KVM: Initialize kvm before registering the mmu notifier

It doesn't make sense to ever see a half-initialized kvm structure on mmu notifier callbacks. Previously, 85722cd changed the ordering to ensure that the mmu_lock was initialized before mmu notifier registration, but there is still a race where the mmu notifier could come in and try accessing other portions of struct kvm before they are intialized. Solve this by moving the mmu notifier registration to occur after the structure is completely initialized. Google-Bug-Id: 452199 Signed-off-by: Mike Waychison <mikew@google.com> Signed-off-by: Avi Kivity <avi@redhat.com>
git-mirror · Jun 6, 2011 · 74b5c5b · 74b5c5b
1 parent 221192b
commit 74b5c5b
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
@@ -467,19 +467,20 @@ static struct kvm *kvm_create_vm(void)
 		if (!kvm->buses[i])
 			goto out_err;
 	}
-	spin_lock_init(&kvm->mmu_lock);
-
-	r = kvm_init_mmu_notifier(kvm);
-	if (r)
-		goto out_err;
 
+	spin_lock_init(&kvm->mmu_lock);
 	kvm->mm = current->mm;
 	atomic_inc(&kvm->mm->mm_count);
 	kvm_eventfd_init(kvm);
 	mutex_init(&kvm->lock);
 	mutex_init(&kvm->irq_lock);
 	mutex_init(&kvm->slots_lock);
 	atomic_set(&kvm->users_count, 1);
+
+	r = kvm_init_mmu_notifier(kvm);
+	if (r)
+		goto out_err;
+
 	raw_spin_lock(&kvm_lock);
 	list_add(&kvm->vm_list, &vm_list);
 	raw_spin_unlock(&kvm_lock);