From 119a6793190b413dea4c402331d8fde3042f4684 Mon Sep 17 00:00:00 2001 From: Fuad Tabba Date: Tue, 7 Dec 2021 15:47:01 +0000 Subject: [PATCH] ANDROID: KVM: arm64: Reject concurrent loading of a vCPU on multiple physical CPUs Loading a vCPU concurrently on multiple physical CPUs is a recipe for disaster. Introduce a per-vCPU flag to track whether or not it is loaded and reject a load request for a vCPU which is already loaded. Signed-off-by: Fuad Tabba Bug: 209580772 Change-Id: Ic72db8a0462c23a3dc2af06bf0265b586729f989 Signed-off-by: Will Deacon --- arch/arm64/include/asm/kvm_host.h | 3 +++ arch/arm64/kvm/hyp/nvhe/pkvm.c | 9 +++++++++ 2 files changed, 12 insertions(+) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 93dd0a11f76e..b1ef14d8c57e 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -228,6 +228,9 @@ struct kvm_protected_vcpu { * PSCI_0_2_AFFINITY_LEVEL_PENDING */ int power_state; + + /* True if this vcpu is currently loaded on a cpu. */ + bool loaded_on_cpu; }; struct kvm_vcpu_fault_info { diff --git a/arch/arm64/kvm/hyp/nvhe/pkvm.c b/arch/arm64/kvm/hyp/nvhe/pkvm.c index c77baf1c8347..dd4ad41dc5cc 100644 --- a/arch/arm64/kvm/hyp/nvhe/pkvm.c +++ b/arch/arm64/kvm/hyp/nvhe/pkvm.c @@ -264,6 +264,14 @@ struct kvm_vcpu *get_shadow_vcpu(int shadow_handle, int vcpu_idx) if (!vm || vcpu_idx < 0 || vm->created_vcpus <= vcpu_idx) goto unlock; vcpu = &vm->shadow_vcpus[vcpu_idx].vcpu; + + /* Ensure vcpu isn't loaded on more than one cpu simultaneously. */ + if (unlikely(vcpu->arch.pkvm.loaded_on_cpu)) { + vcpu = NULL; + goto unlock; + } + vcpu->arch.pkvm.loaded_on_cpu = true; + hyp_page_ref_inc(hyp_virt_to_page(vm)); unlock: hyp_spin_unlock(&shadow_lock); @@ -276,6 +284,7 @@ void put_shadow_vcpu(struct kvm_vcpu *vcpu) struct kvm_shadow_vm *vm = vcpu->arch.pkvm.shadow_vm; hyp_spin_lock(&shadow_lock); + vcpu->arch.pkvm.loaded_on_cpu = false; hyp_page_ref_dec(hyp_virt_to_page(vm)); hyp_spin_unlock(&shadow_lock); }