From: Christoffer Dall <cdall@linaro.org>
To: Suzuki K Poulose <Suzuki.Poulose@arm.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
stable@vger.kernel.org, kvmarm@lists.cs.columbia.edu
Subject: Re: [PATCH v2] KVM: arm/arm64: Handle hva aging while destroying the vm
Date: Thu, 6 Jul 2017 10:14:08 +0200 [thread overview]
Message-ID: <20170706081408.GD18106@cbox> (raw)
In-Reply-To: <20170705085700.GA16881@e107814-lin.cambridge.arm.com>
On Wed, Jul 05, 2017 at 09:57:00AM +0100, Suzuki K Poulose wrote:
> Hi Alex,
>
> On Wed, Jul 05, 2017 at 08:20:31AM +0200, Alexander Graf wrote:
> > The kvm_age_hva callback may be called all the way concurrently while
> > kvm_mmu_notifier_release() is running.
> >
> > The release function sets kvm->arch.pgd = NULL which the aging function
> > however implicitly relies on in stage2_get_pud(). That means they can
> > race and the aging function may dereference a NULL pgd pointer.
> >
> > This patch adds a check for that case, so that we leave the aging
> > function silently.
> >
> > Cc: stable@vger.kernel.org
> > Fixes: 293f29363 ("kvm-arm: Unmap shadow pagetables properly")
> > Signed-off-by: Alexander Graf <agraf@suse.de>
> >
> > ---
> >
> > v1 -> v2:
> >
> > - Fix commit message
> > - Add Fixes and stable tags
> > ---
> > virt/kvm/arm/mmu.c | 4 ++++
> > 1 file changed, 4 insertions(+)
> >
> > diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c
> > index f2d5b6c..227931f 100644
> > --- a/virt/kvm/arm/mmu.c
> > +++ b/virt/kvm/arm/mmu.c
> > @@ -861,6 +861,10 @@ static pud_t *stage2_get_pud(struct kvm *kvm, struct kvm_mmu_memory_cache *cache
> > pgd_t *pgd;
> > pud_t *pud;
> >
> > + /* Do we clash with kvm_free_stage2_pgd()? */
> > + if (!kvm->arch.pgd)
> > + return NULL;
> > +
>
> I think this check should be moved up in the chain. We call kvm_age_hva(), with
> the kvm->mmu_lock held and we don't release it till we reach here. So, ideally,
> if we find the PGD is null when we reach kvm_age_hva(), we could simply return
> there, like we do for other call backs from the KVM mmu_notifier.
>
>
> ----8>----
>
> kvm-arm: Handle hva aging while destroying vm
>
> The mmu_notifier_release() callback of KVM triggers cleaning up
> the stage2 page table on kvm-arm. However there could be other
> notifier callbacks in parallel with the mmu_notifier_release(),
> which could cause the call backs ending up in an empty stage2
> page table. Make sure we check it for all the notifier callbacks.
>
> Reported-by: Alex Graf <agraf@suse.de>
> Cc: Christoffer Dall <cdall@linaro.org>
> Cc: Marc Zyngier <marc.zyngier@arm.com>
> Cc: stable@vger.kernel.org
> Fixes: commit 293f29363 ("kvm-arm: Unmap shadow pagetables properly")
> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
> ---
> virt/kvm/arm/mmu.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c
> index e2e5eff..db1c7b2 100644
> --- a/virt/kvm/arm/mmu.c
> +++ b/virt/kvm/arm/mmu.c
> @@ -1665,12 +1665,16 @@ static int kvm_test_age_hva_handler(struct kvm *kvm, gpa_t gpa, u64 size, void *
>
> int kvm_age_hva(struct kvm *kvm, unsigned long start, unsigned long end)
> {
> + if (!kvm->arch.pgd)
> + return 0;
> trace_kvm_age_hva(start, end);
> return handle_hva_to_gpa(kvm, start, end, kvm_age_hva_handler, NULL);
> }
>
> int kvm_test_age_hva(struct kvm *kvm, unsigned long hva)
> {
> + if (!kvm->arch.pgd)
> + return 0;
> trace_kvm_test_age_hva(hva);
> return handle_hva_to_gpa(kvm, hva, hva, kvm_test_age_hva_handler, NULL);
> }
> --
> 2.7.5
>
For this patch:
Reviewed-by: Christoffer Dall <cdall@linaro.org>
WARNING: multiple messages have this Message-ID (diff)
From: Christoffer Dall <cdall@linaro.org>
To: Suzuki K Poulose <Suzuki.Poulose@arm.com>
Cc: Alexander Graf <agraf@suse.de>,
kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org,
Andrea Arcangeli <aarcange@redhat.com>,
stable@vger.kernel.org
Subject: Re: [PATCH v2] KVM: arm/arm64: Handle hva aging while destroying the vm
Date: Thu, 6 Jul 2017 10:14:08 +0200 [thread overview]
Message-ID: <20170706081408.GD18106@cbox> (raw)
In-Reply-To: <20170705085700.GA16881@e107814-lin.cambridge.arm.com>
On Wed, Jul 05, 2017 at 09:57:00AM +0100, Suzuki K Poulose wrote:
> Hi Alex,
>
> On Wed, Jul 05, 2017 at 08:20:31AM +0200, Alexander Graf wrote:
> > The kvm_age_hva callback may be called all the way concurrently while
> > kvm_mmu_notifier_release() is running.
> >
> > The release function sets kvm->arch.pgd = NULL which the aging function
> > however implicitly relies on in stage2_get_pud(). That means they can
> > race and the aging function may dereference a NULL pgd pointer.
> >
> > This patch adds a check for that case, so that we leave the aging
> > function silently.
> >
> > Cc: stable@vger.kernel.org
> > Fixes: 293f29363 ("kvm-arm: Unmap shadow pagetables properly")
> > Signed-off-by: Alexander Graf <agraf@suse.de>
> >
> > ---
> >
> > v1 -> v2:
> >
> > - Fix commit message
> > - Add Fixes and stable tags
> > ---
> > virt/kvm/arm/mmu.c | 4 ++++
> > 1 file changed, 4 insertions(+)
> >
> > diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c
> > index f2d5b6c..227931f 100644
> > --- a/virt/kvm/arm/mmu.c
> > +++ b/virt/kvm/arm/mmu.c
> > @@ -861,6 +861,10 @@ static pud_t *stage2_get_pud(struct kvm *kvm, struct kvm_mmu_memory_cache *cache
> > pgd_t *pgd;
> > pud_t *pud;
> >
> > + /* Do we clash with kvm_free_stage2_pgd()? */
> > + if (!kvm->arch.pgd)
> > + return NULL;
> > +
>
> I think this check should be moved up in the chain. We call kvm_age_hva(), with
> the kvm->mmu_lock held and we don't release it till we reach here. So, ideally,
> if we find the PGD is null when we reach kvm_age_hva(), we could simply return
> there, like we do for other call backs from the KVM mmu_notifier.
>
>
> ----8>----
>
> kvm-arm: Handle hva aging while destroying vm
>
> The mmu_notifier_release() callback of KVM triggers cleaning up
> the stage2 page table on kvm-arm. However there could be other
> notifier callbacks in parallel with the mmu_notifier_release(),
> which could cause the call backs ending up in an empty stage2
> page table. Make sure we check it for all the notifier callbacks.
>
> Reported-by: Alex Graf <agraf@suse.de>
> Cc: Christoffer Dall <cdall@linaro.org>
> Cc: Marc Zyngier <marc.zyngier@arm.com>
> Cc: stable@vger.kernel.org
> Fixes: commit 293f29363 ("kvm-arm: Unmap shadow pagetables properly")
> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
> ---
> virt/kvm/arm/mmu.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c
> index e2e5eff..db1c7b2 100644
> --- a/virt/kvm/arm/mmu.c
> +++ b/virt/kvm/arm/mmu.c
> @@ -1665,12 +1665,16 @@ static int kvm_test_age_hva_handler(struct kvm *kvm, gpa_t gpa, u64 size, void *
>
> int kvm_age_hva(struct kvm *kvm, unsigned long start, unsigned long end)
> {
> + if (!kvm->arch.pgd)
> + return 0;
> trace_kvm_age_hva(start, end);
> return handle_hva_to_gpa(kvm, start, end, kvm_age_hva_handler, NULL);
> }
>
> int kvm_test_age_hva(struct kvm *kvm, unsigned long hva)
> {
> + if (!kvm->arch.pgd)
> + return 0;
> trace_kvm_test_age_hva(hva);
> return handle_hva_to_gpa(kvm, hva, hva, kvm_test_age_hva_handler, NULL);
> }
> --
> 2.7.5
>
For this patch:
Reviewed-by: Christoffer Dall <cdall@linaro.org>
next prev parent reply other threads:[~2017-07-06 8:13 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-05 6:20 [PATCH v2] KVM: arm/arm64: Handle hva aging while destroying the vm Alexander Graf
2017-07-05 6:20 ` Alexander Graf
2017-07-05 6:27 ` Christoffer Dall
2017-07-05 8:57 ` Suzuki K Poulose
2017-07-05 8:57 ` Suzuki K Poulose
2017-07-06 7:07 ` Alexander Graf
2017-07-06 7:45 ` Christoffer Dall
2017-07-06 9:31 ` Andrea Arcangeli
2017-07-06 9:43 ` Christoffer Dall
2017-07-06 9:34 ` Suzuki K Poulose
2017-07-06 9:34 ` Suzuki K Poulose
2017-07-06 9:42 ` Christoffer Dall
2017-07-14 16:40 ` Suzuki K Poulose
2017-07-16 19:56 ` Christoffer Dall
2017-07-17 13:03 ` Suzuki K Poulose
2017-07-17 14:45 ` Christoffer Dall
2017-07-17 15:16 ` Andrea Arcangeli
2017-07-17 15:16 ` Andrea Arcangeli
2017-07-17 18:23 ` Christoffer Dall
2017-07-17 20:49 ` Alexander Graf
2017-07-17 20:49 ` Alexander Graf
2017-07-06 8:14 ` Christoffer Dall [this message]
2017-07-06 8:14 ` Christoffer Dall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170706081408.GD18106@cbox \
--to=cdall@linaro.org \
--cc=Suzuki.Poulose@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.