Merge branch 'kvm-lapic-fix-and-cleanup' into HEAD

------------------------------

TBD

x2APIC

------

When KVM_X2APIC_API_USE_32BIT_IDS is enabled, KVM activates a hack/quirk that

allows sending events to a single vCPU using its x2APIC ID even if the target

vCPU has legacy xAPIC enabled, e.g. to bring up hotplugged vCPUs via INIT-SIPI

on VMs with > 255 vCPUs.  A side effect of the quirk is that, if multiple vCPUs

have the same physical APIC ID, KVM will deliver events targeting that APIC ID

only to the vCPU with the lowest vCPU ID.  If KVM_X2APIC_API_USE_32BIT_IDS is

not enabled, KVM follows x86 architecture when processing interrupts (all vCPUs

matching the target APIC ID receive the interrupt).

KVM_X86_OP(enable_nmi_window)

KVM_X86_OP(enable_irq_window)

KVM_X86_OP_OPTIONAL(update_cr8_intercept)

KVM_X86_OP(check_apicv_inhibit_reasons)

KVM_X86_OP(refresh_apicv_exec_ctrl)

KVM_X86_OP_OPTIONAL(hwapic_irr_update)

KVM_X86_OP_OPTIONAL(hwapic_isr_update)

};

/*

 * We use as the mode the number of bits allocated in the LDR for the

 * logical processor ID.  It happens that these are all powers of two.

 * This makes it is very easy to detect cases where the APICs are

 * configured for multiple modes; in that case, we cannot use the map and

 * hence cannot use kvm_irq_delivery_to_apic_fast either.

 * Track the mode of the optimized logical map, as the rules for decoding the

 * destination vary per mode.  Enabling the optimized logical map requires all

 * software-enabled local APIs to be in the same mode, each addressable APIC to

 * be mapped to only one MDA, and each MDA to map to at most one APIC.

 */

#define KVM_APIC_MODE_XAPIC_CLUSTER          4

#define KVM_APIC_MODE_XAPIC_FLAT             8

#define KVM_APIC_MODE_X2APIC                16

enum kvm_apic_logical_mode {

	/* All local APICs are software disabled. */

	KVM_APIC_MODE_SW_DISABLED,

	/* All software enabled local APICs in xAPIC cluster addressing mode. */

	KVM_APIC_MODE_XAPIC_CLUSTER,

	/* All software enabled local APICs in xAPIC flat addressing mode. */

	KVM_APIC_MODE_XAPIC_FLAT,

	/* All software enabled local APICs in x2APIC mode. */

	KVM_APIC_MODE_X2APIC,

	/*

	 * Optimized map disabled, e.g. not all local APICs in the same logical

	 * mode, same logical ID assigned to multiple APICs, etc.

	 */

	KVM_APIC_MODE_MAP_DISABLED,

};

struct kvm_apic_map {

	struct rcu_head rcu;

	u8 mode;

	enum kvm_apic_logical_mode logical_mode;

	u32 max_apic_id;

	union {

		struct kvm_lapic *xapic_flat_map[8];

	 */

	APICV_INHIBIT_REASON_BLOCKIRQ,

	/*

	 * APICv is disabled because not all vCPUs have a 1:1 mapping between

	 * APIC ID and vCPU, _and_ KVM is not applying its x2APIC hotplug hack.

	 */

	APICV_INHIBIT_REASON_PHYSICAL_ID_ALIASED,

	/*

	 * For simplicity, the APIC acceleration is inhibited

	 * first time either APIC ID or APIC base are changed by the guest

	 * AVIC is disabled because SEV doesn't support it.

	 */

	APICV_INHIBIT_REASON_SEV,

	/*

	 * AVIC is disabled because not all vCPUs with a valid LDR have a 1:1

	 * mapping between logical ID and vCPU.

	 */

	APICV_INHIBIT_REASON_LOGICAL_ID_ALIASED,

};

struct kvm_arch {

	struct kvm_apic_map __rcu *apic_map;

	atomic_t apic_map_dirty;

	/* Protects apic_access_memslot_enabled and apicv_inhibit_reasons */

	struct rw_semaphore apicv_update_lock;

	bool apic_access_memslot_enabled;

	bool apic_access_memslot_inhibited;

	/* Protects apicv_inhibit_reasons */

	struct rw_semaphore apicv_update_lock;

	unsigned long apicv_inhibit_reasons;

	gpa_t wall_clock;

	void (*enable_irq_window)(struct kvm_vcpu *vcpu);

	void (*update_cr8_intercept)(struct kvm_vcpu *vcpu, int tpr, int irr);

	bool (*check_apicv_inhibit_reasons)(enum kvm_apicv_inhibit reason);

	const unsigned long required_apicv_inhibits;

	bool allow_apicv_in_x2apic_without_x2apic_virtualization;

	void (*refresh_apicv_exec_ctrl)(struct kvm_vcpu *vcpu);

	void (*hwapic_irr_update)(struct kvm_vcpu *vcpu, int max_irr);

	void (*hwapic_isr_update)(int isr);

bool kvm_apicv_activated(struct kvm *kvm);

bool kvm_vcpu_apicv_activated(struct kvm_vcpu *vcpu);

void kvm_vcpu_update_apicv(struct kvm_vcpu *vcpu);

void __kvm_vcpu_update_apicv(struct kvm_vcpu *vcpu);

void __kvm_set_or_clear_apicv_inhibit(struct kvm *kvm,

				      enum kvm_apicv_inhibit reason, bool set);

void kvm_set_or_clear_apicv_inhibit(struct kvm *kvm,

	return kvm_can_post_timer_interrupt(vcpu) && vcpu->mode == IN_GUEST_MODE;

}

static inline u32 kvm_apic_calc_x2apic_ldr(u32 id)

{

	return ((id >> 4) << 16) | (1 << (id & 0xf));

}

static inline bool kvm_apic_map_get_logical_dest(struct kvm_apic_map *map,

		u32 dest_id, struct kvm_lapic ***cluster, u16 *mask) {

	switch (map->mode) {

	switch (map->logical_mode) {

	case KVM_APIC_MODE_SW_DISABLED:

		/* Arbitrarily use the flat map so that @cluster isn't NULL. */

		*cluster = map->xapic_flat_map;

		*mask = 0;

		return true;

	case KVM_APIC_MODE_X2APIC: {

		u32 offset = (dest_id >> 16) * 16;

		u32 max_apic_id = map->max_apic_id;

		*cluster = map->xapic_cluster_map[(dest_id >> 4) & 0xf];

		*mask = dest_id & 0xf;

		return true;

	case KVM_APIC_MODE_MAP_DISABLED:

		return false;

	default:

		/* Not optimized. */

		WARN_ON_ONCE(1);

		return false;

	}

}

	kvfree(map);

}

static int kvm_recalculate_phys_map(struct kvm_apic_map *new,

				    struct kvm_vcpu *vcpu,

				    bool *xapic_id_mismatch)

{

	struct kvm_lapic *apic = vcpu->arch.apic;

	u32 x2apic_id = kvm_x2apic_id(apic);

	u32 xapic_id = kvm_xapic_id(apic);

	u32 physical_id;

	/*

	 * Deliberately truncate the vCPU ID when detecting a mismatched APIC

	 * ID to avoid false positives if the vCPU ID, i.e. x2APIC ID, is a

	 * 32-bit value.  Any unwanted aliasing due to truncation results will

	 * be detected below.

	 */

	if (!apic_x2apic_mode(apic) && xapic_id != (u8)vcpu->vcpu_id)

		*xapic_id_mismatch = true;

	/*

	 * Apply KVM's hotplug hack if userspace has enable 32-bit APIC IDs.

	 * Allow sending events to vCPUs by their x2APIC ID even if the target

	 * vCPU is in legacy xAPIC mode, and silently ignore aliased xAPIC IDs

	 * (the x2APIC ID is truncated to 8 bits, causing IDs > 0xff to wrap

	 * and collide).

	 *

	 * Honor the architectural (and KVM's non-optimized) behavior if

	 * userspace has not enabled 32-bit x2APIC IDs.  Each APIC is supposed

	 * to process messages independently.  If multiple vCPUs have the same

	 * effective APIC ID, e.g. due to the x2APIC wrap or because the guest

	 * manually modified its xAPIC IDs, events targeting that ID are

	 * supposed to be recognized by all vCPUs with said ID.

	 */

	if (vcpu->kvm->arch.x2apic_format) {

		/* See also kvm_apic_match_physical_addr(). */

		if ((apic_x2apic_mode(apic) || x2apic_id > 0xff) &&

			x2apic_id <= new->max_apic_id)

			new->phys_map[x2apic_id] = apic;

		if (!apic_x2apic_mode(apic) && !new->phys_map[xapic_id])

			new->phys_map[xapic_id] = apic;

	} else {

		/*

		 * Disable the optimized map if the physical APIC ID is already

		 * mapped, i.e. is aliased to multiple vCPUs.  The optimized

		 * map requires a strict 1:1 mapping between IDs and vCPUs.

		 */

		if (apic_x2apic_mode(apic))

			physical_id = x2apic_id;

		else

			physical_id = xapic_id;

		if (new->phys_map[physical_id])

			return -EINVAL;

		new->phys_map[physical_id] = apic;

	}

	return 0;

}

static void kvm_recalculate_logical_map(struct kvm_apic_map *new,

					struct kvm_vcpu *vcpu)

{

	struct kvm_lapic *apic = vcpu->arch.apic;

	enum kvm_apic_logical_mode logical_mode;

	struct kvm_lapic **cluster;

	u16 mask;

	u32 ldr;

	if (new->logical_mode == KVM_APIC_MODE_MAP_DISABLED)

		return;

	if (!kvm_apic_sw_enabled(apic))

		return;

	ldr = kvm_lapic_get_reg(apic, APIC_LDR);

	if (!ldr)

		return;

	if (apic_x2apic_mode(apic)) {

		logical_mode = KVM_APIC_MODE_X2APIC;

	} else {

		ldr = GET_APIC_LOGICAL_ID(ldr);

		if (kvm_lapic_get_reg(apic, APIC_DFR) == APIC_DFR_FLAT)

			logical_mode = KVM_APIC_MODE_XAPIC_FLAT;

		else

			logical_mode = KVM_APIC_MODE_XAPIC_CLUSTER;

	}

	/*

	 * To optimize logical mode delivery, all software-enabled APICs must

	 * be configured for the same mode.

	 */

	if (new->logical_mode == KVM_APIC_MODE_SW_DISABLED) {

		new->logical_mode = logical_mode;

	} else if (new->logical_mode != logical_mode) {

		new->logical_mode = KVM_APIC_MODE_MAP_DISABLED;

		return;

	}

	/*

	 * In x2APIC mode, the LDR is read-only and derived directly from the

	 * x2APIC ID, thus is guaranteed to be addressable.  KVM reuses

	 * kvm_apic_map.phys_map to optimize logical mode x2APIC interrupts by

	 * reversing the LDR calculation to get cluster of APICs, i.e. no

	 * additional work is required.

	 */

	if (apic_x2apic_mode(apic)) {

		WARN_ON_ONCE(ldr != kvm_apic_calc_x2apic_ldr(kvm_x2apic_id(apic)));

		return;

	}

	if (WARN_ON_ONCE(!kvm_apic_map_get_logical_dest(new, ldr,

							&cluster, &mask))) {

		new->logical_mode = KVM_APIC_MODE_MAP_DISABLED;

		return;

	}

	if (!mask)

		return;

	ldr = ffs(mask) - 1;

	if (!is_power_of_2(mask) || cluster[ldr])

		new->logical_mode = KVM_APIC_MODE_MAP_DISABLED;

	else

		cluster[ldr] = apic;

}

/*

 * CLEAN -> DIRTY and UPDATE_IN_PROGRESS -> DIRTY changes happen without a lock.

 *

	struct kvm_vcpu *vcpu;

	unsigned long i;

	u32 max_id = 255; /* enough space for any xAPIC ID */

	bool xapic_id_mismatch = false;

	/* Read kvm->arch.apic_map_dirty before kvm->arch.apic_map.  */

	if (atomic_read_acquire(&kvm->arch.apic_map_dirty) == CLEAN)

		goto out;

	new->max_apic_id = max_id;

	new->logical_mode = KVM_APIC_MODE_SW_DISABLED;

	kvm_for_each_vcpu(i, vcpu, kvm) {

		struct kvm_lapic *apic = vcpu->arch.apic;

		struct kvm_lapic **cluster;

		u16 mask;

		u32 ldr;

		u8 xapic_id;

		u32 x2apic_id;

		if (!kvm_apic_present(vcpu))

			continue;

		xapic_id = kvm_xapic_id(apic);

		x2apic_id = kvm_x2apic_id(apic);

		if (kvm_recalculate_phys_map(new, vcpu, &xapic_id_mismatch)) {

			kvfree(new);

			new = NULL;

			goto out;

		}

		/* Hotplug hack: see kvm_apic_match_physical_addr(), ... */

		if ((apic_x2apic_mode(apic) || x2apic_id > 0xff) &&

				x2apic_id <= new->max_apic_id)

			new->phys_map[x2apic_id] = apic;

		kvm_recalculate_logical_map(new, vcpu);

	}

out:

	/*

		 * ... xAPIC ID of VCPUs with APIC ID > 0xff will wrap-around,

		 * prevent them from masking VCPUs with APIC ID <= 0xff.

	 * The optimized map is effectively KVM's internal version of APICv,

	 * and all unwanted aliasing that results in disabling the optimized

	 * map also applies to APICv.

	 */

		if (!apic_x2apic_mode(apic) && !new->phys_map[xapic_id])

			new->phys_map[xapic_id] = apic;

		if (!kvm_apic_sw_enabled(apic))

			continue;

		ldr = kvm_lapic_get_reg(apic, APIC_LDR);

	if (!new)

		kvm_set_apicv_inhibit(kvm, APICV_INHIBIT_REASON_PHYSICAL_ID_ALIASED);

	else

		kvm_clear_apicv_inhibit(kvm, APICV_INHIBIT_REASON_PHYSICAL_ID_ALIASED);

		if (apic_x2apic_mode(apic)) {

			new->mode |= KVM_APIC_MODE_X2APIC;

		} else if (ldr) {

			ldr = GET_APIC_LOGICAL_ID(ldr);

			if (kvm_lapic_get_reg(apic, APIC_DFR) == APIC_DFR_FLAT)

				new->mode |= KVM_APIC_MODE_XAPIC_FLAT;

	if (!new || new->logical_mode == KVM_APIC_MODE_MAP_DISABLED)

		kvm_set_apicv_inhibit(kvm, APICV_INHIBIT_REASON_LOGICAL_ID_ALIASED);

	else

				new->mode |= KVM_APIC_MODE_XAPIC_CLUSTER;

		}

		kvm_clear_apicv_inhibit(kvm, APICV_INHIBIT_REASON_LOGICAL_ID_ALIASED);

		if (!kvm_apic_map_get_logical_dest(new, ldr, &cluster, &mask))

			continue;

	if (xapic_id_mismatch)

		kvm_set_apicv_inhibit(kvm, APICV_INHIBIT_REASON_APIC_ID_MODIFIED);

	else

		kvm_clear_apicv_inhibit(kvm, APICV_INHIBIT_REASON_APIC_ID_MODIFIED);

		if (mask)

			cluster[ffs(mask) - 1] = apic;

	}

out:

	old = rcu_dereference_protected(kvm->arch.apic_map,

			lockdep_is_held(&kvm->arch.apic_map_lock));

	rcu_assign_pointer(kvm->arch.apic_map, new);

	atomic_set_release(&apic->vcpu->kvm->arch.apic_map_dirty, DIRTY);

}

static inline u32 kvm_apic_calc_x2apic_ldr(u32 id)

{

	return ((id >> 4) << 16) | (1 << (id & 0xf));

}

static inline void kvm_apic_set_x2apic_id(struct kvm_lapic *apic, u32 id)

{

	u32 ldr = kvm_apic_calc_x2apic_ldr(id);

{

	if (kvm->arch.x2apic_broadcast_quirk_disabled) {

		if ((irq->dest_id == APIC_BROADCAST &&

				map->mode != KVM_APIC_MODE_X2APIC))

		     map->logical_mode != KVM_APIC_MODE_X2APIC))

			return true;

		if (irq->dest_id == X2APIC_BROADCAST)

			return true;

	}

}

static void kvm_lapic_xapic_id_updated(struct kvm_lapic *apic)

{

	struct kvm *kvm = apic->vcpu->kvm;

	if (KVM_BUG_ON(apic_x2apic_mode(apic), kvm))

		return;

	if (kvm_xapic_id(apic) == apic->vcpu->vcpu_id)

		return;

	kvm_set_apicv_inhibit(apic->vcpu->kvm, APICV_INHIBIT_REASON_APIC_ID_MODIFIED);

}

static int get_lvt_index(u32 reg)

{

	if (reg == APIC_LVTCMCI)

	case APIC_ID:		/* Local APIC ID */

		if (!apic_x2apic_mode(apic)) {

			kvm_apic_set_xapic_id(apic, val >> 24);

			kvm_lapic_xapic_id_updated(apic);

		} else {

			ret = 1;

		}

	struct kvm_lapic *apic = vcpu->arch.apic;

	u64 val;

	if (apic_x2apic_mode(apic)) {

		if (KVM_BUG_ON(kvm_lapic_msr_read(apic, offset, &val), vcpu->kvm))

			return;

	} else {

		val = kvm_lapic_get_reg(apic, offset);

	}

	/*

	 * ICR is a single 64-bit register when x2APIC is enabled.  For legacy

	 * xAPIC, ICR writes need to go down the common (slightly slower) path

	 * to get the upper half from ICR2.

	 */

	if (apic_x2apic_mode(apic) && offset == APIC_ICR) {

		val = kvm_lapic_get_reg64(apic, APIC_ICR);

		kvm_apic_send_ipi(apic, (u32)val, (u32)(val >> 32));

		trace_kvm_apic_write(APIC_ICR, val);

	} else {

		/* TODO: optimize to just emulate side effect w/o one more write */

		val = kvm_lapic_get_reg(apic, offset);

		kvm_lapic_reg_write(apic, offset, (u32)val);

	}

}

		kvm_apic_set_x2apic_id(apic, vcpu->vcpu_id);

	if ((old_value ^ value) & (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE)) {

		kvm_vcpu_update_apicv(vcpu);

		kvm_make_request(KVM_REQ_APICV_UPDATE, vcpu);

		static_call_cond(kvm_x86_set_virtual_apic_mode)(vcpu);

	}

		 */

		apic->isr_count = count_vectors(apic->regs + APIC_ISR);

	}

	apic->highest_isr_cache = -1;

}

int kvm_alloc_apic_access_page(struct kvm *kvm)

{

	struct page *page;

	void __user *hva;

	int ret = 0;

	mutex_lock(&kvm->slots_lock);

	if (kvm->arch.apic_access_memslot_enabled ||

	    kvm->arch.apic_access_memslot_inhibited)

		goto out;

	hva = __x86_set_memory_region(kvm, APIC_ACCESS_PAGE_PRIVATE_MEMSLOT,

				      APIC_DEFAULT_PHYS_BASE, PAGE_SIZE);

	if (IS_ERR(hva)) {

		ret = PTR_ERR(hva);

		goto out;

	}

	page = gfn_to_page(kvm, APIC_DEFAULT_PHYS_BASE >> PAGE_SHIFT);

	if (is_error_page(page)) {

		ret = -EFAULT;

		goto out;

	}

	/*

	 * Do not pin the page in memory, so that memory hot-unplug

	 * is able to migrate it.

	 */

	put_page(page);

	kvm->arch.apic_access_memslot_enabled = true;

out:

	mutex_unlock(&kvm->slots_lock);

	return ret;

}

EXPORT_SYMBOL_GPL(kvm_alloc_apic_access_page);

void kvm_inhibit_apic_access_page(struct kvm_vcpu *vcpu)

{

	struct kvm *kvm = vcpu->kvm;

	if (!kvm->arch.apic_access_memslot_enabled)

		return;

	kvm_vcpu_srcu_read_unlock(vcpu);

	mutex_lock(&kvm->slots_lock);

	if (kvm->arch.apic_access_memslot_enabled) {

		__x86_set_memory_region(kvm, APIC_ACCESS_PAGE_PRIVATE_MEMSLOT, 0, 0);

		/*

		 * Clear "enabled" after the memslot is deleted so that a

		 * different vCPU doesn't get a false negative when checking

		 * the flag out of slots_lock.  No additional memory barrier is

		 * needed as modifying memslots requires waiting other vCPUs to

		 * drop SRCU (see above), and false positives are ok as the

		 * flag is rechecked after acquiring slots_lock.

		 */

		kvm->arch.apic_access_memslot_enabled = false;

		/*

		 * Mark the memslot as inhibited to prevent reallocating the

		 * memslot during vCPU creation, e.g. if a vCPU is hotplugged.

		 */

		kvm->arch.apic_access_memslot_inhibited = true;

	}

	mutex_unlock(&kvm->slots_lock);

	kvm_vcpu_srcu_read_lock(vcpu);

}

void kvm_lapic_reset(struct kvm_vcpu *vcpu, bool init_event)

		kvm_lapic_set_reg(apic, APIC_TMR + 0x10 * i, 0);

	}

	kvm_apic_update_apicv(vcpu);

	apic->highest_isr_cache = -1;

	update_divide_count(apic);

	atomic_set(&apic->lapic_timer.pending, 0);

	}

	memcpy(vcpu->arch.apic->regs, s->regs, sizeof(*s));

	if (!apic_x2apic_mode(apic))

		kvm_lapic_xapic_id_updated(apic);

	atomic_set_release(&apic->vcpu->kvm->arch.apic_map_dirty, DIRTY);

	kvm_recalculate_apic_map(vcpu->kvm);

	kvm_apic_set_version(vcpu);

	__start_apic_timer(apic, APIC_TMCCT);

	kvm_lapic_set_reg(apic, APIC_TMCCT, 0);

	kvm_apic_update_apicv(vcpu);

	apic->highest_isr_cache = -1;

	if (apic->apicv_active) {

		static_call_cond(kvm_x86_apicv_post_state_restore)(vcpu);

		static_call_cond(kvm_x86_hwapic_irr_update)(vcpu, apic_find_highest_irr(apic));

		     struct dest_map *dest_map);

int kvm_apic_local_deliver(struct kvm_lapic *apic, int lvt_type);

void kvm_apic_update_apicv(struct kvm_vcpu *vcpu);

int kvm_alloc_apic_access_page(struct kvm *kvm);

void kvm_inhibit_apic_access_page(struct kvm_vcpu *vcpu);

bool kvm_irq_delivery_to_apic_fast(struct kvm *kvm, struct kvm_lapic *src,

		struct kvm_lapic_irq *irq, int *r, struct dest_map *dest_map);