linux-stable.git/include/linux/irqchip, branch v5.15.208 Linux kernel stable tree irqchip/gic-v3-its: Limit number of per-device MSIs to the range the ITS supports 2026-04-18T08:33:15+00:00 Marc Zyngier maz@kernel.org 2026-02-06T15:48:16+00:00 0f9563b0e5ce979f108e6dcc3174be78d15a86b0 commit ce9e40a9a5e5cff0b1b0d2fa582b3d71a8ce68e8 upstream. The ITS driver blindly assumes that EventIDs are in abundant supply, to the point where it never checks how many the hardware actually supports. It turns out that some pretty esoteric integrations make it so that only a few bits are available, all the way down to a single bit. Enforce the advertised limitation at the point of allocating the device structure, and hope that the endpoint driver can deal with such limitation. Fixes: 84a6a2e7fc18d ("irqchip: GICv3: ITS: device allocation and configuration") Signed-off-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Thomas Gleixner <tglx@kernel.org> Reviewed-by: Robin Murphy <robin.murphy@arm.com> Reviewed-by: Zenghui Yu <zenghui.yu@linux.dev> Cc: stable@vger.kernel.org Link: https://patch.msgid.link/20260206154816.3582887-1-maz@kernel.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit ce9e40a9a5e5cff0b1b0d2fa582b3d71a8ce68e8 upstream.

The ITS driver blindly assumes that EventIDs are in abundant supply, to the
point where it never checks how many the hardware actually supports.

It turns out that some pretty esoteric integrations make it so that only a
few bits are available, all the way down to a single bit.

Enforce the advertised limitation at the point of allocating the device
structure, and hope that the endpoint driver can deal with such limitation.

Fixes: 84a6a2e7fc18d ("irqchip: GICv3: ITS: device allocation and configuration")
Signed-off-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Thomas Gleixner <tglx@kernel.org>
Reviewed-by: Robin Murphy <robin.murphy@arm.com>
Reviewed-by: Zenghui Yu <zenghui.yu@linux.dev>
Cc: stable@vger.kernel.org
Link: https://patch.msgid.link/20260206154816.3582887-1-maz@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
irqchip/gic-v4: Don't allow a VMOVP on a dying VPE 2024-10-22T13:40:46+00:00 Marc Zyngier maz@kernel.org 2024-10-02T20:49:59+00:00 755b9532c885b8761fb135fedcd705e21e61cccb commit 1442ee0011983f0c5c4b92380e6853afb513841a upstream. Kunkun Jiang reported that there is a small window of opportunity for userspace to force a change of affinity for a VPE while the VPE has already been unmapped, but the corresponding doorbell interrupt still visible in /proc/irq/. Plug the race by checking the value of vmapp_count, which tracks whether the VPE is mapped ot not, and returning an error in this case. This involves making vmapp_count common to both GICv4.1 and its v4.0 ancestor. Fixes: 64edfaa9a234 ("irqchip/gic-v4.1: Implement the v4.1 flavour of VMAPP") Reported-by: Kunkun Jiang <jiangkunkun@huawei.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/c182ece6-2ba0-ce4f-3404-dba7a3ab6c52@huawei.com Link: https://lore.kernel.org/all/20241002204959.2051709-1-maz@kernel.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit 1442ee0011983f0c5c4b92380e6853afb513841a upstream.

Kunkun Jiang reported that there is a small window of opportunity for
userspace to force a change of affinity for a VPE while the VPE has already
been unmapped, but the corresponding doorbell interrupt still visible in
/proc/irq/.

Plug the race by checking the value of vmapp_count, which tracks whether
the VPE is mapped ot not, and returning an error in this case.

This involves making vmapp_count common to both GICv4.1 and its v4.0
ancestor.

Fixes: 64edfaa9a234 ("irqchip/gic-v4.1: Implement the v4.1 flavour of VMAPP")
Reported-by: Kunkun Jiang <jiangkunkun@huawei.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/c182ece6-2ba0-ce4f-3404-dba7a3ab6c52@huawei.com
Link: https://lore.kernel.org/all/20241002204959.2051709-1-maz@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
KVM: arm64: vgic: Let an interrupt controller advertise lack of HW deactivation 2021-06-01T09:45:59+00:00 Marc Zyngier maz@kernel.org 2021-03-15T21:56:47+00:00 f6c3e24fb721dda247f6691c809d6e6c413f22c7 The vGIC, as architected by ARM, allows a virtual interrupt to trigger the deactivation of a physical interrupt. This allows the following interrupt to be delivered without requiring an exit. However, some implementations have choosen not to implement this, meaning that we will need some unsavoury workarounds to deal with this. On detecting such a case, taint the kernel and spit a nastygram. We'll deal with this in later patches. Signed-off-by: Marc Zyngier <maz@kernel.org> 
The vGIC, as architected by ARM, allows a virtual interrupt to
trigger the deactivation of a physical interrupt. This allows
the following interrupt to be delivered without requiring an exit.

However, some implementations have choosen not to implement this,
meaning that we will need some unsavoury workarounds to deal with this.

On detecting such a case, taint the kernel and spit a nastygram.
We'll deal with this in later patches.

Signed-off-by: Marc Zyngier <maz@kernel.org>
KVM: arm64: vgic: Be tolerant to the lack of maintenance interrupt masking 2021-06-01T09:45:59+00:00 Marc Zyngier maz@kernel.org 2021-02-28T11:09:59+00:00 669062d2a1aa36661b490683fe17810aa24a9cfb As it turns out, not all the interrupt controllers are able to expose a vGIC maintenance interrupt that can be independently enabled/disabled. And to be fair, it doesn't really matter as all we require is for the interrupt to kick us out of guest mode out way or another. To that effect, add gic_kvm_info.no_maint_irq_mask for an interrupt controller to advertise the lack of masking. Signed-off-by: Marc Zyngier <maz@kernel.org> 
As it turns out, not all the interrupt controllers are able to
expose a vGIC maintenance interrupt that can be independently
enabled/disabled.

And to be fair, it doesn't really matter as all we require is
for the interrupt to kick us out of guest mode out way or another.

To that effect, add gic_kvm_info.no_maint_irq_mask for an interrupt
controller to advertise the lack of masking.

Signed-off-by: Marc Zyngier <maz@kernel.org>
irqchip/gic: Split vGIC probing information from the GIC code 2021-06-01T09:45:58+00:00 Marc Zyngier maz@kernel.org 2021-02-27T10:23:45+00:00 0e5cb7770684b4c81bcc63f4675e488f9a0e31eb The vGIC advertising code is unsurprisingly very much tied to the GIC implementations. However, we are about to extend the support to lesser implementations. Let's dissociate the vgic registration from the GIC code and move it into KVM, where it makes a bit more sense. This also allows us to mark the gic_kvm_info structures as __initdata. Reviewed-by: Alexandru Elisei <alexandru.elisei@arm.com> Signed-off-by: Marc Zyngier <maz@kernel.org> 
The vGIC advertising code is unsurprisingly very much tied to
the GIC implementations. However, we are about to extend the
support to lesser implementations.

Let's dissociate the vgic registration from the GIC code and
move it into KVM, where it makes a bit more sense. This also
allows us to mark the gic_kvm_info structures as __initdata.

Reviewed-by: Alexandru Elisei <alexandru.elisei@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Merge tag 'arm-apple-m1-5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc 2021-04-26T19:30:36+00:00 Linus Torvalds torvalds@linux-foundation.org 2021-04-26T19:30:36+00:00 0c855563182001c829065faa17f8e29e9ceffe13 Pull ARM Apple M1 platform support from Arnd Bergmann: "The Apple M1 is the processor used it all current generation Apple Macintosh computers. Support for this platform so far is rudimentary, but it boots and can use framebuffer and serial console over a special USB cable. Support for several essential on-chip devices (USB, PCIe, IOMMU, NVMe) is work in progress but was not ready in time. A very detailed description of what works is in the commit message of commit 1bb2fd3880d4 ("Merge tag 'm1-soc-bringup-v5' [..]") and on the AsahiLinux wiki" Link: https://lore.kernel.org/linux-arm-kernel/bdb18e9f-fcd7-1e31-2224-19c0e5090706@marcan.st/ * tag 'arm-apple-m1-5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: asm-generic/io.h: Unbork ioremap_np() declaration arm64: apple: Add initial Apple Mac mini (M1, 2020) devicetree dt-bindings: display: Add apple,simple-framebuffer arm64: Kconfig: Introduce CONFIG_ARCH_APPLE irqchip/apple-aic: Add support for the Apple Interrupt Controller dt-bindings: interrupt-controller: Add DT bindings for apple-aic arm64: Move ICH_ sysreg bits from arm-gic-v3.h to sysreg.h of/address: Add infrastructure to declare MMIO as non-posted asm-generic/io.h: implement pci_remap_cfgspace using ioremap_np arm64: Implement ioremap_np() to map MMIO as nGnRnE docs: driver-api: device-io: Document ioremap() variants & access funcs docs: driver-api: device-io: Document I/O access functions asm-generic/io.h: Add a non-posted variant of ioremap() arm64: arch_timer: Implement support for interrupt-names dt-bindings: timer: arm,arch_timer: Add interrupt-names support arm64: cputype: Add CPU implementor & types for the Apple M1 cores dt-bindings: arm: cpus: Add apple,firestorm & icestorm compatibles dt-bindings: arm: apple: Add bindings for Apple ARM platforms dt-bindings: vendor-prefixes: Add apple prefix 
Pull ARM Apple M1 platform support from Arnd Bergmann:
 "The Apple M1 is the processor used it all current generation Apple
  Macintosh computers. Support for this platform so far is rudimentary,
  but it boots and can use framebuffer and serial console over a special
  USB cable.

  Support for several essential on-chip devices (USB, PCIe, IOMMU, NVMe)
  is work in progress but was not ready in time.

  A very detailed description of what works is in the commit message of
  commit 1bb2fd3880d4 ("Merge tag 'm1-soc-bringup-v5' [..]") and on the
  AsahiLinux wiki"

Link: https://lore.kernel.org/linux-arm-kernel/bdb18e9f-fcd7-1e31-2224-19c0e5090706@marcan.st/

* tag 'arm-apple-m1-5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc:
  asm-generic/io.h: Unbork ioremap_np() declaration
  arm64: apple: Add initial Apple Mac mini (M1, 2020) devicetree
  dt-bindings: display: Add apple,simple-framebuffer
  arm64: Kconfig: Introduce CONFIG_ARCH_APPLE
  irqchip/apple-aic: Add support for the Apple Interrupt Controller
  dt-bindings: interrupt-controller: Add DT bindings for apple-aic
  arm64: Move ICH_ sysreg bits from arm-gic-v3.h to sysreg.h
  of/address: Add infrastructure to declare MMIO as non-posted
  asm-generic/io.h: implement pci_remap_cfgspace using ioremap_np
  arm64: Implement ioremap_np() to map MMIO as nGnRnE
  docs: driver-api: device-io: Document ioremap() variants & access funcs
  docs: driver-api: device-io: Document I/O access functions
  asm-generic/io.h:  Add a non-posted variant of ioremap()
  arm64: arch_timer: Implement support for interrupt-names
  dt-bindings: timer: arm,arch_timer: Add interrupt-names support
  arm64: cputype: Add CPU implementor & types for the Apple M1 cores
  dt-bindings: arm: cpus: Add apple,firestorm & icestorm compatibles
  dt-bindings: arm: apple: Add bindings for Apple ARM platforms
  dt-bindings: vendor-prefixes: Add apple prefix
irqchip/gic-v4.1: Disable vSGI upon (GIC CPUIF < v4.1) detection 2021-04-22T14:55:21+00:00 Lorenzo Pieralisi lorenzo.pieralisi@arm.com 2021-03-17T10:07:19+00:00 46135d6f878ab00261d4a2082d620bfb41019aab GIC CPU interfaces versions predating GIC v4.1 were not built to accommodate vINTID within the vSGI range; as reported in the GIC specifications (8.2 "Changes to the CPU interface"), it is CONSTRAINED UNPREDICTABLE to deliver a vSGI to a PE with ID_AA64PFR0_EL1.GIC < b0011. Check the GIC CPUIF version by reading the SYS_ID_AA64_PFR0_EL1. Disable vSGIs if a CPUIF version < 4.1 is detected to prevent using vSGIs on systems where they may misbehave. Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com> Cc: Marc Zyngier <maz@kernel.org> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20210317100719.3331-2-lorenzo.pieralisi@arm.com 
GIC CPU interfaces versions predating GIC v4.1 were not built to
accommodate vINTID within the vSGI range; as reported in the GIC
specifications (8.2 "Changes to the CPU interface"), it is
CONSTRAINED UNPREDICTABLE to deliver a vSGI to a PE with
ID_AA64PFR0_EL1.GIC < b0011.

Check the GIC CPUIF version by reading the SYS_ID_AA64_PFR0_EL1.

Disable vSGIs if a CPUIF version < 4.1 is detected to prevent using
vSGIs on systems where they may misbehave.

Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
Cc: Marc Zyngier <maz@kernel.org>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20210317100719.3331-2-lorenzo.pieralisi@arm.com
arm64: Move ICH_ sysreg bits from arm-gic-v3.h to sysreg.h 2021-04-08T11:18:41+00:00 Hector Martin marcan@marcan.st 2021-03-01T03:36:24+00:00 8a657f71705f9f9c2bf8308e2cfd57b9f329e0d9 These definitions are in arm-gic-v3.h for historical reasons which no longer apply. Move them to sysreg.h so the AIC driver can use them, as it needs to peek into vGIC registers to deal with the GIC maintentance interrupt. Acked-by: Marc Zyngier <maz@kernel.org> Acked-by: Will Deacon <will@kernel.org> Signed-off-by: Hector Martin <marcan@marcan.st> 
These definitions are in arm-gic-v3.h for historical reasons which no
longer apply. Move them to sysreg.h so the AIC driver can use them, as
it needs to peek into vGIC registers to deal with the GIC maintentance
interrupt.

Acked-by: Marc Zyngier <maz@kernel.org>
Acked-by: Will Deacon <will@kernel.org>
Signed-off-by: Hector Martin <marcan@marcan.st>
KVM: arm64: Delay the polling of the GICR_VPENDBASER.Dirty bit 2020-11-30T11:18:29+00:00 Shenming Lu lushenming@huawei.com 2020-11-28T14:18:57+00:00 57e3cebd022fbc035dcf190ac789fd2ffc747f5b In order to reduce the impact of the VPT parsing happening on the GIC, we can split the vcpu reseidency in two phases: - programming GICR_VPENDBASER: this still happens in vcpu_load() - checking for the VPT parsing to be complete: this can happen on vcpu entry (in kvm_vgic_flush_hwstate()) This allows the GIC and the CPU to work in parallel, rewmoving some of the entry overhead. Suggested-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Shenming Lu <lushenming@huawei.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20201128141857.983-3-lushenming@huawei.com 
In order to reduce the impact of the VPT parsing happening on the GIC,
we can split the vcpu reseidency in two phases:

- programming GICR_VPENDBASER: this still happens in vcpu_load()
- checking for the VPT parsing to be complete: this can happen
  on vcpu entry (in kvm_vgic_flush_hwstate())

This allows the GIC and the CPU to work in parallel, rewmoving some
of the entry overhead.

Suggested-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Shenming Lu <lushenming@huawei.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20201128141857.983-3-lushenming@huawei.com
include/: replace HTTP links with HTTPS ones 2020-08-12T17:57:59+00:00 Alexander A. Klimov grandmaster@al2klimov.de 2020-08-12T01:34:19+00:00 7f317d34906c1033f0752fc137dda04e43979bb8 Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Kees Cook <keescook@chromium.org> Link: http://lkml.kernel.org/r/20200726110117.16346-1-grandmaster@al2klimov.de Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Rationale:
Reduces attack surface on kernel devs opening the links for MITM
as HTTPS traffic is much harder to manipulate.

Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: http://lkml.kernel.org/r/20200726110117.16346-1-grandmaster@al2klimov.de
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>