www.infradead.org Git - users/jedix/linux-maple.git/commit

author	David Matlack <dmatlack@google.com>
	Fri, 3 May 2024 18:17:32 +0000 (11:17 -0700)
committer	Sean Christopherson <seanjc@google.com>
	Tue, 18 Jun 2024 16:20:01 +0000 (09:20 -0700)
commit	a6816314af5749cd88944bfdceb270c627cdf348
tree	e082018db936c3d3be6219608524d8a508b1c259	tree
parent	438a496b9041402736e164c8ebf1368599903958	commit \| diff

KVM: Introduce vcpu->wants_to_run

Introduce vcpu->wants_to_run to indicate when a vCPU is in its core run
loop, i.e. when the vCPU is running the KVM_RUN ioctl and immediate_exit
was not set.

Replace all references to vcpu->run->immediate_exit with
!vcpu->wants_to_run to avoid TOCTOU races with userspace. For example, a
malicious userspace could invoked KVM_RUN with immediate_exit=true and
then after KVM reads it to set wants_to_run=false, flip it to false.
This would result in the vCPU running in KVM_RUN with
wants_to_run=false. This wouldn't cause any real bugs today but is a
dangerous landmine.

Signed-off-by: David Matlack <dmatlack@google.com>
Link: https://lore.kernel.org/r/20240503181734.1467938-2-dmatlack@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

arch/arm64/kvm/arm.c		diff \| blob \| history
arch/loongarch/kvm/vcpu.c		diff \| blob \| history
arch/mips/kvm/mips.c		diff \| blob \| history
arch/powerpc/kvm/powerpc.c		diff \| blob \| history
arch/riscv/kvm/vcpu.c		diff \| blob \| history
arch/s390/kvm/kvm-s390.c		diff \| blob \| history
arch/x86/kvm/x86.c		diff \| blob \| history
include/linux/kvm_host.h		diff \| blob \| history
virt/kvm/kvm_main.c		diff \| blob \| history