Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757565AbbGGNzp (ORCPT ); Tue, 7 Jul 2015 09:55:45 -0400 Received: from mx1.redhat.com ([209.132.183.28]:60285 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753396AbbGGNzl (ORCPT ); Tue, 7 Jul 2015 09:55:41 -0400 Subject: Re: [PATCH] KVM: VMX: fix vmwrite to invalid VMCS To: =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= References: <1435931368-27730-1-git-send-email-rkrcmar@redhat.com> <5596A679.1050202@redhat.com> <20150707135012.GA26862@potion.brq.redhat.com> Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, stable@vger.kernel.org, Yang Zhang , Liang Li From: Paolo Bonzini Message-ID: <559BDA58.203@redhat.com> Date: Tue, 7 Jul 2015 15:55:36 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.0.1 MIME-Version: 1.0 In-Reply-To: <20150707135012.GA26862@potion.brq.redhat.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2317 Lines: 67 On 07/07/2015 15:50, Radim Krčmář wrote: >> Andrey reported offlist that the bug went away by reverting 1cde293. So >> the patch would at least need a new commit message. :) > > I think it's a different bug than the one Andrey reproduced > (https://bugzilla.kernel.org/show_bug.cgi?id=100671). > I'll send a v2 that cleans up the code and makes the commit message > clearer, unless you find the reasoning below unsound. Yes, the patch is okay. The problem is that kvm-arch_vcpu_create is called from a VM ioctl and thus is not between vcpu_load and vcpu_put. Thanks, I applied it. Paolo > This bug is specific to 'kvm_arch_vcpu_create()' and Vlastimil Holer hit > it on RHEL 7.2 (278.el7) kernel that didn't have 1cde2930e154 > ("sched/preempt: Add static_key() to preempt_notifiers"). > > The commit message does not base on tracing (I haven't reproduced it), > but I couldn't make sense out of this bug otherwise. > I think it happens just because other VCPU preempted the new one between > vmx_vcpu_put()+put_cpu() and the end of kvm_x86_ops->fpu_activate(), so > vmwrite accessed different VMCS. The code in kvm_vm_ioctl_create_vcpu() > that made me think so: > > vcpu = kvm_arch_vcpu_create(id) { > vcpu = kvm_x86_ops->vcpu_create(kvm, id) { > vmx = kmem_cache_zalloc(kvm_vcpu_cache, GFP_KERNEL); > kvm_vcpu_init(&vmx->vcpu, kvm, id); > vmx->loaded_vmcs = &vmx->vmcs01; > vmx->loaded_vmcs->vmcs = alloc_vmcs(); > loaded_vmcs_init(vmx->loaded_vmcs); > > // disabling preemption and activating VMCS > cpu = get_cpu(); > vmx_vcpu_load(&vmx->vcpu, cpu); > > vmx_vcpu_setup(vmx); > > // abandoning VMCS and enabling preemption > vmx_vcpu_put(&vmx->vcpu); > put_cpu(); > > return &vmx->vcpu; > } > > // enabled preemption and undefined current VMCS > kvm_x86_ops->fpu_activate(vcpu); > return vcpu; > } > > preempt_notifier_init(&vcpu->preempt_notifier, &kvm_preempt_ops); > kvm_arch_vcpu_setup(vcpu) { > vcpu_load(vcpu); > ... > } > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/