mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-06 10:57:46 +00:00
Code Issues Releases Wiki Activity
linux-stable/include
History
Wanpeng Li 2bc73d9141 KVM: Fix leak vCPU's VMCS value into other pCPU 
commit 17e433b543 upstream.

After commit d73eb57b80 (KVM: Boost vCPUs that are delivering interrupts), a
five years old bug is exposed. Running ebizzy benchmark in three 80 vCPUs VMs
on one 80 pCPUs Skylake server, a lot of rcu_sched stall warning splatting
in the VMs after stress testing:

 INFO: rcu_sched detected stalls on CPUs/tasks: { 4 41 57 62 77} (detected by 15, t=60004 jiffies, g=899, c=898, q=15073)
 Call Trace:
   flush_tlb_mm_range+0x68/0x140
   tlb_flush_mmu.part.75+0x37/0xe0
   tlb_finish_mmu+0x55/0x60
   zap_page_range+0x142/0x190
   SyS_madvise+0x3cd/0x9c0
   system_call_fastpath+0x1c/0x21

swait_active() sustains to be true before finish_swait() is called in
kvm_vcpu_block(), voluntarily preempted vCPUs are taken into account
by kvm_vcpu_on_spin() loop greatly increases the probability condition
kvm_arch_vcpu_runnable(vcpu) is checked and can be true, when APICv
is enabled the yield-candidate vCPU's VMCS RVI field leaks(by
vmx_sync_pir_to_irr()) into spinning-on-a-taken-lock vCPU's current
VMCS.

This patch fixes it by checking conservatively a subset of events.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Marc Zyngier <Marc.Zyngier@arm.com>
Cc: stable@vger.kernel.org
Fixes: 98f4a1467 (KVM: add kvm_arch_vcpu_runnable() test to kvm_vcpu_on_spin() loop)
Signed-off-by: Wanpeng Li <wanpengli@tencent.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-08-16 10:12:53 +02:00
..
acpi
asm-generic include/asm-generic/bug.h: fix "cut here" for WARN_ON for __WARN_TAINT architectures 2019-07-26 09:14:28 +02:00
clocksource
crypto crypto: speck - remove Speck 2018-11-13 11:08:46 -08:00
drm drm/edid: parse CEA blocks embedded in DisplayID 2019-07-26 09:14:26 +02:00
dt-bindings
keys keys: Fix dependency loop between construction record and auth key 2019-03-23 20:09:48 +01:00
kvm KVM: arm/arm64: vgic: Make vgic_dist->lpi_list_lock a raw_spinlock 2019-03-23 20:09:42 +01:00
linux KVM: Fix leak vCPU's VMCS value into other pCPU 2019-08-16 10:12:53 +02:00
math-emu
media media: vb2: add waiting_in_dqbuf flag 2019-05-31 06:46:04 -07:00
memory
misc
net net/tls: make sure offload also gets the keys wiped 2019-07-28 08:29:27 +02:00
pcmcia
ras
rdma IB/mlx5: Report correctly tag matching rendezvous capability 2019-07-26 09:14:27 +02:00
scsi scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure 2019-08-09 17:52:27 +02:00
soc
sound ALSA: compress: Fix regression on compressed capture streams 2019-08-16 10:12:47 +02:00
target scsi: target/core: Make sure that target_wait_for_sess_cmds() waits long enough 2019-01-26 09:32:38 +01:00
trace rxrpc: Fix oops in tracepoint 2019-07-26 09:14:15 +02:00
uapi nl80211: fix NL80211_HE_MAX_CAPABILITY_LEN 2019-08-16 10:12:45 +02:00
video udlfb: introduce a rendering mutex 2019-05-25 18:23:30 +02:00
xen xen/events: fix binding user event channels to cpus 2019-07-26 09:14:25 +02:00