch + patch -p1 -i ../0002-kvm-ioapic-Restrict-lazy-EOI-update-to-edge-triggered-interrupts.patch patch -p1 -i ../sphinx-workaround.patch -- cgit v1.2.1