From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:49828 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752667AbdC3J1s (ORCPT ); Thu, 30 Mar 2017 05:27:48 -0400 Date: Thu, 30 Mar 2017 11:27:27 +0200 From: Greg KH To: pbonzini@redhat.com, dvyukov@google.com, xiaoguangrong.eric@gmail.com Cc: stable@vger.kernel.org Subject: Re: FAILED: patch "[PATCH] KVM: x86: cleanup the page tracking SRCU instance" failed to apply to 4.9-stable tree Message-ID: <20170330092727.GA18836@kroah.com> References: <149086428612713@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <149086428612713@kroah.com> Sender: stable-owner@vger.kernel.org List-ID: On Thu, Mar 30, 2017 at 10:58:06AM +0200, gregkh@linuxfoundation.org wrote: > > The patch below does not apply to the 4.9-stable tree. > If someone wants it applied there, or to any other stable or longterm > tree, then please email the backport, including the original git commit > id to . > > thanks, > > greg k-h Sorry, wrong patch, this one works just fine, it's the other 4.9 kvm patch that breaks the build. greg k-h > ------------------ original commit in Linus's tree ------------------ > > >From 2beb6dad2e8f95d710159d5befb390e4f62ab5cf Mon Sep 17 00:00:00 2001 > From: Paolo Bonzini > Date: Mon, 27 Mar 2017 17:53:50 +0200 > Subject: [PATCH] KVM: x86: cleanup the page tracking SRCU instance > > SRCU uses a delayed work item. Skip cleaning it up, and > the result is use-after-free in the work item callbacks. > > Reported-by: Dmitry Vyukov > Suggested-by: Dmitry Vyukov > Cc: stable@vger.kernel.org > Fixes: 0eb05bf290cfe8610d9680b49abef37febd1c38a > Reviewed-by: Xiao Guangrong > Signed-off-by: Paolo Bonzini > > diff --git a/arch/x86/include/asm/kvm_page_track.h b/arch/x86/include/asm/kvm_page_track.h > index d74747b031ec..c4eda791f877 100644 > --- a/arch/x86/include/asm/kvm_page_track.h > +++ b/arch/x86/include/asm/kvm_page_track.h > @@ -46,6 +46,7 @@ struct kvm_page_track_notifier_node { > }; > > void kvm_page_track_init(struct kvm *kvm); > +void kvm_page_track_cleanup(struct kvm *kvm); > > void kvm_page_track_free_memslot(struct kvm_memory_slot *free, > struct kvm_memory_slot *dont); > diff --git a/arch/x86/kvm/page_track.c b/arch/x86/kvm/page_track.c > index 37942e419c32..60168cdd0546 100644 > --- a/arch/x86/kvm/page_track.c > +++ b/arch/x86/kvm/page_track.c > @@ -160,6 +160,14 @@ bool kvm_page_track_is_active(struct kvm_vcpu *vcpu, gfn_t gfn, > return !!ACCESS_ONCE(slot->arch.gfn_track[mode][index]); > } > > +void kvm_page_track_cleanup(struct kvm *kvm) > +{ > + struct kvm_page_track_notifier_head *head; > + > + head = &kvm->arch.track_notifier_head; > + cleanup_srcu_struct(&head->track_srcu); > +} > + > void kvm_page_track_init(struct kvm *kvm) > { > struct kvm_page_track_notifier_head *head; > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index 64697fe475c3..ccbd45ecd41a 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -8158,6 +8158,7 @@ void kvm_arch_destroy_vm(struct kvm *kvm) > kvm_free_vcpus(kvm); > kvfree(rcu_dereference_check(kvm->arch.apic_map, 1)); > kvm_mmu_uninit_vm(kvm); > + kvm_page_track_cleanup(kvm); > } > > void kvm_arch_free_memslot(struct kvm *kvm, struct kvm_memory_slot *free,