leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
90db10434b
linux/virt/kvm
History
David Hildenbrand 90db10434b KVM: kvm_io_bus_unregister_dev() should never fail 
No caller currently checks the return value of
kvm_io_bus_unregister_dev(). This is evil, as all callers silently go on
freeing their device. A stale reference will remain in the io_bus,
getting at least used again, when the iobus gets teared down on
kvm_destroy_vm() - leading to use after free errors.

There is nothing the callers could do, except retrying over and over
again.

So let's simply remove the bus altogether, print an error and make
sure no one can access this broken bus again (returning -ENOMEM on any
attempt to access it).

Fixes: e93f8a0f82 ("KVM: convert io_bus to SRCU")
Cc: stable@vger.kernel.org # 3.4+
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-23 19:02:25 +01:00
..
arm KVM: arm/arm64: VGIC: Fix command handling while ITS being disabled 2017-03-07 15:44:08 +00:00
async_pf.c sched/headers: Prepare for new header dependencies before moving code to <linux/sched/mm.h> 2017-03-02 08:42:28 +01:00
async_pf.h KVM: fix checkpatch.pl errors in kvm/async_pf.h 2015-06-19 17:16:25 +02:00
coalesced_mmio.c
coalesced_mmio.h KVM: make the declaration of functions within 80 characters 2015-09-14 18:43:19 +02:00
eventfd.c KVM: kvm_io_bus_unregister_dev() should never fail 2017-03-23 19:02:25 +01:00
irqchip.c KVM/ARM Changes for v4.8 - Take 2 2016-08-04 13:59:56 +02:00
Kconfig KVM: remove kvm_vcpu_compatible 2016-06-16 00:05:00 +02:00
kvm_main.c KVM: kvm_io_bus_unregister_dev() should never fail 2017-03-23 19:02:25 +01:00
vfio.c kvm: set/clear kvm to/from vfio_group when group add/delete 2016-12-01 10:42:17 -07:00
vfio.h