linux/arch/x86
Xiao Guangrong 4484141a94 KVM: fix error paths for failed gfn_to_page() calls
This bug was triggered:
[ 4220.198458] BUG: unable to handle kernel paging request at fffffffffffffffe
[ 4220.203907] IP: [<ffffffff81104d85>] put_page+0xf/0x34
......
[ 4220.237326] Call Trace:
[ 4220.237361]  [<ffffffffa03830d0>] kvm_arch_destroy_vm+0xf9/0x101 [kvm]
[ 4220.237382]  [<ffffffffa036fe53>] kvm_put_kvm+0xcc/0x127 [kvm]
[ 4220.237401]  [<ffffffffa03702bc>] kvm_vcpu_release+0x18/0x1c [kvm]
[ 4220.237407]  [<ffffffff81145425>] __fput+0x111/0x1ed
[ 4220.237411]  [<ffffffff8114550f>] ____fput+0xe/0x10
[ 4220.237418]  [<ffffffff81063511>] task_work_run+0x5d/0x88
[ 4220.237424]  [<ffffffff8104c3f7>] do_exit+0x2bf/0x7ca

The test case:

	printf(fmt, ##args);		\
	exit(-1);} while (0)

static int create_vm(void)
{
	int sys_fd, vm_fd;

	sys_fd = open("/dev/kvm", O_RDWR);
	if (sys_fd < 0)
		die("open /dev/kvm fail.\n");

	vm_fd = ioctl(sys_fd, KVM_CREATE_VM, 0);
	if (vm_fd < 0)
		die("KVM_CREATE_VM fail.\n");

	return vm_fd;
}

static int create_vcpu(int vm_fd)
{
	int vcpu_fd;

	vcpu_fd = ioctl(vm_fd, KVM_CREATE_VCPU, 0);
	if (vcpu_fd < 0)
		die("KVM_CREATE_VCPU ioctl.\n");
	printf("Create vcpu.\n");
	return vcpu_fd;
}

static void *vcpu_thread(void *arg)
{
	int vm_fd = (int)(long)arg;

	create_vcpu(vm_fd);
	return NULL;
}

int main(int argc, char *argv[])
{
	pthread_t thread;
	int vm_fd;

	(void)argc;
	(void)argv;

	vm_fd = create_vm();
	pthread_create(&thread, NULL, vcpu_thread, (void *)(long)vm_fd);
	printf("Exit.\n");
	return 0;
}

It caused by release kvm->arch.ept_identity_map_addr which is the
error page.

The parent thread can send KILL signal to the vcpu thread when it was
exiting which stops faulting pages and potentially allocating memory.
So gfn_to_pfn/gfn_to_page may fail at this time

Fixed by checking the page before it is used

Signed-off-by: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2012-09-10 11:34:11 +03:00
..
boot x86, build: Globally set -fno-pic 2012-08-10 16:12:30 -07:00
configs x86/kconfig: Remove CONFIG_TR=y from the defconfigs 2012-03-24 08:18:03 +01:00
crypto crypto: twofish-avx - remove useless instruction 2012-07-11 11:08:30 +08:00
ia32 x86, compat: Use test_thread_flag(TIF_IA32) in compat signal delivery 2012-06-14 18:16:04 -07:00
include/asm x86/spinlocks: Fix comment in spinlock.h 2012-08-22 09:52:47 +02:00
kernel x86, microcode, AMD: Fix broken ucode patch size check 2012-08-22 16:10:41 -07:00
kvm KVM: fix error paths for failed gfn_to_page() calls 2012-09-10 11:34:11 +03:00
lguest
lib Merge branch 'x86/cpu' into perf/core 2012-07-05 21:12:11 +02:00
math-emu x86: Rename trap_no to trap_nr in thread_struct 2012-03-13 06:24:09 +01:00
mm mm: hugetlbfs: correctly populate shared pmd 2012-08-21 16:45:02 -07:00
net x86 bpf_jit: support BPF_S_ANC_ALU_XOR_X instruction 2012-06-06 09:42:44 -07:00
oprofile perf/x86/amd: Unify AMD's generic and family 15h pmus 2012-07-05 21:19:41 +02:00
pci Merge branch 'pci/myron-pcibios_setup' into next 2012-07-05 15:31:05 -06:00
platform Revert "x86-64/efi: Use EFI to deal with platform wall clock" 2012-08-14 09:58:25 -07:00
power x86, kvm: Call restore_sched_clock_state() only after %gs is initialized 2012-04-02 13:53:00 +02:00
realmode x86, build: Globally set -fno-pic 2012-08-10 16:12:30 -07:00
syscalls x32: Use compat shims for {g,s}etsockopt 2012-08-18 14:15:39 -07:00
tools x86/decoder: Fix bsr/bsf/jmpe decoding with operand-size prefix 2012-06-06 08:54:18 +02:00
um um: switch UPT_SET_RETURN_VALUE and regs_return_value to pt_regs 2012-08-01 23:33:16 +02:00
vdso x86, cpu: Rename checking_wrmsrl() to wrmsrl_safe() 2012-06-07 13:32:04 -07:00
video x86: Use vga_default_device() when determining whether an fb is primary 2012-04-24 09:50:17 +01:00
xen Three bug-fixes: 2012-08-25 17:31:59 -07:00
.gitignore
Kbuild x86, realmode: realmode.bin infrastructure 2012-05-08 11:41:48 -07:00
Kconfig Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2012-08-03 10:59:36 -07:00
Kconfig.cpu x86: Tighten dependencies of CPU_SUP_*_32 2012-03-08 10:57:34 +01:00
Kconfig.debug x86/tlb: add tlb_flushall_shift knob into debugfs 2012-06-27 19:29:10 -07:00
Makefile x86, build: Globally set -fno-pic 2012-08-10 16:12:30 -07:00
Makefile_32.cpu
Makefile.um um: fix linker script generation 2012-04-09 13:59:00 -04:00