KVM: MMU: Fix softlockup due to mmu_lock is held too long

watchdog: BUG: soft lockup - CPU#5 stuck for 22s! [warn_test:3089] irq event stamp: 20532 hardirqs last enabled at (20531): [<ffffffff8e9b6908>] restore_regs_and_iret+0x0/0x1d hardirqs last disabled at (20532): [<ffffffff8e9b7ae8>] apic_timer_interrupt+0x98/0xb0 softirqs last enabled at (8266): [<ffffffff8e9badc6>] __do_softirq+0x206/0x4c1 softirqs last disabled at (8253): [<ffffffff8e083918>] irq_exit+0xf8/0x100 CPU: 5 PID: 3089 Comm: warn_test Tainted: G OE 4.13.0-rc3+ #8 RIP: 0010:kvm_mmu_prepare_zap_page+0x72/0x4b0 [kvm] Call Trace: make_mmu_pages_available.isra.120+0x71/0xc0 [kvm] kvm_mmu_load+0x1cf/0x410 [kvm] kvm_arch_vcpu_ioctl_run+0x1316/0x1bf0 [kvm] kvm_vcpu_ioctl+0x340/0x700 [kvm] ? kvm_vcpu_ioctl+0x340/0x700 [kvm] ? __fget+0xfc/0x210 do_vfs_ioctl+0xa4/0x6a0 ? __fget+0x11d/0x210 SyS_ioctl+0x79/0x90 entry_SYSCALL_64_fastpath+0x23/0xc2 ? __this_cpu_preempt_check+0x13/0x20 This can be reproduced readily by ept=N and running syzkaller tests since many syzkaller testcases don't setup any memory regions. However, if ept=Y rmode identity map will be created, then kvm_mmu_calculate_mmu_pages() will extend the number of VM's mmu pages to at least KVM_MIN_ALLOC_MMU_PAGES which just hide the issue. I saw the scenario kvm->arch.n_max_mmu_pages == 0 && kvm->arch.n_used_mmu_pages == 1, so there is one active mmu page on the list, kvm_mmu_prepare_zap_page() fails to zap any pages, however prepare_zap_oldest_mmu_page() always returns true. It incurs infinite loop in make_mmu_pages_available() which causes mmu->lock softlockup. This patch fixes it by setting the return value of prepare_zap_oldest_mmu_page() according to whether or not there is mmu page zapped. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Radim Krčmář <rkrcmar@redhat.com> Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
author: Wanpeng Li <wanpeng.li@hotmail.com> 2017-08-10 06:55:51 -0700
committer: Paolo Bonzini <pbonzini@redhat.com> 2017-08-11 18:59:28 +0200
commit: 42bcbebf11dff0c2501831f1d86655eee506240f (patch)
tree: b3940e6650036a41b550146da0334b56323a302a /arch/x86/kvm/mmu.c
parent: a057e0e22ca11d04959648694945ebcc44873159 (diff)
download: linux-42bcbebf11dff0c2501831f1d86655eee506240f.tar.gz
linux-42bcbebf11dff0c2501831f1d86655eee506240f.tar.bz2
linux-42bcbebf11dff0c2501831f1d86655eee506240f.zip
1 files changed, 1 insertions, 3 deletions
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 7ee21c087c83..e4ce20bee5de 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -2608,9 +2608,7 @@ static bool prepare_zap_oldest_mmu_page(struct kvm *kvm,
 
 	sp = list_last_entry(&kvm->arch.active_mmu_pages,
 			     struct kvm_mmu_page, link);
-	kvm_mmu_prepare_zap_page(kvm, sp, invalid_list);
-
-	return true;
+	return kvm_mmu_prepare_zap_page(kvm, sp, invalid_list);
 }
 
 /*
author	Wanpeng Li <wanpeng.li@hotmail.com>	2017-08-10 06:55:51 -0700
committer	Paolo Bonzini <pbonzini@redhat.com>	2017-08-11 18:59:28 +0200
commit	42bcbebf11dff0c2501831f1d86655eee506240f (patch)
tree	b3940e6650036a41b550146da0334b56323a302a /arch/x86/kvm/mmu.c
parent	a057e0e22ca11d04959648694945ebcc44873159 (diff)
download	linux-42bcbebf11dff0c2501831f1d86655eee506240f.tar.gz linux-42bcbebf11dff0c2501831f1d86655eee506240f.tar.bz2 linux-42bcbebf11dff0c2501831f1d86655eee506240f.zip