Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752122AbdGEG1a (ORCPT ); Wed, 5 Jul 2017 02:27:30 -0400 Received: from mail-wm0-f51.google.com ([74.125.82.51]:36888 "EHLO mail-wm0-f51.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751444AbdGEG12 (ORCPT ); Wed, 5 Jul 2017 02:27:28 -0400 Date: Wed, 5 Jul 2017 08:27:23 +0200 From: Christoffer Dall To: Alexander Graf Cc: kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrea Arcangeli , Suzuki K Poulose , stable@vger.kernel.org Subject: Re: [PATCH v2] KVM: arm/arm64: Handle hva aging while destroying the vm Message-ID: <20170705062723.GB18106@cbox> References: <1499235631-141725-1-git-send-email-agraf@suse.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1499235631-141725-1-git-send-email-agraf@suse.de> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1344 Lines: 46 On Wed, Jul 05, 2017 at 08:20:31AM +0200, Alexander Graf wrote: > The kvm_age_hva callback may be called all the way concurrently while > kvm_mmu_notifier_release() is running. > > The release function sets kvm->arch.pgd = NULL which the aging function > however implicitly relies on in stage2_get_pud(). That means they can > race and the aging function may dereference a NULL pgd pointer. > > This patch adds a check for that case, so that we leave the aging > function silently. > > Cc: stable@vger.kernel.org > Fixes: 293f29363 ("kvm-arm: Unmap shadow pagetables properly") > Signed-off-by: Alexander Graf Reviewed-by: Christoffer Dall > > --- > > v1 -> v2: > > - Fix commit message > - Add Fixes and stable tags > --- > virt/kvm/arm/mmu.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c > index f2d5b6c..227931f 100644 > --- a/virt/kvm/arm/mmu.c > +++ b/virt/kvm/arm/mmu.c > @@ -861,6 +861,10 @@ static pud_t *stage2_get_pud(struct kvm *kvm, struct kvm_mmu_memory_cache *cache > pgd_t *pgd; > pud_t *pud; > > + /* Do we clash with kvm_free_stage2_pgd()? */ > + if (!kvm->arch.pgd) > + return NULL; > + > pgd = kvm->arch.pgd + stage2_pgd_index(addr); > if (WARN_ON(stage2_pgd_none(*pgd))) { > if (!cache) > -- > 1.8.5.6 >