arm/arm64: KVM: Don't allow creating VCPUs after vgic_initialized

When the vgic initializes its internal state it does so based on the
number of VCPUs available at the time.  If we allow KVM to create more
VCPUs after the VGIC has been initialized, we are likely to error out in
unfortunate ways later, perform buffer overflows etc.

Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Reviewed-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>

1 files changed, 5 insertions, 0 deletions

diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c
index c5a05f2c28ac..66f37c4cdf13 100644
--- a/arch/arm/kvm/arm.c
+++ b/arch/arm/kvm/arm.c
@@ -213,6 +213,11 @@ struct kvm_vcpu *kvm_arch_vcpu_create(struct kvm *kvm, unsigned int id)
         int err;
         struct kvm_vcpu *vcpu;
 
+        if (irqchip_in_kernel(kvm) && vgic_initialized(kvm)) {
+                err = -EBUSY;
+                goto out;
+        }
+
         vcpu = kmem_cache_zalloc(kvm_vcpu_cache, GFP_KERNEL);
         if (!vcpu) {
                 err = -ENOMEM;