[SRU][F][PATCH 0/1] KVM: PV: ext call delivered twice when receiver in PSW wait (LP: 1995941)

frank.heimes at canonical.com frank.heimes at canonical.com
Thu Nov 10 20:06:02 UTC 2022 

BugLink: https://bugs.launchpad.net/bugs/1995941

SRU Justification:

[Impact]

 * In a secure execution guest, the external interrupt for the SIGP
   external call order is delivered twice to a VCPU even though it was 
   only sent once.

 * Under PV (protected virtualization), external call interrupts are
   delivered by the SIGP interpretation facility, without KVM's 
   involvement.
   But, if the receiving CPU is in enabled wait, KVM needs to wake the
   receiving CPU such that the interrupt can be delivered.
   Hence, in this case, the SIGP external call order causes
   an interception.

 * In response, KVM only needs to wake the receiving VCPU.
   Interrupt delivery is then handled by the SIGP interpretation facility.

 * KVM wrongly assumed it also needs to request injection for the 
   external call interrupt after the respective intercept, causing the 
   interrupt to be delivered twice:
   * once through the SIGP interpretation facility
   * and once through the interrupt injection control by KVM.

 * Solution is to add appropriate special handling for 108 external
   call intercepts.

[Fix]

 * c3f0e5fd2d33 c3f0e5fd2d33d80c5a5a8b5e5d2bab2841709cc8
   "KVM: s390: pv: don't present the ecall interrupt twice"

[Test Case]

 * Have an Secure Execution (PV) environment setup on an
   IBM z15 or LinuxONE III LPAR using Ubuntu Server 20.04 (latest).

 * Apply kvm-unit-test submitted upstream:
   "[kvm-unit-tests PATCH v1 0/4] s390x: add tests for SIGP call \
    orders in enabled wait"

 * Run the smp_PV kvm-unit-test: ./run_tests.sh smp_PV

 * Check logs/smp_PV.log.
   If system is affected, the following line can be found:
   "ABORT: smp: psw wait: ecall: Unexpected external call interrupt \
    (code 0x1202): on cpu 1 at 0x11958"

 * If the system is not affected, the line should look like this:
   "PASS: smp: psw wait: ecall: received"

[Regression Potential / What can go wrong]

 * The handle_pv_notification can be wrong and misleading
   in case 'ret' is not handled correctly.

 * trace_kvm_s390_handle_sigp_pei might not be called correctly,
   now after the if condition.

 * In worst case the external interrupt could not be delivered
   at all or still too often.

[Other]

 * The fix/patch c3f0e5fd2d33 got upstream accepted with kernel v6.0,
   so it not only needs to be applied to 20.04/5.4, but also to 22.04/5.15
   and 22.10/5.19.

 * But the patch got properly tagged for upstream stable:
   Cc: <stable at vger.kernel.org> # 5.7
   Fixes: da24a0cc58ed ("KVM: s390: protvirt: Instruction emulation")

 * And with that it got already picked up and is included in:
   22.04 with Ubuntu-5.15.0-53.59 (currently in jammy-proposed)
   22.10 with Ubuntu-5.19.0-16.16 means incl. in the release kernel.

 * So the only Ubuntu release that is affected is 20.04/focal.

Nico Boehr (1):
  KVM: s390: pv: don't present the ecall interrupt twice

 arch/s390/kvm/intercept.c | 15 +++++++++++++++
 arch/s390/kvm/sigp.c      |  4 ++--
 2 files changed, 17 insertions(+), 2 deletions(-)

-- 
2.25.1

More information about the kernel-team mailing list