From: Sean Christopherson Date: Thu, 18 Jun 2026 18:52:13 +0000 (-0700) Subject: KVM: x86: WARN and fail kvm_set_irq() if a PIC or I/O APIC vector is invalid X-Git-Tag: v7.2-rc1~30^2~6 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ea3c9959213641cbcf53add220d3213f16042419;p=thirdparty%2Flinux.git KVM: x86: WARN and fail kvm_set_irq() if a PIC or I/O APIC vector is invalid WARN and return an error up the stack if the PIC or I/O APIC encounters an invalid vector when injecting an IRQ, as there is no danger to the host and thus no justification for potentially panicking the kernel. Don't bug the VM either, as the risk of corrupting the guest is minuscule, and the guest might even be completely tolerant of a lost interrupt. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang Message-ID: <20260618185213.2019937-1-seanjc@google.com> Signed-off-by: Paolo Bonzini --- diff --git a/arch/x86/kvm/i8259.c b/arch/x86/kvm/i8259.c index 59e28c45d7dc1..6a942ac622d5f 100644 --- a/arch/x86/kvm/i8259.c +++ b/arch/x86/kvm/i8259.c @@ -194,7 +194,8 @@ int kvm_pic_set_irq(struct kvm_kernel_irq_routing_entry *e, struct kvm *kvm, int irq = e->irqchip.pin; int ret, irq_level; - BUG_ON(irq < 0 || irq >= PIC_NUM_PINS); + if (WARN_ON_ONCE(irq < 0 || irq >= PIC_NUM_PINS)) + return -1; pic_lock(s); irq_level = __kvm_irq_line_state(&s->irq_states[irq], diff --git a/arch/x86/kvm/ioapic.c b/arch/x86/kvm/ioapic.c index f3f4a483ca150..88bd226f3b73b 100644 --- a/arch/x86/kvm/ioapic.c +++ b/arch/x86/kvm/ioapic.c @@ -504,7 +504,8 @@ int kvm_ioapic_set_irq(struct kvm_kernel_irq_routing_entry *e, struct kvm *kvm, int irq = e->irqchip.pin; int ret, irq_level; - BUG_ON(irq < 0 || irq >= IOAPIC_NUM_PINS); + if (WARN_ON_ONCE(irq < 0 || irq >= IOAPIC_NUM_PINS)) + return -1; spin_lock(&ioapic->lock); irq_level = __kvm_irq_line_state(&ioapic->irq_states[irq],