ehrhardt@xxxxxxxxxxxxxxxxxx wrote:
From: Carsten Otte <cotte@xxxxxxxxxx>
This patch makes sure we do unlink a vcpu's sie control block
from the system control area in kvm_arch_vcpu_destroy. This
prevents illegal accesses to the sie control block from other
virtual cpus after free.
Reported-by: Mijo Safradin <mijo@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Carsten Otte <cotte@xxxxxxxxxx>
---
arch/s390/kvm/kvm-s390.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
Index: kvm/arch/s390/kvm/kvm-s390.c
===================================================================
--- kvm.orig/arch/s390/kvm/kvm-s390.c
+++ kvm/arch/s390/kvm/kvm-s390.c
@@ -195,6 +195,9 @@ out_nokvm:
void kvm_arch_vcpu_destroy(struct kvm_vcpu *vcpu)
{
VCPU_EVENT(vcpu, 3, "%s", "free cpu");
+ if (vcpu->kvm->arch.sca->cpu[vcpu->vcpu_id].sda ==
+ (__u64) vcpu->arch.sie_block)
+ vcpu->kvm->arch.sca->cpu[vcpu->vcpu_id].sda = 0;
free_page((unsigned long)(vcpu->arch.sie_block));
If this is accessed by hardware on a different cpu, don't you need a
memory barrier here?
--
Do not meddle in the internals of kernels, for they are subtle and quick to panic.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
