git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Jing Zhang <jingzhangos@google.com>
	Wed, 4 Dec 2024 20:23:38 +0000 (12:23 -0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 14 Dec 2024 18:51:44 +0000 (19:51 +0100)
commit	065e075d438fc3659a0be2387ec6224a3075c54d
tree	ea79f6ab2a09ccc861aff953c344e1c611db73dc	tree
parent	9e9f343615c0eb65b3e3ec6bbbb569147b6e16fe	commit \| diff

KVM: arm64: vgic-its: Add a data length check in vgic_its_save_*

commit 7fe28d7e68f92cc3d0668b8f2fbdf5c303ac3022 upstream.

In all the vgic_its_save_*() functinos, they do not check whether
the data length is 8 bytes before calling vgic_write_guest_lock.
This patch adds the check. To prevent the kernel from being blown up
when the fault occurs, KVM_BUG_ON() is used. And the other BUG_ON()s
are replaced together.

Cc: stable@vger.kernel.org
Signed-off-by: Kunkun Jiang <jiangkunkun@huawei.com>
[Jing: Update with the new entry read/write helpers]
Signed-off-by: Jing Zhang <jingzhangos@google.com>
Link: https://lore.kernel.org/r/20241107214137.428439-4-jingzhangos@google.com
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

arch/arm64/kvm/vgic/vgic-its.c		diff \| blob \| blame \| history
arch/arm64/kvm/vgic/vgic.h		diff \| blob \| blame \| history