From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 16 Jul 2019 19:39:03 +0000 (+0900)
Subject: 4.4-stable patches
X-Git-Tag: v5.2.2~17
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=34a2312995e11ce7defdc5274a6dd0d3389b2f6d;p=thirdparty%2Fkernel%2Fstable-queue.git

4.4-stable patches

added patches:
	kvm-x86-avoid-warning-on-repeated-kvm_set_tss_addr.patch
---

diff --git a/queue-4.4/kvm-x86-avoid-warning-on-repeated-kvm_set_tss_addr.patch b/queue-4.4/kvm-x86-avoid-warning-on-repeated-kvm_set_tss_addr.patch
new file mode 100644
index 00000000000..47d71e76d16
--- /dev/null
+++ b/queue-4.4/kvm-x86-avoid-warning-on-repeated-kvm_set_tss_addr.patch
@@ -0,0 +1,74 @@
+From b21629da120dd6145d14dbd6d028e1bba680a92b Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Wed, 1 Jun 2016 14:09:18 +0200
+Subject: kvm: x86: avoid warning on repeated KVM_SET_TSS_ADDR
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Paolo Bonzini <pbonzini@redhat.com>
+
+commit b21629da120dd6145d14dbd6d028e1bba680a92b upstream.
+
+Found by syzkaller:
+
+    WARNING: CPU: 3 PID: 15175 at arch/x86/kvm/x86.c:7705 __x86_set_memory_region+0x1dc/0x1f0 [kvm]()
+    CPU: 3 PID: 15175 Comm: a.out Tainted: G        W       4.4.6-300.fc23.x86_64 #1
+    Hardware name: LENOVO 2325F51/2325F51, BIOS G2ET32WW (1.12 ) 05/30/2012
+     0000000000000286 00000000950899a7 ffff88011ab3fbf0 ffffffff813b542e
+     0000000000000000 ffffffffa0966496 ffff88011ab3fc28 ffffffff810a40f2
+     00000000000001fd 0000000000003000 ffff88014fc50000 0000000000000000
+    Call Trace:
+     [<ffffffff813b542e>] dump_stack+0x63/0x85
+     [<ffffffff810a40f2>] warn_slowpath_common+0x82/0xc0
+     [<ffffffff810a423a>] warn_slowpath_null+0x1a/0x20
+     [<ffffffffa09251cc>] __x86_set_memory_region+0x1dc/0x1f0 [kvm]
+     [<ffffffffa092521b>] x86_set_memory_region+0x3b/0x60 [kvm]
+     [<ffffffffa09bb61c>] vmx_set_tss_addr+0x3c/0x150 [kvm_intel]
+     [<ffffffffa092f4d4>] kvm_arch_vm_ioctl+0x654/0xbc0 [kvm]
+     [<ffffffffa091d31a>] kvm_vm_ioctl+0x9a/0x6f0 [kvm]
+     [<ffffffff81241248>] do_vfs_ioctl+0x298/0x480
+     [<ffffffff812414a9>] SyS_ioctl+0x79/0x90
+     [<ffffffff817a04ee>] entry_SYSCALL_64_fastpath+0x12/0x71
+
+Testcase:
+
+    #include <unistd.h>
+    #include <sys/ioctl.h>
+    #include <fcntl.h>
+    #include <string.h>
+    #include <linux/kvm.h>
+
+    long r[8];
+
+    int main()
+    {
+        memset(r, -1, sizeof(r));
+	r[2] = open("/dev/kvm", O_RDONLY|O_TRUNC);
+        r[3] = ioctl(r[2], KVM_CREATE_VM, 0x0ul);
+        r[5] = ioctl(r[3], KVM_SET_TSS_ADDR, 0x20000000ul);
+        r[7] = ioctl(r[3], KVM_SET_TSS_ADDR, 0x20000000ul);
+        return 0;
+    }
+
+Reported-by: Dmitry Vyukov <dvyukov@google.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
+Cc: Zubin Mithra <zsm@chromium.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kvm/x86.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/x86/kvm/x86.c
++++ b/arch/x86/kvm/x86.c
+@@ -7799,7 +7799,7 @@ int __x86_set_memory_region(struct kvm *
+ 
+ 	slot = id_to_memslot(slots, id);
+ 	if (size) {
+-		if (WARN_ON(slot->npages))
++		if (slot->npages)
+ 			return -EEXIST;
+ 
+ 		/*
diff --git a/queue-4.4/series b/queue-4.4/series
index d5cbc452d91..b76610badd0 100644
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -32,3 +32,4 @@ be2net-fix-link-failure-after-ethtool-offline-test.patch
 ppp-mppe-add-softdep-to-arc4.patch
 sis900-fix-tx-completion.patch
 dm-verity-use-message-limit-for-data-block-corruptio.patch
+kvm-x86-avoid-warning-on-repeated-kvm_set_tss_addr.patch