Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ebb127f2 authored by Christoffer Dall's avatar Christoffer Dall
Browse files

KVM: arm/arm64: Don't assume initialized vgic when setting PMU IRQ 



The PMU IRQ number is set through the VCPU device's KVM_SET_DEVICE_ATTR
ioctl handler for the KVM_ARM_VCPU_PMU_V3_IRQ attribute, but there is no
enforced or stated requirement that this must happen after initializing
the VGIC.  As a result, calling vgic_valid_spi() which relies on the
nr_spis being set during the VGIC init can incorrectly fail.

Introduce irq_is_spi, which determines if an IRQ number is within the
SPI range without verifying it against the actual VGIC properties.

Signed-off-by: default avatarChristoffer Dall <cdall@linaro.org>
Reviewed-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
parent cb3f0ad8

include/kvm/arm_vgic.h

+2 −0
Original line number Diff line number Diff line
@@ -39,6 +39,8 @@ 
#define KVM_IRQCHIP_NUM_PINS	(1020 - 32)



#define irq_is_ppi(irq) ((irq) >= VGIC_NR_SGIS && (irq) < VGIC_NR_PRIVATE_IRQS)

#define irq_is_spi(irq) ((irq) >= VGIC_NR_PRIVATE_IRQS && \

			 (irq) <= VGIC_MAX_SPI)



enum vgic_type {

	VGIC_V2,		/* Good ol' GICv2 */

virt/kvm/arm/pmu.c

+18 −4
Original line number Diff line number Diff line
@@ -458,10 +458,24 @@ int kvm_arm_pmu_v3_enable(struct kvm_vcpu *vcpu) 
	/*

	 * A valid interrupt configuration for the PMU is either to have a

	 * properly configured interrupt number and using an in-kernel

	 * irqchip, or to neither set an IRQ nor create an in-kernel irqchip.

	 * irqchip, or to not have an in-kernel GIC and not set an IRQ.

	 */

	if (kvm_arm_pmu_irq_initialized(vcpu) != irqchip_in_kernel(vcpu->kvm))

	if (irqchip_in_kernel(vcpu->kvm)) {

		int irq = vcpu->arch.pmu.irq_num;

		if (!kvm_arm_pmu_irq_initialized(vcpu))

			return -EINVAL;



		/*

		 * If we are using an in-kernel vgic, at this point we know

		 * the vgic will be initialized, so we can check the PMU irq

		 * number against the dimensions of the vgic and make sure

		 * it's valid.

		 */

		if (!irq_is_ppi(irq) && !vgic_valid_spi(vcpu->kvm, irq))

			return -EINVAL;

	} else if (kvm_arm_pmu_irq_initialized(vcpu)) {

		   return -EINVAL;

	}



	kvm_pmu_vcpu_reset(vcpu);

	vcpu->arch.pmu.ready = true;
@@ -547,7 +561,7 @@ int kvm_arm_pmu_v3_set_attr(struct kvm_vcpu *vcpu, struct kvm_device_attr *attr) 
			return -EFAULT;



		/* The PMU overflow interrupt can be a PPI or a valid SPI. */

		if (!(irq_is_ppi(irq) || vgic_valid_spi(vcpu->kvm, irq)))

		if (!(irq_is_ppi(irq) || irq_is_spi(irq)))

			return -EINVAL;



		if (!pmu_irq_is_valid(vcpu->kvm, irq))