3.10-stable patches

added patches:
	kvm-x86-fix-kvm_apic_has_events-to-check-for-null-pointer.patch

diff --git a/queue-3.10/kvm-x86-fix-kvm_apic_has_events-to-check-for-null-pointer.patch b/queue-3.10/kvm-x86-fix-kvm_apic_has_events-to-check-for-null-pointer.patch
new file mode 100644 (file)
index 0000000..e264826
--- /dev/null
+++ b/queue-3.10/kvm-x86-fix-kvm_apic_has_events-to-check-for-null-pointer.patch
@@ -0,0 +1,31 @@
+From ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Sat, 30 May 2015 14:31:24 +0200
+Subject: kvm: x86: fix kvm_apic_has_events to check for NULL pointer
+
+From: Paolo Bonzini <pbonzini@redhat.com>
+
+commit ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 upstream.
+
+Malicious (or egregiously buggy) userspace can trigger it, but it
+should never happen in normal operation.
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Wang Kai <morgan.wang@huawei.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kvm/lapic.h |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/x86/kvm/lapic.h
++++ b/arch/x86/kvm/lapic.h
+@@ -165,7 +165,7 @@ static inline u16 apic_logical_id(struct
+ 
+ static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu)
+ {
+-      return vcpu->arch.apic->pending_events;
++      return kvm_vcpu_has_lapic(vcpu) && vcpu->arch.apic->pending_events;
+ }
+ 
+ bool kvm_apic_pending_eoi(struct kvm_vcpu *vcpu, int vector);

diff --git a/queue-3.10/series b/queue-3.10/series
index 9f52b817045a23c40162efaf4535dbc835c91305..f531780bd98f6a8d341575e39b4bcb0d069ef3dc 100644 (file)
--- a/queue-3.10/series
+++ b/queue-3.10/series
@@ -30,3 +30,4 @@ arm-7819-1-fiq-cast-the-first-argument-of-flush_icache_range.patch
 signalfd-fix-information-leak-in-signalfd_copyinfo.patch
 signal-fix-information-leak-in-copy_siginfo_to_user.patch
 signal-fix-information-leak-in-copy_siginfo_from_user32.patch
+kvm-x86-fix-kvm_apic_has_events-to-check-for-null-pointer.patch