[PATCH 2/2] KVM: arm64: Ensure TLBI uses correct VMID after changing context
Marc Zyngier
maz at kernel.org
Thu Aug 15 05:31:54 PDT 2024
On Thu, 15 Aug 2024 13:08:03 +0100,
Will Deacon <will at kernel.org> wrote:
>
> > Is there an actual path within pKVM that causes a guest TLBI to be
> > followed by a host __kvm_tlb_flush_vmid() *without* a CSE? I can't
> > convinced myself that such a path exist in the current upstream code
> > base.
>
> I think you're right that this can't happen upstream. We see the issue
> in Android when reclaiming pages from a guest during teardown. That
> amounts to unmapping pages from the guest, poisoning them and mapping
> them back into the host. Mapping them into the host can then trigger
> table -> block conversion and the associated TLB invalidation wasn't
> effective because it was still using the guest VMID.
>
> We can carry this patch in Android if you prefer, but given that
> {enter,exit}_vmid_context() are upstream, it would be nice to land the
> fix so that we don't run into this bug again in future (it took some
> debugging!).
I think it is definitely worth addressing, and given that this is nVHE
only, an extra CSE isn't going to show on the radar.
The question is more whether this is 6.11 or 6.12 material. If that's
not an immediate fix for upstream, I'm tempted to queue it for 6.12.
Does this work for you?
M.
--
Without deviation from the norm, progress is not possible.
More information about the linux-arm-kernel
mailing list