diff options
author | Paolo Bonzini <pbonzini@redhat.com> | 2019-09-14 09:25:30 +0200 |
---|---|---|
committer | Paolo Bonzini <pbonzini@redhat.com> | 2019-09-14 09:25:30 +0200 |
commit | a9c20bb0206ae9384bd470a6832dd8913730add9 (patch) | |
tree | 2a6bf3c6d9bc73c1c44c972143f6656927f50111 /arch | |
parent | 002c5f73c508f7df5681bda339831c27f3c1aef4 (diff) | |
parent | 53936b5bf35e140ae27e4bbf0447a61063f400da (diff) | |
download | linux-stable-a9c20bb0206ae9384bd470a6832dd8913730add9.tar.gz linux-stable-a9c20bb0206ae9384bd470a6832dd8913730add9.tar.bz2 linux-stable-a9c20bb0206ae9384bd470a6832dd8913730add9.zip |
Merge tag 'kvm-s390-master-5.3-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into kvm-master
KVM: s390: Fixes for 5.3
- prevent a user triggerable oops in the migration code
- do not leak kernel stack content
Diffstat (limited to 'arch')
-rw-r--r-- | arch/s390/kvm/interrupt.c | 10 | ||||
-rw-r--r-- | arch/s390/kvm/kvm-s390.c | 4 |
2 files changed, 13 insertions, 1 deletions
diff --git a/arch/s390/kvm/interrupt.c b/arch/s390/kvm/interrupt.c index b5fd6e85657c..d1ccc168c071 100644 --- a/arch/s390/kvm/interrupt.c +++ b/arch/s390/kvm/interrupt.c @@ -1961,6 +1961,16 @@ int s390int_to_s390irq(struct kvm_s390_interrupt *s390int, case KVM_S390_MCHK: irq->u.mchk.mcic = s390int->parm64; break; + case KVM_S390_INT_PFAULT_INIT: + irq->u.ext.ext_params = s390int->parm; + irq->u.ext.ext_params2 = s390int->parm64; + break; + case KVM_S390_RESTART: + case KVM_S390_INT_CLOCK_COMP: + case KVM_S390_INT_CPU_TIMER: + break; + default: + return -EINVAL; } return 0; } diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c index f329dcb3f44c..39cff07bf2eb 100644 --- a/arch/s390/kvm/kvm-s390.c +++ b/arch/s390/kvm/kvm-s390.c @@ -1018,6 +1018,8 @@ static int kvm_s390_vm_start_migration(struct kvm *kvm) /* mark all the pages in active slots as dirty */ for (slotnr = 0; slotnr < slots->used_slots; slotnr++) { ms = slots->memslots + slotnr; + if (!ms->dirty_bitmap) + return -EINVAL; /* * The second half of the bitmap is only used on x86, * and would be wasted otherwise, so we put it to good @@ -4323,7 +4325,7 @@ long kvm_arch_vcpu_async_ioctl(struct file *filp, } case KVM_S390_INTERRUPT: { struct kvm_s390_interrupt s390int; - struct kvm_s390_irq s390irq; + struct kvm_s390_irq s390irq = {}; if (copy_from_user(&s390int, argp, sizeof(s390int))) return -EFAULT; |