leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
811f95ff95
linux/arch/x86
History
Sean Christopherson 811f95ff95 KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2} 
Free the "struct kvm_cpuid_entry2" array on successful post-KVM_RUN
KVM_SET_CPUID{,2} to fix a memory leak, the callers of kvm_set_cpuid()
free the array only on failure.

 BUG: memory leak
 unreferenced object 0xffff88810963a800 (size 2048):
  comm "syz-executor025", pid 3610, jiffies 4294944928 (age 8.080s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 0d 00 00 00  ................
    47 65 6e 75 6e 74 65 6c 69 6e 65 49 00 00 00 00  GenuntelineI....
  backtrace:
    [<ffffffff814948ee>] kmalloc_node include/linux/slab.h:604 [inline]
    [<ffffffff814948ee>] kvmalloc_node+0x3e/0x100 mm/util.c:580
    [<ffffffff814950f2>] kvmalloc include/linux/slab.h:732 [inline]
    [<ffffffff814950f2>] vmemdup_user+0x22/0x100 mm/util.c:199
    [<ffffffff8109f5ff>] kvm_vcpu_ioctl_set_cpuid2+0x8f/0xf0 arch/x86/kvm/cpuid.c:423
    [<ffffffff810711b9>] kvm_arch_vcpu_ioctl+0xb99/0x1e60 arch/x86/kvm/x86.c:5251
    [<ffffffff8103e92d>] kvm_vcpu_ioctl+0x4ad/0x950 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4066
    [<ffffffff815afacc>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff815afacc>] __do_sys_ioctl fs/ioctl.c:874 [inline]
    [<ffffffff815afacc>] __se_sys_ioctl fs/ioctl.c:860 [inline]
    [<ffffffff815afacc>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:860
    [<ffffffff844a3335>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff844a3335>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84600068>] entry_SYSCALL_64_after_hwframe+0x44/0xae

Fixes: c6617c61e8 ("KVM: x86: Partially allow KVM_SET_CPUID{,2} after KVM_RUN")
Cc: stable@vger.kernel.org
Reported-by: syzbot+be576ad7655690586eec@syzkaller.appspotmail.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220125210445.2053429-1-seanjc@google.com>
Reviewed-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-01-26 12:42:31 -05:00
..
boot - Do not #GP on userspace use of CLI/STI but pretend it was a NOP to 2021-11-02 07:56:47 -07:00
configs configs: remove the obsolete CONFIG_INPUT_POLLDEV 2021-09-08 11:50:28 -07:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2021-11-01 21:24:02 -07:00
entry x86/xen: Add xenpv_restore_regs_and_return_to_usermode() 2021-12-03 19:21:15 +01:00
events x86/perf: Fix snapshot_branch_stack warning in VM 2021-11-17 14:48:43 +01:00
hyperv x86/hyperv: Move required MSRs check to initial platform probing 2021-11-15 12:37:08 +00:00
ia32 audit/stable-5.16 PR 20211101 2021-11-01 21:17:39 -07:00
include KVM: x86: Forcibly leave nested virt when SMM state is toggled 2022-01-26 12:15:03 -05:00
kernel Merge branch 'kvm-pi-raw-spinlock' into HEAD 2022-01-19 12:14:02 -05:00
kvm KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2} 2022-01-26 12:42:31 -05:00
lib - Do not #GP on userspace use of CLI/STI but pretend it was a NOP to 2021-11-02 07:56:47 -07:00
math-emu x86/math-emu: Convert to fpstate 2021-10-20 23:57:54 +02:00
mm Merge branch 'kvm-guest-sev-migration' into kvm-master 2021-11-11 07:40:26 -05:00
net bpf: Fix extable address check. 2021-12-16 21:41:04 +01:00
pci xen: branch for v5.16-rc1 2021-11-10 11:14:21 -08:00
platform x86/sme: Explicitly map new EFI memmap table as encrypted 2021-12-05 16:44:52 +01:00
power x86/fpu: Replace the includes of fpu/internal.h 2021-10-20 15:27:29 +02:00
purgatory kernel.h: split out panic and oops helpers 2021-07-01 11:06:04 -07:00
ras
realmode x86/64/mm: Map all kernel memory into trampoline_pgd 2021-12-03 09:11:43 +01:00
tools x86/build: Use the proper name CONFIG_FW_LOADER 2021-12-29 22:20:38 +01:00
um um: fix stub location calculation 2021-08-26 22:28:03 +02:00
video
xen x86/xen: Add xenpv_restore_regs_and_return_to_usermode() 2021-12-03 19:21:15 +01:00
.gitignore
Kbuild kbuild: use more subdir- for visiting subdirectories while cleaning 2021-10-24 13:49:46 +09:00
Kconfig EFI fix for v5.16 2021-12-06 10:09:00 -08:00
Kconfig.assembler
Kconfig.cpu x86/CPU: Add support for Vortex CPUs 2021-10-21 15:49:07 +02:00
Kconfig.debug tracing: Refactor TRACE_IRQFLAGS_SUPPORT in Kconfig 2021-08-16 11:37:21 -04:00
Makefile Kbuild updates for v5.16 2021-11-08 09:15:45 -08:00
Makefile_32.cpu x86/build: Do not add -falign flags unconditionally for clang 2021-09-19 10:35:53 +09:00
Makefile.um um: allow not setting extra rpaths in the linux binary 2021-06-17 21:54:15 +02:00