korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-09-21 20:22:13 +08:00
Code Issues Packages Projects Releases Wiki Activity
839c4f596f
linux/arch/riscv/kvm
History
Anup Patel 47d40d9329 RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data 
With the latest Linux-6.11-rc3, the below NULL pointer crash is observed
when SBI PMU snapshot is enabled for the guest and the guest is forcefully
powered-off.

  Unable to handle kernel NULL pointer dereference at virtual address 0000000000000508
  Oops [#1]
  Modules linked in: kvm
  CPU: 0 UID: 0 PID: 61 Comm: term-poll Not tainted 6.11.0-rc3-00018-g44d7178dd77a #3
  Hardware name: riscv-virtio,qemu (DT)
  epc : __kvm_write_guest_page+0x94/0xa6 [kvm]
   ra : __kvm_write_guest_page+0x54/0xa6 [kvm]
  epc : ffffffff01590e98 ra : ffffffff01590e58 sp : ffff8f80001f39b0
   gp : ffffffff81512a60 tp : ffffaf80024872c0 t0 : ffffaf800247e000
   t1 : 00000000000007e0 t2 : 0000000000000000 s0 : ffff8f80001f39f0
   s1 : 00007fff89ac4000 a0 : ffffffff015dd7e8 a1 : 0000000000000086
   a2 : 0000000000000000 a3 : ffffaf8000000000 a4 : ffffaf80024882c0
   a5 : 0000000000000000 a6 : ffffaf800328d780 a7 : 00000000000001cc
   s2 : ffffaf800197bd00 s3 : 00000000000828c4 s4 : ffffaf800248c000
   s5 : ffffaf800247d000 s6 : 0000000000001000 s7 : 0000000000001000
   s8 : 0000000000000000 s9 : 00007fff861fd500 s10: 0000000000000001
   s11: 0000000000800000 t3 : 00000000000004d3 t4 : 00000000000004d3
   t5 : ffffffff814126e0 t6 : ffffffff81412700
  status: 0000000200000120 badaddr: 0000000000000508 cause: 000000000000000d
  [<ffffffff01590e98>] __kvm_write_guest_page+0x94/0xa6 [kvm]
  [<ffffffff015943a6>] kvm_vcpu_write_guest+0x56/0x90 [kvm]
  [<ffffffff015a175c>] kvm_pmu_clear_snapshot_area+0x42/0x7e [kvm]
  [<ffffffff015a1972>] kvm_riscv_vcpu_pmu_deinit.part.0+0xe0/0x14e [kvm]
  [<ffffffff015a2ad0>] kvm_riscv_vcpu_pmu_deinit+0x1a/0x24 [kvm]
  [<ffffffff0159b344>] kvm_arch_vcpu_destroy+0x28/0x4c [kvm]
  [<ffffffff0158e420>] kvm_destroy_vcpus+0x5a/0xda [kvm]
  [<ffffffff0159930c>] kvm_arch_destroy_vm+0x14/0x28 [kvm]
  [<ffffffff01593260>] kvm_destroy_vm+0x168/0x2a0 [kvm]
  [<ffffffff015933d4>] kvm_put_kvm+0x3c/0x58 [kvm]
  [<ffffffff01593412>] kvm_vm_release+0x22/0x2e [kvm]

Clearly, the kvm_vcpu_write_guest() function is crashing because it is
being called from kvm_pmu_clear_snapshot_area() upon guest tear down.

To address the above issue, simplify the kvm_pmu_clear_snapshot_area() to
not zero-out PMU snapshot area from kvm_pmu_clear_snapshot_area() because
the guest is anyway being tore down.

The kvm_pmu_clear_snapshot_area() is also called when guest changes
PMU snapshot area of a VCPU but even in this case the previous PMU
snaphsot area must not be zeroed-out because the guest might have
reclaimed the pervious PMU snapshot area for some other purpose.

Fixes: c2f41ddbcd ("RISC-V: KVM: Implement SBI PMU Snapshot feature")
Signed-off-by: Anup Patel <apatel@ventanamicro.com>
Link: https://lore.kernel.org/r/20240815170907.2792229-1-apatel@ventanamicro.com
Signed-off-by: Anup Patel <anup@brainfault.org>
2024-08-19 08:58:17 +05:30
..
aia_aplic.c RISC-V: KVM: Share APLIC and IMSIC defines with irqchip drivers 2024-06-26 18:37:32 +05:30
aia_device.c RISC-V: KVM: Share APLIC and IMSIC defines with irqchip drivers 2024-06-26 18:37:32 +05:30
aia_imsic.c RISC-V: KVM: Share APLIC and IMSIC defines with irqchip drivers 2024-06-26 18:37:32 +05:30
aia.c RISC-V: KVM: Use IMSIC guest files when available 2024-06-26 18:37:34 +05:30
Kconfig kvm: replace __KVM_HAVE_READONLY_MEM with Kconfig symbol 2024-02-08 08:41:06 -05:00
main.c RISC-V: KVM: Implement kvm_arch_vcpu_ioctl_set_guest_debug() 2024-04-08 14:06:27 +05:30
Makefile kbuild: use $(src) instead of $(srctree)/$(src) for source directory 2024-05-10 04:34:52 +09:00
mmu.c KVM: delete .change_pte MMU notifier callback 2024-04-11 13:18:27 -04:00
tlb.c riscv: Rearrange hwcap.h and cpufeature.h 2023-11-09 10:15:51 -08:00
trace.h RISCV: KVM: add tracepoints for entry and exit events 2024-06-26 18:37:36 +05:30
vcpu_exit.c RISC-V: KVM: Redirect AMO load/store access fault traps to guest 2024-06-26 18:37:41 +05:30
vcpu_fp.c riscv: Rearrange hwcap.h and cpufeature.h 2023-11-09 10:15:51 -08:00
vcpu_insn.c KVM: riscv: Support guest wrs.nto 2024-07-12 08:54:51 -07:00
vcpu_onereg.c RISC-V Patches for the 6.11 Merge Window, Part 1 2024-07-20 09:11:27 -07:00
vcpu_pmu.c RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data 2024-08-19 08:58:17 +05:30
vcpu_sbi_base.c RISC-V: KVM: Add ONE_REG interface to enable/disable SBI extensions 2023-04-21 17:38:44 +05:30
vcpu_sbi_hsm.c RISCV: KVM: Introduce vcpu->reset_cntx_lock 2024-04-22 10:39:03 +05:30
vcpu_sbi_pmu.c RISC-V: KVM: Improve firmware counter read function 2024-04-26 13:13:54 +05:30
vcpu_sbi_replace.c RISC-V: KVM: Make SBI uapi consistent with ISA uapi 2023-12-29 12:31:44 +05:30
vcpu_sbi_sta.c RISC-V: KVM: Rename the SBI_STA_SHMEM_DISABLE to a generic name 2024-04-22 11:13:52 +05:30
vcpu_sbi_v01.c RISC-V: KVM: Modify SBI extension handler to return SBI error code 2023-02-07 20:35:45 +05:30
vcpu_sbi.c RISC-V: KVM: Fix sbiret init before forwarding to userspace 2024-08-19 08:32:10 +05:30
vcpu_switch.S riscv: kvm: use ".L" local labels in assembly when applicable 2023-12-29 12:31:33 +05:30
vcpu_timer.c RISC-V: KVM: do not EOPNOTSUPP in set KVM_REG_RISCV_TIMER_REG 2023-08-08 17:25:49 +05:30
vcpu_vector.c RISC-V: KVM: add 'vlenb' Vector CSR 2023-12-29 12:31:54 +05:30
vcpu.c ARM: 2024-07-20 12:41:03 -07:00
vm.c RISC-V: KVM: Implement kvm_arch_vcpu_ioctl_set_guest_debug() 2024-04-08 14:06:27 +05:30
vmid.c RISC-V: KVM: Drop the _MASK suffix from hgatp.VMID mask defines 2023-04-21 17:45:44 +05:30