git.ipfire.org Git - thirdparty/linux.git/commit

author	Sean Christopherson <seanjc@google.com>
	Thu, 22 May 2025 23:52:19 +0000 (16:52 -0700)
committer	Sean Christopherson <seanjc@google.com>
	Mon, 23 Jun 2025 16:50:59 +0000 (09:50 -0700)
commit	2cdd64cbf9906f9d2d52ef96e1471992ff6c27ec
tree	9359870624393ea1ecbb611469cf6fa6578dbf39	tree
parent	0d09582b3a607436fd91d6ce813048a048ecbf10	commit \| diff

KVM: Disallow binding multiple irqfds to an eventfd with a priority waiter

Disallow binding an irqfd to an eventfd that already has a priority waiter,
i.e. to an eventfd that already has an attached irqfd. KVM always
operates in exclusive mode for EPOLL_IN (unconditionally returns '1'),
i.e. only the first waiter will be notified.

KVM already disallows binding multiple irqfds to an eventfd in a single
VM, but doesn't guard against multiple VMs binding to an eventfd. Adding
the extra protection reduces the pain of a userspace VMM bug, e.g. if
userspace fails to de-assign before re-assigning when transferring state
for intra-host migration, then the migration will explicitly fail as
opposed to dropping IRQs on the destination VM.

Temporarily keep KVM's manual check on irqfds.items, but add a WARN, e.g.
to allow sanity checking the waitqueue enforcement.

Cc: Oliver Upton <oliver.upton@linux.dev>
Cc: David Matlack <dmatlack@google.com>
Tested-by: K Prateek Nayak <kprateek.nayak@amd.com>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lore.kernel.org/r/20250522235223.3178519-10-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>