queue/KVM-arm-arm64-fix-races-in-kvm_psci_vcpu_on.patch - pub/scm/linux/kernel/git/paulg/longterm-queue-4.8 - Git at Google

 From 6c7a5dce22b3f3cc44be098e2837fa6797edb8b8 Mon Sep 17 00:00:00 2001
 From: Andrew Jones <drjones@redhat.com>
 Date: Tue, 18 Apr 2017 17:59:58 +0200
 Subject: [PATCH] KVM: arm/arm64: fix races in kvm_psci_vcpu_on

 commit 6c7a5dce22b3f3cc44be098e2837fa6797edb8b8 upstream.

 Fix potential races in kvm_psci_vcpu_on() by taking the kvm->lock
 mutex.  In general, it's a bad idea to allow more than one PSCI_CPU_ON
 to process the same target VCPU at the same time.  One such problem
 that may arise is that one PSCI_CPU_ON could be resetting the target
 vcpu, which fills the entire sys_regs array with a temporary value
 including the MPIDR register, while another looks up the VCPU based
 on the MPIDR value, resulting in no target VCPU found.  Resolves both
 races found with the kvm-unit-tests/arm/psci unit test.

 Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
 Reviewed-by: Christoffer Dall <cdall@linaro.org>
 Reported-by: Levente Kurusa <lkurusa@redhat.com>
 Suggested-by: Christoffer Dall <cdall@linaro.org>
 Signed-off-by: Andrew Jones <drjones@redhat.com>
 Cc: stable@vger.kernel.org
 Signed-off-by: Christoffer Dall <cdall@linaro.org>

 diff --git a/arch/arm/kvm/psci.c b/arch/arm/kvm/psci.c
 index c2b131527a64..a08d7a93aebb 100644
 --- a/arch/arm/kvm/psci.c
 +++ b/arch/arm/kvm/psci.c
 @@ -208,9 +208,10 @@ int kvm_psci_version(struct kvm_vcpu *vcpu)

  static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)
  {
 -	int ret = 1;
 +	struct kvm *kvm = vcpu->kvm;
  	unsigned long psci_fn = vcpu_get_reg(vcpu, 0) & ~((u32) 0);
  	unsigned long val;
 +	int ret = 1;

  	switch (psci_fn) {
  	case PSCI_0_2_FN_PSCI_VERSION:
 @@ -230,7 +231,9 @@ static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)
  		break;
  	case PSCI_0_2_FN_CPU_ON:
  	case PSCI_0_2_FN64_CPU_ON:
 +		mutex_lock(&kvm->lock);
  		val = kvm_psci_vcpu_on(vcpu);
 +		mutex_unlock(&kvm->lock);
  		break;
  	case PSCI_0_2_FN_AFFINITY_INFO:
  	case PSCI_0_2_FN64_AFFINITY_INFO:
 @@ -279,6 +282,7 @@ static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)

  static int kvm_psci_0_1_call(struct kvm_vcpu *vcpu)
  {
 +	struct kvm *kvm = vcpu->kvm;
  	unsigned long psci_fn = vcpu_get_reg(vcpu, 0) & ~((u32) 0);
  	unsigned long val;

 @@ -288,7 +292,9 @@ static int kvm_psci_0_1_call(struct kvm_vcpu *vcpu)
  		val = PSCI_RET_SUCCESS;
  		break;
  	case KVM_PSCI_FN_CPU_ON:
 +		mutex_lock(&kvm->lock);
  		val = kvm_psci_vcpu_on(vcpu);
 +		mutex_unlock(&kvm->lock);
  		break;
  	default:
  		val = PSCI_RET_NOT_SUPPORTED;
 --
 2.12.0
	From 6c7a5dce22b3f3cc44be098e2837fa6797edb8b8 Mon Sep 17 00:00:00 2001
	From: Andrew Jones <drjones@redhat.com>
	Date: Tue, 18 Apr 2017 17:59:58 +0200
	Subject: [PATCH] KVM: arm/arm64: fix races in kvm_psci_vcpu_on

	commit 6c7a5dce22b3f3cc44be098e2837fa6797edb8b8 upstream.

	Fix potential races in kvm_psci_vcpu_on() by taking the kvm->lock
	mutex. In general, it's a bad idea to allow more than one PSCI_CPU_ON
	to process the same target VCPU at the same time. One such problem
	that may arise is that one PSCI_CPU_ON could be resetting the target
	vcpu, which fills the entire sys_regs array with a temporary value
	including the MPIDR register, while another looks up the VCPU based
	on the MPIDR value, resulting in no target VCPU found. Resolves both
	races found with the kvm-unit-tests/arm/psci unit test.

	Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
	Reviewed-by: Christoffer Dall <cdall@linaro.org>
	Reported-by: Levente Kurusa <lkurusa@redhat.com>
	Suggested-by: Christoffer Dall <cdall@linaro.org>
	Signed-off-by: Andrew Jones <drjones@redhat.com>
	Cc: stable@vger.kernel.org
	Signed-off-by: Christoffer Dall <cdall@linaro.org>

	diff --git a/arch/arm/kvm/psci.c b/arch/arm/kvm/psci.c
	index c2b131527a64..a08d7a93aebb 100644
	--- a/arch/arm/kvm/psci.c
	+++ b/arch/arm/kvm/psci.c
	@@ -208,9 +208,10 @@ int kvm_psci_version(struct kvm_vcpu *vcpu)

	static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)
	{
	- int ret = 1;
	+ struct kvm *kvm = vcpu->kvm;
	unsigned long psci_fn = vcpu_get_reg(vcpu, 0) & ~((u32) 0);
	unsigned long val;
	+ int ret = 1;

	switch (psci_fn) {
	case PSCI_0_2_FN_PSCI_VERSION:
	@@ -230,7 +231,9 @@ static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)
	break;
	case PSCI_0_2_FN_CPU_ON:
	case PSCI_0_2_FN64_CPU_ON:
	+ mutex_lock(&kvm->lock);
	val = kvm_psci_vcpu_on(vcpu);
	+ mutex_unlock(&kvm->lock);
	break;
	case PSCI_0_2_FN_AFFINITY_INFO:
	case PSCI_0_2_FN64_AFFINITY_INFO:
	@@ -279,6 +282,7 @@ static int kvm_psci_0_2_call(struct kvm_vcpu *vcpu)

	static int kvm_psci_0_1_call(struct kvm_vcpu *vcpu)
	{
	+ struct kvm *kvm = vcpu->kvm;
	unsigned long psci_fn = vcpu_get_reg(vcpu, 0) & ~((u32) 0);
	unsigned long val;

	@@ -288,7 +292,9 @@ static int kvm_psci_0_1_call(struct kvm_vcpu *vcpu)
	val = PSCI_RET_SUCCESS;
	break;
	case KVM_PSCI_FN_CPU_ON:
	+ mutex_lock(&kvm->lock);
	val = kvm_psci_vcpu_on(vcpu);
	+ mutex_unlock(&kvm->lock);
	break;
	default:
	val = PSCI_RET_NOT_SUPPORTED;
	--
	2.12.0