Linux kernel source tree https://git.amat.us/linux/atom/virt?h=v3.4 2012-04-19T03:04:18Z 2012-04-19T03:04:18Z Alex Williamson alex.williamson@redhat.com 2012-04-18T03:46:44Z urn:sha1:21a1416a1c945c5aeaeaf791b63c64926018eb77 As pointed out by Jason Baron, when assigning a device to a guest we first set the iommu domain pointer, which enables mapping and unmapping of memory slots to the iommu. This leaves a window where this path is enabled, but we haven't synchronized the iommu mappings to the existing memory slots. Thus a slot being removed at that point could send us down unexpected code paths removing non-existent pinnings and iommu mappings. Take the slots_lock around creating the iommu domain and initial mappings as well as around iommu teardown to avoid this race. Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> 2012-04-12T01:55:25Z Alex Williamson alex.williamson@redhat.com 2012-04-11T15:51:49Z urn:sha1:32f6daad4651a748a58a3ab6da0611862175722f We've been adding new mappings, but not destroying old mappings. This can lead to a page leak as pages are pinned using get_user_pages, but only unpinned with put_page if they still exist in the memslots list on vm shutdown. A memslot that is destroyed while an iommu domain is enabled for the guest will therefore result in an elevated page reference count that is never cleared. Additionally, without this fix, the iommu is only programmed with the first translation for a gpa. This can result in peer-to-peer errors if a mapping is destroyed and replaced by a new mapping at the same gpa as the iommu will still be pointing to the original, pinned memory address. Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> 2012-03-20T10:41:24Z Jan Kiszka jan.kiszka@siemens.com 2012-03-14T10:02:11Z urn:sha1:cf9eeac46350b8b43730b7dc5e999757bed089a4 As kvm_notify_acked_irq calls kvm_assigned_dev_ack_irq under rcu_read_lock, we cannot use a mutex in the latter function. Switch to a spin lock to address this. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2012-03-08T12:11:44Z Alex Shi alex.shi@intel.com 2012-03-04T05:13:38Z urn:sha1:bec87d6e34de459a559fc326aa4e56bee4ba7423 Using 'int' type is not suitable for a 'long' object. So, correct it. Signed-off-by: Alex Shi <alex.shi@intel.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2012-03-08T12:11:36Z Jan Kiszka jan.kiszka@siemens.com 2012-02-28T13:19:54Z urn:sha1:07700a94b00a4fcbbfb07d1b72dc112a0e036735 PCI 2.3 allows to generically disable IRQ sources at device level. This enables us to share legacy IRQs of such devices with other host devices when passing them to a guest. The new IRQ sharing feature introduced here is optional, user space has to request it explicitly. Moreover, user space can inform us about its view of PCI_COMMAND_INTX_DISABLE so that we can avoid unmasking the interrupt and signaling it if the guest masked it via the virtualized PCI config space. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Acked-by: Alex Williamson <alex.williamson@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2012-03-08T12:10:30Z Avi Kivity avi@redhat.com 2012-03-05T12:23:29Z urn:sha1:3e515705a1f46beb1c942bb8043c16f8ac7b1e9e If some vcpus are created before KVM_CREATE_IRQCHIP, then irqchip_in_kernel() and vcpu->arch.apic will be inconsistent, leading to potential NULL pointer dereferences. Fix by: - ensuring that no vcpus are installed when KVM_CREATE_IRQCHIP is called - ensuring that a vcpu has an apic if it is installed after KVM_CREATE_IRQCHIP This is somewhat long winded because vcpu->arch.apic is created without kvm->lock held. Based on earlier patch by Michael Ellerman. Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Signed-off-by: Avi Kivity <avi@redhat.com> 2012-03-08T12:10:23Z Takuya Yoshikawa yoshikawa.takuya@oss.ntt.co.jp 2012-02-10T06:28:31Z urn:sha1:565f3be2174611f364405bbea2d86e153c2e7e78 Other threads may process the same page in that small window and skip TLB flush and then return before these functions do flush. Signed-off-by: Takuya Yoshikawa <yoshikawa.takuya@oss.ntt.co.jp> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2012-03-08T12:10:22Z Takuya Yoshikawa yoshikawa.takuya@oss.ntt.co.jp 2012-02-08T04:02:18Z urn:sha1:db3fe4eb45f3555d91a7124e18cf3a2f2a30eb90 Some members of kvm_memory_slot are not used by every architecture. This patch is the first step to make this difference clear by introducing kvm_memory_slot::arch; lpage_info is moved into it. Signed-off-by: Takuya Yoshikawa <yoshikawa.takuya@oss.ntt.co.jp> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2012-03-08T12:10:21Z Takuya Yoshikawa yoshikawa.takuya@oss.ntt.co.jp 2012-02-08T04:01:09Z urn:sha1:189a2f7b24677deced3d2a9803969ba69f4b75f6 Narrow down the controlled text inside the conditional so that it will include lpage_info and rmap stuff only. For this we change the way we check whether the slot is being created from "if (npages && !new.rmap)" to "if (npages && !old.npages)". We also stop checking if lpage_info is NULL when we create lpage_info because we do it from inside the slot creation code block. Signed-off-by: Takuya Yoshikawa <yoshikawa.takuya@oss.ntt.co.jp> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Avi Kivity <avi@redhat.com> 2012-03-08T12:10:20Z Takuya Yoshikawa yoshikawa.takuya@oss.ntt.co.jp 2012-02-08T04:00:13Z urn:sha1:a64f273a08d16bc66ccc5546bd28b1bba554ec81 This makes it easy to make lpage_info architecture specific. Signed-off-by: Takuya Yoshikawa <yoshikawa.takuya@oss.ntt.co.jp> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Avi Kivity <avi@redhat.com>