------- Comment From nico.bo...@ibm.com 2022-12-09 09:39 EDT------- Hi, sorry this took a while.
The bug was successfully verified: ~/kvm-unit-tests# dpkg -l | grep linux-image-5.4.0-136-generic ii linux-image-5.4.0-136-generic 5.4.0-136.153 s390x Signed kernel image generic ~/kvm-unit-tests# uname -a Linux t35lp63.lnxne.boe 5.4.0-136-generic #153-Ubuntu SMP Thu Nov 24 15:57:18 UTC 2022 s390x s390x s390x GNU/Linux ~/kvm-unit-tests# ./run_tests.sh smp_PV PASS smp_PV (67 tests, 2 skipped) ~/kvm-unit-tests# grep 'psw wait: ecall:' logs/smp_PV.log PASS: smp: psw wait: ecall: received -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1995941 Title: [UBUNTU 20.04] KVM: PV: ext call delivered twice when receiver in PSW wait Status in Ubuntu on IBM z Systems: Fix Committed Status in linux package in Ubuntu: Invalid Status in linux source package in Focal: Fix Committed Bug description: SRU Justification: ================== [Impact] * In a secure execution guest, the external interrupt for the SIGP external call order is delivered twice to a VCPU even though it was only sent once. * Under PV (protected virtualization), external call interrupts are delivered by the SIGP interpretation facility, without KVM's involvement. But, if the receiving CPU is in enabled wait, KVM needs to wake the receiving CPU such that the interrupt can be delivered. Hence, in this case, the SIGP external call order causes an interception. * In response, KVM only needs to wake the receiving VCPU. Interrupt delivery is then handled by the SIGP interpretation facility. * KVM wrongly assumed it also needs to request injection for the external call interrupt after the respective intercept, causing the interrupt to be delivered twice: * once through the SIGP interpretation facility * and once through the interrupt injection control by KVM. * Solution is to add appropriate special handling for 108 external call intercepts. [Fix] * c3f0e5fd2d33 c3f0e5fd2d33d80c5a5a8b5e5d2bab2841709cc8 "KVM: s390: pv: don't present the ecall interrupt twice" [Test Case] * Have an Secure Execution (PV) environment setup on an IBM z15 or LinuxONE III LPAR using Ubuntu Server 20.04 (latest). * Apply kvm-unit-test submitted upstream: "[kvm-unit-tests PATCH v1 0/4] s390x: add tests for SIGP call \ orders in enabled wait" * Run the smp_PV kvm-unit-test: ./run_tests.sh smp_PV * Check logs/smp_PV.log. If system is affected, the following line can be found: "ABORT: smp: psw wait: ecall: Unexpected external call interrupt \ (code 0x1202): on cpu 1 at 0x11958" * If the system is not affected, the line should look like this: "PASS: smp: psw wait: ecall: received" [Regression Potential / What can go wrong] * The handle_pv_notification can be wrong and misleading in case 'ret' is not handled correctly. * trace_kvm_s390_handle_sigp_pei might not be called correctly, now after the if condition. * In worst case the external interrupt could not be delivered at all or still too often. [Other] * The fix/patch c3f0e5fd2d33 got upstream accepted with kernel v6.0, so it not only needs to be applied to 20.04/5.4, but also to 22.04/5.15 and 22.10/5.19. * But the patch got properly tagged for upstream stable: Cc: <sta...@vger.kernel.org> # 5.7 Fixes: da24a0cc58ed ("KVM: s390: protvirt: Instruction emulation") * And with that it got already picked up and is included in: 22.04 with Ubuntu-5.15.0-53.59 (currently in jammy-proposed) 22.10 with Ubuntu-5.19.0-16.16 means incl. in the release kernel. * So the only Ubuntu release that is affected is 20.04/focal. __________ Description: KVM: PV: ext call delivered twice when receiver in PSW wait Symptom: In a secure execution guest, the external interrupt for the SIGP external call order is delivered twice to a VCPU even though it was only sent once. Problem: Under PV, external call interrupts are delivered by the SIGP interpretation facility, without KVM's involvement. But, if the receiving CPU is in enabled wait, KVM needs to wake the receiving CPU such that the interrupt can be delivered. Hence, in this case, the SIGP external call order causes an interception. In response, KVM only needs to wake the receiving VCPU. Interrupt delivery is then handled by the SIGP interpretation facility. KVM wrongfuly assumed it also needs to request injection for the external call interrupt after the respective intercept, causing the interrupt to be delivered twice: once through the SIGP interpretation facility and once through the interrupt injection control by KVM. Solution: Add appropriate special handling for 108 external call intercepts. Reproduction: 0. Apply kvm-unit-test submitted upstream ("[kvm-unit-tests PATCH v1 0/4] s390x: add tests for SIGP call orders in enabled wait"). 1. Run the smp_PV kvm-unit-test: ./run_tests.sh smp_PV 2. Check logs/smp_PV.log. If system is affected, the following line can be found: ABORT: smp: psw wait: ecall: Unexpected external call \ interrupt (code 0x1202): on cpu 1 at 0x11958 If the system is not affected, the line should look like this: PASS: smp: psw wait: ecall: received Preventive: yes Author: Nico Boehr <n...@linux.ibm.com> Component: kernel To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1995941/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
