On Wed, Aug 04, 2021 at 04:23:26PM +0200, Joerg Roedel wrote: > On Wed, Aug 04, 2021 at 03:58:34PM +0300, Dan Carpenter wrote: > > exc_page_fault() <-- called with preempt disabled > > --> kvm_handle_async_pf() > > --> __kvm_handle_async_pf() > > --> kvm_async_pf_task_wait_schedule() calls schedule(). > > This call path can not be taken in the page-fault handler when called > from the #VC handler. To take this path the host needs to inject an > async page-fault, especially setting async pf flags, without injecting a > page-fault exception on its own ... and when the #VC handler is running. > KVM is not doing that. > > Okay, the hypervisor can be malicious, but otherwise this can't happen. > To mitigate a malicious hypervisor threat here it might be a solution to > not call the page-fault handler directly from the #VC handler and let it > re-fault after the #VC handler returned. > Thanks for taking a look at this. Also it turns out that my check wasn't taking in_atomic() into consideration either so I've added that. regards, dan carpenter
