| Message ID | 20231204152321.16520-2-jgross@suse.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | xen/sched: fixes and cleanup related to cpupools | expand |
On 04.12.2023 16:23, Juergen Gross wrote: > Trying to add an offline cpu to a cpupool can crash the hypervisor, > as the probably non-existing percpu area of the cpu is accessed before > the availability of the cpu is being tested. This can happen in case > the cpupool's granularity is "core" or "socket". > > Fix that by testing the cpu to be online. > > Fixes: cb563d7665f2 ("xen/sched: support core scheduling for moving cpus to/from cpupools") > Reported-by: René Winther Højgaard <renewin@proton.me> > Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
On Mon, Dec 4, 2023 at 4:55 PM Jan Beulich <jbeulich@suse.com> wrote: > > On 04.12.2023 16:23, Juergen Gross wrote: > > Trying to add an offline cpu to a cpupool can crash the hypervisor, > > as the probably non-existing percpu area of the cpu is accessed before > > the availability of the cpu is being tested. This can happen in case > > the cpupool's granularity is "core" or "socket". > > > > Fix that by testing the cpu to be online. > > > > Fixes: cb563d7665f2 ("xen/sched: support core scheduling for moving cpus to/from cpupools") > > Reported-by: René Winther Højgaard <renewin@proton.me> > > Signed-off-by: Juergen Gross <jgross@suse.com> > > Reviewed-by: Jan Beulich <jbeulich@suse.com> I feel like there should be a more robust way to protect against this sort of thing; but I don't see anything obvious, and this does fix a bug, so: Acked-by: George Dunlap <george.dunlap@cloud.com>
diff --git a/xen/common/sched/cpupool.c b/xen/common/sched/cpupool.c index 2e094b0cfa..ad8f608462 100644 --- a/xen/common/sched/cpupool.c +++ b/xen/common/sched/cpupool.c @@ -892,6 +892,8 @@ int cpupool_do_sysctl(struct xen_sysctl_cpupool_op *op) if ( cpu >= nr_cpu_ids ) goto addcpu_out; ret = -ENODEV; + if ( !cpu_online(cpu) ) + goto addcpu_out; cpus = sched_get_opt_cpumask(c->gran, cpu); if ( !cpumask_subset(cpus, &cpupool_free_cpus) || cpumask_intersects(cpus, &cpupool_locked_cpus) )
Trying to add an offline cpu to a cpupool can crash the hypervisor, as the probably non-existing percpu area of the cpu is accessed before the availability of the cpu is being tested. This can happen in case the cpupool's granularity is "core" or "socket". Fix that by testing the cpu to be online. Fixes: cb563d7665f2 ("xen/sched: support core scheduling for moving cpus to/from cpupools") Reported-by: René Winther Højgaard <renewin@proton.me> Signed-off-by: Juergen Gross <jgross@suse.com> --- V2: - enhance commit message --- xen/common/sched/cpupool.c | 2 ++ 1 file changed, 2 insertions(+)