From patchwork Fri Aug 30 04:35:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 1978746 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=U96RDUJ8; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20230601 header.b=g/cY6GNf; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=kvm-riscv-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Ww6Zq3MKjz1ydy for ; Fri, 30 Aug 2024 15:46:09 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :Mime-Version:Date:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=Zfz8n/eFd5NIYTGLzJjgLhYRiBo3Ic/qFGrb0N//Nbc=; b=U96RDUJ852mCtb UqiI7ll9iYauhUB60v0azT9To17AFZw54LOaVEp6CmTQ+ULML+sDZjvgKgF0ZUfGRGQO1RvNuJcUv Vj8GTQjU568xUBsQnmmAfdwYQpWicO7gDS8XBFwzEwPgaNfOHMZcUhGF+yUJOhHr0sE3/EAJCzETI qHl4kkcobgTPyY6AyZGftPYBKrs9rzmZgB6mIYeFB5ICRQun9vvNTV5lSISxh5yz4YQIJI08DSlcE 5tcYZTyEjqj3cYxwbgqn080oPJyFImnYfr6pknFYsDawFvzDUK/hg9AnyFOcA92ble1ZPM3w7GnTl PGZ6Ah+v7rlpLruX4sag==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sjuSU-00000004qcg-3jao; Fri, 30 Aug 2024 05:46:06 +0000 Received: from mail-yb1-xb49.google.com ([2607:f8b0:4864:20::b49]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sjtMj-00000004fjB-3rzi for kvm-riscv@lists.infradead.org; Fri, 30 Aug 2024 04:36:10 +0000 Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-e02b5792baaso2368625276.2 for ; Thu, 29 Aug 2024 21:36:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1724992564; x=1725597364; darn=lists.infradead.org; h=cc:to:from:subject:message-id:mime-version:date:reply-to:from:to:cc :subject:date:message-id:reply-to; bh=0RRTA1H5OtG+8qgMxGB5BU8t5Dbb6+roBouJjwlrdgk=; b=g/cY6GNfHjQGU82xxjE/xY2qz4eNPQw+RBMEPkZnbQ6xOJlm7Vwg4GrxQneZfkzbSf 8aBxFiWrE8dad7REJpVHqnwFj7O1kv+5pGu93P6iEkkLxQdb2bEeTKfYgA1E0YRe5IcQ +PNPDwaiV892CMi+lnP7mT9QJWg5bE4CA+Ut7OUn/simwm2F9H9tqfqBrhrOMqwsMycj z/XqgFEHy7zrVf9bjrQ46UWVnJs/PeOhHZZ2wMPyhNFNM458S4c4ORZd2him3oEizVpW OJ7gHnCG/U9hVrhnGorJHPpKGI0e+nBHiseHMnq9id/S7pu1W3FI2Kq6r0rxJ6e3qBP5 HO3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724992564; x=1725597364; h=cc:to:from:subject:message-id:mime-version:date:reply-to :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=0RRTA1H5OtG+8qgMxGB5BU8t5Dbb6+roBouJjwlrdgk=; b=QkE/A5LyK8/WcCvHjoYHNWaEIXZ7+jR21pevYGoiJq0zCbh5ySDAbIbPK2cmaoXNo9 NjL6lbmPUOX018KvjUWul5F76EpZkzUj7Ai/TxfZw27UHy1xWYTT2pQPrTU06Q3KRdI1 P2w1aOwPjwzw2Q8YC838eIqkFzivrTApt+dpS1qFRblp3G4d8DxaSyHkaAXiOlrBEEdp o3x/j/NstoWyfeS+WHqzlI+gaF9d2Hpby/eblaQXAGv5jeMVwRTWHWrrS8upHHPJXwVY DnJN67UKRR5oEQavuPsNDrbLTwYUsX1kAEpC4iQELvsjLdRG10KYvpb22zKzhB3WbzEi 1gVQ== X-Forwarded-Encrypted: i=1; AJvYcCVyAPjUezqqCYum9jqv/UjZV4UNiXRQCb64Uv/FwincTYhWkt9MMN1hCF6fAPua6s7YBeNX0keH9OA=@lists.infradead.org X-Gm-Message-State: AOJu0YwiteP+ueBvVQ3lYwB3MdbLlZMjiQwq0lh9Q4doTGI4XXC6I85I mnTev6NMox0Yo+6n7RvdNkF0ulRfdwJ9GLk9VQApEiTlT5moSPmm2Q2Q/B2xgPAuVjGvBi7W+vr DJw== X-Google-Smtp-Source: AGHT+IG+hqynsJ7hdgdKV9gAtkROKS2qGVXayEmYSbfKtO5Jo9FgRfejcOxvLz+XMdzoh9wRJFEwtKQxRPs= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:278a:0:b0:e0b:a712:2ceb with SMTP id 3f1490d57ef6-e1a79ff35c5mr30969276.5.1724992564279; Thu, 29 Aug 2024 21:36:04 -0700 (PDT) Date: Thu, 29 Aug 2024 21:35:50 -0700 Mime-Version: 1.0 X-Mailer: git-send-email 2.46.0.469.g59c65b2a67-goog Message-ID: <20240830043600.127750-1-seanjc@google.com> Subject: [PATCH v4 00/10] KVM: Register cpuhp/syscore callbacks when enabling virt From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Tianrui Zhao , Bibo Mao , Huacai Chen , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, loongarch@lists.linux.dev, linux-mips@vger.kernel.org, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Chao Gao , Kai Huang , Farrah Chen X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240829_213605_989464_32FBEA5D X-CRM114-Status: GOOD ( 14.08 ) X-Spam-Score: -9.5 (---------) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Register KVM's cpuhp and syscore callbacks when enabling virtualization in hardware, as the sole purpose of said callbacks is to disable and re-enable virtualization as needed. The primary motivation for this series is to simplify dealing with enabling virtualization for Intel's TDX, which needs to enable virtualization when kvm-intel.ko is loaded, i.e. long before the first [...] Content analysis details: (-9.5 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM welcome-list -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:b49 listed in] [list.dnswl.org] -0.0 T_SCC_BODY_TEXT_LINE No description available. -0.0 DKIMWL_WL_MED DKIMwl.org - Medium trust sender X-BeenThere: kvm-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "kvm-riscv" Errors-To: kvm-riscv-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Register KVM's cpuhp and syscore callbacks when enabling virtualization in hardware, as the sole purpose of said callbacks is to disable and re-enable virtualization as needed. The primary motivation for this series is to simplify dealing with enabling virtualization for Intel's TDX, which needs to enable virtualization when kvm-intel.ko is loaded, i.e. long before the first VM is created. That said, this is a nice cleanup on its own. By registering the callbacks on-demand, the callbacks themselves don't need to check kvm_usage_count, because their very existence implies a non-zero count. Patch 1 (re)adds a dedicated lock for kvm_usage_count. Hopefully it's a temporary lock, as we can likely fix the cpus_read_lock() vs. kvm_lock mess for good by switching vm_list to an (S)RCU-protected list. v4: - Collect more reviews. - Fix documentation for kvm_usage_lock. [Kai] - Add a blurb in locking.rst to call out that cpus_read_lock() vs kvm_lock is a general problem. - Add a paragraph in the locking patch to suggest switching vm_list to an (S)RCU-protected list, so that walkers don't need to take kvm_lock. - Add an example call chain for the other cpus_read_lock() vs kvm_lock issues that are lurking. - Enable the module param by default from the get-go. [Paolo] - Rename even more APIs/symbols (all of 'em I could find). [Paolo] - Clarify that it's the 0=>1 VM creation that's problematic, not simply the creation of the very first VM. [Paolo] - Document enable_virt_at_load, and call out the (dis)advantages of enabling virtualization when KVM is loaded. - Drop the WARN on kvm_usage_count being elevated at the end of kvm_uninit_virtualization(), as it's annoyingly difficult to keep the WARN and still allow arch code (i.e. TDX) to enable virtualization during setup. v3: - https://lore.kernel.org/all/20240608000639.3295768-1-seanjc@google.com - Collect reviews/acks. - Switch to kvm_usage_lock in a dedicated patch, Cc'd for stable@. [Chao] - Enable virt at load by default. [Chao] - Add comments to document how kvm_arch_{en,dis}able_virtualization() fit into the overall flow. [Kai] v2: - https://lore.kernel.org/all/20240522022827.1690416-1-seanjc@google.com - Use a dedicated mutex to avoid lock inversion issues between kvm_lock and the cpuhp lock. - Register emergency disable callbacks on-demand. [Kai] - Drop an unintended s/junk/ign rename. [Kai] - Decrement kvm_usage_count on failure. [Chao] v1: https://lore.kernel.org/all/20240425233951.3344485-1-seanjc@google.com Sean Christopherson (10): KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock KVM: Register cpuhp and syscore callbacks when enabling hardware KVM: Rename symbols related to enabling virtualization hardware KVM: Rename arch hooks related to per-CPU virtualization enabling KVM: MIPS: Rename virtualization {en,dis}abling APIs to match common KVM KVM: x86: Rename virtualization {en,dis}abling APIs to match common KVM KVM: Add a module param to allow enabling virtualization when KVM is loaded KVM: Add arch hooks for enabling/disabling virtualization x86/reboot: Unconditionally define cpu_emergency_virt_cb typedef KVM: x86: Register "emergency disable" callbacks when virt is enabled .../admin-guide/kernel-parameters.txt | 17 ++ Documentation/virt/kvm/locking.rst | 31 +- arch/arm64/kvm/arm.c | 6 +- arch/loongarch/kvm/main.c | 4 +- arch/mips/include/asm/kvm_host.h | 4 +- arch/mips/kvm/mips.c | 8 +- arch/mips/kvm/vz.c | 8 +- arch/riscv/kvm/main.c | 4 +- arch/x86/include/asm/kvm-x86-ops.h | 4 +- arch/x86/include/asm/kvm_host.h | 7 +- arch/x86/include/asm/reboot.h | 2 +- arch/x86/kvm/svm/svm.c | 19 +- arch/x86/kvm/vmx/main.c | 6 +- arch/x86/kvm/vmx/vmx.c | 10 +- arch/x86/kvm/vmx/x86_ops.h | 5 +- arch/x86/kvm/x86.c | 26 +- include/linux/kvm_host.h | 18 +- virt/kvm/kvm_main.c | 270 +++++++++--------- 18 files changed, 251 insertions(+), 198 deletions(-) base-commit: 15e1c3d65975524c5c792fcd59f7d89f00402261