[PATCH 2/2] KVM: arm64: Ensure TLBI uses correct VMID after changing context
Will Deacon
will at kernel.org
Thu Aug 15 05:38:20 PDT 2024
On Thu, Aug 15, 2024 at 01:31:54PM +0100, Marc Zyngier wrote:
> On Thu, 15 Aug 2024 13:08:03 +0100,
> Will Deacon <will at kernel.org> wrote:
> >
> > > Is there an actual path within pKVM that causes a guest TLBI to be
> > > followed by a host __kvm_tlb_flush_vmid() *without* a CSE? I can't
> > > convinced myself that such a path exist in the current upstream code
> > > base.
> >
> > I think you're right that this can't happen upstream. We see the issue
> > in Android when reclaiming pages from a guest during teardown. That
> > amounts to unmapping pages from the guest, poisoning them and mapping
> > them back into the host. Mapping them into the host can then trigger
> > table -> block conversion and the associated TLB invalidation wasn't
> > effective because it was still using the guest VMID.
> >
> > We can carry this patch in Android if you prefer, but given that
> > {enter,exit}_vmid_context() are upstream, it would be nice to land the
> > fix so that we don't run into this bug again in future (it took some
> > debugging!).
>
> I think it is definitely worth addressing, and given that this is nVHE
> only, an extra CSE isn't going to show on the radar.
>
> The question is more whether this is 6.11 or 6.12 material. If that's
> not an immediate fix for upstream, I'm tempted to queue it for 6.12.
>
> Does this work for you?
6.12 is absolutely fine, thank you!
Will
More information about the linux-arm-kernel
mailing list