KVM: arm/arm64: vgic-its: Check CBASER/BASER validity before enabling the ITS

[linux.git] / virt / kvm / arm / vgic / vgic-its.c

diff --git a/virt/kvm/arm/vgic/vgic-its.c b/virt/kvm/arm/vgic/vgic-its.c
index f51c1e1b3f70f8cbb4c26d378a04a27d3cfb2dbb..e69ef7d27fde9fcb5922f64cbca853f1081ab41e 100644 (file)
--- a/virt/kvm/arm/vgic/vgic-its.c
+++ b/virt/kvm/arm/vgic/vgic-its.c
@@ -1466,6 +1466,16 @@ static void vgic_mmio_write_its_ctlr(struct kvm *kvm, struct vgic_its *its,
 {
        mutex_lock(&its->cmd_lock);
 
+       /*
+        * It is UNPREDICTABLE to enable the ITS if any of the CBASER or
+        * device/collection BASER are invalid
+        */
+       if (!its->enabled && (val & GITS_CTLR_ENABLE) &&
+               (!(its->baser_device_table & GITS_BASER_VALID) ||
+                !(its->baser_coll_table & GITS_BASER_VALID) ||
+                !(its->cbaser & GITS_CBASER_VALID)))
+               goto out;
+
        its->enabled = !!(val & GITS_CTLR_ENABLE);
 
        /*
@@ -1474,6 +1484,7 @@ static void vgic_mmio_write_its_ctlr(struct kvm *kvm, struct vgic_its *its,
         */
        vgic_its_process_commands(kvm, its);
 
+out:
        mutex_unlock(&its->cmd_lock);
 }
 
@@ -1801,37 +1812,33 @@ typedef int (*entry_fn_t)(struct vgic_its *its, u32 id, void *entry,
 static int scan_its_table(struct vgic_its *its, gpa_t base, int size, int esz,
                          int start_id, entry_fn_t fn, void *opaque)
 {
-       void *entry = kzalloc(esz, GFP_KERNEL);
        struct kvm *kvm = its->dev->kvm;
        unsigned long len = size;
        int id = start_id;
        gpa_t gpa = base;
+       char entry[esz];
        int ret;
 
+       memset(entry, 0, esz);
+
        while (len > 0) {
                int next_offset;
                size_t byte_offset;
 
                ret = kvm_read_guest(kvm, gpa, entry, esz);
                if (ret)
-                       goto out;
+                       return ret;
 
                next_offset = fn(its, id, entry, opaque);
-               if (next_offset <= 0) {
-                       ret = next_offset;
-                       goto out;
-               }
+               if (next_offset <= 0)
+                       return next_offset;
 
                byte_offset = next_offset * esz;
                id += next_offset;
                gpa += byte_offset;
                len -= byte_offset;
        }
-       ret =  1;
-
-out:
-       kfree(entry);
-       return ret;
+       return 1;
 }
 
 /**
@@ -1940,6 +1947,14 @@ static int vgic_its_save_itt(struct vgic_its *its, struct its_device *device)
        return 0;
 }
 
+/**
+ * vgic_its_restore_itt - restore the ITT of a device
+ *
+ * @its: its handle
+ * @dev: device handle
+ *
+ * Return 0 on success, < 0 on error
+ */
 static int vgic_its_restore_itt(struct vgic_its *its, struct its_device *dev)
 {
        const struct vgic_its_abi *abi = vgic_its_get_abi(its);
@@ -1951,6 +1966,10 @@ static int vgic_its_restore_itt(struct vgic_its *its, struct its_device *dev)
        ret = scan_its_table(its, base, max_size, ite_esz, 0,
                             vgic_its_restore_ite, dev);
 
+       /* scan_its_table returns +1 if all ITEs are invalid */
+       if (ret > 0)
+               ret = 0;
+
        return ret;
 }
 
@@ -2107,10 +2126,7 @@ static int handle_l1_dte(struct vgic_its *its, u32 id, void *addr,
        ret = scan_its_table(its, gpa, SZ_64K, dte_esz,
                             l2_start_id, vgic_its_restore_dte, NULL);
 
-       if (ret <= 0)
-               return ret;
-
-       return 1;
+       return ret;
 }
 
 /**
@@ -2140,8 +2156,9 @@ static int vgic_its_restore_device_tables(struct vgic_its *its)
                                     vgic_its_restore_dte, NULL);
        }
 
+       /* scan_its_table returns +1 if all entries are invalid */
        if (ret > 0)
-               ret = -EINVAL;
+               ret = 0;
 
        return ret;
 }
@@ -2258,6 +2275,10 @@ static int vgic_its_restore_collection_table(struct vgic_its *its)
                gpa += cte_esz;
                read += cte_esz;
        }
+
+       if (ret > 0)
+               return 0;
+
        return ret;
 }