From 6b08ae02c5c2ef2597e9e340b370f09346a7b2d6 Mon Sep 17 00:00:00 2001
From: Will Deacon <willdeacon@google.com>
Date: Fri, 21 Jan 2022 13:30:21 +0000
Subject: [PATCH] Revert "ANDROID: KVM: arm64: Avoid switching to guest context
 if guest is already loaded"
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This reverts commit ecf2308ee8de31d74bb3d59b5e5d2e66615d1141.

If the guest issues a 'memunshare' hypercall, then we will attempt to
switch to the host context using __tlb_switch_to_guest() when invalidating
the previously shared mapping in the host stage-2 page-table. This results
in a fatal WARN_ON():

  | kvm [346]: nVHE hyp BUG at: ffff800010dfa86c!
  | kvm [346]: Hyp Offset: 0xfffecb8c68d20000
  | Kernel panic - not syncing: HYP panic:
  | PS:200003c9 PC:0000b473a80da86c ESR:f2000800
  | FAR:00000000000003f8 HPFAR:0000000000000000 PAR:0000000000000000
  | VCPU:0000b472c4a3d380
  | CPU: 3 PID: 346 Comm: crosvm_vcpu0 Not tainted 5.10.92-00347-g6d54ce01086a #1
  | Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015
  | Call trace:
  |  dump_backtrace+0x0/0x1a0
  |  show_stack+0x18/0x68
  |  dump_stack_lvl+0xcc/0xf4
  |  dump_stack+0x18/0x58
  |  panic+0x16c/0x334
  |  arm64_kernel_unmapped_at_el0+0x0/0x34
  |  kvm_arch_vcpu_ioctl_run+0x170/0x740
  |  kvm_vcpu_ioctl+0x310/0x9e8
  |  __arm64_sys_ioctl+0xa8/0xf0
  |  el0_svc_common.constprop.0+0x74/0x1b8
  |  do_el0_svc+0x24/0x90
  |  el0_svc+0x14/0x20
  |  el0_sync_handler+0xb0/0xb8
  |  el0_sync+0x1a0/0x1c0
  | SMP: stopping secondary CPUs
  | Kernel Offset: 0x20125c0e0000 from 0xffff800010000000
  | PHYS_OFFSET: 0xffffaf7640000000
  | CPU features: 0x000,10240022,61806008
  | Memory Limit: none
  | ---[ end Kernel panic - not syncing: HYP panic:
  | PS:200003c9 PC:0000b473a80da86c ESR:f2000800
  | FAR:00000000000003f8 HPFAR:0000000000000000 PAR:0000000000000000
  | VCPU:0000b472c4a3d380 ]---

Revert the change introducing the WARN_ON() for now, as we'll fix this
properly in a subsequent patch.

Bug: 209580772
Signed-off-by: Will Deacon <willdeacon@google.com>
Change-Id: If8f9901e1c9a36ede412bbf1b7ab4aa381e12424
---
 arch/arm64/kvm/hyp/nvhe/tlb.c | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/arch/arm64/kvm/hyp/nvhe/tlb.c b/arch/arm64/kvm/hyp/nvhe/tlb.c
index 82f8a5195505..d296d617f589 100644
--- a/arch/arm64/kvm/hyp/nvhe/tlb.c
+++ b/arch/arm64/kvm/hyp/nvhe/tlb.c
@@ -17,17 +17,6 @@ struct tlb_inv_context {
 static void __tlb_switch_to_guest(struct kvm_s2_mmu *mmu,
 				  struct tlb_inv_context *cxt)
 {
-	struct kvm_cpu_context *host_ctxt;
-	struct kvm_vcpu *vcpu;
-
-	host_ctxt = &this_cpu_ptr(&kvm_host_data)->host_ctxt;
-	vcpu = host_ctxt->__hyp_running_vcpu;
-
-	if (vcpu) {
-		WARN_ON(vcpu->arch.hw_mmu->vmid.vmid != mmu->vmid.vmid);
-		return;
-	}
-
 	if (cpus_have_final_cap(ARM64_WORKAROUND_SPECULATIVE_AT)) {
 		u64 val;
 
@@ -56,12 +45,6 @@ static void __tlb_switch_to_guest(struct kvm_s2_mmu *mmu,
 
 static void __tlb_switch_to_host(struct tlb_inv_context *cxt)
 {
-	struct kvm_cpu_context *host_ctxt;
-
-	host_ctxt = &this_cpu_ptr(&kvm_host_data)->host_ctxt;
-	if (host_ctxt->__hyp_running_vcpu)
-		return;
-
 	__load_host_stage2();
 
 	if (cpus_have_final_cap(ARM64_WORKAROUND_SPECULATIVE_AT)) {