--- /dev/null
+From 64afe6e9eb4841f35317da4393de21a047a883b3 Mon Sep 17 00:00:00 2001
+From: Marc Zyngier <marc.zyngier@arm.com>
+Date: Thu, 16 Nov 2017 17:58:17 +0000
+Subject: KVM: arm/arm64: vgic-its: Preserve the revious read from the pending table
+
+From: Marc Zyngier <marc.zyngier@arm.com>
+
+commit 64afe6e9eb4841f35317da4393de21a047a883b3 upstream.
+
+The current pending table parsing code assumes that we keep the
+previous read of the pending bits, but keep that variable in
+the current block, making sure it is discarded on each loop.
+
+We end-up using whatever is on the stack. Who knows, it might
+just be the right thing...
+
+Fixes: 33d3bc9556a7d ("KVM: arm64: vgic-its: Read initial LPI pending table")
+Cc: stable@vger.kernel.org # 4.8
+Reported-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
+Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
+Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
+Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ virt/kvm/arm/vgic/vgic-its.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/virt/kvm/arm/vgic/vgic-its.c
++++ b/virt/kvm/arm/vgic/vgic-its.c
+@@ -322,6 +322,7 @@ static int its_sync_lpi_pending_table(st
+ int ret = 0;
+ u32 *intids;
+ int nr_irqs, i;
++ u8 pendmask;
+
+ nr_irqs = vgic_copy_lpi_list(vcpu->kvm, &intids);
+ if (nr_irqs < 0)
+@@ -329,7 +330,6 @@ static int its_sync_lpi_pending_table(st
+
+ for (i = 0; i < nr_irqs; i++) {
+ int byte_offset, bit_nr;
+- u8 pendmask;
+
+ byte_offset = intids[i] / BITS_PER_BYTE;
+ bit_nr = intids[i] % BITS_PER_BYTE;
projects / thirdparty / kernel / stable-queue.git / commitdiff
