Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

consideration the effect of compiler optimisations which may occur

when tail-calls are used and marked with the noreturn GCC attribute.

Probed Pointers from BPF / tracing

----------------------------------

::

	%pks	kernel string

	%pus	user string

The ``k`` and ``u`` specifiers are used for printing prior probed memory from

either kernel memory (k) or user memory (u). The subsequent ``s`` specifier

results in printing a string. For direct use in regular vsnprintf() the (k)

and (u) annotation is ignored, however, when used out of BPF's bpf_trace_printk(),

for example, it reads the memory it is pointing to without faulting.

Kernel Pointers

---------------

   arm/index

   devices/index

   running-nested-guests

==============================

Running nested guests with KVM

==============================

A nested guest is the ability to run a guest inside another guest (it

can be KVM-based or a different hypervisor).  The straightforward

example is a KVM guest that in turn runs on a KVM guest (the rest of

this document is built on this example)::

              .----------------.  .----------------.

              |                |  |                |

              |      L2        |  |      L2        |

              | (Nested Guest) |  | (Nested Guest) |

              |                |  |                |

              |----------------'--'----------------|

              |                                    |

              |       L1 (Guest Hypervisor)        |

              |          KVM (/dev/kvm)            |

              |                                    |

      .------------------------------------------------------.

      |                 L0 (Host Hypervisor)                 |

      |                    KVM (/dev/kvm)                    |

      |------------------------------------------------------|

      |        Hardware (with virtualization extensions)     |

      '------------------------------------------------------'

Terminology:

- L0 – level-0; the bare metal host, running KVM

- L1 – level-1 guest; a VM running on L0; also called the "guest

  hypervisor", as it itself is capable of running KVM.

- L2 – level-2 guest; a VM running on L1, this is the "nested guest"

.. note:: The above diagram is modelled after the x86 architecture;

          s390x, ppc64 and other architectures are likely to have

          a different design for nesting.

          For example, s390x always has an LPAR (LogicalPARtition)

          hypervisor running on bare metal, adding another layer and

          resulting in at least four levels in a nested setup — L0 (bare

          metal, running the LPAR hypervisor), L1 (host hypervisor), L2

          (guest hypervisor), L3 (nested guest).

          This document will stick with the three-level terminology (L0,

          L1, and L2) for all architectures; and will largely focus on

          x86.

Use Cases

---------

There are several scenarios where nested KVM can be useful, to name a

few:

- As a developer, you want to test your software on different operating

  systems (OSes).  Instead of renting multiple VMs from a Cloud

  Provider, using nested KVM lets you rent a large enough "guest

  hypervisor" (level-1 guest).  This in turn allows you to create

  multiple nested guests (level-2 guests), running different OSes, on

  which you can develop and test your software.

- Live migration of "guest hypervisors" and their nested guests, for

  load balancing, disaster recovery, etc.

- VM image creation tools (e.g. ``virt-install``,  etc) often run

  their own VM, and users expect these to work inside a VM.

- Some OSes use virtualization internally for security (e.g. to let

  applications run safely in isolation).

Enabling "nested" (x86)

-----------------------

From Linux kernel v4.19 onwards, the ``nested`` KVM parameter is enabled

by default for Intel and AMD.  (Though your Linux distribution might

override this default.)

In case you are running a Linux kernel older than v4.19, to enable

nesting, set the ``nested`` KVM module parameter to ``Y`` or ``1``.  To

persist this setting across reboots, you can add it in a config file, as

shown below:

1. On the bare metal host (L0), list the kernel modules and ensure that

   the KVM modules::

    $ lsmod | grep -i kvm

    kvm_intel             133627  0

    kvm                   435079  1 kvm_intel

2. Show information for ``kvm_intel`` module::

    $ modinfo kvm_intel | grep -i nested

    parm:           nested:bool

3. For the nested KVM configuration to persist across reboots, place the

   below in ``/etc/modprobed/kvm_intel.conf`` (create the file if it

   doesn't exist)::

    $ cat /etc/modprobe.d/kvm_intel.conf

    options kvm-intel nested=y

4. Unload and re-load the KVM Intel module::

    $ sudo rmmod kvm-intel

    $ sudo modprobe kvm-intel

5. Verify if the ``nested`` parameter for KVM is enabled::

    $ cat /sys/module/kvm_intel/parameters/nested

    Y

For AMD hosts, the process is the same as above, except that the module

name is ``kvm-amd``.

Additional nested-related kernel parameters (x86)

-------------------------------------------------

If your hardware is sufficiently advanced (Intel Haswell processor or

higher, which has newer hardware virt extensions), the following

additional features will also be enabled by default: "Shadow VMCS

(Virtual Machine Control Structure)", APIC Virtualization on your bare

metal host (L0).  Parameters for Intel hosts::

    $ cat /sys/module/kvm_intel/parameters/enable_shadow_vmcs

    Y

    $ cat /sys/module/kvm_intel/parameters/enable_apicv

    Y

    $ cat /sys/module/kvm_intel/parameters/ept

    Y

.. note:: If you suspect your L2 (i.e. nested guest) is running slower,

          ensure the above are enabled (particularly

          ``enable_shadow_vmcs`` and ``ept``).

Starting a nested guest (x86)

-----------------------------

Once your bare metal host (L0) is configured for nesting, you should be

able to start an L1 guest with::

    $ qemu-kvm -cpu host [...]

The above will pass through the host CPU's capabilities as-is to the

gues); or for better live migration compatibility, use a named CPU

model supported by QEMU. e.g.::

    $ qemu-kvm -cpu Haswell-noTSX-IBRS,vmx=on

then the guest hypervisor will subsequently be capable of running a

nested guest with accelerated KVM.

Enabling "nested" (s390x)

-------------------------

1. On the host hypervisor (L0), enable the ``nested`` parameter on

   s390x::

    $ rmmod kvm

    $ modprobe kvm nested=1

.. note:: On s390x, the kernel parameter ``hpage`` is mutually exclusive

          with the ``nested`` paramter — i.e. to be able to enable

          ``nested``, the ``hpage`` parameter *must* be disabled.

2. The guest hypervisor (L1) must be provided with the ``sie`` CPU

   feature — with QEMU, this can be done by using "host passthrough"

   (via the command-line ``-cpu host``).

3. Now the KVM module can be loaded in the L1 (guest hypervisor)::

    $ modprobe kvm

Live migration with nested KVM

------------------------------

Migrating an L1 guest, with a  *live* nested guest in it, to another

bare metal host, works as of Linux kernel 5.3 and QEMU 4.2.0 for

Intel x86 systems, and even on older versions for s390x.

On AMD systems, once an L1 guest has started an L2 guest, the L1 guest

should no longer be migrated or saved (refer to QEMU documentation on

"savevm"/"loadvm") until the L2 guest shuts down.  Attempting to migrate

or save-and-load an L1 guest while an L2 guest is running will result in

undefined behavior.  You might see a ``kernel BUG!`` entry in ``dmesg``, a

kernel 'oops', or an outright kernel panic.  Such a migrated or loaded L1

guest can no longer be considered stable or secure, and must be restarted.

Migrating an L1 guest merely configured to support nesting, while not

actually running L2 guests, is expected to function normally even on AMD

systems but may fail once guests are started.

Migrating an L2 guest is always expected to succeed, so all the following

scenarios should work even on AMD systems:

- Migrating a nested guest (L2) to another L1 guest on the *same* bare

  metal host.

- Migrating a nested guest (L2) to another L1 guest on a *different*

  bare metal host.

- Migrating a nested guest (L2) to a bare metal host.

Reporting bugs from nested setups

-----------------------------------

Debugging "nested" problems can involve sifting through log files across

L0, L1 and L2; this can result in tedious back-n-forth between the bug

reporter and the bug fixer.

- Mention that you are in a "nested" setup.  If you are running any kind

  of "nesting" at all, say so.  Unfortunately, this needs to be called

  out because when reporting bugs, people tend to forget to even

  *mention* that they're using nested virtualization.

- Ensure you are actually running KVM on KVM.  Sometimes people do not

  have KVM enabled for their guest hypervisor (L1), which results in

  them running with pure emulation or what QEMU calls it as "TCG", but

  they think they're running nested KVM.  Thus confusing "nested Virt"

  (which could also mean, QEMU on KVM) with "nested KVM" (KVM on KVM).

Information to collect (generic)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The following is not an exhaustive list, but a very good starting point:

  - Kernel, libvirt, and QEMU version from L0

  - Kernel, libvirt and QEMU version from L1

  - QEMU command-line of L1 -- when using libvirt, you'll find it here:

    ``/var/log/libvirt/qemu/instance.log``

  - QEMU command-line of L2 -- as above, when using libvirt, get the

    complete libvirt-generated QEMU command-line

  - ``cat /sys/cpuinfo`` from L0

  - ``cat /sys/cpuinfo`` from L1

  - ``lscpu`` from L0

  - ``lscpu`` from L1

  - Full ``dmesg`` output from L0

  - Full ``dmesg`` output from L1

x86-specific info to collect

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Both the below commands, ``x86info`` and ``dmidecode``, should be

available on most Linux distributions with the same name:

  - Output of: ``x86info -a`` from L0

  - Output of: ``x86info -a`` from L1

  - Output of: ``dmidecode`` from L0

  - Output of: ``dmidecode`` from L1

s390x-specific info to collect

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Along with the earlier mentioned generic details, the below is

also recommended:

  - ``/proc/sysinfo`` from L1; this will also include the info from L0

CEPH COMMON CODE (LIBCEPH)

M:	Ilya Dryomov <idryomov@gmail.com>

M:	Jeff Layton <jlayton@kernel.org>

M:	Sage Weil <sage@redhat.com>

L:	ceph-devel@vger.kernel.org

S:	Supported

W:	http://ceph.com/

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client.git

T:	git git://github.com/ceph/ceph-client.git

F:	include/linux/ceph/

F:	include/linux/crush/

CEPH DISTRIBUTED FILE SYSTEM CLIENT (CEPH)

M:	Jeff Layton <jlayton@kernel.org>

M:	Sage Weil <sage@redhat.com>

M:	Ilya Dryomov <idryomov@gmail.com>

L:	ceph-devel@vger.kernel.org

S:	Supported

W:	http://ceph.com/

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client.git

T:	git git://github.com/ceph/ceph-client.git

F:	Documentation/filesystems/ceph.rst

F:	fs/ceph/

GENERIC PHY FRAMEWORK

M:	Kishon Vijay Abraham I <kishon@ti.com>

M:	Vinod Koul <vkoul@kernel.org>

L:	linux-kernel@vger.kernel.org

S:	Supported

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/kishon/linux-phy.git

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy.git

F:	Documentation/devicetree/bindings/phy/

F:	drivers/phy/

F:	include/linux/phy/

S:	Orphan

F:	drivers/platform/x86/tc1100-wmi.c

HP100:	Driver for HP 10/100 Mbit/s Voice Grade Network Adapter Series

M:	Jaroslav Kysela <perex@perex.cz>

S:	Obsolete

F:	drivers/staging/hp/hp100.*

HPET:	High Precision Event Timers driver

M:	Clemens Ladisch <clemens@ladisch.de>

S:	Maintained

NETWORKING DRIVERS

M:	"David S. Miller" <davem@davemloft.net>

M:	Jakub Kicinski <kuba@kernel.org>

L:	netdev@vger.kernel.org

S:	Odd Fixes

S:	Maintained

W:	http://www.linuxfoundation.org/en/Net

Q:	http://patchwork.ozlabs.org/project/netdev/list/

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git

RADOS BLOCK DEVICE (RBD)

M:	Ilya Dryomov <idryomov@gmail.com>

M:	Sage Weil <sage@redhat.com>

R:	Dongsheng Yang <dongsheng.yang@easystack.cn>

L:	ceph-devel@vger.kernel.org

S:	Supported

W:	http://ceph.com/

T:	git git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client.git

T:	git git://github.com/ceph/ceph-client.git

F:	Documentation/ABI/testing/sysfs-bus-rbd

F:	drivers/block/rbd.c

S390 IUCV NETWORK LAYER

M:	Julian Wiedmann <jwi@linux.ibm.com>

M:	Karsten Graul <kgraul@linux.ibm.com>

M:	Ursula Braun <ubraun@linux.ibm.com>

L:	linux-s390@vger.kernel.org

S:	Supported

S390 NETWORK DRIVERS

M:	Julian Wiedmann <jwi@linux.ibm.com>

M:	Karsten Graul <kgraul@linux.ibm.com>

M:	Ursula Braun <ubraun@linux.ibm.com>

L:	linux-s390@vger.kernel.org

S:	Supported

VERSION = 5

PATCHLEVEL = 7

SUBLEVEL = 0

EXTRAVERSION = -rc4

EXTRAVERSION = -rc5

NAME = Kleptomaniac Octopus

# *DOCUMENTATION*

KBUILD_CFLAGS += -Os

endif

ifdef CONFIG_CC_DISABLE_WARN_MAYBE_UNINITIALIZED

KBUILD_CFLAGS   += -Wno-maybe-uninitialized

endif

# Tell gcc to never replace conditional load with a non-conditional one

KBUILD_CFLAGS	+= $(call cc-option,--param=allow-store-data-races=0)

KBUILD_CFLAGS	+= $(call cc-option,-fno-allow-store-data-races)

# disable stringop warnings in gcc 8+

KBUILD_CFLAGS += $(call cc-disable-warning, stringop-truncation)

# We'll want to enable this eventually, but it's not going away for 5.7 at least

KBUILD_CFLAGS += $(call cc-disable-warning, zero-length-bounds)

KBUILD_CFLAGS += $(call cc-disable-warning, array-bounds)

KBUILD_CFLAGS += $(call cc-disable-warning, stringop-overflow)

# Another good warning that we'll want to enable eventually

KBUILD_CFLAGS += $(call cc-disable-warning, restrict)

# Enabled with W=2, disabled by default as noisy

KBUILD_CFLAGS += $(call cc-disable-warning, maybe-uninitialized)

# disable invalid "can't wrap" optimizations for signed / pointers

KBUILD_CFLAGS	+= $(call cc-option,-fno-strict-overflow)