Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

KVM fixes for v4.9-rc8

Browse source 
All architectures avoid memory corruption in an error path.
 ARM prevents bogus acknowledgement of interrupts.
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABCAAGBQJYQaDPAAoJEED/6hsPKofoq8gH/iJR/fcYg1ovboEaDIDdm/PI
 XzbNgrYZID8Nk04chU2Dh1eD8k3DG64txuOEs+jf3XBPYNnU8TAlw6qHVMG6kzGJ
 zA0CLGgH62DKXLuvnDJ75mpiJmzioGd4hdk0G8CIb9W2ySSUgrcmXMI3AoVP44lY
 LKTCITKq6ePfQ7AIbd3a6YXaR0ZTNP52e1Y4vx+Hsl9WcrMUGKyCmd9IcDI9DrZr
 ahMn+wx3Wzvb/NzH25OYkMAC9X5C7+b6O0IZm0ie8F8iU+JLlgGNiAHxQ5yAbu28
 hzINTTUnwIxgoi/ZN0M8i+fo0RLKq5OCzPMTnUUgdloBL786XREW2t3Ca0kqavg=
 =XdK2
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull KVM fixes from Radim Krčmář:
 "All architectures avoid memory corruption in an error path. ARM
  prevents bogus acknowledgement of interrupts"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: use after free in kvm_ioctl_create_device()
  KVM: arm/arm64: vgic: Don't notify EOI for non-SPIs
This commit is contained in:
Linus Torvalds 2016-12-02 09:15:26 -08:00
commit 4aa675aaf2
3 changed files with 9 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
virt/kvm/arm/vgic/vgic-v2.c
View file

@ -50,8 +50,10 @@ void vgic_v2_process_maintenance(struct kvm_vcpu *vcpu)
WARN_ON(cpuif->vgic_lr[lr] & GICH_LR_STATE); WARN_ON(cpuif->vgic_lr[lr] & GICH_LR_STATE);
kvm_notify_acked_irq(vcpu->kvm, 0, /* Only SPIs require notification */
intid - VGIC_NR_PRIVATE_IRQS); if (vgic_valid_spi(vcpu->kvm, intid))
kvm_notify_acked_irq(vcpu->kvm, 0,
intid - VGIC_NR_PRIVATE_IRQS);
} }
} }

6
virt/kvm/arm/vgic/vgic-v3.c
View file

@ -41,8 +41,10 @@ void vgic_v3_process_maintenance(struct kvm_vcpu *vcpu)
WARN_ON(cpuif->vgic_lr[lr] & ICH_LR_STATE); WARN_ON(cpuif->vgic_lr[lr] & ICH_LR_STATE);
kvm_notify_acked_irq(vcpu->kvm, 0, /* Only SPIs require notification */
intid - VGIC_NR_PRIVATE_IRQS); if (vgic_valid_spi(vcpu->kvm, intid))
kvm_notify_acked_irq(vcpu->kvm, 0,
intid - VGIC_NR_PRIVATE_IRQS);
} }
/* /*

2
virt/kvm/kvm_main.c
View file

@ -2889,10 +2889,10 @@ static int kvm_ioctl_create_device(struct kvm *kvm,
ret = anon_inode_getfd(ops->name, &kvm_device_fops, dev, O_RDWR | O_CLOEXEC); ret = anon_inode_getfd(ops->name, &kvm_device_fops, dev, O_RDWR | O_CLOEXEC);
if (ret < 0) { if (ret < 0) {
ops->destroy(dev);
mutex_lock(&kvm->lock); mutex_lock(&kvm->lock);
list_del(&dev->vm_node); list_del(&dev->vm_node);
mutex_unlock(&kvm->lock); mutex_unlock(&kvm->lock);
ops->destroy(dev);
return ret; return ret;
} }