Fix a use-after-module-unload bug in the async #PF code by ensuring all
workqueue items fully complete before tearing down vCPUs. Do a bit of
cleanup to try and make the code slightly more readable.
Side topic, I'm pretty s390's flic_set_attr() is broken/racy. The async #PF
code assumes that only the vCPU can invoke
kvm_clear_async_pf_completion_queue(), as there are multiple assets that
are effectively protected by vcpu->mutex. I don't any real world VMMs
trigger the race(s), but AFAICT it's a bug. I think/assume taking all
vCPUs' mutexes would plug the hole?
Sean Christopherson (4):
KVM: Always flush async #PF workqueue when vCPU is being destroyed
KVM: Put mm immediately after async #PF worker completes remote gup()
KVM: Get reference to VM's address space in the async #PF worker
KVM: Nullify async #PF worker's "apf" pointer as soon as it might be
freed
include/linux/kvm_host.h | 1 -
virt/kvm/async_pf.c | 79 ++++++++++++++++++++++++++++------------
2 files changed, 55 insertions(+), 25 deletions(-)
base-commit: 1c6d984f523f67ecfad1083bb04c55d91977bb15
--
2.43.0.472.g3155946c3a-goog
