[PATCH] powerpc/kvm/book3s64/nested: Fix kernel crash with nested kvm

"Aneesh Kumar K.V" <aneesh.kumar@xxxxxxxxxxxxx> · Thu, 11 Jun 2020 17:31:59 +0530

__pa() do check for addr value passed and if < PAGE_OFFSET
results in BUG.

 #define __pa(x)								\
({									\
	VIRTUAL_BUG_ON((unsigned long)(x) < PAGE_OFFSET);		\
	(unsigned long)(x) & 0x0fffffffffffffffUL;			\
})

kvmhv_copy_tofrom_guest_radix() use a NULL value for
to/from to indicate direction of copy. Avoid calling __pa() if the
value is NULL

kernel BUG at arch/powerpc/kvm/book3s_64_mmu_radix.c:43!
cpu 0x70: Vector: 700 (Program Check) at [c0000018a2187360]
    pc: c000000000161b30: __kvmhv_copy_tofrom_guest_radix+0x130/0x1f0
    lr: c000000000161d5c: kvmhv_copy_from_guest_radix+0x3c/0x80

....

[c0000018a2187670] c000000000161d5c kvmhv_copy_from_guest_radix+0x3c/0x80
[c0000018a21876b0] c00000000014feb8 kvmhv_load_from_eaddr+0x48/0xc0
[c0000018a21876e0] c000000000135828 kvmppc_ld+0x98/0x1e0
[c0000018a2187780] c00000000013bc20 kvmppc_load_last_inst+0x50/0x90
[c0000018a21877b0] c00000000015e9e8 kvmppc_hv_emulate_mmio+0x288/0x2b0
[c0000018a2187810] c000000000164888 kvmppc_book3s_radix_page_fault+0xd8/0x2b0
[c0000018a21878c0] c00000000015ed8c kvmppc_book3s_hv_page_fault+0x37c/0x1050
[c0000018a2187a00] c00000000015a518 kvmppc_vcpu_run_hv+0xbb8/0x1080
[c0000018a2187b20] c00000000013d204 kvmppc_vcpu_run+0x34/0x50
[c0000018a2187b40] c00000000013949c kvm_arch_vcpu_ioctl_run+0x2fc/0x410
[c0000018a2187bd0] c00000000012a2a4 kvm_vcpu_ioctl+0x2b4/0x8f0
[c0000018a2187d50] c0000000005b12a4 ksys_ioctl+0xf4/0x150
[c0000018a2187da0] c0000000005b1328 sys_ioctl+0x28/0x80
[c0000018a2187dc0] c000000000030584 system_call_exception+0x104/0x1d0
[c0000018a2187e20] c00000000000ca68 system_call_common+0xe8/0x214

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxx>
---
 arch/powerpc/kvm/book3s_64_mmu_radix.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/kvm/book3s_64_mmu_radix.c b/arch/powerpc/kvm/book3s_64_mmu_radix.c
index 02219e28b1e4..84acb4769487 100644
--- a/arch/powerpc/kvm/book3s_64_mmu_radix.c
+++ b/arch/powerpc/kvm/book3s_64_mmu_radix.c
@@ -40,7 +40,8 @@ unsigned long __kvmhv_copy_tofrom_guest_radix(int lpid, int pid,
 	/* Can't access quadrants 1 or 2 in non-HV mode, call the HV to do it */
 	if (kvmhv_on_pseries())
 		return plpar_hcall_norets(H_COPY_TOFROM_GUEST, lpid, pid, eaddr,
-					  __pa(to), __pa(from), n);
+					  (to != NULL) ? __pa(to): 0,
+					  (from != NULL) ? __pa(from): 0, n);
 
 	quadrant = 1;
 	if (!pid)
-- 
2.26.2







