KVM: arm64: vgic-v5: Fold PPI state for all exposed PPIs

GICv5 supports up to 128 PPIs, which would introduce a large amount of
overhead if all of them were actively tracked. Rather than keeping
track of all 128 potential PPIs, we instead only consider the set of
architected PPIs (the first 64). Moreover, we further reduce that set
by only exposing a subset of the PPIs to a guest. In practice, this
means that only 4 PPIs are typically exposed to a guest - the SW_PPI,
PMUIRQ, and the timers.

When folding the PPI state, changed bits in the active or pending were
used to choose which state to sync back. However, this breaks badly
for Edge interrupts when exiting the guest before it has consumed the
edge. There is no change in pending state detected, and the edge is
lost forever.

Given the reduced set of PPIs exposed to the guest, and the issues
around tracking the edges, drop the tracking of changed state, and
instead iterate over the limited subset of PPIs exposed to the guest
directly.

This change drops the second copy of the PPI pending state used for
detecting edges in the pending state, and reworks
vgic_v5_fold_ppi_state() to iterate over the VM's PPI mask instead.

Signed-off-by: Sascha Bischoff <sascha.bischoff@arm.com>
Link: https://patch.msgid.link/20260401162152.932243-1-sascha.bischoff@arm.com
Signed-off-by: Marc Zyngier <maz@kernel.org>

diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
index a7dc0aac3b93412c732e65dc310f479851f431c9..729bd32207fa6020771d2422c157eab8affb1098 100644 (file)
--- a/arch/arm64/include/asm/kvm_host.h
+++ b/arch/arm64/include/asm/kvm_host.h
@@ -803,14 +803,7 @@ struct kvm_host_data {
 
        /* PPI state tracking for GICv5-based guests */
        struct {
-               /*
-                * For tracking the PPI pending state, we need both the entry
-                * state and exit state to correctly detect edges as it is
-                * possible that an interrupt has been injected in software in
-                * the interim.
-                */
-               DECLARE_BITMAP(pendr_entry, VGIC_V5_NR_PRIVATE_IRQS);
-               DECLARE_BITMAP(pendr_exit, VGIC_V5_NR_PRIVATE_IRQS);
+               DECLARE_BITMAP(pendr, VGIC_V5_NR_PRIVATE_IRQS);
 
                /* The saved state of the regs when leaving the guest */
                DECLARE_BITMAP(activer_exit, VGIC_V5_NR_PRIVATE_IRQS);

diff --git a/arch/arm64/kvm/hyp/vgic-v5-sr.c b/arch/arm64/kvm/hyp/vgic-v5-sr.c
index 2c4304ffa9f3310ab4d783df49568a9e171ccc36..47e6bcd437029afc1e4efb758e6a19f25bea480b 100644 (file)
--- a/arch/arm64/kvm/hyp/vgic-v5-sr.c
+++ b/arch/arm64/kvm/hyp/vgic-v5-sr.c
@@ -37,7 +37,7 @@ void __vgic_v5_save_ppi_state(struct vgic_v5_cpu_if *cpu_if)
 
        bitmap_write(host_data_ptr(vgic_v5_ppi_state)->activer_exit,
                     read_sysreg_s(SYS_ICH_PPI_ACTIVER0_EL2), 0, 64);
-       bitmap_write(host_data_ptr(vgic_v5_ppi_state)->pendr_exit,
+       bitmap_write(host_data_ptr(vgic_v5_ppi_state)->pendr,
                     read_sysreg_s(SYS_ICH_PPI_PENDR0_EL2), 0, 64);
 
        cpu_if->vgic_ppi_priorityr[0] = read_sysreg_s(SYS_ICH_PPI_PRIORITYR0_EL2);
@@ -52,7 +52,7 @@ void __vgic_v5_save_ppi_state(struct vgic_v5_cpu_if *cpu_if)
        if (VGIC_V5_NR_PRIVATE_IRQS == 128) {
                bitmap_write(host_data_ptr(vgic_v5_ppi_state)->activer_exit,
                             read_sysreg_s(SYS_ICH_PPI_ACTIVER1_EL2), 64, 64);
-               bitmap_write(host_data_ptr(vgic_v5_ppi_state)->pendr_exit,
+               bitmap_write(host_data_ptr(vgic_v5_ppi_state)->pendr,
                             read_sysreg_s(SYS_ICH_PPI_PENDR1_EL2), 64, 64);
 
                cpu_if->vgic_ppi_priorityr[8] = read_sysreg_s(SYS_ICH_PPI_PRIORITYR8_EL2);
@@ -87,7 +87,7 @@ void __vgic_v5_restore_ppi_state(struct vgic_v5_cpu_if *cpu_if)
                       SYS_ICH_PPI_ENABLER0_EL2);
 
        /* Update the pending state of the NON-DVI'd PPIs, only */
-       bitmap_andnot(pendr, host_data_ptr(vgic_v5_ppi_state)->pendr_entry,
+       bitmap_andnot(pendr, host_data_ptr(vgic_v5_ppi_state)->pendr,
                      cpu_if->vgic_ppi_dvir, VGIC_V5_NR_PRIVATE_IRQS);
        write_sysreg_s(bitmap_read(pendr, 0, 64), SYS_ICH_PPI_PENDR0_EL2);
 

diff --git a/arch/arm64/kvm/vgic/vgic-v5.c b/arch/arm64/kvm/vgic/vgic-v5.c
index 8680a8354db9db90fb2348621e3d0c3c691eefa9..fdd39ea7f83ec5bd57a441b071d0b73ba067544b 100644 (file)
--- a/arch/arm64/kvm/vgic/vgic-v5.c
+++ b/arch/arm64/kvm/vgic/vgic-v5.c
@@ -385,24 +385,14 @@ bool vgic_v5_has_pending_ppi(struct kvm_vcpu *vcpu)
 void vgic_v5_fold_ppi_state(struct kvm_vcpu *vcpu)
 {
        struct vgic_v5_cpu_if *cpu_if = &vcpu->arch.vgic_cpu.vgic_v5;
-       DECLARE_BITMAP(changed_active, VGIC_V5_NR_PRIVATE_IRQS);
-       DECLARE_BITMAP(changed_pending, VGIC_V5_NR_PRIVATE_IRQS);
-       DECLARE_BITMAP(changed_bits, VGIC_V5_NR_PRIVATE_IRQS);
-       unsigned long *activer, *pendr_entry, *pendr;
+       unsigned long *activer, *pendr;
        int i;
 
        activer = host_data_ptr(vgic_v5_ppi_state)->activer_exit;
-       pendr_entry = host_data_ptr(vgic_v5_ppi_state)->pendr_entry;
-       pendr = host_data_ptr(vgic_v5_ppi_state)->pendr_exit;
+       pendr = host_data_ptr(vgic_v5_ppi_state)->pendr;
 
-       bitmap_xor(changed_active, cpu_if->vgic_ppi_activer, activer,
-                  VGIC_V5_NR_PRIVATE_IRQS);
-       bitmap_xor(changed_pending, pendr_entry, pendr,
-                  VGIC_V5_NR_PRIVATE_IRQS);
-       bitmap_or(changed_bits, changed_active, changed_pending,
-                 VGIC_V5_NR_PRIVATE_IRQS);
-
-       for_each_set_bit(i, changed_bits, VGIC_V5_NR_PRIVATE_IRQS) {
+       for_each_set_bit(i, vcpu->kvm->arch.vgic.gicv5_vm.vgic_ppi_mask,
+                        VGIC_V5_NR_PRIVATE_IRQS) {
                u32 intid = vgic_v5_make_ppi(i);
                struct vgic_irq *irq;
 
@@ -462,15 +452,7 @@ void vgic_v5_flush_ppi_state(struct kvm_vcpu *vcpu)
         * incoming changes are merged with the outgoing changes on the return
         * path.
         */
-       bitmap_copy(host_data_ptr(vgic_v5_ppi_state)->pendr_entry, pendr,
-                   VGIC_V5_NR_PRIVATE_IRQS);
-
-       /*
-        * Make sure that we can correctly detect "edges" in the PPI
-        * state. There's a path where we never actually enter the guest, and
-        * failure to do this risks losing pending state
-        */
-       bitmap_copy(host_data_ptr(vgic_v5_ppi_state)->pendr_exit, pendr,
+       bitmap_copy(host_data_ptr(vgic_v5_ppi_state)->pendr, pendr,
                    VGIC_V5_NR_PRIVATE_IRQS);
 }