Fix races between mmu_notifier invalidation and pfncache refresh, and within the pfncache itself. The first two patches are reverts of the patches sitting in kvm/queue, trying to separate and fix the races independently is nigh impossible. I assume/hope they can be ignored and the original patches dropped. I verified internal races using the attached hack-a-test. Running the test against the current implementation fails due to KVM writing the current GPA into the wrong page. I don't think the race with the mmu_notifier is technically proven, e.g. I never encountered a use-after-free even running with KASAN. Ran with PROVE_LOCKING and DEBUG_ATOMIC_SLEEP, so in theory there shouldn't be any lurking locking goofs this time... v2: - Map the pfn=>khva outside of gpc->lock. [Maxim] - Fix a page leak. - Fix more races. v1: https://lore.kernel.org/all/20220420004859.3298837-1-seanjc@xxxxxxxxxx Sean Christopherson (8): Revert "KVM: Do not speculatively mark pfn cache valid to "fix" race" Revert "KVM: Fix race between mmu_notifier invalidation and pfncache refresh" KVM: Drop unused @gpa param from gfn=>pfn cache's __release_gpc() helper KVM: Put the extra pfn reference when reusing a pfn in the gpc cache KVM: Do not incorporate page offset into gfn=>pfn cache user address KVM: Fix multiple races in gfn=>pfn cache refresh KVM: Do not pin pages tracked by gfn=>pfn caches DO NOT MERGE: Hack-a-test to verify gpc invalidation+refresh arch/x86/kvm/x86.c | 30 ++++ include/linux/kvm_host.h | 2 + include/linux/kvm_types.h | 1 + tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 2 + tools/testing/selftests/kvm/gpc_test.c | 217 +++++++++++++++++++++++++ virt/kvm/pfncache.c | 188 +++++++++++++-------- 7 files changed, 372 insertions(+), 69 deletions(-) create mode 100644 tools/testing/selftests/kvm/gpc_test.c base-commit: 2a39d8b39bffdaf1a4223d0d22f07baee154c8f3 -- 2.36.0.rc2.479.g8af0fa9b8e-goog
