[patch v9 08/10] KVM: x86: process isolation work from VM-entry code path

From: Marcelo Tosatti
Date: Thu Jan 27 2022 - 12:26:52 EST


The logic to disable vmstat worker thread, when entering
nohz full, does not cover all scenarios. For example, it is possible
for the following to happen:
References: <20220127172319.428529308@xxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8

VM-entry code path is an entry point similar to userspace return
when task isolation is concerned.

Call isolation_exit_to_user_mode before VM-enter.

Signed-off-by: Marcelo Tosatti <mtosatti@xxxxxxxxxx>

---
include/linux/entry-kvm.h | 4 +++-
kernel/entry/kvm.c | 18 ++++++++++++++----
2 files changed, 17 insertions(+), 5 deletions(-)

Index: linux-2.6/kernel/entry/kvm.c
===================================================================
--- linux-2.6.orig/kernel/entry/kvm.c
+++ linux-2.6/kernel/entry/kvm.c
@@ -2,8 +2,11 @@

#include <linux/entry-kvm.h>
#include <linux/kvm_host.h>
+#include <linux/task_isolation.h>

-static int xfer_to_guest_mode_work(struct kvm_vcpu *vcpu, unsigned long ti_work)
+static int xfer_to_guest_mode_work(struct kvm_vcpu *vcpu,
+ unsigned long ti_work,
+ unsigned long task_isol_work)
{
do {
int ret;
@@ -25,15 +28,19 @@ static int xfer_to_guest_mode_work(struc
ret = arch_xfer_to_guest_mode_handle_work(vcpu, ti_work);
if (ret)
return ret;
+ if (task_isol_work)
+ task_isol_exit_to_user_mode();

ti_work = read_thread_flags();
- } while (ti_work & XFER_TO_GUEST_MODE_WORK || need_resched());
+ } while (ti_work & XFER_TO_GUEST_MODE_WORK || need_resched() ||
+ task_isol_work);
return 0;
}

int xfer_to_guest_mode_handle_work(struct kvm_vcpu *vcpu)
{
unsigned long ti_work;
+ unsigned long task_isol_work;

/*
* This is invoked from the outer guest loop with interrupts and
@@ -44,9 +51,9 @@ int xfer_to_guest_mode_handle_work(struc
* to disable interrupts here.
*/
ti_work = read_thread_flags();
- if (!(ti_work & XFER_TO_GUEST_MODE_WORK))
+ if (!(ti_work & XFER_TO_GUEST_MODE_WORK) || task_isol_work)
return 0;

- return xfer_to_guest_mode_work(vcpu, ti_work);
+ return xfer_to_guest_mode_work(vcpu, ti_work, task_isol_work);
}
EXPORT_SYMBOL_GPL(xfer_to_guest_mode_handle_work);
Index: linux-2.6/include/linux/entry-kvm.h
===================================================================
--- linux-2.6.orig/include/linux/entry-kvm.h
+++ linux-2.6/include/linux/entry-kvm.h
@@ -8,6 +8,7 @@
#include <linux/seccomp.h>
#include <linux/sched.h>
#include <linux/tick.h>
+#include <linux/task_isolation.h>

/* Transfer to guest mode work */
#ifdef CONFIG_KVM_XFER_TO_GUEST_WORK
@@ -76,8 +77,9 @@ static inline void xfer_to_guest_mode_pr
static inline bool __xfer_to_guest_mode_work_pending(void)
{
unsigned long ti_work = read_thread_flags();
+ unsigned long task_isol_work = task_isol_has_work();

- return !!(ti_work & XFER_TO_GUEST_MODE_WORK);
+ return !!((ti_work & XFER_TO_GUEST_MODE_WORK) || task_isol_work);
}

/**