• Dave Martin's avatar
    arm64/sve: Avoid dereference of dead task_struct in KVM guest entry · cb968afc
    Dave Martin authored
    When deciding whether to invalidate FPSIMD state cached in the cpu,
    the backend function sve_flush_cpu_state() attempts to dereference
    __this_cpu_read(fpsimd_last_state).  However, this is not safe:
    there is no guarantee that this task_struct pointer is still valid,
    because the task could have exited in the meantime.
    
    This means that we need another means to get the appropriate value
    of TIF_SVE for the associated task.
    
    This patch solves this issue by adding a cached copy of the TIF_SVE
    flag in fpsimd_last_state, which we can check without dereferencing
    the task pointer.
    
    In particular, although this patch is not a KVM fix per se, this
    means that this check is now done safely in the KVM world switch
    path (which is currently the only user of this code).
    Signed-off-by: default avatarDave Martin <Dave.Martin@arm.com>
    Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
    Cc: Christoffer Dall <christoffer.dall@linaro.org>
    Cc: Marc Zyngier <marc.zyngier@arm.com>
    Signed-off-by: default avatarWill Deacon <will.deacon@arm.com>
    cb968afc
fpsimd.c 34.5 KB