Assert that either vcpu->mutex is held or the VM is otherwise unreachable when using the normal vCPU => HyperV accessor to help detect improper cross-task usage of the HyperV structure. When accessing the structure without holding the vCPU's mutex, e.g. to send interrupts or to queue TLB flushes, KVM needs to use the more paranoid to_hv_vcpu_safe() to guarantee that it can't see a half-baked structure. To avoid false positives, open code accesses to vcpu->arch.hyperv in the Synthetic Timer callbacks (can be reached if and only if HyperV state is fully initialized). Signed-off-by: Sean Christopherson --- arch/x86/kvm/hyperv.c | 6 ++---- arch/x86/kvm/hyperv.h | 2 ++ 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index 107eb7df20f1..7efe2907148f 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -599,8 +599,7 @@ static void stimer_mark_pending(struct kvm_vcpu_hv_stimer *stimer, { struct kvm_vcpu *vcpu = hv_stimer_to_vcpu(stimer); - set_bit(stimer->index, - to_hv_vcpu(vcpu)->stimer_pending_bitmap); + set_bit(stimer->index, vcpu->arch.hyperv->stimer_pending_bitmap); kvm_make_request(KVM_REQ_HV_STIMER, vcpu); if (vcpu_kick) kvm_vcpu_kick(vcpu); @@ -614,8 +613,7 @@ static void stimer_cleanup(struct kvm_vcpu_hv_stimer *stimer) stimer->index); hrtimer_cancel(&stimer->timer); - clear_bit(stimer->index, - to_hv_vcpu(vcpu)->stimer_pending_bitmap); + clear_bit(stimer->index, vcpu->arch.hyperv->stimer_pending_bitmap); stimer->msg_pending = false; stimer->exp_time = 0; } diff --git a/arch/x86/kvm/hyperv.h b/arch/x86/kvm/hyperv.h index 821b586ed746..f78ab3c8d11a 100644 --- a/arch/x86/kvm/hyperv.h +++ b/arch/x86/kvm/hyperv.h @@ -75,6 +75,8 @@ static inline struct kvm_vcpu_hv *to_hv_vcpu_safe(struct kvm_vcpu *vcpu) static inline struct kvm_vcpu_hv *to_hv_vcpu(struct kvm_vcpu *vcpu) { + kvm_lockdep_assert_vcpu_is_locked_or_unreachable(vcpu); + return vcpu->arch.hyperv; } -- 2.54.0.1136.gdb2ca164c4-goog