From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jan Kiszka <jan.kiszka@siemens.com>
Subject: [PATCH] qemu-kvm: Prevent user space APIC code execution with in-kernel
 irqchip
Date: Mon, 06 Feb 2012 12:51:17 +0100
Message-ID: <4F2FBEB5.9080802@siemens.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: kvm <kvm@vger.kernel.org>
To: Avi Kivity <avi@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from thoth.sbs.de ([192.35.17.2]:24129 "EHLO thoth.sbs.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754808Ab2BFLvX (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 6 Feb 2012 06:51:23 -0500
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

As qemu-kvm merged the kernel APIC into the user space model, we need to
replicate the kernel APIC's logic here until the mess is cleaned up. So
far we triggered the timer start and apic_update_irq calls unwillingly.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 hw/apic.c |    6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/hw/apic.c b/hw/apic.c
index dbf05a1..42865da 100644
--- a/hw/apic.c
+++ b/hw/apic.c
@@ -270,6 +270,9 @@ static void apic_set_base(APICCommonState *s, uint64_t val)
 static void apic_set_tpr(APICCommonState *s, uint8_t val)
 {
     s->tpr = (val & 0x0f) << 4;
+    if (kvm_enabled() && kvm_irqchip_in_kernel()) {
+        return;
+    }
     apic_update_irq(s);
 }
 
@@ -878,6 +881,9 @@ void kvm_save_lapic(CPUState *env)
 
 static void apic_post_load(APICCommonState *s)
 {
+    if (kvm_enabled() && kvm_irqchip_in_kernel()) {
+        return;
+    }
     if (s->timer_expiry != -1) {
         qemu_mod_timer(s->timer, s->timer_expiry);
     } else {
-- 
1.7.3.4