From: Heiko Carstens <heiko.carstens@de.ibm.com>
To: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: KVM <kvm@vger.kernel.org>, Paolo Bonzini <pbonzini@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
Alexander Graf <agraf@suse.de>,
Cornelia Huck <cornelia.huck@de.ibm.com>,
Jens Freimann <jfrei@linux.vnet.ibm.com>,
linux-s390 <linux-s390@vger.kernel.org>,
stable@vger.kernel.org
Subject: Re: [GIT PULL 3/8] KVM: s390: fix get_all_floating_irqs
Date: Tue, 31 Mar 2015 16:12:57 +0200 [thread overview]
Message-ID: <20150331141257.GC4479@osiris> (raw)
In-Reply-To: <1427806923-21910-4-git-send-email-borntraeger@de.ibm.com>
On Tue, Mar 31, 2015 at 03:01:58PM +0200, Christian Borntraeger wrote:
> From: Jens Freimann <jfrei@linux.vnet.ibm.com>
>
> This fixes a bug introduced with commit c05c4186bbe4 ("KVM: s390:
> add floating irq controller").
>
> get_all_floating_irqs() does copy_to_user() while holding
> a spin lock. Let's fix this by filling a temporary buffer
> first and copy it to userspace after giving up the lock.
>
> Cc: <stable@vger.kernel.org> # 3.18+: 69a8d4562638 KVM: s390: no need to hold...
>
> Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
> Signed-off-by: Jens Freimann <jfrei@linux.vnet.ibm.com>
> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
> Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
...
> -static int get_all_floating_irqs(struct kvm *kvm, __u8 *buf, __u64 len)
> +static int get_all_floating_irqs(struct kvm *kvm, __user u8 *usrbuf, u64 len)
fwiw, this is probably the only place within the kernel where we see
"__user u8 *" instead of "u8 __user *". This is odd within this whole
patch.
> + if (copy_to_user((void __user *) usrbuf,
The cast shouldn't be necessary at all...
next prev parent reply other threads:[~2015-03-31 14:12 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-31 13:01 [GIT PULL 0/8] KVM: s390: Features and fixes for 4.1 (kvm/next) Christian Borntraeger
2015-03-31 13:01 ` [GIT PULL 1/8] KVM: s390: store the breaking-event address on pgm interrupts Christian Borntraeger
2015-03-31 13:01 ` [GIT PULL 2/8] KVM: s390: enable more features that need no hypervisor changes Christian Borntraeger
2015-03-31 13:01 ` [GIT PULL 3/8] KVM: s390: fix get_all_floating_irqs Christian Borntraeger
2015-03-31 13:01 ` Christian Borntraeger
2015-03-31 14:12 ` Heiko Carstens [this message]
2015-03-31 14:42 ` Christian Borntraeger
2015-03-31 13:01 ` [GIT PULL 4/8] KVM: s390: deliver floating interrupts in order of priority Christian Borntraeger
2015-03-31 13:02 ` [GIT PULL 5/8] KVM: s390: cpu timer irq priority Christian Borntraeger
2015-03-31 13:02 ` [GIT PULL 6/8] KVM: s390: add ioctl to inject local interrupts Christian Borntraeger
2015-03-31 13:02 ` [GIT PULL 7/8] KVM: s390: refactor vcpu injection function Christian Borntraeger
2015-03-31 13:02 ` [GIT PULL 8/8] KVM: s390: migrate vcpu interrupt state Christian Borntraeger
2015-03-31 16:11 ` [GIT PULL 0/8] KVM: s390: Features and fixes for 4.1 (kvm/next) Paolo Bonzini
2015-03-31 16:14 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150331141257.GC4479@osiris \
--to=heiko.carstens@de.ibm.com \
--cc=agraf@suse.de \
--cc=borntraeger@de.ibm.com \
--cc=cornelia.huck@de.ibm.com \
--cc=jfrei@linux.vnet.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.