Commit Graph

240581 Commits

Author SHA1 Message Date
Milton Miller
723aae25d5 smp_call_function_many: handle concurrent clearing of mask
Mike Galbraith reported finding a lockup ("perma-spin bug") where the
cpumask passed to smp_call_function_many was cleared by other cpu(s)
while a cpu was preparing its call_data block, resulting in no cpu to
clear the last ref and unlock the block.

Having cpus clear their bit asynchronously could be useful on a mask of
cpus that might have a translation context, or cpus that need a push to
complete an rcu window.

Instead of adding a BUG_ON and requiring yet another cpumask copy, just
detect the race and handle it.

Note: arch_send_call_function_ipi_mask must still handle an empty
cpumask because the data block is globally visible before the that arch
callback is made.  And (obviously) there are no guarantees to which cpus
are notified if the mask is changed during the call; only cpus that were
online and had their mask bit set during the whole call are guaranteed
to be called.

Reported-by: Mike Galbraith <efault@gmx.de>
Reported-by: Jan Beulich <JBeulich@novell.com>
Acked-by: Jan Beulich <jbeulich@novell.com>
Cc: stable@kernel.org
Signed-off-by: Milton Miller <miltonm@bga.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-17 16:58:10 -07:00
Milton Miller
45a5791920 call_function_many: add missing ordering
Paul McKenney's review pointed out two problems with the barriers in the
2.6.38 update to the smp call function many code.

First, a barrier that would force the func and info members of data to
be visible before their consumption in the interrupt handler was
missing.  This can be solved by adding a smp_wmb between setting the
func and info members and setting setting the cpumask; this will pair
with the existing and required smp_rmb ordering the cpumask read before
the read of refs.  This placement avoids the need a second smp_rmb in
the interrupt handler which would be executed on each of the N cpus
executing the call request.  (I was thinking this barrier was present
but was not).

Second, the previous write to refs (establishing the zero that we the
interrupt handler was testing from all cpus) was performed by a third
party cpu.  This would invoke transitivity which, as a recient or
concurrent addition to memory-barriers.txt now explicitly states, would
require a full smp_mb().

However, we know the cpumask will only be set by one cpu (the data
owner) and any preivous iteration of the mask would have cleared by the
reading cpu.  By redundantly writing refs to 0 on the owning cpu before
the smp_wmb, the write to refs will follow the same path as the writes
that set the cpumask, which in turn allows us to keep the barrier in the
interrupt handler a smp_rmb instead of promoting it to a smp_mb (which
will be be executed by N cpus for each of the possible M elements on the
list).

I moved and expanded the comment about our (ab)use of the rcu list
primitives for the concurrent walk earlier into this function.  I
considered moving the first two paragraphs to the queue list head and
lock, but felt it would have been too disconected from the code.

Cc: Paul McKinney <paulmck@linux.vnet.ibm.com>
Cc: stable@kernel.org (2.6.32 and later)
Signed-off-by: Milton Miller <miltonm@bga.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-17 16:58:10 -07:00
Milton Miller
e6cd1e07a1 call_function_many: fix list delete vs add race
Peter pointed out there was nothing preventing the list_del_rcu in
smp_call_function_interrupt from running before the list_add_rcu in
smp_call_function_many.

Fix this by not setting refs until we have gotten the lock for the list.
Take advantage of the wmb in list_add_rcu to save an explicit additional
one.

I tried to force this race with a udelay before the lock & list_add and
by mixing all 64 online cpus with just 3 random cpus in the mask, but
was unsuccessful.  Still, inspection shows a valid race, and the fix is
a extension of the existing protection window in the current code.

Cc: stable@kernel.org (v2.6.32 and later)
Reported-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Milton Miller <miltonm@bga.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-17 16:58:10 -07:00
Andrea Arcangeli
ef2b4b95a6 mm: PageBuddy and mapcount robustness
Change the _mapcount value indicating PageBuddy from -2 to -128 for
more robusteness against page_mapcount() undeflows.

Use reset_page_mapcount instead of __ClearPageBuddy in bad_page to
ignore the previous retval of PageBuddy().

Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reported-by: Hugh Dickins <hughd@google.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-17 16:31:13 -07:00
Thomas Gleixner
732063b92b gpio/langwell: Simplify demux loop
Use __ffs() to find the pending interrupt source instead of looping 32
times.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Feng Tang <feng.tang@intel.com>
Cc: Alek Du <alek.du@intel.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
2011-03-17 13:49:03 -06:00
Thomas Gleixner
674db90690 gpio/langwell: Convert irq name space
Convert to the new irq function names.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Feng Tang <feng.tang@intel.com>
Cc: Alek Du <alek.du@intel.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
2011-03-17 13:49:03 -06:00
Thomas Gleixner
20e2aa916f gpio/langwell: Fix broken irq_eoi change.
commit 0766d20fd (langwell_gpio: modify EOI handling following change
of kernel irq subsystem)  changes

 -   desc->chip->eoi(irq);
 +
 +   if (desc->chip->irq_eoi)
 +           desc->chip->irq_eoi(irq_get_irq_data(irq));
 +   else
 +           dev_warn(pg->chip.dev, "missing EOI handler for irq %d\n", irq);

With the following explanation:

 "Latest kernel has many changes in IRQ subsystem and its interfaces,
  like adding irq_eoi" for struct irq_chip, this patch will make it
  support both the new and old interface."

This is completely bogus.

 #1) The changelog does not match the patch at all

 #2) This driver relies on the assumption that it sits behind an eoi
     capable interrupt line. If the implementation of the underlying
     chip changes from eoi to irq_eoi then this driver has to follow
     that change and not add a total bogosity.

 #3) Just mechanically changing eoi to irq_eoi without checking the
     background of that change is sloppy at best.

Remove the sillyness and retrieve the interrupt data from irq_desc
directly. No need to go through a sparse irq lookup.

Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Feng Tang <feng.tang@intel.com>
Cc: Alek Du <alek.du@intel.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
2011-03-17 13:49:03 -06:00
Thomas Gleixner
61ab3fe57e gpio; Make Intel chipset gpio drivers depend on x86
Nothing outside of x86 can use that code.

Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
2011-03-17 13:49:02 -06:00
Grant Likely
2dd2299767 Merge remote-tracking branch 'origin' into spi/next
Pull in Linus' tree to pick up changes required for the langwell gpio fixes
2011-03-17 13:48:06 -06:00
Nikanth Karthikesan
36885ff0e6 gpio/cs5535-gpio: Fix section mismatch
Fix section mismatch by annotating using variable name suffix.

Signed-off-by: Nikanth Karthikesan <knikanth@suse.de>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
2011-03-17 12:52:05 -06:00
Chris Metcalf
0dccb0489f arch/tile: support newer binutils assembler shift semantics
This change supports building the kernel with newer binutils where
a shift of greater than the word size is no longer interpreted
silently as modulo the word size, but instead generates a warning.

Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2011-03-17 14:32:06 -04:00
Chris Metcalf
325d160554 Merge tag 'v2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6 into for-linus 2011-03-17 14:14:12 -04:00
Linus Torvalds
7b7adc4a01 Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/epip/linux-2.6-unicore32
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/epip/linux-2.6-unicore32: (40 commits)
  unicore32: rewrite arch-specific tlb.h to use asm-generic version
  unicore32: modify io_p2v and io_v2p macros, and adjust PKUNITY_mmio_BASEs
  unicore32: replace unicore32-specific iomap functions with generic lib implementation
  unicore32 machine related: add frame buffer driver for pkunity-v3 soc
  unicore32 machine related files: add i2c bus drivers for pkunity-v3 soc
  unicore32 io: redefine __REG(x) and re-use readl/writel funcs
  unicore32 i8042 upgrade and bugfix: adjust resource request region type
  unicore32 upgrade to v2.6.38-rc5: add one more paramter for pte_alloc_map call
  unicore32 i8042: adjust io funcs of i8042-unicore32io.h
  unicore32: rename PKUNITY_IOSPACE_BASE to PKUNITY_MMIO_BASE
  unicore32: modify function names and parameters for irq_chips
  unicore32: remove unused lines in arch/unicore32/include/asm/irq.h
  unicore32 time.c: change calculate method for clock_event_device
  unicore32: ADD MAINTAINER for unicore32 architecture
  unicore32 machine related files: ps2 driver
  unicore32 machine related files: pci bus handling
  unicore32 machine related files: hardware registers
  unicore32 machine related files: core files
  unicore32 additional architecture files: boot process
  unicore32 additional architecture files: low-level lib: misc
  ...

Acked-by: Arnd Bergmann <arnd@arndb.de>
2011-03-17 10:11:25 -07:00
Linus Torvalds
31598e8713 Merge branch 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6
* 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6:
  [S390] kexec: Disable ftrace during kexec
  [S390] support XZ compressed kernel
  [S390] css_bus_type: make it static
  [S390] css_driver: remove duplicate members
  [S390] css: remove subchannel private
  [S390] css: move chsc_private to drv_data
  [S390] css: move io_private to drv_data
  [S390] cio: move cdev pointer to io_subchannel_private
  [S390] cio: move options to io_sch_private
  [S390] cio: move asms to generic header
  [S390] cio: move orb definitions to separate header
  [S390] Write protect module text and RO data
  [S390] dasd: get rid of compile warning
  [S390] remove superfluous check from do_IRQ
  [S390] remove redundant stack check option
2011-03-17 10:10:49 -07:00
Linus Torvalds
241eb95600 Merge branch 'sh-latest' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6
* 'sh-latest' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6: (34 commits)
  sh: Convert to generic show_interrupts.
  sh: Wire up new fhandle and clock_adjtime syscalls.
  sh: modify platform_device for sh_eth driver
  sh: add GETHER's platform_device in board-sh7757lcr
  sh: update sh7757lcr_defconfig
  sh: add platform_device of tmio_mmc and sh_mmcif to sh7757lcr
  sh: dmaengine support for SH7757
  sh: add mmc clock in clock-sh7757
  sh: add spi_board_info in sh7757lcr
  sh: add platform_device for SPI
  sh: add USB_ARCH_HAS_EHCI and OHCI for SH7757
  sh: Rename cpuidle states to fit general conventions
  serial: sh-sci: fix deadlock when resuming from S3 sleep
  sh: Enable CONFIG_GCOV_PROFILE_ALL for sh
  sh: Fix up async PCIe probing on SMP.
  serial: sh-sci: Kill off the special earlyprintk device.
  serial: sh-sci: Use dev_name() for region reservations.
  serial: sh-sci: Fix up earlyprintk port mapping.
  serial: sh-sci: Limit early console to one device.
  serial: sh-sci: Fix up break timer scheduling race.
  ...
2011-03-17 09:57:10 -07:00
Linus Torvalds
fd34b0dee4 Merge git://git.kernel.org/pub/scm/linux/kernel/git/lethal/fbdev-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/lethal/fbdev-2.6:
  fbdev: sh_mobile_lcdc: Add YUV framebuffer support
  viafb: split pll configs up
  viafb: remove duplicated clock storage
  viafb: always return the best possible clock
  viafb: remove duplicated clock information
  fbdev: sh_mobile_lcdcfb: add backlight support
  viafb: factor lcd scaling parameters out
  viafb: strip some structures
  viafb: remove unused data_mode and device_type
  viafb: kill lcd_panel_id
  video via: make local variables static
  video via: fix iomem access
  video/via: drop deprecated (and unused) i2c_adapter.id
2011-03-17 09:56:43 -07:00
Stanislav Kinsbursky
8e26de238f RPC: killing RPC tasks races fixed
RPC task RPC_TASK_QUEUED bit is set must be checked before trying to wake up
task rpc_killall_tasks() because task->tk_waitqueue can not be set (equal to
NULL).
Also, as Trond Myklebust mentioned, such approach (instead of checking
tk_waitqueue to NULL) allows us to "optimise away the call to
rpc_wake_up_queued_task() altogether for those
tasks that aren't queued".

Here is an example of dereferencing of tk_waitqueue equal to NULL:

CPU 0               	CPU 1				CPU 2
--------------------	---------------------	--------------------------
nfs4_run_open_task
rpc_run_task
rpc_execute
rpc_set_active
rpc_make_runnable
(waiting)
			rpc_async_schedule
			nfs4_open_prepare
			nfs_wait_on_sequence
						nfs_umount_begin
						rpc_killall_tasks
						rpc_wake_up_task
						rpc_wake_up_queued_task
						spin_lock(tk_waitqueue == NULL)
						BUG()
			rpc_sleep_on
			spin_lock(&q->lock)
			__rpc_sleep_on
			task->tk_waitqueue = q

Signed-off-by: Stanislav Kinsbursky <skinsbursky@openvz.org>
Cc: stable@kernel.org
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2011-03-17 12:39:00 -04:00
j223yang@asset.uwaterloo.ca
ba3c578de2 xprt: remove redundant check
remove redundant check.

Signed-off-by: Jinqiu Yang <crindy646@gmail.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2011-03-17 12:39:00 -04:00
Trond Myklebust
a8de240a90 SUNRPC: Convert struct rpc_xprt to use atomic_t counters
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2011-03-17 12:38:59 -04:00
Trond Myklebust
e020c6800c SUNRPC: Ensure we always run the tk_callback before tk_action
This fixes a race in which the task->tk_callback() puts the rpc_task
to sleep, setting a new callback. Under certain circumstances, the current
code may end up executing the task->tk_action before it gets round to the
callback.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: stable@kernel.org
2011-03-17 12:38:41 -04:00
Geert Uytterhoeven
42fea15d6d spi/rtc-{ds1390,ds3234,m41t94}: Use spi_get_drvdata() for SPI devices
The recently increased type checking in platform_get_drvdata() reveals a few
offenders:

drivers/rtc/rtc-ds1390.c:161: warning: passing argument 1 of ‘platform_get_drvdata’ from incompatible pointer type
drivers/rtc/rtc-ds3234.c:161: warning: passing argument 1 of ‘platform_get_drvdata’ from incompatible pointer type
drivers/rtc/rtc-m41t94.c:139: warning: passing argument 1 of ‘platform_get_drvdata’ from incompatible pointer type

Use spi_get_drvdata() instead of platform_get_drvdata().

Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
2011-03-17 10:32:47 -06:00
Linus Torvalds
40c7f2112c Merge branch 'drm-core-next' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6
* 'drm-core-next' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: (177 commits)
  drm/radeon: fixup refcounts in radeon dumb create ioctl.
  drm: radeon: *_cs_packet_parse_vline() cleanup
  radeon: merge list_del()/list_add_tail() to list_move_tail()
  drm: Retry i2c transfer of EDID block after failure
  drm/radeon/kms: fix typo in atom overscan setup
  drm: Hold the mode mutex whilst probing for sysfs status
  drm/nouveau: fix __nouveau_fence_wait performance
  drm/nv40: attempt to reserve just enough vram for all 32 channels
  drm/nv50: check for vm traps on every gr irq
  drm/nv50: decode vm faults some more
  drm/nouveau: add nouveau_enum_find() util function
  drm/nouveau: properly handle pushbuffer check failures
  drm/nvc0: remove vm hack forcing large/small pages to not share a PDE
  drm/i915: disable opregion lid detection for now.
  drm/i915: Only wait on a pending flip if we intend to write to the buffer
  drm/i915/dp: Sanity check eDP existence
  drm: add cap bit to denote if dumb ioctl is available or not.
  drm/core: add ioctl to query device/driver capabilities
  drm/radeon/kms: allow max clock of 340 Mhz on hdmi 1.3+
  drm/radeon/kms: add cayman pci ids
  ...
2011-03-17 09:11:39 -07:00
Gleb Natapov
776e58ea3d KVM: unbreak userspace that does not sets tss address
Commit 6440e5967bc broke old userspaces that do not set tss address
before entering vcpu. Unbreak it by setting tss address to a safe
value on the first vcpu entry. New userspaces should set tss address,
so print warning in case it doesn't.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-03-17 13:08:35 -03:00
Xiao Guangrong
0f53b5b1c0 KVM: MMU: cleanup pte write path
This patch does:
- call vcpu->arch.mmu.update_pte directly
- use gfn_to_pfn_atomic in update_pte path

The suggestion is from Avi.

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:35 -03:00
Xiao Guangrong
5d163b1c9d KVM: MMU: introduce a common function to get no-dirty-logged slot
Cleanup the code of pte_prefetch_gfn_to_memslot and mapping_level_dirty_bitmap

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:34 -03:00
Xiao Guangrong
40dcaa9f69 KVM: fix rcu usage in init_rmode_* functions
fix:
[ 3494.671786] stack backtrace:
[ 3494.671789] Pid: 10527, comm: qemu-system-x86 Not tainted 2.6.38-rc6+ #23
[ 3494.671790] Call Trace:
[ 3494.671796]  [] ? lockdep_rcu_dereference+0x9d/0xa5
[ 3494.671826]  [] ? kvm_memslots+0x6b/0x73 [kvm]
[ 3494.671834]  [] ? gfn_to_memslot+0x16/0x4f [kvm]
[ 3494.671843]  [] ? gfn_to_hva+0x16/0x27 [kvm]
[ 3494.671851]  [] ? kvm_write_guest_page+0x31/0x83 [kvm]
[ 3494.671861]  [] ? kvm_clear_guest_page+0x1a/0x1c [kvm]
[ 3494.671867]  [] ? vmx_set_tss_addr+0x83/0x122 [kvm_intel]

and:
[ 8328.789599] stack backtrace:
[ 8328.789601] Pid: 18736, comm: qemu-system-x86 Not tainted 2.6.38-rc6+ #23
[ 8328.789603] Call Trace:
[ 8328.789609]  [] ? lockdep_rcu_dereference+0x9d/0xa5
[ 8328.789621]  [] ? kvm_memslots+0x6b/0x73 [kvm]
[ 8328.789628]  [] ? gfn_to_memslot+0x16/0x4f [kvm]
[ 8328.789635]  [] ? gfn_to_hva+0x16/0x27 [kvm]
[ 8328.789643]  [] ? kvm_write_guest_page+0x31/0x83 [kvm]
[ 8328.789699]  [] ? kvm_clear_guest_page+0x1a/0x1c [kvm]
[ 8328.789713]  [] ? vmx_create_vcpu+0x316/0x3c8 [kvm_intel]

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:34 -03:00
Nikola Ciprich
1aa8ceef03 KVM: fix kvmclock regression due to missing clock update
commit 387b9f97750444728962b236987fbe8ee8cc4f8c moved kvm_request_guest_time_update(vcpu),
breaking 32bit SMP guests using kvm-clock. Fix this by moving (new) clock update function
to proper place.

Signed-off-by: Nikola Ciprich <nikola.ciprich@linuxbox.cz>
Acked-by: Zachary Amsden <zamsden@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:33 -03:00
Gleb Natapov
399a40c92d KVM: emulator: Fix permission checking in io permission bitmap
Currently if io port + len crosses 8bit boundary in io permission bitmap the
check may allow IO that otherwise should not be allowed. The patch fixes that.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:33 -03:00
Gleb Natapov
5601d05b8c KVM: emulator: Fix io permission checking for 64bit guest
Current implementation truncates upper 32bit of TR base address during IO
permission bitmap check. The patch fixes this.

Reported-and-tested-by: Francis Moreau <francis.moro@gmail.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:33 -03:00
Avi Kivity
831ca6093c KVM: SVM: Load %gs earlier if CONFIG_X86_32_LAZY_GS=n
With CONFIG_CC_STACKPROTECTOR, we need a valid %gs at all times, so disable
lazy reload and do an eager reload immediately after the vmexit.

Reported-by: IVAN ANGELOV <ivangotoy@gmail.com>
Acked-By: Joerg Roedel <joerg.roedel@amd.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:33 -03:00
Takuya Yoshikawa
afc20184b7 KVM: x86: Remove useless regs_page pointer from kvm_lapic
Access to this page is mostly done through the regs member which holds
the address to this page.  The exceptions are in vmx_vcpu_reset() and
kvm_free_lapic() and these both can easily be converted to using regs.

Signed-off-by: Takuya Yoshikawa <yoshikawa.takuya@oss.ntt.co.jp>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:33 -03:00
Michael S. Tsirkin
c8ce057eaf KVM: improve comment on rcu use in irqfd_deassign
The RCU use in kvm_irqfd_deassign is tricky: we have rcu_assign_pointer
but no synchronize_rcu: synchronize_rcu is done by kvm_irq_routing_update
which we share a spinlock with.

Fix up a comment in an attempt to make this clearer.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:33 -03:00
Xiao Guangrong
676646ee4b KVM: MMU: remove unused macros
These macros are not used, so removed

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:32 -03:00
Xiao Guangrong
842f22ed9b KVM: MMU: cleanup page alloc and free
Using __get_free_page instead of alloc_page and page_address,
using free_page instead of __free_page and virt_to_page

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:32 -03:00
Xiao Guangrong
49b26e26e4 KVM: MMU: do not record gfn in kvm_mmu_pte_write
No need to record the gfn to verifier the pte has the same mode as
current vcpu, it's because we only speculatively update the pte only
if the pte and vcpu have the same mode

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:32 -03:00
Xiao Guangrong
48c0e4e906 KVM: MMU: move mmu pages calculated out of mmu lock
kvm_mmu_calculate_mmu_pages need to walk all memslots and it's protected by
kvm->slots_lock, so move it out of mmu spinlock

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:32 -03:00
Xiao Guangrong
1b7fd45c32 KVM: MMU: set spte accessed bit properly
Set spte accessed bit only if guest_initiated == 1 that means the really
accessed

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:32 -03:00
Xiao Guangrong
da8dc75f0c KVM: MMU: fix kvm_mmu_slot_remove_write_access dropping intermediate W bits
Only remove write access in the last sptes.

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:32 -03:00
Jan Kiszka
38a778aa18 KVM: Start lock documentation
The goal of this document shall be
- overview of all locks used in KVM core
- provide details on the scope of each lock
- explain the lock type, specifically of a raw spin locks
- provide a lock ordering guide

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:31 -03:00
Lai Jiangshan
1260edbe7d KVM: better readability of efer_reserved_bits
use EFER_SCE, EFER_LME and EFER_LMA instead of magic numbers.

Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:31 -03:00
Lai Jiangshan
d170c41906 KVM: Clear async page fault hash after switching to real mode
The hash array of async gfns may still contain some left gfns after
kvm_clear_async_pf_completion_queue() called, need to clear them.

Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Acked-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:31 -03:00
Gleb Natapov
93ea5388ea KVM: VMX: Initialize vm86 TSS only once.
Currently vm86 task is initialized on each real mode entry and vcpu
reset. Initialization is done by zeroing TSS and updating relevant
fields. But since all vcpus are using the same TSS there is a race where
one vcpu may use TSS while other vcpu is initializing it, so the vcpu
that uses TSS will see wrong TSS content and will behave incorrectly.
Fix that by initializing TSS only once.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:31 -03:00
Gleb Natapov
a8ba6c2622 KVM: VMX: update live TR selector if it changes in real mode
When rmode.vm86 is active TR descriptor is updated with vm86 task values,
but selector is left intact. vmx_set_segment() makes sure that if TR
register is written into while vm86 is active the new values are saved
for use after vm86 is deactivated, but since selector is not updated on
vm86 activation/deactivation new value is lost. Fix this by writing new
selector into vmcs immediately.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:31 -03:00
Lai Jiangshan
a3b5ba49a8 KVM: VMX: add the __noclone attribute to vmx_vcpu_run
The changelog of 104f226 said "adds the __noclone attribute",
but it was missing in its patch. I think it is still needed.

Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Acked-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2011-03-17 13:08:31 -03:00
Jan Kiszka
038f8c110e KVM: x86: Convert tsc_write_lock to raw_spinlock
Code under this lock requires non-preemptibility. Ensure this also over
-rt by converting it to raw spinlock.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:30 -03:00
Gleb Natapov
7049467b53 KVM: remove isr_ack logic from PIC
isr_ack logic was added by e48258009d to avoid unnecessary IPIs. Back
then it made sense, but now the code checks that vcpu is ready to accept
interrupt before sending IPI, so this logic is no longer needed. The
patch removes it.

Fixes a regression with Debian/Hurd.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Reported-and-tested-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:30 -03:00
Joseph Cihula
23f3e99132 KVM: VMX: fix detection of BIOS disabling VMX
This patch fixes the logic used to detect whether BIOS has disabled VMX, for
the case where VMX is enabled only under SMX, but tboot is not active.

Signed-off-by:  Joseph Cihula <joseph.cihula@intel.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:30 -03:00
Jan Kiszka
e935b8372c KVM: Convert kvm_lock to raw_spinlock
Code under this lock requires non-preemptibility. Ensure this also over
-rt by converting it to raw spinlock.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:30 -03:00
Avi Kivity
bd3d1ec3d2 KVM: SVM: check for progress after IRET interception
When we enable an NMI window, we ask for an IRET intercept, since
the IRET re-enables NMIs.  However, the IRET intercept happens before
the instruction executes, while the NMI window architecturally opens
afterwards.

To compensate for this mismatch, we only open the NMI window in the
following exit, assuming that the IRET has by then executed; however,
this assumption is not always correct; we may exit due to a host interrupt
or page fault, without having executed the instruction.

Fix by checking for forward progress by recording and comparing the IRET's
rip.  This is somewhat of a hack, since an unchaging rip does not mean that
no forward progress has been made, but is the simplest fix for now.

Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:30 -03:00
Avi Kivity
f86368493e KVM: Fix race between nmi injection and enabling nmi window
The interrupt injection logic looks something like

  if an nmi is pending, and nmi injection allowed
    inject nmi
  if an nmi is pending
    request exit on nmi window

the problem is that "nmi is pending" can be set asynchronously by
the PIT; if it happens to fire between the two if statements, we
will request an nmi window even though nmi injection is allowed.  On
SVM, this has disasterous results, since it causes eflags.TF to be
set in random guest code.

The fix is simple; make nmi_pending synchronous using the standard
vcpu->requests mechanism; this ensures the code above is completely
synchronous wrt nmi_pending.

Signed-off-by: Avi Kivity <avi@redhat.com>
2011-03-17 13:08:30 -03:00