github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-01 02:53:36 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph

KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID

Browse Source 
Do not accept IDs which are definitely invalid by limit checking the
passed value against KVM_MAX_VCPU_IDS and 'max_vcpu_ids' if it was
already set.

This ensures invalid values, especially on 64-bit systems, don't go
unnoticed and lead to a valid id by chance when truncated by the final
assignment.

Fixes: 73880c80aa ("KVM: Break dependency between vcpu index in vcpus array and vcpu_id.")
Signed-off-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20240614202859.3597745-3-minipli@grsecurity.net
Co-developed-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
This commit is contained in:
Mathias Krause 2024-06-14 22:28:56 +02:00 committed by Sean Christopherson
parent 8b8e57e509
commit 7c305d5118
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
arch/x86/kvm/x86.c
View File

@ -7228,6 +7228,9 @@ int kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg)
mutex_lock(&kvm->lock);
if (kvm->created_vcpus)
r = -EBUSY;
else if (arg > KVM_MAX_VCPU_IDS ||
(kvm->arch.max_vcpu_ids && arg > kvm->arch.max_vcpu_ids))
r = -EINVAL;
else
kvm->arch.bsp_vcpu_id = arg;
mutex_unlock(&kvm->lock);