Skip to content

Commit 4bba7f7

Browse files
ouptonMarc Zyngier
oupton
authored and
Marc Zyngier
committed
KVM: arm64: Use config_lock to protect data ordered against KVM_RUN
There are various bits of VM-scoped data that can only be configured before the first call to KVM_RUN, such as the hypercall bitmaps and the PMU. As these fields are protected by the kvm->lock and accessed while holding vcpu->mutex, this is yet another example of lock inversion. Change out the kvm->lock for kvm->arch.config_lock in all of these instances. Opportunistically simplify the locking mechanics of the PMU configuration by holding the config_lock for the entirety of kvm_arm_pmu_v3_set_attr(). Note that this also addresses a couple of bugs. There is an unguarded read of the PMU version in KVM_ARM_VCPU_PMU_V3_FILTER which could race with KVM_ARM_VCPU_PMU_V3_SET_PMU. Additionally, until now writes to the per-vCPU vPMU irq were not serialized VM-wide, meaning concurrent calls to KVM_ARM_VCPU_PMU_V3_IRQ could lead to a false positive in pmu_irq_is_valid(). Cc: stable@vger.kernel.org Tested-by: Jeremy Linton <jeremy.linton@arm.com> Signed-off-by: Oliver Upton <oliver.upton@linux.dev> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20230327164747.2466958-4-oliver.upton@linux.dev
1 parent c43120a commit 4bba7f7

4 files changed

Lines changed: 12 additions & 21 deletions

File tree

arch/arm64/kvm/arm.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -624,9 +624,9 @@ int kvm_arch_vcpu_run_pid_change(struct kvm_vcpu *vcpu)
624624
if (kvm_vm_is_protected(kvm))
625625
kvm_call_hyp_nvhe(__pkvm_vcpu_init_traps, vcpu);
626626

627-
mutex_lock(&kvm->lock);
627+
mutex_lock(&kvm->arch.config_lock);
628628
set_bit(KVM_ARCH_FLAG_HAS_RAN_ONCE, &kvm->arch.flags);
629-
mutex_unlock(&kvm->lock);
629+
mutex_unlock(&kvm->arch.config_lock);
630630

631631
return ret;
632632
}

arch/arm64/kvm/guest.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -957,7 +957,9 @@ int kvm_arm_vcpu_arch_set_attr(struct kvm_vcpu *vcpu,
957957

958958
switch (attr->group) {
959959
case KVM_ARM_VCPU_PMU_V3_CTRL:
960+
mutex_lock(&vcpu->kvm->arch.config_lock);
960961
ret = kvm_arm_pmu_v3_set_attr(vcpu, attr);
962+
mutex_unlock(&vcpu->kvm->arch.config_lock);
961963
break;
962964
case KVM_ARM_VCPU_TIMER_CTRL:
963965
ret = kvm_arm_timer_set_attr(vcpu, attr);

arch/arm64/kvm/hypercalls.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -377,7 +377,7 @@ static int kvm_arm_set_fw_reg_bmap(struct kvm_vcpu *vcpu, u64 reg_id, u64 val)
377377
if (val & ~fw_reg_features)
378378
return -EINVAL;
379379

380-
mutex_lock(&kvm->lock);
380+
mutex_lock(&kvm->arch.config_lock);
381381

382382
if (test_bit(KVM_ARCH_FLAG_HAS_RAN_ONCE, &kvm->arch.flags) &&
383383
val != *fw_reg_bmap) {
@@ -387,7 +387,7 @@ static int kvm_arm_set_fw_reg_bmap(struct kvm_vcpu *vcpu, u64 reg_id, u64 val)
387387

388388
WRITE_ONCE(*fw_reg_bmap, val);
389389
out:
390-
mutex_unlock(&kvm->lock);
390+
mutex_unlock(&kvm->arch.config_lock);
391391
return ret;
392392
}
393393

arch/arm64/kvm/pmu-emul.c

Lines changed: 6 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -874,7 +874,7 @@ static int kvm_arm_pmu_v3_set_pmu(struct kvm_vcpu *vcpu, int pmu_id)
874874
struct arm_pmu *arm_pmu;
875875
int ret = -ENXIO;
876876

877-
mutex_lock(&kvm->lock);
877+
lockdep_assert_held(&kvm->arch.config_lock);
878878
mutex_lock(&arm_pmus_lock);
879879

880880
list_for_each_entry(entry, &arm_pmus, entry) {
@@ -894,30 +894,27 @@ static int kvm_arm_pmu_v3_set_pmu(struct kvm_vcpu *vcpu, int pmu_id)
894894
}
895895

896896
mutex_unlock(&arm_pmus_lock);
897-
mutex_unlock(&kvm->lock);
898897
return ret;
899898
}
900899

901900
int kvm_arm_pmu_v3_set_attr(struct kvm_vcpu *vcpu, struct kvm_device_attr *attr)
902901
{
903902
struct kvm *kvm = vcpu->kvm;
904903

904+
lockdep_assert_held(&kvm->arch.config_lock);
905+
905906
if (!kvm_vcpu_has_pmu(vcpu))
906907
return -ENODEV;
907908

908909
if (vcpu->arch.pmu.created)
909910
return -EBUSY;
910911

911-
mutex_lock(&kvm->lock);
912912
if (!kvm->arch.arm_pmu) {
913913
/* No PMU set, get the default one */
914914
kvm->arch.arm_pmu = kvm_pmu_probe_armpmu();
915-
if (!kvm->arch.arm_pmu) {
916-
mutex_unlock(&kvm->lock);
915+
if (!kvm->arch.arm_pmu)
917916
return -ENODEV;
918-
}
919917
}
920-
mutex_unlock(&kvm->lock);
921918

922919
switch (attr->attr) {
923920
case KVM_ARM_VCPU_PMU_V3_IRQ: {
@@ -961,19 +958,13 @@ int kvm_arm_pmu_v3_set_attr(struct kvm_vcpu *vcpu, struct kvm_device_attr *attr)
961958
filter.action != KVM_PMU_EVENT_DENY))
962959
return -EINVAL;
963960

964-
mutex_lock(&kvm->lock);
965-
966-
if (test_bit(KVM_ARCH_FLAG_HAS_RAN_ONCE, &kvm->arch.flags)) {
967-
mutex_unlock(&kvm->lock);
961+
if (test_bit(KVM_ARCH_FLAG_HAS_RAN_ONCE, &kvm->arch.flags))
968962
return -EBUSY;
969-
}
970963

971964
if (!kvm->arch.pmu_filter) {
972965
kvm->arch.pmu_filter = bitmap_alloc(nr_events, GFP_KERNEL_ACCOUNT);
973-
if (!kvm->arch.pmu_filter) {
974-
mutex_unlock(&kvm->lock);
966+
if (!kvm->arch.pmu_filter)
975967
return -ENOMEM;
976-
}
977968

978969
/*
979970
* The default depends on the first applied filter.
@@ -992,8 +983,6 @@ int kvm_arm_pmu_v3_set_attr(struct kvm_vcpu *vcpu, struct kvm_device_attr *attr)
992983
else
993984
bitmap_clear(kvm->arch.pmu_filter, filter.base_event, filter.nevents);
994985

995-
mutex_unlock(&kvm->lock);
996-
997986
return 0;
998987
}
999988
case KVM_ARM_VCPU_PMU_V3_SET_PMU: {

0 commit comments

Comments
 (0)