KVM: x86: clean/fix memory barriers in irqchip_in_kernel
The memory barriers are trying to protect against concurrent RCU-based interrupt injection, but the IRQ routing table is not valid at the time kvm->arch.vpic is written. Fix this by writing kvm->arch.vpic last. kvm_destroy_pic then need not set kvm->arch.vpic to NULL; modify it to take a struct kvm_pic* and reuse it if the IOAPIC creation fails. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
parent
dd489240a2
commit
71ba994c94
3 changed files with 15 additions and 25 deletions
|
@ -651,15 +651,10 @@ struct kvm_pic *kvm_create_pic(struct kvm *kvm)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
void kvm_destroy_pic(struct kvm *kvm)
|
||||
void kvm_destroy_pic(struct kvm_pic *vpic)
|
||||
{
|
||||
struct kvm_pic *vpic = kvm->arch.vpic;
|
||||
|
||||
if (vpic) {
|
||||
kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS, &vpic->dev_master);
|
||||
kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS, &vpic->dev_slave);
|
||||
kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS, &vpic->dev_eclr);
|
||||
kvm->arch.vpic = NULL;
|
||||
kfree(vpic);
|
||||
}
|
||||
kvm_io_bus_unregister_dev(vpic->kvm, KVM_PIO_BUS, &vpic->dev_master);
|
||||
kvm_io_bus_unregister_dev(vpic->kvm, KVM_PIO_BUS, &vpic->dev_slave);
|
||||
kvm_io_bus_unregister_dev(vpic->kvm, KVM_PIO_BUS, &vpic->dev_eclr);
|
||||
kfree(vpic);
|
||||
}
|
||||
|
|
|
@ -74,7 +74,7 @@ struct kvm_pic {
|
|||
};
|
||||
|
||||
struct kvm_pic *kvm_create_pic(struct kvm *kvm);
|
||||
void kvm_destroy_pic(struct kvm *kvm);
|
||||
void kvm_destroy_pic(struct kvm_pic *vpic);
|
||||
int kvm_pic_read_irq(struct kvm *kvm);
|
||||
void kvm_pic_update_irq(struct kvm_pic *s);
|
||||
|
||||
|
@ -85,11 +85,11 @@ static inline struct kvm_pic *pic_irqchip(struct kvm *kvm)
|
|||
|
||||
static inline int irqchip_in_kernel(struct kvm *kvm)
|
||||
{
|
||||
int ret;
|
||||
struct kvm_pic *vpic = pic_irqchip(kvm);
|
||||
|
||||
ret = (pic_irqchip(kvm) != NULL);
|
||||
/* Read vpic before kvm->irq_routing. */
|
||||
smp_rmb();
|
||||
return ret;
|
||||
return vpic != NULL;
|
||||
}
|
||||
|
||||
void kvm_pic_reset(struct kvm_kpic_state *s);
|
||||
|
|
|
@ -3626,30 +3626,25 @@ long kvm_arch_vm_ioctl(struct file *filp,
|
|||
r = kvm_ioapic_init(kvm);
|
||||
if (r) {
|
||||
mutex_lock(&kvm->slots_lock);
|
||||
kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS,
|
||||
&vpic->dev_master);
|
||||
kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS,
|
||||
&vpic->dev_slave);
|
||||
kvm_io_bus_unregister_dev(kvm, KVM_PIO_BUS,
|
||||
&vpic->dev_eclr);
|
||||
kvm_destroy_pic(vpic);
|
||||
mutex_unlock(&kvm->slots_lock);
|
||||
kfree(vpic);
|
||||
goto create_irqchip_unlock;
|
||||
}
|
||||
} else
|
||||
goto create_irqchip_unlock;
|
||||
smp_wmb();
|
||||
kvm->arch.vpic = vpic;
|
||||
smp_wmb();
|
||||
r = kvm_setup_default_irq_routing(kvm);
|
||||
if (r) {
|
||||
mutex_lock(&kvm->slots_lock);
|
||||
mutex_lock(&kvm->irq_lock);
|
||||
kvm_ioapic_destroy(kvm);
|
||||
kvm_destroy_pic(kvm);
|
||||
kvm_destroy_pic(vpic);
|
||||
mutex_unlock(&kvm->irq_lock);
|
||||
mutex_unlock(&kvm->slots_lock);
|
||||
goto create_irqchip_unlock;
|
||||
}
|
||||
/* Write kvm->irq_routing before kvm->arch.vpic. */
|
||||
smp_wmb();
|
||||
kvm->arch.vpic = vpic;
|
||||
create_irqchip_unlock:
|
||||
mutex_unlock(&kvm->lock);
|
||||
break;
|
||||
|
|
Loading…
Reference in a new issue