KVM: cleanups on user/kernel irqchip checking The patch removes the union of userspace irq_pending and kernel apic in struct vcpu, which minimizes the impact of careless overwriting and avoids accidentally dereferencing invalid apic pointer.
It also adds a protective checking on KVM_INTERRUPT ioctl, which should only be valid when using userspace irqchips. Signed-off-by: Qing He <[EMAIL PROTECTED]> --- diff --git a/drivers/kvm/kvm.h b/drivers/kvm/kvm.h index 87ddf73..f3f2222 100644 --- a/drivers/kvm/kvm.h +++ b/drivers/kvm/kvm.h @@ -322,19 +322,17 @@ struct kvm_vcpu { u64 pdptrs[4]; /* pae */ u64 apic_base; u64 shadow_efer; - union { - struct { /* user irqchip context */ - /* - * bit vector: 1 per word in irq_pending - */ - unsigned long irq_summary; - DECLARE_BITMAP(irq_pending, KVM_NR_INTERRUPTS); - unsigned long cr8; - }; - struct { /* kernel irqchip context */ - struct kvm_lapic *apic; - }; + + struct { /* user irqchip context */ + /* + * bit vector: 1 per word in irq_pending + */ + unsigned long irq_summary; + DECLARE_BITMAP(irq_pending, KVM_NR_INTERRUPTS); + unsigned long cr8; }; + struct kvm_lapic *apic; /* kernel irqchip context */ + u64 ia32_misc_enable_msr; struct kvm_mmu mmu; diff --git a/drivers/kvm/kvm_main.c b/drivers/kvm/kvm_main.c index 88b0b89..fd9436e 100644 --- a/drivers/kvm/kvm_main.c +++ b/drivers/kvm/kvm_main.c @@ -1079,7 +1079,7 @@ static struct kvm_io_device *vcpu_find_pervcpu_dev(struct kvm_vcpu *vcpu, { struct kvm_io_device *dev; - if (irqchip_in_kernel(vcpu->kvm) && vcpu->apic) { + if (vcpu->apic) { dev = &vcpu->apic->dev; if (dev->in_range(dev, addr)) return dev; @@ -2394,6 +2394,8 @@ static int kvm_vcpu_ioctl_interrupt(struct kvm_vcpu *vcpu, { if (irq->irq < 0 || irq->irq >= 256) return -EINVAL; + if (irqchip_in_kernel(vcpu->kvm)) + return -ENXIO; vcpu_load(vcpu); set_bit(irq->irq, vcpu->irq_pending);
apic-kern-user-cleanup.diff
Description: apic-kern-user-cleanup.diff
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ kvm-devel mailing list kvm-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/kvm-devel