From: Michael Ellerman <mpe@ellerman.id.au>
To: Kautuk Consul <kconsul@linux.vnet.ibm.com>,
Nicholas Piggin <npiggin@gmail.com>,
Christophe Leroy <christophe.leroy@csgroup.eu>,
Fabiano Rosas <farosas@linux.ibm.com>
Cc: linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org,
Kautuk Consul <kconsul@linux.vnet.ibm.com>
Subject: Re: [PATCH] arch/powerpc/kvm: kvmppc_core_vcpu_create_hv: check for kzalloc failure
Date: Tue, 28 Mar 2023 20:44:48 +1100 [thread overview]
Message-ID: <87pm8tcir3.fsf@mpe.ellerman.id.au> (raw)
In-Reply-To: <20230323074718.2810914-1-kconsul@linux.vnet.ibm.com>
Kautuk Consul <kconsul@linux.vnet.ibm.com> writes:
> kvmppc_vcore_create() might not be able to allocate memory through
> kzalloc. In that case the kvm->arch.online_vcores shouldn't be
> incremented.
I agree that looks wrong.
Have you tried to test what goes wrong if it fails? It looks like it
will break the LPCR update, which likely will cause the guest to crash
horribly.
You could use CONFIG_FAIL_SLAB and fail-nth etc. to fail just one
allocation for a guest. Or probably easier to just hack the code to fail
the 4th time it's called using a static counter.
Doesn't really matter but could be interesting.
> Add a check for kzalloc failure and return with -ENOMEM from
> kvmppc_core_vcpu_create_hv().
>
> Signed-off-by: Kautuk Consul <kconsul@linux.vnet.ibm.com>
> ---
> arch/powerpc/kvm/book3s_hv.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c
> index 6ba68dd6190b..e29ee755c920 100644
> --- a/arch/powerpc/kvm/book3s_hv.c
> +++ b/arch/powerpc/kvm/book3s_hv.c
> @@ -2968,13 +2968,17 @@ static int kvmppc_core_vcpu_create_hv(struct kvm_vcpu *vcpu)
> pr_devel("KVM: collision on id %u", id);
> vcore = NULL;
> } else if (!vcore) {
> + vcore = kvmppc_vcore_create(kvm,
> + id & ~(kvm->arch.smt_mode - 1));
That line doesn't need to be wrapped, we allow 90 columns.
> + if (unlikely(!vcore)) {
> + mutex_unlock(&kvm->lock);
> + return -ENOMEM;
> + }
Rather than introducing a new return point here, I think it would be
preferable to use the existing !vcore case below.
> /*
> * Take mmu_setup_lock for mutual exclusion
> * with kvmppc_update_lpcr().
> */
> - err = -ENOMEM;
> - vcore = kvmppc_vcore_create(kvm,
> - id & ~(kvm->arch.smt_mode - 1));
So leave that as is (maybe move the comment down).
And wrap the below in:
+ if (vcore) {
> mutex_lock(&kvm->arch.mmu_setup_lock);
> kvm->arch.vcores[core] = vcore;
> kvm->arch.online_vcores++;
mutex_unlock(&kvm->arch.mmu_setup_lock);
+ }
}
}
Meaning the vcore == NULL case will fall through to here and return via
this existing path:
mutex_unlock(&kvm->lock);
if (!vcore)
return err;
cheers
next prev parent reply other threads:[~2023-03-28 9:45 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-23 7:47 [PATCH] arch/powerpc/kvm: kvmppc_core_vcpu_create_hv: check for kzalloc failure Kautuk Consul
2023-03-28 4:36 ` Kautuk Consul
2023-03-28 9:44 ` Michael Ellerman [this message]
2023-03-28 10:14 ` Kautuk Consul
2023-03-28 10:53 ` Kautuk Consul
2023-03-28 12:02 ` Michael Ellerman
2023-03-28 12:34 ` Kautuk Consul
2023-03-29 23:59 ` Michael Ellerman
2023-03-30 4:20 ` Kautuk Consul
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87pm8tcir3.fsf@mpe.ellerman.id.au \
--to=mpe@ellerman.id.au \
--cc=christophe.leroy@csgroup.eu \
--cc=farosas@linux.ibm.com \
--cc=kconsul@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=npiggin@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox