3.18-stable patches

added patches:
	kvm-async_pf-fix-df-due-to-inject-page-not-present-and-page-ready-exceptions-simultaneously.patch

diff --git a/queue-3.18/kvm-async_pf-fix-df-due-to-inject-page-not-present-and-page-ready-exceptions-simultaneously.patch b/queue-3.18/kvm-async_pf-fix-df-due-to-inject-page-not-present-and-page-ready-exceptions-simultaneously.patch
new file mode 100644 (file)
index 0000000..a8fd6fa
--- /dev/null
+++ b/queue-3.18/kvm-async_pf-fix-df-due-to-inject-page-not-present-and-page-ready-exceptions-simultaneously.patch
@@ -0,0 +1,102 @@
+From 9a6e7c39810e4a8bc7fc95056cefb40583fe07ef Mon Sep 17 00:00:00 2001
+From: Wanpeng Li <wanpeng.li@hotmail.com>
+Date: Thu, 14 Sep 2017 03:54:16 -0700
+Subject: KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready" exceptions simultaneously
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Wanpeng Li <wanpeng.li@hotmail.com>
+
+commit 9a6e7c39810e4a8bc7fc95056cefb40583fe07ef upstream.
+
+qemu-system-x86-8600  [004] d..1  7205.687530: kvm_entry: vcpu 2
+qemu-system-x86-8600  [004] ....  7205.687532: kvm_exit: reason EXCEPTION_NMI rip 0xffffffffa921297d info ffffeb2c0e44e018 80000b0e
+qemu-system-x86-8600  [004] ....  7205.687532: kvm_page_fault: address ffffeb2c0e44e018 error_code 0
+qemu-system-x86-8600  [004] ....  7205.687620: kvm_try_async_get_page: gva = 0xffffeb2c0e44e018, gfn = 0x427e4e
+qemu-system-x86-8600  [004] .N..  7205.687628: kvm_async_pf_not_present: token 0x8b002 gva 0xffffeb2c0e44e018
+    kworker/4:2-7814  [004] ....  7205.687655: kvm_async_pf_completed: gva 0xffffeb2c0e44e018 address 0x7fcc30c4e000
+qemu-system-x86-8600  [004] ....  7205.687703: kvm_async_pf_ready: token 0x8b002 gva 0xffffeb2c0e44e018
+qemu-system-x86-8600  [004] d..1  7205.687711: kvm_entry: vcpu 2
+
+After running some memory intensive workload in guest, I catch the kworker
+which completes the GUP too quickly, and queues an "Page Ready" #PF exception
+after the "Page not Present" exception before the next vmentry as the above
+trace which will result in #DF injected to guest.
+
+This patch fixes it by clearing the queue for "Page not Present" if "Page Ready"
+occurs before the next vmentry since the GUP has already got the required page
+and shadow page table has already been fixed by "Page Ready" handler.
+
+Cc: Paolo Bonzini <pbonzini@redhat.com>
+Cc: Radim Krčmář <rkrcmar@redhat.com>
+Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
+Fixes: 7c90705bf2a3 ("KVM: Inject asynchronous page fault into a PV guest if page is swapped out.")
+[Changed indentation and added clearing of injected. - Radim]
+Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
+[port from upstream v4.14-rc1, Don't assign to kvm_queued_exception::injected or
+ x86_exception::async_page_fault]
+Signed-off-by: Jack Wang <jinpu.wang@profitbricks.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kvm/x86.c |   34 ++++++++++++++++++++++++++--------
+ 1 file changed, 26 insertions(+), 8 deletions(-)
+
+--- a/arch/x86/kvm/x86.c
++++ b/arch/x86/kvm/x86.c
+@@ -7756,6 +7756,13 @@ static int apf_put_user(struct kvm_vcpu
+                                     sizeof(val));
+ }
+ 
++static int apf_get_user(struct kvm_vcpu *vcpu, u32 *val)
++{
++
++      return kvm_read_guest_cached(vcpu->kvm, &vcpu->arch.apf.data, val,
++                                    sizeof(u32));
++}
++
+ void kvm_arch_async_page_not_present(struct kvm_vcpu *vcpu,
+                                    struct kvm_async_pf *work)
+ {
+@@ -7782,6 +7789,7 @@ void kvm_arch_async_page_present(struct
+                                struct kvm_async_pf *work)
+ {
+       struct x86_exception fault;
++      u32 val;
+ 
+       if (work->wakeup_all)
+               work->arch.token = ~0; /* broadcast wakeup */
+@@ -7789,14 +7797,24 @@ void kvm_arch_async_page_present(struct
+               kvm_del_async_pf_gfn(vcpu, work->arch.gfn);
+       trace_kvm_async_pf_ready(work->arch.token, work->gva);
+ 
+-      if ((vcpu->arch.apf.msr_val & KVM_ASYNC_PF_ENABLED) &&
+-          !apf_put_user(vcpu, KVM_PV_REASON_PAGE_READY)) {
+-              fault.vector = PF_VECTOR;
+-              fault.error_code_valid = true;
+-              fault.error_code = 0;
+-              fault.nested_page_fault = false;
+-              fault.address = work->arch.token;
+-              kvm_inject_page_fault(vcpu, &fault);
++      if (vcpu->arch.apf.msr_val & KVM_ASYNC_PF_ENABLED &&
++          !apf_get_user(vcpu, &val)) {
++              if (val == KVM_PV_REASON_PAGE_NOT_PRESENT &&
++                  vcpu->arch.exception.pending &&
++                  vcpu->arch.exception.nr == PF_VECTOR &&
++                  !apf_put_user(vcpu, 0)) {
++                      vcpu->arch.exception.pending = false;
++                      vcpu->arch.exception.nr = 0;
++                      vcpu->arch.exception.has_error_code = false;
++                      vcpu->arch.exception.error_code = 0;
++              } else if (!apf_put_user(vcpu, KVM_PV_REASON_PAGE_READY)) {
++                      fault.vector = PF_VECTOR;
++                      fault.error_code_valid = true;
++                      fault.error_code = 0;
++                      fault.nested_page_fault = false;
++                      fault.address = work->arch.token;
++                      kvm_inject_page_fault(vcpu, &fault);
++              }
+       }
+       vcpu->arch.apf.halted = false;
+       vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE;

diff --git a/queue-3.18/series b/queue-3.18/series
index bdd0db5f44709090f568dca85786dbc507d7201f..14a471f9b27938c5dc6d36e783034aaa2f3add44 100644 (file)
--- a/queue-3.18/series
+++ b/queue-3.18/series
@@ -54,3 +54,4 @@ mm-early_ioremap-fix-boot-hang-with-earlyprintk-efi-keep.patch
 x86-mm-kmmio-fix-mmiotrace-for-page-unaligned-addresses.patch
 xen-xen_acpi_processor-is-dom0-only.patch
 hippi-fix-a-fix-a-possible-sleep-in-atomic-bug-in-rr_close.patch
+kvm-async_pf-fix-df-due-to-inject-page-not-present-and-page-ready-exceptions-simultaneously.patch