v2: Updated a comment and added a new one. ________________________________________ From: Kaya, Metin Sent: 21 March 2022 16:46 To: Paolo Bonzini; kvm@xxxxxxxxxxxxxxx Cc: Woodhouse, David; Durrant, Paul; Boris Ostrovsky; linux-kernel@xxxxxxxxxxxxxxx; x86@xxxxxxxxxx Subject: [PATCH 1/1] KVM: x86/xen: add support for 32-bit guests in SCHEDOP_poll
From f19a8832e2e56f843fdc62740db1381d50946be3 Mon Sep 17 00:00:00 2001 From: Metin Kaya <metikaya@xxxxxxxxxx> Date: Mon, 21 Mar 2022 11:05:32 +0000 Subject: [PATCH] KVM: x86/xen: add support for 32-bit guests in SCHEDOP_poll This patch introduces compat version of struct sched_poll for SCHEDOP_poll sub-operation of sched_op hypercall, reads correct amount of data (16 bytes in 32-bit case, 24 bytes otherwise) by using new compat_sched_poll struct, copies it to sched_poll properly, and lets rest of the code run as is. Signed-off-by: Metin Kaya <metikaya@xxxxxxxxxx> Reviewed-by: David Woodhouse <dwmw@xxxxxxxxxxxx> Reviewed-by: Paul Durrant <pdurrant@xxxxxxxxxxxx> --- arch/x86/kvm/xen.c | 31 +++++++++++++++++++++++++++---- arch/x86/kvm/xen.h | 7 +++++++ 2 files changed, 34 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c index 7d01983d1087..2d0a5d2ca6f1 100644 --- a/arch/x86/kvm/xen.c +++ b/arch/x86/kvm/xen.c @@ -998,20 +998,43 @@ static bool kvm_xen_schedop_poll(struct kvm_vcpu *vcpu, bool longmode, evtchn_port_t port, *ports; gpa_t gpa; - if (!longmode || !lapic_in_kernel(vcpu) || + if (!lapic_in_kernel(vcpu) || !(vcpu->kvm->arch.xen_hvm_config.flags & KVM_XEN_HVM_CONFIG_EVTCHN_SEND)) return false; idx = srcu_read_lock(&vcpu->kvm->srcu); gpa = kvm_mmu_gva_to_gpa_system(vcpu, param, NULL); srcu_read_unlock(&vcpu->kvm->srcu, idx); - - if (!gpa || kvm_vcpu_read_guest(vcpu, gpa, &sched_poll, - sizeof(sched_poll))) { + if (!gpa) { *r = -EFAULT; return true; } + if (IS_ENABLED(CONFIG_64BIT) && longmode) { + if (kvm_vcpu_read_guest(vcpu, gpa, &sched_poll, + sizeof(sched_poll))) { + *r = -EFAULT; + return true; + } + } else { + struct compat_sched_poll sp; + + /* + * Sanity check that __packed trick works fine and size of + * compat_sched_poll is 16 bytes just like in the real Xen + * 32-bit case. + */ + BUILD_BUG_ON(sizeof(struct compat_sched_poll) != 16); + + if (kvm_vcpu_read_guest(vcpu, gpa, &sp, sizeof(sp))) { + *r = -EFAULT; + return true; + } + sched_poll.ports = (evtchn_port_t *)(unsigned long)(sp.ports); + sched_poll.nr_ports = sp.nr_ports; + sched_poll.timeout = sp.timeout; + } + if (unlikely(sched_poll.nr_ports > 1)) { /* Xen (unofficially) limits number of pollers to 128 */ if (sched_poll.nr_ports > 128) { diff --git a/arch/x86/kvm/xen.h b/arch/x86/kvm/xen.h index ee5c4ae0755c..8b36d346fc9c 100644 --- a/arch/x86/kvm/xen.h +++ b/arch/x86/kvm/xen.h @@ -196,6 +196,13 @@ struct compat_shared_info { struct compat_arch_shared_info arch; }; +struct compat_sched_poll { + /* This is actually a guest virtual address which points to ports. */ + uint32_t ports; + unsigned int nr_ports; + uint64_t timeout; +} __packed; + #define COMPAT_EVTCHN_2L_NR_CHANNELS (8 * \ sizeof_field(struct compat_shared_info, \ evtchn_pending)) -- 2.32.0