| Message ID | 20220808190607.323899-2-dietschc@csp.edu (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KVM: x86/xen: Prevent Xen timer init when running | expand |
On Mon, Aug 08, 2022, Coleman Dietsch wrote: > Add a check for existing xen timers before initializing a new one. > > Currently kvm_xen_init_timer() is called on every > KVM_XEN_VCPU_ATTR_TYPE_TIMER, which is causing the following ODEBUG > crash when vcpu->arch.xen.timer is already set. > > ODEBUG: init active (active state 0) > object type: hrtimer hint: xen_timer_callbac0 > RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:502 > Call Trace: > __debug_object_init > debug_hrtimer_init > debug_init > hrtimer_init > kvm_xen_init_timer > kvm_xen_vcpu_set_attr > kvm_arch_vcpu_ioctl > kvm_vcpu_ioctl > vfs_ioctl > > Fixes: 536395260582 ("KVM: x86/xen: handle PV timers oneshot mode") > Cc: stable@vger.kernel.org > Link: https://syzkaller.appspot.com/bug?id=8234a9dfd3aafbf092cc5a7cd9842e3ebc45fc42 > Reported-by: syzbot+e54f930ed78eb0f85281@syzkaller.appspotmail.com > Signed-off-by: Coleman Dietsch <dietschc@csp.edu> > --- Reviewed-by: Sean Christopherson <seanjc@google.com>
On 8/9/22 02:32, Sean Christopherson wrote: > On Mon, Aug 08, 2022, Coleman Dietsch wrote: >> Add a check for existing xen timers before initializing a new one. >> >> Currently kvm_xen_init_timer() is called on every >> KVM_XEN_VCPU_ATTR_TYPE_TIMER, which is causing the following ODEBUG >> crash when vcpu->arch.xen.timer is already set. >> >> ODEBUG: init active (active state 0) >> object type: hrtimer hint: xen_timer_callbac0 >> RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:502 >> Call Trace: >> __debug_object_init >> debug_hrtimer_init >> debug_init >> hrtimer_init >> kvm_xen_init_timer >> kvm_xen_vcpu_set_attr >> kvm_arch_vcpu_ioctl >> kvm_vcpu_ioctl >> vfs_ioctl >> >> Fixes: 536395260582 ("KVM: x86/xen: handle PV timers oneshot mode") >> Cc: stable@vger.kernel.org >> Link: https://syzkaller.appspot.com/bug?id=8234a9dfd3aafbf092cc5a7cd9842e3ebc45fc42 >> Reported-by: syzbot+e54f930ed78eb0f85281@syzkaller.appspotmail.com >> Signed-off-by: Coleman Dietsch <dietschc@csp.edu> >> --- > > Reviewed-by: Sean Christopherson <seanjc@google.com> > Queued both (pending resolution of David's question), thanks. Paolo
diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c index a0c05ccbf4b1..6e554041e862 100644 --- a/arch/x86/kvm/xen.c +++ b/arch/x86/kvm/xen.c @@ -713,7 +713,9 @@ int kvm_xen_vcpu_set_attr(struct kvm_vcpu *vcpu, struct kvm_xen_vcpu_attr *data) break; } vcpu->arch.xen.timer_virq = data->u.timer.port; - kvm_xen_init_timer(vcpu); + + if (!vcpu->arch.xen.timer.function) + kvm_xen_init_timer(vcpu); /* Restart the timer if it's set */ if (data->u.timer.expires_ns)
Add a check for existing xen timers before initializing a new one. Currently kvm_xen_init_timer() is called on every KVM_XEN_VCPU_ATTR_TYPE_TIMER, which is causing the following ODEBUG crash when vcpu->arch.xen.timer is already set. ODEBUG: init active (active state 0) object type: hrtimer hint: xen_timer_callbac0 RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:502 Call Trace: __debug_object_init debug_hrtimer_init debug_init hrtimer_init kvm_xen_init_timer kvm_xen_vcpu_set_attr kvm_arch_vcpu_ioctl kvm_vcpu_ioctl vfs_ioctl Fixes: 536395260582 ("KVM: x86/xen: handle PV timers oneshot mode") Cc: stable@vger.kernel.org Link: https://syzkaller.appspot.com/bug?id=8234a9dfd3aafbf092cc5a7cd9842e3ebc45fc42 Reported-by: syzbot+e54f930ed78eb0f85281@syzkaller.appspotmail.com Signed-off-by: Coleman Dietsch <dietschc@csp.edu> --- arch/x86/kvm/xen.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)