diff options
author | Eddie Dong <eddie.dong@intel.com> | 2007-07-22 03:36:31 -0400 |
---|---|---|
committer | Avi Kivity <avi@qumranet.com> | 2007-10-13 04:18:25 -0400 |
commit | 9cf98828d12285d1fb43e774c8c100a55f8f34e1 (patch) | |
tree | 0b9d1f8b2af7423c34ebf7e3df4c5c27a3aabf64 | |
parent | b6958ce44a11a9e9425d2b67a653b1ca2a27796f (diff) |
KVM: Protect in-kernel pio using kvm->lock
pio operation and IRQ_LINE kvm_vm_ioctl is not kvm->lock
protected. Add lock to same with IOAPIC MMIO operations.
Signed-off-by: Yaozu (Eddie) Dong <eddie.dong@intel.com>
Signed-off-by: Avi Kivity <avi@qumranet.com>
-rw-r--r-- | drivers/kvm/kvm_main.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/drivers/kvm/kvm_main.c b/drivers/kvm/kvm_main.c index 4384364fc0c8..5063b3addbbf 100644 --- a/drivers/kvm/kvm_main.c +++ b/drivers/kvm/kvm_main.c | |||
@@ -1790,6 +1790,7 @@ static void kernel_pio(struct kvm_io_device *pio_dev, | |||
1790 | { | 1790 | { |
1791 | /* TODO: String I/O for in kernel device */ | 1791 | /* TODO: String I/O for in kernel device */ |
1792 | 1792 | ||
1793 | mutex_lock(&vcpu->kvm->lock); | ||
1793 | if (vcpu->pio.in) | 1794 | if (vcpu->pio.in) |
1794 | kvm_iodevice_read(pio_dev, vcpu->pio.port, | 1795 | kvm_iodevice_read(pio_dev, vcpu->pio.port, |
1795 | vcpu->pio.size, | 1796 | vcpu->pio.size, |
@@ -1798,6 +1799,7 @@ static void kernel_pio(struct kvm_io_device *pio_dev, | |||
1798 | kvm_iodevice_write(pio_dev, vcpu->pio.port, | 1799 | kvm_iodevice_write(pio_dev, vcpu->pio.port, |
1799 | vcpu->pio.size, | 1800 | vcpu->pio.size, |
1800 | pd); | 1801 | pd); |
1802 | mutex_unlock(&vcpu->kvm->lock); | ||
1801 | } | 1803 | } |
1802 | 1804 | ||
1803 | static void pio_string_write(struct kvm_io_device *pio_dev, | 1805 | static void pio_string_write(struct kvm_io_device *pio_dev, |
@@ -1807,12 +1809,14 @@ static void pio_string_write(struct kvm_io_device *pio_dev, | |||
1807 | void *pd = vcpu->pio_data; | 1809 | void *pd = vcpu->pio_data; |
1808 | int i; | 1810 | int i; |
1809 | 1811 | ||
1812 | mutex_lock(&vcpu->kvm->lock); | ||
1810 | for (i = 0; i < io->cur_count; i++) { | 1813 | for (i = 0; i < io->cur_count; i++) { |
1811 | kvm_iodevice_write(pio_dev, io->port, | 1814 | kvm_iodevice_write(pio_dev, io->port, |
1812 | io->size, | 1815 | io->size, |
1813 | pd); | 1816 | pd); |
1814 | pd += io->size; | 1817 | pd += io->size; |
1815 | } | 1818 | } |
1819 | mutex_unlock(&vcpu->kvm->lock); | ||
1816 | } | 1820 | } |
1817 | 1821 | ||
1818 | int kvm_emulate_pio (struct kvm_vcpu *vcpu, struct kvm_run *run, int in, | 1822 | int kvm_emulate_pio (struct kvm_vcpu *vcpu, struct kvm_run *run, int in, |
@@ -2818,6 +2822,7 @@ static long kvm_vm_ioctl(struct file *filp, | |||
2818 | if (copy_from_user(&irq_event, argp, sizeof irq_event)) | 2822 | if (copy_from_user(&irq_event, argp, sizeof irq_event)) |
2819 | goto out; | 2823 | goto out; |
2820 | if (irqchip_in_kernel(kvm)) { | 2824 | if (irqchip_in_kernel(kvm)) { |
2825 | mutex_lock(&kvm->lock); | ||
2821 | if (irq_event.irq < 16) | 2826 | if (irq_event.irq < 16) |
2822 | kvm_pic_set_irq(pic_irqchip(kvm), | 2827 | kvm_pic_set_irq(pic_irqchip(kvm), |
2823 | irq_event.irq, | 2828 | irq_event.irq, |
@@ -2825,6 +2830,7 @@ static long kvm_vm_ioctl(struct file *filp, | |||
2825 | kvm_ioapic_set_irq(kvm->vioapic, | 2830 | kvm_ioapic_set_irq(kvm->vioapic, |
2826 | irq_event.irq, | 2831 | irq_event.irq, |
2827 | irq_event.level); | 2832 | irq_event.level); |
2833 | mutex_unlock(&kvm->lock); | ||
2828 | r = 0; | 2834 | r = 0; |
2829 | } | 2835 | } |
2830 | break; | 2836 | break; |