From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alexander Graf Subject: [PATCH 08/52] PPC: Fix race in mtmsr paravirt implementation Date: Fri, 13 Jan 2012 15:31:11 +0100 Message-ID: <1326465115-5976-9-git-send-email-agraf@suse.de> References: <1326465115-5976-1-git-send-email-agraf@suse.de> Cc: kvm list , Avi Kivity , Marcelo Tosatti , Bharat Bhushan , Bharat Bhushan To: kvm-ppc@vger.kernel.org Return-path: Received: from cantor2.suse.de ([195.135.220.15]:59529 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758268Ab2AMO6g (ORCPT ); Fri, 13 Jan 2012 09:58:36 -0500 In-Reply-To: <1326465115-5976-1-git-send-email-agraf@suse.de> Sender: kvm-owner@vger.kernel.org List-ID: From: Bharat Bhushan The current implementation of mtmsr and mtmsrd are racy in that it does: * check (int_pending == 0) ---> host sets int_pending = 1 <--- * write shared page * done while instead we should check for int_pending after the shared page is written. Signed-off-by: Bharat Bhushan Signed-off-by: Alexander Graf --- arch/powerpc/kernel/kvm_emul.S | 10 ++++------ 1 files changed, 4 insertions(+), 6 deletions(-) diff --git a/arch/powerpc/kernel/kvm_emul.S b/arch/powerpc/kernel/kvm_emul.S index f2b1b25..3d64c57 100644 --- a/arch/powerpc/kernel/kvm_emul.S +++ b/arch/powerpc/kernel/kvm_emul.S @@ -167,6 +167,9 @@ maybe_stay_in_guest: kvm_emulate_mtmsr_reg2: ori r30, r0, 0 + /* Put MSR into magic page because we don't call mtmsr */ + STL64(r30, KVM_MAGIC_PAGE + KVM_MAGIC_MSR, 0) + /* Check if we have to fetch an interrupt */ lwz r31, (KVM_MAGIC_PAGE + KVM_MAGIC_INT)(0) cmpwi r31, 0 @@ -174,15 +177,10 @@ kvm_emulate_mtmsr_reg2: /* Check if we may trigger an interrupt */ andi. r31, r30, MSR_EE - beq no_mtmsr - - b do_mtmsr + bne do_mtmsr no_mtmsr: - /* Put MSR into magic page because we don't call mtmsr */ - STL64(r30, KVM_MAGIC_PAGE + KVM_MAGIC_MSR, 0) - SCRATCH_RESTORE /* Go back to caller */ -- 1.6.0.2