| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Mar 2017 17:40:13 +0100
From: Cornelia Huck <cornelia.huck@...ibm.com>
To: David Hildenbrand <david@...hat.com>
Cc: kvm@...r.kernel.org, Paolo Bonzini <pbonzini@...hat.com>,
rkrcmar@...hat.com, Dmitry Vyukov <dvyukov@...gle.com>,
Marcelo Tosatti <mtosatti@...hat.com>, stable@...r.kernel.org,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v1] KVM: kvm_io_bus_unregister_dev() should never fail
On Thu, 23 Mar 2017 17:20:48 +0100
David Hildenbrand <david@...hat.com> wrote:
>
> > As this may set kvm->buses[bus_idx] to NULL, don't you also need to
> > guard for bus == NULL in kvm_io_bus_destroy()? (I looked at the code on
> > kvm/queue.)
>
> very right, so something like this?
>
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index e1be4b4..ef1aa7f 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -728,7 +728,8 @@ static void kvm_destroy_vm(struct kvm *kvm)
> spin_unlock(&kvm_lock);
> kvm_free_irq_routing(kvm);
> for (i = 0; i < KVM_NR_BUSES; i++) {
> - kvm_io_bus_destroy(kvm->buses[i]);
> + if (kvm->buses[i])
> + kvm_io_bus_destroy(kvm->buses[i]);
> kvm->buses[i] = NULL;
> }
> kvm_coalesced_mmio_free(kvm);
>
> Thanks!
>
> >
> >> synchronize_srcu_expedited(&kvm->srcu);
> >> kfree(bus);
> >> - return r;
> >> + return;
> >> }
> >
>
>
Either that, or an early exit for bus == NULL in kvm_io_bus_destroy().
(I think the second option is more straightforward.)
Powered by blists - more mailing lists