Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp938958pxb; Wed, 6 Apr 2022 04:52:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyh1iB7Ev+T5nCJzzVk9+/4hHPWvhJowOdxaFtgmclCIHUL44v2rYsUlvMcMWMI85RxFAfA X-Received: by 2002:a17:902:c401:b0:154:152a:7fb7 with SMTP id k1-20020a170902c40100b00154152a7fb7mr8357647plk.63.1649245955271; Wed, 06 Apr 2022 04:52:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649245955; cv=none; d=google.com; s=arc-20160816; b=CzWWbxFMK28fzMbAEBkltLejGsujVT0xm6N27hu/8BHW5NzdApcnhh2IuxZALSSM9o vjH00wzg3I0LzpqqsaehdevPc5NwHSC6KG1PdBFbnmzZU6ULMc31gStFjIMCQrTTqpuU xSYCgV7iAOy82zIeCOO575KspihTlBrOpF/rhdO5qxZDTg1F6HJU1IkqGy/WoidSZ8RU 8vwNQefF2PJIHIM73t7X3CWbLoiKbcCewH4MlJO/CVe1qbXCcqO+YG53KVfLO2ijx1jD Uc643CVKym6G38dDFftfT3nBeJ20n1eyqwPgPqvB4WSPqwT/2uikzdj/URiQ1eAhy0yW 6GCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:mime-version:message-id:date :dkim-signature; bh=cMTfDoOyyWLXLeBs6Ru7ToFxgfyCJggJkw0OXJMsEV8=; b=nFZpmWAkRnK1lXFTgwOECO51k0EG9iNHKXlrLrdSjEdtDBfFTa24xZuBQERLUyu4e6 I+tSBCUpaXGeKbjqz2X8MuGBaA/NipCdp4H3wtP5Qf9urD9XFtqGcG3YByHS7AWQnK0k TIIghjnujW6bZVlADwuumN2DIgFZSp9s0EOqMqx2h/X7bznFL3zImQxJONBt76YMmS6g 8Qw1/0ABUwGc0ZWK70xHXFnpudHPpwPRsKKteIjPbsPIwJCGo2yfRGex/23mfsmZh7HU cv+Mpq8A+Gio/nG7XgJWHg/BKMCl4UWAZbcJcbw8tUJqXX4R9NDnnabtbwwmMtlO4cKK Nz7A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=nMfcorGl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id h16-20020a056a001a5000b004fac017a5b1si17031394pfv.95.2022.04.06.04.52.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 06 Apr 2022 04:52:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=nMfcorGl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 27BF45A116B; Wed, 6 Apr 2022 03:13:13 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1380119AbiDEUEh (ORCPT + 99 others); Tue, 5 Apr 2022 16:04:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37992 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1573044AbiDERsk (ORCPT ); Tue, 5 Apr 2022 13:48:40 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C0675D1110 for ; Tue, 5 Apr 2022 10:46:41 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id b18-20020a63d812000000b0037e1aa59c0bso424pgh.12 for ; Tue, 05 Apr 2022 10:46:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:message-id:mime-version:subject:from:to:cc; bh=cMTfDoOyyWLXLeBs6Ru7ToFxgfyCJggJkw0OXJMsEV8=; b=nMfcorGlUtXECOW5K6EgdcUsQAcrop5tc3p5tTcoHcmFQiM5G5UW0zRhxr26er4OAr s5v6PQmrcXR71vJMJDEVfVEi6/BGDusf+GDkbu49tMPrbowlSFMgbHig8rD6DZQZmHS/ gTgnI4kYoSwt8c9IAifAu8FjUB03lSAsOwDTfv4kzBKiHU0OL9rQtUzoK2zqYD2KA11X nFbw2gOlMW++pZybJgMCWKH5eIObGH2WsSttfM4SljNf6flXef8ppdyyjRZcy6syqETb Qz+OoSYfRbFJuVp2fxQw2x7mz/1KezSRobYkumFfNg+k6O320lkst6vJRzOrzHfYxTYo fojQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=cMTfDoOyyWLXLeBs6Ru7ToFxgfyCJggJkw0OXJMsEV8=; b=tyRR/Uv0t2b8/mYPBoK7E8rgyQ2jeL26tVlgX0ZubKawS62oS1Q8ymM9Hh1yEdNRoM eqPYyyVv4zDrLV2I3yh8pYA2OWTr3eo5jdV+H7FFfiepV1as8AAYzm0LdOh8Z9caJivz dh0CUrzsZt4SnxRec4buFbCyZP9EZ/3W6o1elhYkLl69taB7v3dJpIjCNsfncNxO/Upf ws6VvNLzs2PztYe2tHF72mXosMqqL0nSRbPUizS8NPi1uVyh3H+n6dKlttqIydg/Sgsj RIESeMRBWHR/lKwAf/O848DF18XBlW81R3PtxS8DdRL/NKVgz96fzXm7dbdujRAnHanJ joOQ== X-Gm-Message-State: AOAM5330zdGDbHCKuqhubGaHxwIrniV3V7QYsCst7cFAXTnm6C4RaEXU uuRysbRsVE9mtjjNcZdm4LzSbN3aU/g= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:9f5c:353e:771c:7686]) (user=pgonda job=sendgmr) by 2002:a05:6a00:8c5:b0:4fe:134d:30d3 with SMTP id s5-20020a056a0008c500b004fe134d30d3mr4801602pfu.3.1649180801244; Tue, 05 Apr 2022 10:46:41 -0700 (PDT) Date: Tue, 5 Apr 2022 10:46:37 -0700 Message-Id: <20220405174637.2074319-1-pgonda@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.35.1.1094.g7c7d902a7c-goog Subject: [PATCH v2] KVM: SEV: Mark nested locking of vcpu->mutex From: Peter Gonda To: kvm@vger.kernel.org Cc: Peter Gonda , John Sperbeck , David Rientjes , Sean Christopherson , Paolo Bonzini , linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.5 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org svm_vm_migrate_from() uses sev_lock_vcpus_for_migration() to lock all source and target vcpu->mutex. Mark the nested subclasses to avoid false positives from lockdep. Warning example: ============================================ WARNING: possible recursive locking detected 5.17.0-dbg-DEV #15 Tainted: G O -------------------------------------------- sev_migrate_tes/18859 is trying to acquire lock: ffff8d672d484238 (&vcpu->mutex){+.+.}-{3:3}, at: sev_lock_vcpus_for_migration+0x7e/0x150 but task is already holding lock: ffff8d67703f81f8 (&vcpu->mutex){+.+.}-{3:3}, at: sev_lock_vcpus_for_migration+0x7e/0x150 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&vcpu->mutex); lock(&vcpu->mutex); *** DEADLOCK *** May be due to missing lock nesting notation 3 locks held by sev_migrate_tes/18859: #0: ffff9302f91323b8 (&kvm->lock){+.+.}-{3:3}, at: sev_vm_move_enc_context_from+0x96/0x740 #1: ffff9302f906a3b8 (&kvm->lock/1){+.+.}-{3:3}, at: sev_vm_move_enc_context_from+0xae/0x740 #2: ffff8d67703f81f8 (&vcpu->mutex){+.+.}-{3:3}, at: sev_lock_vcpus_for_migration+0x7e/0x150 Fixes: b56639318bb2b ("KVM: SEV: Add support for SEV intra host migration") Reported-by: John Sperbeck Suggested-by: David Rientjes Suggested-by: Sean Christopherson Cc: Paolo Bonzini Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Peter Gonda --- Tested by running sev_migrate_tests with lockdep enabled. Before we see a warning from sev_lock_vcpus_for_migration(). After we get no warnings. --- arch/x86/kvm/svm/sev.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 75fa6dd268f0..673e1ee2cfc9 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1591,14 +1591,21 @@ static void sev_unlock_two_vms(struct kvm *dst_kvm, struct kvm *src_kvm) atomic_set_release(&src_sev->migration_in_progress, 0); } +#define SEV_MIGRATION_SOURCE 0 +#define SEV_MIGRATION_TARGET 1 -static int sev_lock_vcpus_for_migration(struct kvm *kvm) +/* + * To avoid lockdep warnings callers should pass @vm argument with either + * SEV_MIGRATION_SOURCE or SEV_MIGRATE_TARGET. This allows subclassing of all + * vCPU mutex locks. + */ +static int sev_lock_vcpus_for_migration(struct kvm *kvm, int vm) { struct kvm_vcpu *vcpu; unsigned long i, j; kvm_for_each_vcpu(i, vcpu, kvm) { - if (mutex_lock_killable(&vcpu->mutex)) + if (mutex_lock_killable_nested(&vcpu->mutex, i * 2 + vm)) goto out_unlock; } @@ -1745,10 +1752,10 @@ int sev_vm_move_enc_context_from(struct kvm *kvm, unsigned int source_fd) charged = true; } - ret = sev_lock_vcpus_for_migration(kvm); + ret = sev_lock_vcpus_for_migration(kvm, SEV_MIGRATION_SOURCE); if (ret) goto out_dst_cgroup; - ret = sev_lock_vcpus_for_migration(source_kvm); + ret = sev_lock_vcpus_for_migration(source_kvm, SEV_MIGRATION_TARGET); if (ret) goto out_dst_vcpu; -- 2.35.1.1094.g7c7d902a7c-goog