Merge branch 'annotations' of git://git.kernel.org/pub/scm/linux/kernel/git/borntraeger/linux into kvm-master

author: Paolo Bonzini <pbonzini@redhat.com> 2017-07-10 08:44:24 -0400
committer: Paolo Bonzini <pbonzini@redhat.com> 2017-07-10 08:44:24 -0400
commit: 8c61af9ebc016180507b246c875217e188be6eca (patch)
tree: 100d3b95b97c442f8da218eddf9843823928e78d /virt
parent: 70bcd708dfd1de453905212c9c5c755b1844772b (diff)
parent: 7e988b103d0d52190244517edc76e649071284bb (diff)
3 files changed, 31 insertions, 17 deletions
diff --git a/virt/kvm/eventfd.c b/virt/kvm/eventfd.c
index 9120edf3c94b..f2ac53ab8243 100644
--- a/virt/kvm/eventfd.c
+++ b/virt/kvm/eventfd.c
@@ -825,7 +825,7 @@ static int kvm_assign_ioeventfd_idx(struct kvm *kvm,
        if (ret < 0)
                goto unlock_fail;
-        kvm->buses[bus_idx]->ioeventfd_count++;
+        kvm_get_bus(kvm, bus_idx)->ioeventfd_count++;
        list_add_tail(&p->list, &kvm->ioeventfds);
        mutex_unlock(&kvm->slots_lock);
@@ -848,6 +848,7 @@ kvm_deassign_ioeventfd_idx(struct kvm *kvm, enum kvm_bus bus_idx,
 {
        struct _ioeventfd        *p, *tmp;
        struct eventfd_ctx       *eventfd;
+        struct kvm_io_bus        *bus;
        int                       ret = -ENOENT;
        eventfd = eventfd_ctx_fdget(args->fd);
@@ -870,8 +871,9 @@ kvm_deassign_ioeventfd_idx(struct kvm *kvm, enum kvm_bus bus_idx,
                        continue;
                kvm_io_bus_unregister_dev(kvm, bus_idx, &p->dev);
-                if (kvm->buses[bus_idx])
+                bus = kvm_get_bus(kvm, bus_idx);
-                        kvm->buses[bus_idx]->ioeventfd_count--;
+                if (bus)
+                        bus->ioeventfd_count--;
                ioeventfd_release(p);
                ret = 0;
                break;
diff --git a/virt/kvm/irqchip.c b/virt/kvm/irqchip.c
index 31e40c9e81df..b1286c4e0712 100644
--- a/virt/kvm/irqchip.c
+++ b/virt/kvm/irqchip.c
@@ -230,7 +230,7 @@ int kvm_set_irq_routing(struct kvm *kvm,
        }
        mutex_lock(&kvm->irq_lock);
-        old = kvm->irq_routing;
+        old = rcu_dereference_protected(kvm->irq_routing, 1);
        rcu_assign_pointer(kvm->irq_routing, new);
        kvm_irq_routing_update(kvm);
        kvm_arch_irq_routing_update(kvm);
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index 0d796c9a6482..7766c2b52797 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -299,7 +299,12 @@ EXPORT_SYMBOL_GPL(kvm_vcpu_init);
 void kvm_vcpu_uninit(struct kvm_vcpu *vcpu)
 {
-        put_pid(vcpu->pid);
+        /*
+         * no need for rcu_read_lock as VCPU_RUN is the only place that
+         * will change the vcpu->pid pointer and on uninit all file
+         * descriptors are already gone.
+         */
+        put_pid(rcu_dereference_protected(vcpu->pid, 1));
        kvm_arch_vcpu_uninit(vcpu);
        free_page((unsigned long)vcpu->run);
 }
@@ -680,8 +685,8 @@ static struct kvm *kvm_create_vm(unsigned long type)
        if (init_srcu_struct(&kvm->irq_srcu))
                goto out_err_no_irq_srcu;
        for (i = 0; i < KVM_NR_BUSES; i++) {
-                kvm->buses[i] = kzalloc(sizeof(struct kvm_io_bus),
+                rcu_assign_pointer(kvm->buses[i],
-                                        GFP_KERNEL);
+                        kzalloc(sizeof(struct kvm_io_bus), GFP_KERNEL));
                if (!kvm->buses[i])
                        goto out_err;
        }
@@ -706,9 +711,10 @@ out_err_no_srcu:
        hardware_disable_all();
 out_err_no_disable:
        for (i = 0; i < KVM_NR_BUSES; i++)
-                kfree(kvm->buses[i]);
+                kfree(rcu_access_pointer(kvm->buses[i]));
        for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++)
-                kvm_free_memslots(kvm, kvm->memslots[i]);
+                kvm_free_memslots(kvm,
+                        rcu_dereference_protected(kvm->memslots[i], 1));
        kvm_arch_free_vm(kvm);
        mmdrop(current->mm);
        return ERR_PTR(r);
@@ -741,8 +747,11 @@ static void kvm_destroy_vm(struct kvm *kvm)
        spin_unlock(&kvm_lock);
        kvm_free_irq_routing(kvm);
        for (i = 0; i < KVM_NR_BUSES; i++) {
-                if (kvm->buses[i])
+                struct kvm_io_bus *bus;
-                        kvm_io_bus_destroy(kvm->buses[i]);
+                bus = rcu_dereference_protected(kvm->buses[i], 1);
+                if (bus)
+                        kvm_io_bus_destroy(bus);
                kvm->buses[i] = NULL;
        }
        kvm_coalesced_mmio_free(kvm);
@@ -754,7 +763,8 @@ static void kvm_destroy_vm(struct kvm *kvm)
        kvm_arch_destroy_vm(kvm);
        kvm_destroy_devices(kvm);
        for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++)
-                kvm_free_memslots(kvm, kvm->memslots[i]);
+                kvm_free_memslots(kvm,
+                        rcu_dereference_protected(kvm->memslots[i], 1));
        cleanup_srcu_struct(&kvm->irq_srcu);
        cleanup_srcu_struct(&kvm->srcu);
        kvm_arch_free_vm(kvm);
@@ -2557,13 +2567,14 @@ static long kvm_vcpu_ioctl(struct file *filp,
        if (r)
                return r;
        switch (ioctl) {
-        case KVM_RUN:
+        case KVM_RUN: {
+                struct pid *oldpid;
                r = -EINVAL;
                if (arg)
                        goto out;
-                if (unlikely(vcpu->pid != current->pids[PIDTYPE_PID].pid)) {
+                oldpid = rcu_access_pointer(vcpu->pid);
+                if (unlikely(oldpid != current->pids[PIDTYPE_PID].pid)) {
                        /* The thread running this VCPU changed. */
-                        struct pid *oldpid = vcpu->pid;
                        struct pid *newpid = get_task_pid(current, PIDTYPE_PID);
                        rcu_assign_pointer(vcpu->pid, newpid);
@@ -2574,6 +2585,7 @@ static long kvm_vcpu_ioctl(struct file *filp,
                r = kvm_arch_vcpu_ioctl_run(vcpu, vcpu->run);
                trace_kvm_userspace_exit(vcpu->run->exit_reason, r);
                break;
+        }
        case KVM_GET_REGS: {
                struct kvm_regs *kvm_regs;
@@ -3569,7 +3581,7 @@ int kvm_io_bus_register_dev(struct kvm *kvm, enum kvm_bus bus_idx, gpa_t addr,
 {
        struct kvm_io_bus *new_bus, *bus;
-        bus = kvm->buses[bus_idx];
+        bus = kvm_get_bus(kvm, bus_idx);
        if (!bus)
                return -ENOMEM;
@@ -3598,7 +3610,7 @@ void kvm_io_bus_unregister_dev(struct kvm *kvm, enum kvm_bus bus_idx,
        int i;
        struct kvm_io_bus *new_bus, *bus;
-        bus = kvm->buses[bus_idx];
+        bus = kvm_get_bus(kvm, bus_idx);
        if (!bus)
                return;
author	Paolo Bonzini <pbonzini@redhat.com>	2017-07-10 08:44:24 -0400
committer	Paolo Bonzini <pbonzini@redhat.com>	2017-07-10 08:44:24 -0400
commit	8c61af9ebc016180507b246c875217e188be6eca (patch)
tree	100d3b95b97c442f8da218eddf9843823928e78d /virt
parent	70bcd708dfd1de453905212c9c5c755b1844772b (diff)
parent	7e988b103d0d52190244517edc76e649071284bb (diff)

diff --git a/virt/kvm/eventfd.c b/virt/kvm/eventfd.c index 9120edf3c94b..f2ac53ab8243 100644 --- a/virt/kvm/eventfd.c +++ b/virt/kvm/eventfd.c
@@ -825,7 +825,7 @@ static int kvm_assign_ioeventfd_idx(struct kvm *kvm,
825	if (ret < 0)	825	if (ret < 0)
826	goto unlock_fail;	826	goto unlock_fail;
827		827
828	kvm->buses[bus_idx]->ioeventfd_count++;	828	kvm_get_bus(kvm, bus_idx)->ioeventfd_count++;
829	list_add_tail(&p->list, &kvm->ioeventfds);	829	list_add_tail(&p->list, &kvm->ioeventfds);
830		830
831	mutex_unlock(&kvm->slots_lock);	831	mutex_unlock(&kvm->slots_lock);
@@ -848,6 +848,7 @@ kvm_deassign_ioeventfd_idx(struct kvm *kvm, enum kvm_bus bus_idx,
848	{	848	{
849	struct _ioeventfd p, tmp;	849	struct _ioeventfd p, tmp;
850	struct eventfd_ctx *eventfd;	850	struct eventfd_ctx *eventfd;
		851	struct kvm_io_bus *bus;
851	int ret = -ENOENT;	852	int ret = -ENOENT;
852		853
853	eventfd = eventfd_ctx_fdget(args->fd);	854	eventfd = eventfd_ctx_fdget(args->fd);
@@ -870,8 +871,9 @@ kvm_deassign_ioeventfd_idx(struct kvm *kvm, enum kvm_bus bus_idx,
870	continue;	871	continue;
871		872
872	kvm_io_bus_unregister_dev(kvm, bus_idx, &p->dev);	873	kvm_io_bus_unregister_dev(kvm, bus_idx, &p->dev);
873	if (kvm->buses[bus_idx])	874	bus = kvm_get_bus(kvm, bus_idx);
874	kvm->buses[bus_idx]->ioeventfd_count--;	875	if (bus)
		876	bus->ioeventfd_count--;
875	ioeventfd_release(p);	877	ioeventfd_release(p);
876	ret = 0;	878	ret = 0;
877	break;	879	break;


diff --git a/virt/kvm/irqchip.c b/virt/kvm/irqchip.c index 31e40c9e81df..b1286c4e0712 100644 --- a/virt/kvm/irqchip.c +++ b/virt/kvm/irqchip.c
@@ -230,7 +230,7 @@ int kvm_set_irq_routing(struct kvm *kvm,
230	}	230	}
231		231
232	mutex_lock(&kvm->irq_lock);	232	mutex_lock(&kvm->irq_lock);
233	old = kvm->irq_routing;	233	old = rcu_dereference_protected(kvm->irq_routing, 1);
234	rcu_assign_pointer(kvm->irq_routing, new);	234	rcu_assign_pointer(kvm->irq_routing, new);
235	kvm_irq_routing_update(kvm);	235	kvm_irq_routing_update(kvm);
236	kvm_arch_irq_routing_update(kvm);	236	kvm_arch_irq_routing_update(kvm);


diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 0d796c9a6482..7766c2b52797 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c
@@ -299,7 +299,12 @@ EXPORT_SYMBOL_GPL(kvm_vcpu_init);
299		299
300	void kvm_vcpu_uninit(struct kvm_vcpu *vcpu)	300	void kvm_vcpu_uninit(struct kvm_vcpu *vcpu)
301	{	301	{
302	put_pid(vcpu->pid);	302	/*
		303	* no need for rcu_read_lock as VCPU_RUN is the only place that
		304	* will change the vcpu->pid pointer and on uninit all file
		305	* descriptors are already gone.
		306	*/
		307	put_pid(rcu_dereference_protected(vcpu->pid, 1));
303	kvm_arch_vcpu_uninit(vcpu);	308	kvm_arch_vcpu_uninit(vcpu);
304	free_page((unsigned long)vcpu->run);	309	free_page((unsigned long)vcpu->run);
305	}	310	}
@@ -680,8 +685,8 @@ static struct kvm *kvm_create_vm(unsigned long type)
680	if (init_srcu_struct(&kvm->irq_srcu))	685	if (init_srcu_struct(&kvm->irq_srcu))
681	goto out_err_no_irq_srcu;	686	goto out_err_no_irq_srcu;
682	for (i = 0; i < KVM_NR_BUSES; i++) {	687	for (i = 0; i < KVM_NR_BUSES; i++) {
683	kvm->buses[i] = kzalloc(sizeof(struct kvm_io_bus),	688	rcu_assign_pointer(kvm->buses[i],
684	GFP_KERNEL);	689	kzalloc(sizeof(struct kvm_io_bus), GFP_KERNEL));
685	if (!kvm->buses[i])	690	if (!kvm->buses[i])
686	goto out_err;	691	goto out_err;
687	}	692	}
@@ -706,9 +711,10 @@ out_err_no_srcu:
706	hardware_disable_all();	711	hardware_disable_all();
707	out_err_no_disable:	712	out_err_no_disable:
708	for (i = 0; i < KVM_NR_BUSES; i++)	713	for (i = 0; i < KVM_NR_BUSES; i++)
709	kfree(kvm->buses[i]);	714	kfree(rcu_access_pointer(kvm->buses[i]));
710	for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++)	715	for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++)
711	kvm_free_memslots(kvm, kvm->memslots[i]);	716	kvm_free_memslots(kvm,
		717	rcu_dereference_protected(kvm->memslots[i], 1));
712	kvm_arch_free_vm(kvm);	718	kvm_arch_free_vm(kvm);
713	mmdrop(current->mm);	719	mmdrop(current->mm);
714	return ERR_PTR(r);	720	return ERR_PTR(r);
@@ -741,8 +747,11 @@ static void kvm_destroy_vm(struct kvm *kvm)
741	spin_unlock(&kvm_lock);	747	spin_unlock(&kvm_lock);
742	kvm_free_irq_routing(kvm);	748	kvm_free_irq_routing(kvm);
743	for (i = 0; i < KVM_NR_BUSES; i++) {	749	for (i = 0; i < KVM_NR_BUSES; i++) {
744	if (kvm->buses[i])	750	struct kvm_io_bus *bus;
745	kvm_io_bus_destroy(kvm->buses[i]);	751
		752	bus = rcu_dereference_protected(kvm->buses[i], 1);
		753	if (bus)
		754	kvm_io_bus_destroy(bus);
746	kvm->buses[i] = NULL;	755	kvm->buses[i] = NULL;
747	}	756	}
748	kvm_coalesced_mmio_free(kvm);	757	kvm_coalesced_mmio_free(kvm);
@@ -754,7 +763,8 @@ static void kvm_destroy_vm(struct kvm *kvm)
754	kvm_arch_destroy_vm(kvm);	763	kvm_arch_destroy_vm(kvm);
755	kvm_destroy_devices(kvm);	764	kvm_destroy_devices(kvm);
756	for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++)	765	for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++)
757	kvm_free_memslots(kvm, kvm->memslots[i]);	766	kvm_free_memslots(kvm,
		767	rcu_dereference_protected(kvm->memslots[i], 1));
758	cleanup_srcu_struct(&kvm->irq_srcu);	768	cleanup_srcu_struct(&kvm->irq_srcu);
759	cleanup_srcu_struct(&kvm->srcu);	769	cleanup_srcu_struct(&kvm->srcu);
760	kvm_arch_free_vm(kvm);	770	kvm_arch_free_vm(kvm);
@@ -2557,13 +2567,14 @@ static long kvm_vcpu_ioctl(struct file *filp,
2557	if (r)	2567	if (r)
2558	return r;	2568	return r;
2559	switch (ioctl) {	2569	switch (ioctl) {
2560	case KVM_RUN:	2570	case KVM_RUN: {
		2571	struct pid *oldpid;
2561	r = -EINVAL;	2572	r = -EINVAL;
2562	if (arg)	2573	if (arg)
2563	goto out;	2574	goto out;
2564	if (unlikely(vcpu->pid != current->pids[PIDTYPE_PID].pid)) {	2575	oldpid = rcu_access_pointer(vcpu->pid);
		2576	if (unlikely(oldpid != current->pids[PIDTYPE_PID].pid)) {
2565	/* The thread running this VCPU changed. */	2577	/* The thread running this VCPU changed. */
2566	struct pid *oldpid = vcpu->pid;
2567	struct pid *newpid = get_task_pid(current, PIDTYPE_PID);	2578	struct pid *newpid = get_task_pid(current, PIDTYPE_PID);
2568		2579
2569	rcu_assign_pointer(vcpu->pid, newpid);	2580	rcu_assign_pointer(vcpu->pid, newpid);
@@ -2574,6 +2585,7 @@ static long kvm_vcpu_ioctl(struct file *filp,
2574	r = kvm_arch_vcpu_ioctl_run(vcpu, vcpu->run);	2585	r = kvm_arch_vcpu_ioctl_run(vcpu, vcpu->run);
2575	trace_kvm_userspace_exit(vcpu->run->exit_reason, r);	2586	trace_kvm_userspace_exit(vcpu->run->exit_reason, r);
2576	break;	2587	break;
		2588	}
2577	case KVM_GET_REGS: {	2589	case KVM_GET_REGS: {
2578	struct kvm_regs *kvm_regs;	2590	struct kvm_regs *kvm_regs;
2579		2591
@@ -3569,7 +3581,7 @@ int kvm_io_bus_register_dev(struct kvm *kvm, enum kvm_bus bus_idx, gpa_t addr,
3569	{	3581	{
3570	struct kvm_io_bus new_bus, bus;	3582	struct kvm_io_bus new_bus, bus;
3571		3583
3572	bus = kvm->buses[bus_idx];	3584	bus = kvm_get_bus(kvm, bus_idx);
3573	if (!bus)	3585	if (!bus)
3574	return -ENOMEM;	3586	return -ENOMEM;
3575		3587
@@ -3598,7 +3610,7 @@ void kvm_io_bus_unregister_dev(struct kvm *kvm, enum kvm_bus bus_idx,
3598	int i;	3610	int i;
3599	struct kvm_io_bus new_bus, bus;	3611	struct kvm_io_bus new_bus, bus;
3600		3612
3601	bus = kvm->buses[bus_idx];	3613	bus = kvm_get_bus(kvm, bus_idx);
3602	if (!bus)	3614	if (!bus)
3603	return;	3615	return;
3604		3616