Commit fe37fe2a authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm 

Pull kvm fixes from Paolo Bonzini:
 "ARM:

   - Fix dangling references to a redistributor region if the vgic was
     prematurely destroyed.

   - Properly mark FFA buffers as released, ensuring that both parties
     can make forward progress.

  x86:

   - Allow getting/setting MSRs for SEV-ES guests, if they're using the
     pre-6.9 KVM_SEV_ES_INIT API.

   - Always sync pending posted interrupts to the IRR prior to IOAPIC
     route updates, so that EOIs are intercepted properly if the old
     routing table requested that.

  Generic:

   - Avoid __fls(0)

   - Fix reference leak on hwpoisoned page

   - Fix a race in kvm_vcpu_on_spin() by ensuring loads and stores are
     atomic.

   - Fix bug in __kvm_handle_hva_range() where KVM calls a function
     pointer that was intended to be a marker only (nothing bad happens
     but kind of a mine and also technically undefined behavior)

   - Do not bother accounting allocations that are small and freed
     before getting back to userspace.

  Selftests:

   - Fix compilation for RISC-V.

   - Fix a "shift too big" goof in the KVM_SEV_INIT2 selftest.

   - Compute the max mappable gfn for KVM selftests on x86 using
     GuestMaxPhyAddr from KVM's supported CPUID (if it's available)"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests
  KVM: Discard zero mask with function kvm_dirty_ring_reset
  virt: guest_memfd: fix reference leak on hwpoisoned page
  kvm: do not account temporary allocations to kmem
  MAINTAINERS: Drop Wanpeng Li as a Reviewer for KVM Paravirt support
  KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes
  KVM: Stop processing *all* memslots when "null" mmu_notifier handler is found
  KVM: arm64: FFA: Release hyp rx buffer
  KVM: selftests: Fix RISC-V compilation
  KVM: arm64: Disassociate vcpus from redistributor region on teardown
  KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()
  KVM: selftests: x86: Prioritize getting max_gfn from GuestPhysBits
  KVM: selftests: Fix shift of 32 bit unsigned int more than 32 bits
parents 35bb670d e159d63e

MAINTAINERS

+0 −1
Original line number Diff line number Diff line
@@ -12382,7 +12382,6 @@ F: drivers/video/backlight/ktz8866.c 








KVM PARAVIRT (KVM/paravirt)









M:	Paolo Bonzini <pbonzini@redhat.com>









R:	Wanpeng Li <wanpengli@tencent.com>









R:	Vitaly Kuznetsov <vkuznets@redhat.com>









L:	kvm@vger.kernel.org









S:	Supported
































arch/arm64/kvm/hyp/nvhe/ffa.c



+12
−0






























Original line number
Diff line number
Diff line







@@ -177,6 +177,14 @@ static void ffa_retrieve_req(struct arm_smccc_res *res, u32 len)







			  res);









}



















static void ffa_rx_release(struct arm_smccc_res *res)









{









	arm_smccc_1_1_smc(FFA_RX_RELEASE,









			  0, 0,









			  0, 0, 0, 0, 0,









			  res);









}



















static void do_ffa_rxtx_map(struct arm_smccc_res *res,









			    struct kvm_cpu_context *ctxt)









{








@@ -543,16 +551,19 @@ static void do_ffa_mem_reclaim(struct arm_smccc_res *res,







	if (WARN_ON(offset > len ||









		    fraglen > KVM_FFA_MBOX_NR_PAGES * PAGE_SIZE)) {









		ret = FFA_RET_ABORTED;









		ffa_rx_release(res);









		goto out_unlock;









	}



















	if (len > ffa_desc_buf.len) {









		ret = FFA_RET_NO_MEMORY;









		ffa_rx_release(res);









		goto out_unlock;









	}



















	buf = ffa_desc_buf.buf;









	memcpy(buf, hyp_buffers.rx, fraglen);









	ffa_rx_release(res);



















	for (fragoff = fraglen; fragoff < len; fragoff += fraglen) {









		ffa_mem_frag_rx(res, handle_lo, handle_hi, fragoff);








@@ -563,6 +574,7 @@ static void do_ffa_mem_reclaim(struct arm_smccc_res *res,

















		fraglen = res->a3;









		memcpy((void *)buf + fragoff, hyp_buffers.rx, fraglen);









		ffa_rx_release(res);









	}



















	ffa_mem_reclaim(res, handle_lo, handle_hi, flags);
































arch/arm64/kvm/vgic/vgic-init.c



+1
−1






























Original line number
Diff line number
Diff line







@@ -391,7 +391,7 @@ static void kvm_vgic_dist_destroy(struct kvm *kvm)

















	if (dist->vgic_model == KVM_DEV_TYPE_ARM_VGIC_V3) {









		list_for_each_entry_safe(rdreg, next, &dist->rd_regions, list)









			vgic_v3_free_redist_region(rdreg);









			vgic_v3_free_redist_region(kvm, rdreg);









		INIT_LIST_HEAD(&dist->rd_regions);









	} else {









		dist->vgic_cpu_base = VGIC_ADDR_UNDEF;
































arch/arm64/kvm/vgic/vgic-mmio-v3.c



+13
−2






























Original line number
Diff line number
Diff line







@@ -919,8 +919,19 @@ static int vgic_v3_alloc_redist_region(struct kvm *kvm, uint32_t index,







	return ret;









}



















void vgic_v3_free_redist_region(struct vgic_redist_region *rdreg)









void vgic_v3_free_redist_region(struct kvm *kvm, struct vgic_redist_region *rdreg)









{









	struct kvm_vcpu *vcpu;









	unsigned long c;



















	lockdep_assert_held(&kvm->arch.config_lock);



















	/* Garbage collect the region */









	kvm_for_each_vcpu(c, vcpu, kvm) {









		if (vcpu->arch.vgic_cpu.rdreg == rdreg)









			vcpu->arch.vgic_cpu.rdreg = NULL;









	}



















	list_del(&rdreg->list);









	kfree(rdreg);









}








@@ -945,7 +956,7 @@ int vgic_v3_set_redist_base(struct kvm *kvm, u32 index, u64 addr, u32 count)

















		mutex_lock(&kvm->arch.config_lock);









		rdreg = vgic_v3_rdist_region_from_index(kvm, index);









		vgic_v3_free_redist_region(rdreg);









		vgic_v3_free_redist_region(kvm, rdreg);









		mutex_unlock(&kvm->arch.config_lock);









		return ret;









	}
































arch/arm64/kvm/vgic/vgic.h



+1
−1






























Original line number
Diff line number
Diff line







@@ -316,7 +316,7 @@ vgic_v3_rd_region_size(struct kvm *kvm, struct vgic_redist_region *rdreg)

















struct vgic_redist_region *vgic_v3_rdist_region_from_index(struct kvm *kvm,









							   u32 index);









void vgic_v3_free_redist_region(struct vgic_redist_region *rdreg);









void vgic_v3_free_redist_region(struct kvm *kvm, struct vgic_redist_region *rdreg);



















bool vgic_v3_rdist_overlap(struct kvm *kvm, gpa_t base, size_t size);