From: Christoffer Dall <christoffer.dall@linaro.org>
Date: Tue, 9 Dec 2014 13:33:45 +0000 (+0100)
Subject: arm/arm64: KVM: Don't allow creating VCPUs after vgic_initialized
X-Git-Tag: v3.16.35~2087
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3376ce3c85aaa7725980a1ae32548ebe15c57eb9;p=thirdparty%2Fkernel%2Fstable.git

arm/arm64: KVM: Don't allow creating VCPUs after vgic_initialized

commit 716139df2517fbc3f2306dbe8eba0fa88dca0189 upstream.

When the vgic initializes its internal state it does so based on the
number of VCPUs available at the time.  If we allow KVM to create more
VCPUs after the VGIC has been initialized, we are likely to error out in
unfortunate ways later, perform buffer overflows etc.

Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Reviewed-by: Eric Auger <eric.auger@linaro.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
---

diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c
index 0fb257c84366d..877e7cadc5383 100644
--- a/arch/arm/kvm/arm.c
+++ b/arch/arm/kvm/arm.c
@@ -221,6 +221,11 @@ struct kvm_vcpu *kvm_arch_vcpu_create(struct kvm *kvm, unsigned int id)
 	int err;
 	struct kvm_vcpu *vcpu;
 
+	if (irqchip_in_kernel(kvm) && vgic_initialized(kvm)) {
+		err = -EBUSY;
+		goto out;
+	}
+
 	vcpu = kmem_cache_zalloc(kvm_vcpu_cache, GFP_KERNEL);
 	if (!vcpu) {
 		err = -ENOMEM;