• Nikita Leshenko's avatar
    KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race · 2f9e94ef
    Nikita Leshenko authored
    
    [ Upstream commit 0fc5a36d ]
    
    KVM uses ioapic_handled_vectors to track vectors that need to notify the
    IOAPIC on EOI. The problem is that IOAPIC can be reconfigured while an
    interrupt with old configuration is pending or running and
    ioapic_handled_vectors only remembers the newest configuration;
    thus EOI from the old interrupt is not delievered to the IOAPIC.
    
    A previous commit db2bdcbb
    ("KVM: x86: fix edge EOI and IOAPIC reconfig race")
    addressed this issue by adding pending edge-triggered interrupts to
    ioapic_handled_vectors, fixing this race for edge-triggered interrupts.
    The commit explicitly ignored level-triggered interrupts,
    but this race applies to them as well:
    
    1) IOAPIC sends a level triggered interrupt vector to VCPU0
    2) VCPU0's handler deasserts the irq line and reconfigures the IOAPIC
       to route the vector to VCPU1. The reconfiguration rewrites only the
       upper 32 bits of the IOREDTBLn register. (Causes KVM to update
       ioapic_handled_vectors for VCPU0 and it no longer includes the vector.)
    3) VCPU0 sends EOI for the vector, but it's not delievered to the
       IOAPIC because the ioapic_handled_vectors doesn't include the vector.
    4) New interrupts are not delievered to VCPU1 because remote_irr bit
       is set forever.
    
    Therefore, the correct behavior is to add all pending and running
    interrupts to ioapic_handled_vectors.
    
    This commit introduces a slight performance hit similar to
    commit db2bdcbb ("KVM: x86: fix edge EOI and IOAPIC reconfig race")
    for the rare case that the vector is reused by a non-IOAPIC source on
    VCPU0. We prefer to keep solution simple and not handle this case just
    as the original commit does.
    
    Fixes: db2bdcbb ("KVM: x86: fix edge EOI and IOAPIC reconfig race")
    Signed-off-by: default avatarNikita Leshenko <nikita.leshchenko@oracle.com>
    Reviewed-by: default avatarLiran Alon <liran.alon@oracle.com>
    Signed-off-by: default avatarKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>
    Signed-off-by: default avatarRadim Krčmář <rkrcmar@redhat.com>
    Signed-off-by: default avatarSasha Levin <alexander.levin@microsoft.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    2f9e94ef
ioapic.c 17.1 KB