Linux kernel source tree https://git.amat.us/linux/atom/virt?h=v3.1.1 2011-07-24T08:50:42Z 2011-07-24T08:50:42Z Alex Williamson alex.williamson@redhat.com 2011-07-14T19:27:03Z urn:sha1:3f68b0318bbbd61bf08478ab99a149f0d9e5156e IOMMU interrupt remapping support provides a further layer of isolation for device assignment by preventing arbitrary interrupt block DMA writes by a malicious guest from reaching the host. By default, we should require that the platform provides interrupt remapping support, with an opt-in mechanism for existing behavior. Both AMD IOMMU and Intel VT-d2 hardware support interrupt remapping, however we currently only have software support on the Intel side. Users wishing to re-enable device assignment when interrupt remapping is not supported on the platform can use the "allow_unsafe_assigned_interrupts=1" module option. [avi: break long lines] Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2011-07-24T08:50:40Z Xiao Guangrong xiaoguangrong@cn.fujitsu.com 2011-07-11T19:33:44Z urn:sha1:ce88decffd17bf9f373cc233c961ad2054965667 The idea is from Avi: | We could cache the result of a miss in an spte by using a reserved bit, and | checking the page fault error code (or seeing if we get an ept violation or | ept misconfiguration), so if we get repeated mmio on a page, we don't need to | search the slot list/tree. | (https://lkml.org/lkml/2011/2/22/221) When the page fault is caused by mmio, we cache the info in the shadow page table, and also set the reserved bits in the shadow page table, so if the mmio is caused again, we can quickly identify it and emulate it directly Searching mmio gfn in memslots is heavy since we need to walk all memeslots, it can be reduced by this feature, and also avoid walking guest page table for soft mmu. [jan: fix operator precedence issue] Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2011-07-24T08:50:34Z Xiao Guangrong xiaoguangrong@cn.fujitsu.com 2011-07-11T19:28:54Z urn:sha1:fce92dce79dbf5fff39c7ac2fb149729d79b7a39 If the page fault is caused by mmio, the gfn can not be found in memslots, and 'bad_pfn' is returned on gfn_to_hva path, so we can use 'bad_pfn' to identify the mmio page fault. And, to clarify the meaning of mmio pfn, we return fault page instead of bad page when the gfn is not allowd to prefetch Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2011-07-12T10:17:01Z Gleb Natapov gleb@redhat.com 2011-07-11T19:28:11Z urn:sha1:e03b644fe68b1c6401465b02724d261538dba10f Introduce kvm_read_guest_cached() function in addition to write one we already have. [ by glauber: export function signature in kvm header ] Signed-off-by: Gleb Natapov <gleb@redhat.com> Signed-off-by: Glauber Costa <glommer@redhat.com> Acked-by: Rik van Riel <riel@redhat.com> Tested-by: Eric Munson <emunson@mgebm.net> Signed-off-by: Avi Kivity <avi@redhat.com> 2011-07-12T10:16:18Z Jan Kiszka jan.kiszka@siemens.com 2011-06-11T10:23:55Z urn:sha1:9f3191aec595ef9f3c80bc96664fd7aef57ef5be KVM_MAX_MSIX_PER_DEV implies that up to that many MSI-X entries can be requested. But the kernel so far rejected already the upper limit. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2011-07-12T10:16:17Z Alexander Graf agraf@suse.de 2011-06-08T00:45:37Z urn:sha1:1dda606c5f94b14a8f36c220d1d8844bab68a720 KVM has an ioctl to define which signal mask should be used while running inside VCPU_RUN. At least for big endian systems, this mask is different on 32-bit and 64-bit systems (though the size is identical). Add a compat wrapper that converts the mask to whatever the kernel accepts, allowing 32-bit kvm user space to set signal masks. This patch fixes qemu with --enable-io-thread on ppc64 hosts when running 32-bit user land. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Avi Kivity <avi@redhat.com> 2011-07-12T08:45:08Z Jan Kiszka jan.kiszka@siemens.com 2011-05-23T08:33:05Z urn:sha1:d780592b99d7d8a5ff905f6bacca519d4a342c76 So far kvm_arch_vcpu_setup is responsible for freeing the vcpu struct if it fails. Move this confusing resonsibility back into the hands of kvm_vm_ioctl_create_vcpu. Only kvm_arch_vcpu_setup of x86 is affected, all other archs cannot fail. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2011-07-12T08:45:03Z Xiao Guangrong xiaoguangrong@cn.fujitsu.com 2011-05-15T15:22:04Z urn:sha1:8b0cedff040b652f3d36b1368778667581b0c140 Simply use __copy_to_user/__clear_user to write guest page since we have already verified the user address when the memslot is set Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> 2011-06-08T02:06:28Z Linus Torvalds torvalds@linux-foundation.org 2011-06-08T02:06:28Z urn:sha1:58a9a36b5444cbd921cdfc8ddd344d9983cc2c7b * 'kvm-updates/3.0' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: Initialize kvm before registering the mmu notifier KVM: x86: use proper port value when checking io instruction permission KVM: add missing void __user * cast to access_ok() call 2011-06-06T08:27:52Z Mike Waychison mikew@google.com 2011-06-03T20:04:53Z urn:sha1:74b5c5bfff429f464c38dd49af41d75cf0e7dc26 It doesn't make sense to ever see a half-initialized kvm structure on mmu notifier callbacks. Previously, 85722cda changed the ordering to ensure that the mmu_lock was initialized before mmu notifier registration, but there is still a race where the mmu notifier could come in and try accessing other portions of struct kvm before they are intialized. Solve this by moving the mmu notifier registration to occur after the structure is completely initialized. Google-Bug-Id: 452199 Signed-off-by: Mike Waychison <mikew@google.com> Signed-off-by: Avi Kivity <avi@redhat.com>