diff options
| author | Jan Kiszka <jan.kiszka@siemens.com> | 2011-12-14 13:25:13 -0500 |
|---|---|---|
| committer | Avi Kivity <avi@redhat.com> | 2011-12-25 10:13:18 -0500 |
| commit | 0924ab2cfa98b1ece26c033d696651fd62896c69 (patch) | |
| tree | 87b23ddd025d5c44ebaa941b92c8cd8ade6af703 | |
| parent | 4962516b2309d76964f9df0d33e74f43b624a42d (diff) | |
KVM: x86: Prevent starting PIT timers in the absence of irqchip support
User space may create the PIT and forgets about setting up the irqchips.
In that case, firing PIT IRQs will crash the host:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000128
IP: [<ffffffffa10f6280>] kvm_set_irq+0x30/0x170 [kvm]
...
Call Trace:
[<ffffffffa11228c1>] pit_do_work+0x51/0xd0 [kvm]
[<ffffffff81071431>] process_one_work+0x111/0x4d0
[<ffffffff81071bb2>] worker_thread+0x152/0x340
[<ffffffff81075c8e>] kthread+0x7e/0x90
[<ffffffff815a4474>] kernel_thread_helper+0x4/0x10
Prevent this by checking the irqchip mode before starting a timer. We
can't deny creating the PIT if the irqchips aren't set up yet as
current user land expects this order to work.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
| -rw-r--r-- | arch/x86/kvm/i8254.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/arch/x86/kvm/i8254.c b/arch/x86/kvm/i8254.c index 76e3f1cd0369..405f2620392f 100644 --- a/arch/x86/kvm/i8254.c +++ b/arch/x86/kvm/i8254.c | |||
| @@ -338,11 +338,15 @@ static enum hrtimer_restart pit_timer_fn(struct hrtimer *data) | |||
| 338 | return HRTIMER_NORESTART; | 338 | return HRTIMER_NORESTART; |
| 339 | } | 339 | } |
| 340 | 340 | ||
| 341 | static void create_pit_timer(struct kvm_kpit_state *ps, u32 val, int is_period) | 341 | static void create_pit_timer(struct kvm *kvm, u32 val, int is_period) |
| 342 | { | 342 | { |
| 343 | struct kvm_kpit_state *ps = &kvm->arch.vpit->pit_state; | ||
| 343 | struct kvm_timer *pt = &ps->pit_timer; | 344 | struct kvm_timer *pt = &ps->pit_timer; |
| 344 | s64 interval; | 345 | s64 interval; |
| 345 | 346 | ||
| 347 | if (!irqchip_in_kernel(kvm)) | ||
| 348 | return; | ||
| 349 | |||
| 346 | interval = muldiv64(val, NSEC_PER_SEC, KVM_PIT_FREQ); | 350 | interval = muldiv64(val, NSEC_PER_SEC, KVM_PIT_FREQ); |
| 347 | 351 | ||
| 348 | pr_debug("create pit timer, interval is %llu nsec\n", interval); | 352 | pr_debug("create pit timer, interval is %llu nsec\n", interval); |
| @@ -394,13 +398,13 @@ static void pit_load_count(struct kvm *kvm, int channel, u32 val) | |||
| 394 | /* FIXME: enhance mode 4 precision */ | 398 | /* FIXME: enhance mode 4 precision */ |
| 395 | case 4: | 399 | case 4: |
| 396 | if (!(ps->flags & KVM_PIT_FLAGS_HPET_LEGACY)) { | 400 | if (!(ps->flags & KVM_PIT_FLAGS_HPET_LEGACY)) { |
| 397 | create_pit_timer(ps, val, 0); | 401 | create_pit_timer(kvm, val, 0); |
| 398 | } | 402 | } |
| 399 | break; | 403 | break; |
| 400 | case 2: | 404 | case 2: |
| 401 | case 3: | 405 | case 3: |
| 402 | if (!(ps->flags & KVM_PIT_FLAGS_HPET_LEGACY)){ | 406 | if (!(ps->flags & KVM_PIT_FLAGS_HPET_LEGACY)){ |
| 403 | create_pit_timer(ps, val, 1); | 407 | create_pit_timer(kvm, val, 1); |
| 404 | } | 408 | } |
| 405 | break; | 409 | break; |
| 406 | default: | 410 | default: |