ACK: [Trusty][CVE-2015-4692] kvm: x86: fix kvm_apic_has_events to check for NULL pointer
Chris J Arges
chris.j.arges at canonical.com
Mon Jun 29 21:16:29 UTC 2015
On 06/29/2015 04:11 PM, Kamal Mostafa wrote:
> From: Paolo Bonzini <pbonzini at redhat.com>
>
> commit ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 upstream.
>
> Malicious (or egregiously buggy) userspace can trigger it, but it
> should never happen in normal operation.
>
> Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
> Reference: CVE-2015-4692
> Signed-off-by: Kamal Mostafa <kamal at canonical.com>
> ---
> arch/x86/kvm/lapic.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h
> index c8b0d0d..fc87568 100644
> --- a/arch/x86/kvm/lapic.h
> +++ b/arch/x86/kvm/lapic.h
> @@ -165,7 +165,7 @@ static inline u16 apic_logical_id(struct kvm_apic_map *map, u32 ldr)
>
> static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu)
> {
> - return vcpu->arch.apic->pending_events;
> + return kvm_vcpu_has_lapic(vcpu) && vcpu->arch.apic->pending_events;
> }
>
> bool kvm_apic_pending_eoi(struct kvm_vcpu *vcpu, int vector);
>
More information about the kernel-team
mailing list