Received: by 2002:ab2:710b:0:b0:1ef:a325:1205 with SMTP id z11csp1871286lql; Wed, 13 Mar 2024 10:19:30 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCX+21AICD1Hzb9nn0UoTTT4p9iD9utK0vk0xFhkXw3eUsP4nvQkKV0EMGZNLmASf7LRkYMTTuf2YP5isHcE0zUnzzBJG7H8csAu8tTQ/Q== X-Google-Smtp-Source: AGHT+IFysGTm3K6Fz2x0LEikeePrMYQ7N3B3ufsIfB6yty21kwcqO3VHJ0LYoWR+PzIggxRWkbsa X-Received: by 2002:a05:6a20:12c4:b0:1a1:4cd3:9d84 with SMTP id v4-20020a056a2012c400b001a14cd39d84mr15842844pzg.34.1710350370664; Wed, 13 Mar 2024 10:19:30 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710350370; cv=pass; d=google.com; s=arc-20160816; b=jtf3THTWYRyfjqT83GzTgFo50TrXqO/rtjQmWrNsf3lnbcTEEc9RPSqAH1LRVPE0PP RJs6PYOvoWIbfj75tJAlKcrdstGO/ZCJrICQ7m1v3mJapdbeM08cix3TQrCRp2OiZVke Zy6NXK/KmIcR3KxZuBXt03Z7kfk8T5vx/+r7Ywnn/NLdN418kOXzx66ay+/T+3Ctmlll zTlwQ5hWLgc4NVqk4tXosnOEwKXTZTrNwTd167E4Ip1niGaVwykzWLS8A65NTmHtcHm8 jjqlazzlvCpXXTn4X9A52OTF6BGkOOWS+yCrAU07DbNIgy0a/WET+eZblMBg6sG2vbU0 xtEA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=Iz/pWCGeG1NOZjWpIRKa//I1IfHjQhpLulfBvPwKmm4=; fh=8q+v1FDavhX5KT0DbGK12gOZ2mkUZhoeOPHqXtJAKvE=; b=0JqYFhxSOgO50Dd0ILm7m0nOiqu+j19yVArAkSQ26E1tOfWzeDM76/zxBRzxroLCr3 Z/xyG0+TEI7cjZs92sTAMUWcl2ZuTqF+tqaNpy1hbWL8ZJlsB8K5KUzpzwA9rYDOD5/D 2Mpsz+KtX8TgjArYX6gnp1JpM03Knu+KZhT7hna+q3obPzxsJ3D3oE3UkEBN6CiA5CDD PGlNMfiQuMNuI3QB2uohptsW64DgZsZbWJG+XSLkSYIOepd02ZHjDIzwCkEXyXYYsFWg U48ax9Fu8AxPMaYN257iDaOHP1nr+MbRCr5PdFkGF3Ms29aFoDHFCxOENeHyBTgmd0oz Zhog==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=hHQ5tJ22; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-101900-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-101900-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id f34-20020a635562000000b005d8e3490d49si9160432pgm.407.2024.03.13.10.19.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 Mar 2024 10:19:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-101900-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=hHQ5tJ22; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-101900-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-101900-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 26547289BF0 for ; Wed, 13 Mar 2024 17:11:28 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AF06E80BFA; Wed, 13 Mar 2024 16:40:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="hHQ5tJ22" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D7D3F80BE0; Wed, 13 Mar 2024 16:40:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710348036; cv=none; b=j73ZWnDZz//zivI5KD6TZWatt8qQ8oiR4AfdneiztRzdXL5hjm4lqTqe347HBokxhCt9UBMjmz7RMeoAGBaYrjoWDqN3B2+cICH9LKLjvlFTvyeL6ZWqLZXDDD8EpPC/8bT44faXlArE1OKCmx33iOA5z/v2ijXi2KIMNXMQXqU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710348036; c=relaxed/simple; bh=nQ33qfdvdiwhdYJ+Ory7oxUn3Vho3qftB9HgNXx1csY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=u0/SZKQnLhzSA8id6wYys1z0QxDFsnePQbj6dD93TvZ5h49zF0l9pg5os+PbO2WkYeYxB8+OHWGagqB2TsAnKuWe01b4Ch/vCj6p5+64kNYbtph4rhxc1fVm+XDoMNqIrP+xAX/CrCqC0h3kM6LKXh99jq+nW1CQ26hYxuTlj04= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=hHQ5tJ22; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id AB4B2C433C7; Wed, 13 Mar 2024 16:40:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1710348036; bh=nQ33qfdvdiwhdYJ+Ory7oxUn3Vho3qftB9HgNXx1csY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=hHQ5tJ22Ji+9jXwX0EhodPBB2yOZZoyQitsvMNoVygR/2XkWnxxFb4q/VrOw22or0 Ybpy1igLACLTxBKdDThghcvID09j5KIbLX0G8mqyy7yRLfXoLc5gD71IOpIc6HrPAY K+MTN+TVUr9ddVZyaXqRtsnAL9H+k3gQINTpv+CWJdwhAl/WipAYh8OuF+4Gg/lKgy AFiXeVPiWXwoyMMV5uHhqQOoSQ6V6ckYW8wkrwvHyRh/GeeZGCuzoR0dFTSORF91X/ bBoBG0B5KGXlbpzEhNVyINd8JIKOpVmeEJiZrZR8XHm2nzbJ3vtCsY8NTNiuZwWGDM 8q60A5GJVIGtg== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Christian Borntraeger , Marc Hartmayer , David Hildenbrand , Janosch Frank , Claudio Imbrenda , Sasha Levin Subject: [PATCH 6.1 32/71] KVM: s390: vsie: fix race during shadow creation Date: Wed, 13 Mar 2024 12:39:18 -0400 Message-ID: <20240313163957.615276-33-sashal@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240313163957.615276-1-sashal@kernel.org> References: <20240313163957.615276-1-sashal@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-KernelTest-Patch: http://kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.82-rc1.gz X-KernelTest-Tree: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git X-KernelTest-Branch: linux-6.1.y X-KernelTest-Patches: git://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git X-KernelTest-Version: 6.1.82-rc1 X-KernelTest-Deadline: 2024-03-15T16:39+00:00 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit From: Christian Borntraeger [ Upstream commit fe752331d4b361d43cfd0b89534b4b2176057c32 ] Right now it is possible to see gmap->private being zero in kvm_s390_vsie_gmap_notifier resulting in a crash. This is due to the fact that we add gmap->private == kvm after creation: static int acquire_gmap_shadow(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page) { [...] gmap = gmap_shadow(vcpu->arch.gmap, asce, edat); if (IS_ERR(gmap)) return PTR_ERR(gmap); gmap->private = vcpu->kvm; Let children inherit the private field of the parent. Reported-by: Marc Hartmayer Fixes: a3508fbe9dc6 ("KVM: s390: vsie: initial support for nested virtualization") Cc: Cc: David Hildenbrand Reviewed-by: Janosch Frank Reviewed-by: David Hildenbrand Reviewed-by: Claudio Imbrenda Signed-off-by: Christian Borntraeger Link: https://lore.kernel.org/r/20231220125317.4258-1-borntraeger@linux.ibm.com Signed-off-by: Sasha Levin --- arch/s390/kvm/vsie.c | 1 - arch/s390/mm/gmap.c | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/s390/kvm/vsie.c b/arch/s390/kvm/vsie.c index b2dbf08a961e5..d90c818a9ae71 100644 --- a/arch/s390/kvm/vsie.c +++ b/arch/s390/kvm/vsie.c @@ -1216,7 +1216,6 @@ static int acquire_gmap_shadow(struct kvm_vcpu *vcpu, gmap = gmap_shadow(vcpu->arch.gmap, asce, edat); if (IS_ERR(gmap)) return PTR_ERR(gmap); - gmap->private = vcpu->kvm; vcpu->kvm->stat.gmap_shadow_create++; WRITE_ONCE(vsie_page->gmap, gmap); return 0; diff --git a/arch/s390/mm/gmap.c b/arch/s390/mm/gmap.c index 243f673fa6515..662cf23a1b44b 100644 --- a/arch/s390/mm/gmap.c +++ b/arch/s390/mm/gmap.c @@ -1675,6 +1675,7 @@ struct gmap *gmap_shadow(struct gmap *parent, unsigned long asce, return ERR_PTR(-ENOMEM); new->mm = parent->mm; new->parent = gmap_get(parent); + new->private = parent->private; new->orig_asce = asce; new->edat_level = edat_level; new->initialized = false; -- 2.43.0