Skip to content

Commit 894a9c5

Browse files
matosattiavikivity
matosatti
authored and
avikivity
committed
KVM: x86: missing locking in PIT/IRQCHIP/SET_BSP_CPU ioctl paths
Correct missing locking in a few places in x86's vm_ioctl handling path. Signed-off-by: Marcelo Tosatti <[email protected]> Signed-off-by: Avi Kivity <[email protected]>
1 parent ec04b26 commit 894a9c5

File tree

3 files changed

+14
-2
lines changed

3 files changed

+14
-2
lines changed

arch/x86/kvm/i8254.c

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -345,9 +345,7 @@ static void pit_load_count(struct kvm *kvm, int channel, u32 val)
345345

346346
void kvm_pit_load_count(struct kvm *kvm, int channel, u32 val)
347347
{
348-
mutex_lock(&kvm->arch.vpit->pit_state.lock);
349348
pit_load_count(kvm, channel, val);
350-
mutex_unlock(&kvm->arch.vpit->pit_state.lock);
351349
}
352350

353351
static inline struct kvm_pit *dev_to_pit(struct kvm_io_device *dev)

arch/x86/kvm/x86.c

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1987,19 +1987,25 @@ static int kvm_vm_ioctl_set_irqchip(struct kvm *kvm, struct kvm_irqchip *chip)
19871987
r = 0;
19881988
switch (chip->chip_id) {
19891989
case KVM_IRQCHIP_PIC_MASTER:
1990+
spin_lock(&pic_irqchip(kvm)->lock);
19901991
memcpy(&pic_irqchip(kvm)->pics[0],
19911992
&chip->chip.pic,
19921993
sizeof(struct kvm_pic_state));
1994+
spin_unlock(&pic_irqchip(kvm)->lock);
19931995
break;
19941996
case KVM_IRQCHIP_PIC_SLAVE:
1997+
spin_lock(&pic_irqchip(kvm)->lock);
19951998
memcpy(&pic_irqchip(kvm)->pics[1],
19961999
&chip->chip.pic,
19972000
sizeof(struct kvm_pic_state));
2001+
spin_unlock(&pic_irqchip(kvm)->lock);
19982002
break;
19992003
case KVM_IRQCHIP_IOAPIC:
2004+
mutex_lock(&kvm->irq_lock);
20002005
memcpy(ioapic_irqchip(kvm),
20012006
&chip->chip.ioapic,
20022007
sizeof(struct kvm_ioapic_state));
2008+
mutex_unlock(&kvm->irq_lock);
20032009
break;
20042010
default:
20052011
r = -EINVAL;
@@ -2013,16 +2019,20 @@ static int kvm_vm_ioctl_get_pit(struct kvm *kvm, struct kvm_pit_state *ps)
20132019
{
20142020
int r = 0;
20152021

2022+
mutex_lock(&kvm->arch.vpit->pit_state.lock);
20162023
memcpy(ps, &kvm->arch.vpit->pit_state, sizeof(struct kvm_pit_state));
2024+
mutex_unlock(&kvm->arch.vpit->pit_state.lock);
20172025
return r;
20182026
}
20192027

20202028
static int kvm_vm_ioctl_set_pit(struct kvm *kvm, struct kvm_pit_state *ps)
20212029
{
20222030
int r = 0;
20232031

2032+
mutex_lock(&kvm->arch.vpit->pit_state.lock);
20242033
memcpy(&kvm->arch.vpit->pit_state, ps, sizeof(struct kvm_pit_state));
20252034
kvm_pit_load_count(kvm, 0, ps->channels[0].count);
2035+
mutex_unlock(&kvm->arch.vpit->pit_state.lock);
20262036
return r;
20272037
}
20282038

@@ -2031,7 +2041,9 @@ static int kvm_vm_ioctl_reinject(struct kvm *kvm,
20312041
{
20322042
if (!kvm->arch.vpit)
20332043
return -ENXIO;
2044+
mutex_lock(&kvm->arch.vpit->pit_state.lock);
20342045
kvm->arch.vpit->pit_state.pit_timer.reinject = control->pit_reinject;
2046+
mutex_unlock(&kvm->arch.vpit->pit_state.lock);
20352047
return 0;
20362048
}
20372049

virt/kvm/kvm_main.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2274,10 +2274,12 @@ static long kvm_vm_ioctl(struct file *filp,
22742274
#ifdef CONFIG_KVM_APIC_ARCHITECTURE
22752275
case KVM_SET_BOOT_CPU_ID:
22762276
r = 0;
2277+
mutex_lock(&kvm->lock);
22772278
if (atomic_read(&kvm->online_vcpus) != 0)
22782279
r = -EBUSY;
22792280
else
22802281
kvm->bsp_vcpu_id = arg;
2282+
mutex_unlock(&kvm->lock);
22812283
break;
22822284
#endif
22832285
default:

0 commit comments

Comments
 (0)