tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

KVM: arm/arm64: Introduce kvm_pmu_vcpu_init() to setup PMU counter index

We use "pmc->idx" and the "chained" bitmap to determine if the pmc is
chained, in kvm_pmu_pmc_is_chained(). But idx might be uninitialized
(and random) when we doing this decision, through a KVM_ARM_VCPU_INIT
ioctl -> kvm_pmu_vcpu_reset(). And the test_bit() against this random
idx will potentially hit a KASAN BUG [1].

In general, idx is the static property of a PMU counter that is not
expected to be modified across resets, as suggested by Julien. It
looks more reasonable if we can setup the PMU counter idx for a vcpu
in its creation time. Introduce a new function - kvm_pmu_vcpu_init()
for this basic setup. Oh, and the KASAN BUG will get fixed this way.

[1] https://www.spinics.net/lists/kvm-arm/msg36700.html

Fixes: 80f393a23be6 ("KVM: arm/arm64: Support chained PMU counters")
Suggested-by: Andrew Murray <andrew.murray@arm.com>
Suggested-by: Julien Thierry <julien.thierry@arm.com>
Acked-by: Julien Thierry <julien.thierry@arm.com>
Signed-off-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>

authored by

Zenghui Yu and committed by
Marc Zyngier bca031e2 5f9e832c

+19 -3
+2
include/kvm/arm_pmu.h
··· 34 34 u64 kvm_pmu_get_counter_value(struct kvm_vcpu *vcpu, u64 select_idx); 35 35 void kvm_pmu_set_counter_value(struct kvm_vcpu *vcpu, u64 select_idx, u64 val); 36 36 u64 kvm_pmu_valid_counter_mask(struct kvm_vcpu *vcpu); 37 + void kvm_pmu_vcpu_init(struct kvm_vcpu *vcpu); 37 38 void kvm_pmu_vcpu_reset(struct kvm_vcpu *vcpu); 38 39 void kvm_pmu_vcpu_destroy(struct kvm_vcpu *vcpu); 39 40 void kvm_pmu_disable_counter_mask(struct kvm_vcpu *vcpu, u64 val); ··· 72 71 { 73 72 return 0; 74 73 } 74 + static inline void kvm_pmu_vcpu_init(struct kvm_vcpu *vcpu) {} 75 75 static inline void kvm_pmu_vcpu_reset(struct kvm_vcpu *vcpu) {} 76 76 static inline void kvm_pmu_vcpu_destroy(struct kvm_vcpu *vcpu) {} 77 77 static inline void kvm_pmu_disable_counter_mask(struct kvm_vcpu *vcpu, u64 val) {}
+2
virt/kvm/arm/arm.c
··· 340 340 /* Set up the timer */ 341 341 kvm_timer_vcpu_init(vcpu); 342 342 343 + kvm_pmu_vcpu_init(vcpu); 344 + 343 345 kvm_arm_reset_debug_ptr(vcpu); 344 346 345 347 return kvm_vgic_vcpu_init(vcpu);
+15 -3
virt/kvm/arm/pmu.c
··· 215 215 } 216 216 217 217 /** 218 + * kvm_pmu_vcpu_init - assign pmu counter idx for cpu 219 + * @vcpu: The vcpu pointer 220 + * 221 + */ 222 + void kvm_pmu_vcpu_init(struct kvm_vcpu *vcpu) 223 + { 224 + int i; 225 + struct kvm_pmu *pmu = &vcpu->arch.pmu; 226 + 227 + for (i = 0; i < ARMV8_PMU_MAX_COUNTERS; i++) 228 + pmu->pmc[i].idx = i; 229 + } 230 + 231 + /** 218 232 * kvm_pmu_vcpu_reset - reset pmu state for cpu 219 233 * @vcpu: The vcpu pointer 220 234 * ··· 238 224 int i; 239 225 struct kvm_pmu *pmu = &vcpu->arch.pmu; 240 226 241 - for (i = 0; i < ARMV8_PMU_MAX_COUNTERS; i++) { 227 + for (i = 0; i < ARMV8_PMU_MAX_COUNTERS; i++) 242 228 kvm_pmu_stop_counter(vcpu, &pmu->pmc[i]); 243 - pmu->pmc[i].idx = i; 244 - } 245 229 246 230 bitmap_zero(vcpu->arch.pmu.chained, ARMV8_PMU_MAX_COUNTER_PAIRS); 247 231 }