[PATCH 4.4 10/32] arm/arm64: KVM: Take mmap_sem in kvm_arch_prepare_memory_region

stable.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Eric Auger <eric.auger@rehat.com>,
	Christoffer Dall <cdall@linaro.org>,
	Suzuki K Poulose <suzuki.poulose@arm.com>,
	Marc Zyngier <marc.zyngier@arm.com>
Subject: [PATCH 4.4 10/32] arm/arm64: KVM: Take mmap_sem in kvm_arch_prepare_memory_region
Date: Mon, 10 Apr 2017 18:39:00 +0200	[thread overview]
Message-ID: <20170410163840.565944103@linuxfoundation.org> (raw)
In-Reply-To: <20170410163839.055472822@linuxfoundation.org>

4.4-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Marc Zyngier <marc.zyngier@arm.com>

commit 72f310481a08db821b614e7b5d00febcc9064b36 upstream.

We don't hold the mmap_sem while searching for VMAs (via find_vma), in
kvm_arch_prepare_memory_region, which can end up in expected failures.

Fixes: commit 8eef91239e57 ("arm/arm64: KVM: map MMIO regions at creation time")
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Eric Auger <eric.auger@rehat.com>
Reviewed-by: Christoffer Dall <cdall@linaro.org>
[ Handle dirty page logging failure case ]
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 arch/arm/kvm/mmu.c |   11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

--- a/arch/arm/kvm/mmu.c
+++ b/arch/arm/kvm/mmu.c
@@ -1761,6 +1761,7 @@ int kvm_arch_prepare_memory_region(struc
 	    (KVM_PHYS_SIZE >> PAGE_SHIFT))
 		return -EFAULT;
 
+	down_read(&current->mm->mmap_sem);
 	/*
 	 * A memory region could potentially cover multiple VMAs, and any holes
 	 * between them, so iterate over all of them to find out if we can map
@@ -1804,8 +1805,10 @@ int kvm_arch_prepare_memory_region(struc
 			pa += vm_start - vma->vm_start;
 
 			/* IO region dirty page logging not allowed */
-			if (memslot->flags & KVM_MEM_LOG_DIRTY_PAGES)
-				return -EINVAL;
+			if (memslot->flags & KVM_MEM_LOG_DIRTY_PAGES) {
+				ret = -EINVAL;
+				goto out;
+			}
 
 			ret = kvm_phys_addr_ioremap(kvm, gpa, pa,
 						    vm_end - vm_start,
@@ -1817,7 +1820,7 @@ int kvm_arch_prepare_memory_region(struc
 	} while (hva < reg_end);
 
 	if (change == KVM_MR_FLAGS_ONLY)
-		return ret;
+		goto out;
 
 	spin_lock(&kvm->mmu_lock);
 	if (ret)
@@ -1825,6 +1828,8 @@ int kvm_arch_prepare_memory_region(struc
 	else
 		stage2_flush_memslot(kvm, memslot);
 	spin_unlock(&kvm->mmu_lock);
+out:
+	up_read(&current->mm->mmap_sem);
 	return ret;
 }

next prev parent reply	other threads:[~2017-04-10 16:40 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-04-10 16:38 [PATCH 4.4 00/32] 4.4.61-stable review Greg Kroah-Hartman
2017-04-10 16:38 ` [PATCH 4.4 01/32] drm/vmwgfx: Type-check lookups of fence objects Greg Kroah-Hartman
2017-04-10 16:38 ` [PATCH 4.4 02/32] drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() Greg Kroah-Hartman
2017-04-10 16:38 ` [PATCH 4.4 03/32] drm/vmwgfx: avoid calling vzalloc with a 0 size in vmw_get_cap_3d_ioctl() Greg Kroah-Hartman
2017-04-10 16:38 ` [PATCH 4.4 04/32] drm/ttm, drm/vmwgfx: Relax permission checking when opening surfaces Greg Kroah-Hartman
2017-04-10 16:38 ` [PATCH 4.4 05/32] drm/vmwgfx: Remove getparam error message Greg Kroah-Hartman
2017-04-10 16:38 ` [PATCH 4.4 06/32] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() Greg Kroah-Hartman
2017-04-10 16:38 ` [PATCH 4.4 07/32] sysfs: be careful of error returns from ops->show() Greg Kroah-Hartman
2017-04-10 16:38 ` [PATCH 4.4 08/32] staging: android: ashmem: lseek failed due to no FMODE_LSEEK Greg Kroah-Hartman
2017-04-10 16:38 ` [PATCH 4.4 09/32] arm/arm64: KVM: Take mmap_sem in stage2_unmap_vm Greg Kroah-Hartman
2017-04-10 16:39 ` Greg Kroah-Hartman [this message]
2017-04-10 16:39 ` [PATCH 4.4 11/32] iio: bmg160: reset chip when probing Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 12/32] Reset TreeId to zero on SMB2 TREE_CONNECT Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 13/32] ptrace: fix PTRACE_LISTEN race corrupting task->state Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 14/32] ring-buffer: Fix return value check in test_ringbuffer() Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 15/32] metag/usercopy: Drop unused macros Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 16/32] metag/usercopy: Fix alignment error checking Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 17/32] metag/usercopy: Add early abort to copy_to_user Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 18/32] metag/usercopy: Zero rest of buffer from copy_from_user Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 19/32] metag/usercopy: Set flags before ADDZ Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 20/32] metag/usercopy: Fix src fixup in from user rapf loops Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 21/32] metag/usercopy: Add missing fixups Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 22/32] powerpc/mm: Add missing global TLB invalidate if cxl is active Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 23/32] powerpc: Dont try to fix up misaligned load-with-reservation instructions Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 24/32] nios2: reserve boot memory for device tree Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 25/32] s390/decompressor: fix initrd corruption caused by bss clear Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 26/32] s390/uaccess: get_user() should zero on failure (again) Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 27/32] MIPS: Force o32 fp64 support on 32bit MIPS64r6 kernels Greg Kroah-Hartman
2017-04-14 23:45   ` Maciej W. Rozycki
2017-04-19 13:13     ` Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 28/32] MIPS: ralink: Fix typos in rt3883 pinctrl Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 29/32] MIPS: End spinlocks with .insn Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 30/32] MIPS: Lantiq: fix missing xbar kernel panic Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 31/32] MIPS: Flush wrong invalid FTLB entry for huge page Greg Kroah-Hartman
2017-04-10 16:39 ` [PATCH 4.4 32/32] mm/mempolicy.c: fix error handling in set_mempolicy and mbind Greg Kroah-Hartman
2017-04-10 20:38 ` [PATCH 4.4 00/32] 4.4.61-stable review Shuah Khan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170410163840.565944103@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=ard.biesheuvel@linaro.org \
    --cc=cdall@linaro.org \
    --cc=eric.auger@rehat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=marc.zyngier@arm.com \
    --cc=stable@vger.kernel.org \
    --cc=suzuki.poulose@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).