From patchwork Thu Jun 19 09:21:25 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Marc Zyngier <marc.zyngier@arm.com>
X-Patchwork-Id: 32187
Return-Path: <patchwork-forward+bncBCPZR5X4TYBBBMG4RKOQKGQEEBPY5NA@linaro.org>
X-Original-To: linaro@patches.linaro.org
Delivered-To: linaro@patches.linaro.org
Received: from mail-yh0-f71.google.com (mail-yh0-f71.google.com
 [209.85.213.71])
 by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id B3AEF206A0
 for <linaro@patches.linaro.org>; Thu, 19 Jun 2014 09:32:32 +0000 (UTC)
Received: by mail-yh0-f71.google.com with SMTP id t59sf7064079yho.10
 for <linaro@patches.linaro.org>; Thu, 19 Jun 2014 02:32:32 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:delivered-to:from:to:subject:date:message-id
 :in-reply-to:references:cc:precedence:list-id:list-unsubscribe
 :list-archive:list-post:list-help:list-subscribe:mime-version:sender
 :errors-to:x-original-sender:x-original-authentication-results
 :mailing-list:content-type:content-transfer-encoding;
 bh=TuWG326JidIb4/5ykh+U08fIUuSsJOGVY+3F0NG9BNM=;
 b=UWeUIgs3GkfITlK8RxMZ4LGLH0bTLZ6gBbr+Uohv/WOyazVH79O2iWVsZBsc6ohgJw
 EtOCmF6lGLfqAx7ZwrbOEP0vL1QNRTzcw+ruxO67We/uiPouF7b7ALh5anTV1PoFn4oS
 gVp9bEp3umOrGq8JzFaCHZjb1+jPj37B6stz79WD4aDcnxSL0ZXw4e9zaS10xyLwA/fs
 SBHN0ZrbkYRDHyLajG5FOaeZ92dbQsxLnmhQr5ZAH+Vq7GNoiEid2uAEuNAtfrMVDKdi
 2ycnZ80Q85R1huOJN0SuVl9PfPO15bUVY5chGauBo1r/MX9uEZxBDxYaMxHmnNPCj9Xh
 KlMQ==
X-Gm-Message-State: ALoCoQn5RxM0v1OTgyhEaY+NtHjpBHyMLkgUYIEqSPmy0/Mu7WpNy3h71Fobp6Y3B0fto+022Yxr
X-Received: by 10.236.207.164 with SMTP id n24mr1764733yho.5.1403170352459; 
 Thu, 19 Jun 2014 02:32:32 -0700 (PDT)
X-BeenThere: patchwork-forward@linaro.org
Received: by 10.140.106.203 with SMTP id e69ls501016qgf.29.gmail; Thu, 19 Jun
 2014 02:32:32 -0700 (PDT)
X-Received: by 10.58.46.141 with SMTP id v13mr3099467vem.18.1403170352282;
 Thu, 19 Jun 2014 02:32:32 -0700 (PDT)
Received: from mail-ve0-f175.google.com (mail-ve0-f175.google.com
 [209.85.128.175]) by mx.google.com with ESMTPS id
 fw20si2102562vec.95.2014.06.19.02.32.32
 for <patchwork-forward@linaro.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Thu, 19 Jun 2014 02:32:32 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 209.85.128.175 as permitted sender) client-ip=209.85.128.175; 
Received: by mail-ve0-f175.google.com with SMTP id jx11so2026944veb.6
 for <patchwork-forward@linaro.org>;
 Thu, 19 Jun 2014 02:32:32 -0700 (PDT)
X-Received: by 10.58.152.234 with SMTP id vb10mr3013662veb.21.1403170352172; 
 Thu, 19 Jun 2014 02:32:32 -0700 (PDT)
X-Forwarded-To: patchwork-forward@linaro.org
X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org
Delivered-To: patch@linaro.org
Received: by 10.221.54.6 with SMTP id vs6csp348742vcb;
 Thu, 19 Jun 2014 02:32:31 -0700 (PDT)
X-Received: by 10.224.166.201 with SMTP id n9mr5304145qay.62.1403170351759; 
 Thu, 19 Jun 2014 02:32:31 -0700 (PDT)
Received: from bombadil.infradead.org (bombadil.infradead.org.
 [2001:1868:205::9]) by mx.google.com with ESMTPS id
 m100si5618813qga.3.2014.06.19.02.32.31 for <patch@linaro.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Thu, 19 Jun 2014 02:32:31 -0700 (PDT)
Received-SPF: none (google.com:
 linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org
 does not designate permitted sender hosts)
 client-ip=2001:1868:205::9; 
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
 by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux))
 id 1WxYfY-0002Lt-Hq; Thu, 19 Jun 2014 09:30:08 +0000
Received: from fw-tnat.austin.arm.com ([217.140.110.23]
 helo=collaborate-mta1.arm.com)
 by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux))
 id 1WxYXc-00019d-KD for linux-arm-kernel@lists.infradead.org;
 Thu, 19 Jun 2014 09:21:57 +0000
Received: from e102391-lin.cambridge.arm.com (e102391-lin.cambridge.arm.com
 [10.1.209.143])
 by collaborate-mta1.arm.com (Postfix) with ESMTP id 5214E13FA3B;
 Thu, 19 Jun 2014 04:21:35 -0500 (CDT)
From: Marc Zyngier <marc.zyngier@arm.com>
To: linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu,
 kvm@vger.kernel.org
Subject: [PATCH v2 1/9] KVM: ARM: vgic: plug irq injection race
Date: Thu, 19 Jun 2014 10:21:25 +0100
Message-Id: <1403169693-13982-2-git-send-email-marc.zyngier@arm.com>
X-Mailer: git-send-email 1.8.3.4
In-Reply-To: <1403169693-13982-1-git-send-email-marc.zyngier@arm.com>
References: <1403169693-13982-1-git-send-email-marc.zyngier@arm.com>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3
X-CRM114-CacheID: sfid-20140619_022156_774270_519FEC42
X-CRM114-Status: UNSURE (   9.57  )
X-CRM114-Notice: Please train this message.
X-Spam-Score: -0.0 (/)
X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary:
 Content analysis details:   (-0.0 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
 domain
Cc: Christoffer Dall <christoffer.dall@linaro.org>
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: <patchwork-forward.linaro.org>
List-Unsubscribe: <http://groups.google.com/a/linaro.org/group/patchwork-forward/subscribe>, 
 <mailto:googlegroups-manage+836684582541+unsubscribe@googlegroups.com>
List-Archive: <http://groups.google.com/a/linaro.org/group/patchwork-forward/>
List-Post: <http://groups.google.com/a/linaro.org/group/patchwork-forward/post>, 
 <mailto:patchwork-forward@linaro.org>
List-Help: <http://support.google.com/a/linaro.org/bin/topic.py?topic=25838>, 
 <mailto:patchwork-forward+help@linaro.org>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
MIME-Version: 1.0
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org
X-Removed-Original-Auth: Dkim didn't pass.
X-Original-Sender: marc.zyngier@arm.com
X-Original-Authentication-Results: mx.google.com; spf=pass (google.com:
 domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 209.85.128.175 as permitted sender)
 smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org
Mailing-list: list patchwork-forward@linaro.org;
 contact patchwork-forward+owners@linaro.org
X-Google-Group-Id: 836684582541

As it stands, nothing prevents userspace from injecting an interrupt
before the guest's GIC is actually initialized.

This goes unnoticed so far (as everything is pretty much statically
allocated), but ends up exploding in a spectacular way once we switch
to a more dynamic allocation (the GIC data structure isn't there yet).

The fix is to test for the "ready" flag in the VGIC distributor before
trying to inject the interrupt. Note that in order to avoid breaking
userspace, we have to ignore what is essentially an error.

Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
---
 virt/kvm/arm/vgic.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 795ab48..c6da748 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1446,7 +1446,8 @@ out:
 int kvm_vgic_inject_irq(struct kvm *kvm, int cpuid, unsigned int irq_num,
 			bool level)
 {
-	if (vgic_update_irq_state(kvm, cpuid, irq_num, level))
+	if (likely(vgic_initialized(kvm)) &&
+	    vgic_update_irq_state(kvm, cpuid, irq_num, level))
 		vgic_kick_vcpus(kvm);
 
 	return 0;