linux_old1/Documentation
David Matlack ee3d1570b5 kvm: fix potentially corrupt mmio cache
vcpu exits and memslot mutations can run concurrently as long as the
vcpu does not aquire the slots mutex. Thus it is theoretically possible
for memslots to change underneath a vcpu that is handling an exit.

If we increment the memslot generation number again after
synchronize_srcu_expedited(), vcpus can safely cache memslot generation
without maintaining a single rcu_dereference through an entire vm exit.
And much of the x86/kvm code does not maintain a single rcu_dereference
of the current memslots during each exit.

We can prevent the following case:

   vcpu (CPU 0)                             | thread (CPU 1)
--------------------------------------------+--------------------------
1  vm exit                                  |
2  srcu_read_unlock(&kvm->srcu)             |
3  decide to cache something based on       |
     old memslots                           |
4                                           | change memslots
                                            | (increments generation)
5                                           | synchronize_srcu(&kvm->srcu);
6  retrieve generation # from new memslots  |
7  tag cache with new memslot generation    |
8  srcu_read_unlock(&kvm->srcu)             |
...                                         |
   <action based on cache occurs even       |
    though the caching decision was based   |
    on the old memslots>                    |
...                                         |
   <action *continues* to occur until next  |
    memslot generation change, which may    |
    be never>                               |
                                            |

By incrementing the generation after synchronizing with kvm->srcu readers,
we ensure that the generation retrieved in (6) will become invalid soon
after (8).

Keeping the existing increment is not strictly necessary, but we
do keep it and just move it for consistency from update_memslots to
install_new_memslots.  It invalidates old cached MMIOs immediately,
instead of having to wait for the end of synchronize_srcu_expedited,
which makes the code more clearly correct in case CPU 1 is preempted
right after synchronize_srcu() returns.

To avoid halving the generation space in SPTEs, always presume that the
low bit of the generation is zero when reconstructing a generation number
out of an SPTE.  This effectively disables MMIO caching in SPTEs during
the call to synchronize_srcu_expedited.  Using the low bit this way is
somewhat like a seqcount---where the protected thing is a cache, and
instead of retrying we can simply punt if we observe the low bit to be 1.

Cc: stable@vger.kernel.org
Signed-off-by: David Matlack <dmatlack@google.com>
Reviewed-by: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
Reviewed-by: David Matlack <dmatlack@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-09-03 10:03:41 +02:00
..
ABI xfs: update for 3.17-rc1 2014-08-13 17:49:53 -06:00
DocBook drm/doc: Refer to proper source file 2014-08-15 09:50:41 +10:00
EDID drm: Add 800x600 (SVGA) screen resolution to the built-in EDIDs 2014-05-26 12:53:40 +10:00
PCI doc: replace "practise" with "practice" in Documentation 2014-06-19 15:28:56 +02:00
RCU list: fix order of arguments for hlist_add_after(_rcu) 2014-08-06 18:01:24 -07:00
accounting Documentation/accounting/getdelays.c: add missing null-terminate after strncpy call 2014-06-23 16:47:44 -07:00
acpi ACPI / documentation: Remove reference to acpi_platform_device_ids from enumeration.txt 2014-07-12 00:07:05 +02:00
aoe
arm ARM: SoC driver changes for 3.17 2014-08-08 11:34:32 -07:00
arm64 KVM/ARM New features for 3.17 include: 2014-08-05 09:47:45 +02:00
auxdisplay
backlight
blackfin Documentation/: update 00-INDEX files 2014-02-10 16:01:40 -08:00
block Documentation/: update 00-INDEX files 2014-02-10 16:01:40 -08:00
blockdev zram: propagate error to user 2014-04-07 16:36:02 -07:00
bus-devices
cdrom
cgroups mm: memcontrol: rewrite uncharge API 2014-08-08 15:57:17 -07:00
connector w1: optional bundling of netlink kernel replies 2014-05-27 13:56:21 -07:00
console
cpu-freq intel_pstate: Update documentation of {max,min}_perf_pct sysfs files 2014-07-07 01:22:19 +02:00
cpuidle
cris
crypto
development-process
device-mapper dm switch: efficiently support repetitive patterns 2014-08-01 12:30:37 -04:00
devicetree The branch contains the following device tree changes the v3.17 merge 2014-08-14 09:53:39 -06:00
driver-model Documentation: devres: Sort managed interfaces 2014-07-11 17:56:55 -07:00
dvb [media] get_dvb_firmware: Add firmware extractor for si2165 2014-07-27 17:01:12 -03:00
early-userspace
extcon extcon: fix switch class porting guide (Documentation) 2014-01-07 11:54:28 +09:00
fault-injection
fb doc: spelling error changes 2014-05-05 15:32:05 +02:00
filesystems File locking related bugfixes for v3.17 (pile #2) 2014-08-16 08:58:47 -06:00
firmware_class doc: fix minor typos in firmware_class README 2014-07-17 18:43:40 -07:00
fmc FMC: make eeprom attribute writable 2014-02-28 15:12:08 -08:00
frv
gpio gpio: add flags argument to gpiod_get*() functions 2014-07-28 12:28:05 +02:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial into next 2014-06-04 08:50:34 -07:00
hwmon hwmon: Add pwm-fan driver 2014-08-04 07:01:38 -07:00
i2c i2c: i801: Add device ID for Intel Wildcat Point PCH 2014-07-17 19:56:23 +02:00
i2o
ia64
ide Documentation/: update 00-INDEX files 2014-02-10 16:01:40 -08:00
infiniband IB/mad: add new ioctl to ABI to support new registration options 2014-08-10 20:36:00 -07:00
input Merge branch 'next' into for-linus 2014-08-06 23:36:12 -07:00
ioctl Documentation: add How to avoid botching up ioctls 2014-08-09 09:13:40 -07:00
isdn
ja_JP Documentation: Update stable address in Chinese and Japanese translations 2014-04-16 14:13:27 -07:00
kbuild Merge branch 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild 2014-08-14 11:14:29 -06:00
kdump
ko_KR Documentation: HOWTO: Updates on subsystem trees, patchwork, -next (vs. -mm) in ko_KR 2014-01-08 15:32:51 -08:00
laptops Documentation: Add file about toshiba_haps module 2014-08-16 01:23:56 -07:00
leds Documentation/: update 00-INDEX files 2014-02-10 16:01:40 -08:00
m68k Documentation/: update 00-INDEX files 2014-02-10 16:01:40 -08:00
memory-devices
metag
mic misc: mic: add support for loading/unloading dma driver 2014-07-11 18:31:12 -07:00
mips
misc-devices Merge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging 2014-01-29 18:56:27 -08:00
mmc
mn10300
mtd MTD updates for 3.16: 2014-06-11 08:35:34 -07:00
namespaces
netlabel
networking i40e: adds FCoE to build and updates its documentation 2014-08-02 19:41:13 -07:00
nfc
parisc
pcmcia
phy phy: Add new Exynos USB 2.0 PHY driver 2014-03-08 12:39:44 +05:30
platform Documentation: Add list of laptop models supported by the Compal driver 2014-06-10 19:11:06 -04:00
power ACPI and power management updates for 3.17-rc1 2014-08-06 20:34:19 -07:00
powerpc KVM: PPC: Remove 440 support 2014-07-28 15:23:15 +02:00
pps
prctl
pti
ptp ptp: In the testptp utility, use clock_adjtime from glibc when available 2014-06-16 21:32:31 -07:00
rapidio rapidio/tsi721_dma: rework scatter-gather list handling 2014-08-08 15:57:24 -07:00
s390 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial into next 2014-06-04 08:50:34 -07:00
scheduler asm/system.h: clean asm/system.h from docs 2014-04-07 16:36:11 -07:00
scsi Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-08-06 21:03:53 -07:00
security Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-08-06 21:03:53 -07:00
serial tty/serial: Add GPIOLIB helpers for controlling modem lines 2014-05-28 12:49:14 -07:00
sh
sound ALSA: virtuoso: add Xonar Essence STX II support 2014-08-04 15:20:48 +02:00
spi Merge remote-tracking branches 'spi/topic/s3c64xx', 'spi/topic/sc18is602', 'spi/topic/sh-hspi', 'spi/topic/sh-msiof', 'spi/topic/sh-sci', 'spi/topic/sirf' and 'spi/topic/spidev' into spi-next 2014-03-30 00:51:34 +00:00
sysctl panic: add TAINT_SOFTLOCKUP 2014-08-08 15:57:24 -07:00
target
thermal drm/nouveau/doc: update the thermal documentation 2014-06-17 14:50:17 +10:00
timers clocksource: document some basic timekeeping concepts 2014-07-23 15:07:13 -07:00
tpm
trace mm: trace-vmscan-postprocess.pl: report the number of file/anon pages respectively 2014-08-06 18:01:20 -07:00
usb usb: doc: hotplug.txt code typos 2014-07-09 16:05:42 -07:00
vDSO x86/vdso/doc: Make vDSO examples more portable 2014-06-12 19:01:24 -07:00
video4linux [media] update cx23885 and em28xx cardlists 2014-07-26 11:55:10 -03:00
virtual kvm: fix potentially corrupt mmio cache 2014-09-03 10:03:41 +02:00
vm mm: mark remap_file_pages() syscall as deprecated 2014-06-06 16:08:17 -07:00
w1 w1: new w1_ds2406 driver 2014-06-19 17:45:14 -07:00
watchdog Documentation: fix two typos in watchdog-api.txt 2014-08-05 22:43:21 +02:00
wimax
x86 x86/mm: New tunable for single vs full TLB flush 2014-07-31 08:48:51 -07:00
xtensa xtensa: remap io area defined in device tree 2014-01-15 00:25:14 +04:00
zh_CN Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2014-08-06 21:03:53 -07:00
.gitignore
00-INDEX Merge branch 'x86-nuke-platforms-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-04-02 13:15:58 -07:00
BUG-HUNTING
Changes Documentation/Changes: clean up mcelog paragraph 2014-07-12 11:30:36 -07:00
CodingStyle Documentation: expand/clarify debug documentation 2014-06-04 16:54:17 -07:00
DMA-API-HOWTO.txt DMA-API: Update dma_pool_create ()and dma_pool_alloc() descriptions 2014-05-26 17:28:28 -06:00
DMA-API.txt DMA-API: Capitalize "CPU" consistently 2014-05-26 17:28:27 -06:00
DMA-ISA-LPC.txt DMA-API: Clarify physical/bus address distinction 2014-05-20 16:54:21 -06:00
DMA-attributes.txt doc: spelling error changes 2014-05-05 15:32:05 +02:00
HOWTO
IPMI.txt
IRQ-affinity.txt
IRQ-domain.txt genirq: Improve documentation to match current implementation 2014-05-27 10:16:44 +02:00
IRQ.txt
Intel-IOMMU.txt
Makefile
ManagementStyle
SAK.txt
SM501.txt
SecurityBugs
SubmitChecklist
SubmittingDrivers doc: SubmittingPatches: remove dead link, kerneltrap.org no longer works 2014-06-19 15:15:27 +02:00
SubmittingPatches Documentation: SubmittingPatches: overhaul changelog description 2014-08-09 09:13:40 -07:00
VGA-softcursor.txt
applying-patches.txt
assoc_array.txt
atomic_ops.txt arch,doc: Convert smp_mb__*() 2014-04-18 14:20:48 +02:00
bad_memory.txt
basic_profiling.txt
bcache.txt
binfmt_misc.txt
braille-console.txt
bt8xxgpio.txt
btmrvl.txt
bus-virt-phys-mapping.txt
cachetlb.txt
circular-buffers.txt
clk.txt clk: Improve clk_ops documentation 2014-05-12 17:08:33 -07:00
coccinelle.txt
cpu-hotplug.txt Doc/cpu-hotplug: Specify race-free way to register CPU hotplug callbacks 2014-03-20 13:43:40 +01:00
cpu-load.txt
cputopology.txt
crc32.txt
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt firewire: revert to 4 GB RDMA, fix protocols using Memory Space 2014-05-29 15:50:30 +02:00
dell_rbu.txt
devices.txt Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media 2014-04-04 09:50:07 -07:00
digsig.txt
dma-buf-sharing.txt doc: spelling error changes 2014-05-05 15:32:05 +02:00
dmaengine.txt dmaengine: Clarify device parameter for dma_sync_*_for_*() 2014-07-25 14:21:23 +05:30
dmatest.txt
dontdiff Documentation: LLVMLinux: Update Documentation/dontdiff 2014-04-09 13:44:34 -07:00
dynamic-debug-howto.txt doc: spelling error changes 2014-05-05 15:32:05 +02:00
edac.txt Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial into next 2014-06-04 08:50:34 -07:00
efi-stub.txt doc: arm64: add description of EFI stub support 2014-04-30 19:57:05 +01:00
eisa.txt
email-clients.txt Documentation: add section about git to email-clients.txt 2014-06-29 13:38:33 -07:00
flexible-arrays.txt
futex-requeue-pi.txt doc: fix double words 2014-03-21 13:16:58 +01:00
gcov.txt
highuid.txt
hsi.txt Documentation: HSI: Add some general description for the HSI subsystem 2014-05-04 09:49:46 +02:00
hw_random.txt
hwspinlock.txt
init.txt
initrd.txt
intel_txt.txt
io-mapping.txt
io_ordering.txt
iostats.txt
irqflags-tracing.txt asm/system.h: clean asm/system.h from docs 2014-04-07 16:36:11 -07:00
isapnp.txt
java.txt Documentation: update java sample wrapper for java 7 2014-05-25 12:39:00 -07:00
kernel-doc-nano-HOWTO.txt
kernel-docs.txt
kernel-parameters.txt Merge branch 'x86-xsave-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-08-13 18:20:04 -06:00
kernel-per-CPU-kthreads.txt Documentation/kernel-per-CPU-kthreads.txt: Workqueue affinity 2014-02-17 14:56:08 -08:00
kmemcheck.txt doc: fix double words 2014-03-21 13:16:58 +01:00
kmemleak.txt mm: introduce kmemleak_update_trace() 2014-06-06 16:08:17 -07:00
kobject.txt
kprobes.txt kprobes: Introduce NOKPROBE_SYMBOL() macro to maintain kprobes blacklist 2014-04-24 10:02:56 +02:00
kref.txt
ldm.txt
local_ops.txt
lockdep-design.txt
lockstat.txt
lockup-watchdogs.txt
logo.gif
logo.txt
magic-number.txt Documentation/serial: Delete obsolete driver documentation 2014-04-16 14:20:34 -07:00
md.txt
media-framework.txt
memory-barriers.txt documentation: Add acquire/release barriers to pairing rules 2014-07-08 08:32:51 -07:00
memory-hotplug.txt mm, hotplug: probe interface is available on several platforms 2014-06-23 16:47:43 -07:00
module-signing.txt Nothing major: the stricter permissions checking for sysfs broke 2014-04-06 09:38:07 -07:00
mono.txt
mutex-design.txt locking/mutexes: Documentation update/rewrite 2014-06-05 13:29:37 +02:00
nommu-mmap.txt
numastat.txt
oops-tracing.txt panic: add TAINT_SOFTLOCKUP 2014-08-08 15:57:24 -07:00
padata.txt
parport-lowlevel.txt
parport.txt
percpu-rw-semaphore.txt
phy.txt phy: core: Let node ptr of PHY point to PHY and not of PHY provider 2014-07-22 12:46:11 +05:30
pi-futex.txt
pinctrl.txt pinctrl: Fix some typos and grammar issues in the documentation 2014-01-15 13:59:50 +01:00
pnp.txt
preempt-locking.txt
printk-formats.txt doc: printk-formats: do not mention casts for u64/s64 2014-05-05 15:32:42 +02:00
pwm.txt pwm: modify PWM_LOOKUP to initialize all struct pwm_lookup members 2014-05-21 11:19:36 +02:00
ramoops.txt
rbtree.txt doc: spelling error changes 2014-05-05 15:32:05 +02:00
remoteproc.txt
rfkill.txt doc: spelling error changes 2014-05-05 15:32:05 +02:00
robust-futex-ABI.txt
robust-futexes.txt doc: spelling error changes 2014-05-05 15:32:05 +02:00
rpmsg.txt
rt-mutex-design.txt
rt-mutex.txt
rtc.txt
serial-console.txt
sgi-ioc4.txt
smsc_ece1099.txt
sparse.txt
spinlocks.txt
stable_api_nonsense.txt
stable_kernel_rules.txt stable_kernel_rules: Add pointer to netdev-FAQ for network patches 2014-07-09 15:54:27 -07:00
static-keys.txt
svga.txt
sysfs-rules.txt
sysrq.txt
this_cpu_ops.txt
unaligned-memory-access.txt
unicode.txt
unshare.txt
vfio.txt drivers/vfio: EEH support for VFIO PCI device 2014-08-05 15:28:48 +10:00
vgaarbiter.txt
video-output.txt
vme_api.txt
volatile-considered-harmful.txt
workqueue.txt
ww-mutex-design.txt
xz.txt
zorro.txt