On Mon, Oct 31, 2022 at 08:36:17AM +0800, Gavin Shan wrote: > KVM_CAP_DIRTY_LOG_RING_WITH_BITMAP should be enabled only when KVM > device "kvm-arm-vgic-its" is used by userspace. Currently, it's the > only case where a running VCPU is missed for dirty ring. However, > there are potentially other devices introducing similar error in > future. > > In order to report those broken devices only, the no-running-vcpu > warning message is escaped from KVM device "kvm-arm-vgic-its". For > this, the function vgic_has_its() needs to be exposed with a more > generic function name (kvm_vgic_has_its()). > > Link: https://lore.kernel.org/kvmarm/Y1ghIKrAsRFwSFsO@xxxxxxxxxx > Suggested-by: Sean Christopherson <seanjc@xxxxxxxxxx> > Signed-off-by: Gavin Shan <gshan@xxxxxxxxxx> I don't think this should be added as a separate patch. The weak kvm_arch_allow_write_without_running_vcpu() (and adding its caller) should be rolled into patch 4/9. The arm64 implementation of that should be introduced in patch 6/9. > --- > arch/arm64/kvm/mmu.c | 14 ++++++++++++++ > arch/arm64/kvm/vgic/vgic-init.c | 4 ++-- > arch/arm64/kvm/vgic/vgic-irqfd.c | 4 ++-- > arch/arm64/kvm/vgic/vgic-its.c | 2 +- > arch/arm64/kvm/vgic/vgic-mmio-v3.c | 18 ++++-------------- > arch/arm64/kvm/vgic/vgic.c | 10 ++++++++++ > arch/arm64/kvm/vgic/vgic.h | 1 - > include/kvm/arm_vgic.h | 1 + > include/linux/kvm_dirty_ring.h | 1 + > virt/kvm/dirty_ring.c | 5 +++++ > virt/kvm/kvm_main.c | 2 +- > 11 files changed, 41 insertions(+), 21 deletions(-) > > diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c > index 60ee3d9f01f8..e0855b2b3d66 100644 > --- a/arch/arm64/kvm/mmu.c > +++ b/arch/arm64/kvm/mmu.c > @@ -932,6 +932,20 @@ void kvm_arch_mmu_enable_log_dirty_pt_masked(struct kvm *kvm, > kvm_mmu_write_protect_pt_masked(kvm, slot, gfn_offset, mask); > } > > +/* > + * kvm_arch_allow_write_without_running_vcpu - allow writing guest memory > + * without the running VCPU when dirty ring is enabled. > + * > + * The running VCPU is required to track dirty guest pages when dirty ring > + * is enabled. Otherwise, the backup bitmap should be used to track the > + * dirty guest pages. When vgic/its is enabled, we need to use the backup > + * bitmap to track the dirty guest pages for it. > + */ > +bool kvm_arch_allow_write_without_running_vcpu(struct kvm *kvm) > +{ > + return kvm->dirty_ring_with_bitmap && kvm_vgic_has_its(kvm); > +} It is trivial for userspace to cause a WARN to fire like this. Just set up the VM with !RING_WITH_BITMAP && ITS. The goal is to catch KVM bugs, not userspace bugs, so I'd suggest only checking whether or not an ITS is present. [...] > diff --git a/arch/arm64/kvm/vgic/vgic-mmio-v3.c b/arch/arm64/kvm/vgic/vgic-mmio-v3.c > index 91201f743033..10218057c176 100644 > --- a/arch/arm64/kvm/vgic/vgic-mmio-v3.c > +++ b/arch/arm64/kvm/vgic/vgic-mmio-v3.c > @@ -38,20 +38,10 @@ u64 update_64bit_reg(u64 reg, unsigned int offset, unsigned int len, > return reg | ((u64)val << lower); > } > > -bool vgic_has_its(struct kvm *kvm) > -{ > - struct vgic_dist *dist = &kvm->arch.vgic; > - > - if (dist->vgic_model != KVM_DEV_TYPE_ARM_VGIC_V3) > - return false; > - > - return dist->has_its; > -} > - nit: renaming/exposing this helper should be done in a separate patch. Also, I don't think you need to move it anywhere either. [...] > diff --git a/virt/kvm/dirty_ring.c b/virt/kvm/dirty_ring.c > index 7ce6a5f81c98..f27e038043f3 100644 > --- a/virt/kvm/dirty_ring.c > +++ b/virt/kvm/dirty_ring.c > @@ -26,6 +26,11 @@ bool kvm_use_dirty_bitmap(struct kvm *kvm) > return !kvm->dirty_ring_size || kvm->dirty_ring_with_bitmap; > } > > +bool __weak kvm_arch_allow_write_without_running_vcpu(struct kvm *kvm) > +{ > + return kvm->dirty_ring_with_bitmap; > +} > + Same comment on the arm64 implementation applies here. This should just return false by default. -- Thanks, Oliver