mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-15 23:25:07 +00:00
Code Issues Releases Wiki Activity
linux-stable/include
History
Jim Mattson f70123c6d3 kvm: Change offset in kvm_write_guest_offset_cached to unsigned 
[ Upstream commit 7a86dab8cf ]

Since the offset is added directly to the hva from the
gfn_to_hva_cache, a negative offset could result in an out of bounds
write. The existing BUG_ON only checks for addresses beyond the end of
the gfn_to_hva_cache, not for addresses before the start of the
gfn_to_hva_cache.

Note that all current call sites have non-negative offsets.

Fixes: 4ec6e86362 ("kvm: Introduce kvm_write_guest_offset_cached()")
Reported-by: Cfir Cohen <cfir@google.com>
Signed-off-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Cfir Cohen <cfir@google.com>
Reviewed-by: Peter Shier <pshier@google.com>
Reviewed-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-02-12 19:46:07 +01:00
..
acpi ACPI / EC: Fix regression related to PM ops support in ECDT device 2017-12-05 11:26:33 +01:00
asm-generic locking/qspinlock: Fix build for anonymous union in older GCC compilers 2018-12-21 14:13:11 +01:00
clocksource License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
crypto crypto: vmac - separate tfm and request context 2018-08-17 21:01:10 +02:00
drm drm/edid: VSDB yCBCr420 Deep Color mode bit definitions 2018-11-10 07:48:35 -08:00
dt-bindings dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 2018-04-24 09:36:34 +02:00
keys License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kvm arm/arm64: KVM: Add PSCI version selection API 2018-05-01 12:58:27 -07:00
linux kvm: Change offset in kvm_write_guest_offset_cached to unsigned 2019-02-12 19:46:07 +01:00
math-emu
media media: v4l: event: Prevent freeing event subscriptions while accessed 2018-10-03 17:01:00 -07:00
memory
misc
net ipvlan, l3mdev: fix broken l3s mode wrt local routes 2019-02-06 17:31:33 +01:00
pcmcia
ras License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rdma IB/hfi1: Optimize kthread pointer locking when queuing CQ entries 2018-07-03 11:24:54 +02:00
scsi scsi: core: introduce force_blk_mq 2018-08-15 18:12:47 +02:00
soc memory: tegra: Apply interrupts mask per SoC 2018-08-03 07:50:38 +02:00
sound ALSA: pcm: Fix interval evaluation with openmin/max 2018-12-13 09:18:51 +01:00
target target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK 2017-11-30 08:40:51 +00:00
trace ext4: force inode writes when nfsd calls commit_metadata() 2019-01-09 17:14:49 +01:00
uapi Input: restore EV_ABS ABS_RESERVED 2019-01-13 10:00:56 +01:00
video udlfb: set optimal write delay 2018-09-09 19:56:01 +02:00
xen x86/xen/time: setup vcpu 0 time info page 2019-01-31 08:13:47 +01:00