[PATCH][request for stable 3.10 inclusion]CVE-2015-4692

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH][request for stable 3.10 inclusion]CVE-2015-4692
@ 2015-07-29  4:56 Wang Kai
  2015-07-29  4:56 ` [PATCH] kvm: x86: fix kvm_apic_has_events to check for NULL pointer Wang Kai
  0 siblings, 1 reply; 6+ messages in thread
From: Wang Kai @ 2015-07-29  4:56 UTC (permalink / raw)
  To: gregkh; +Cc: stable, pbonzini

Hi, Greg

  Could you please apply this CVE fix for stable-3.10? Thanks.

Paolo Bonzini (1):
  kvm: x86: fix kvm_apic_has_events to check for NULL pointer

 arch/x86/kvm/lapic.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
1.8.3.4


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH] kvm: x86: fix kvm_apic_has_events to check for NULL pointer
  2015-07-29  4:56 [PATCH][request for stable 3.10 inclusion]CVE-2015-4692 Wang Kai
@ 2015-07-29  4:56 ` Wang Kai
  2015-07-29  8:19   ` Paolo Bonzini
  2015-08-14 16:58   ` Greg KH
  0 siblings, 2 replies; 6+ messages in thread
From: Wang Kai @ 2015-07-29  4:56 UTC (permalink / raw)
  To: gregkh; +Cc: stable, pbonzini

From: Paolo Bonzini <pbonzini@redhat.com>

commit ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 upstream.

Malicious (or egregiously buggy) userspace can trigger it, but it
should never happen in normal operation.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[wangkai: backport to 3.10: adjust context]
Signed-off-by: Wang Kai <morgan.wang@huawei.com>
---
 arch/x86/kvm/lapic.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h
index c8b0d0d..fc87568 100644
--- a/arch/x86/kvm/lapic.h
+++ b/arch/x86/kvm/lapic.h
@@ -165,7 +165,7 @@ static inline u16 apic_logical_id(struct kvm_apic_map *map, u32 ldr)
 
 static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu)
 {
-	return vcpu->arch.apic->pending_events;
+	return kvm_vcpu_has_lapic(vcpu) && vcpu->arch.apic->pending_events;
 }
 
 bool kvm_apic_pending_eoi(struct kvm_vcpu *vcpu, int vector);
-- 
1.8.3.4


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] kvm: x86: fix kvm_apic_has_events to check for NULL pointer
  2015-07-29  4:56 ` [PATCH] kvm: x86: fix kvm_apic_has_events to check for NULL pointer Wang Kai
@ 2015-07-29  8:19   ` Paolo Bonzini
  2015-08-14 16:58   ` Greg KH
  1 sibling, 0 replies; 6+ messages in thread
From: Paolo Bonzini @ 2015-07-29  8:19 UTC (permalink / raw)
  To: Wang Kai, gregkh; +Cc: stable



On 29/07/2015 06:56, Wang Kai wrote:
> From: Paolo Bonzini <pbonzini@redhat.com>
> 
> commit ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 upstream.
> 
> Malicious (or egregiously buggy) userspace can trigger it, but it
> should never happen in normal operation.
> 
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> [wangkai: backport to 3.10: adjust context]
> Signed-off-by: Wang Kai <morgan.wang@huawei.com>
> ---
>  arch/x86/kvm/lapic.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h
> index c8b0d0d..fc87568 100644
> --- a/arch/x86/kvm/lapic.h
> +++ b/arch/x86/kvm/lapic.h
> @@ -165,7 +165,7 @@ static inline u16 apic_logical_id(struct kvm_apic_map *map, u32 ldr)
>  
>  static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu)
>  {
> -	return vcpu->arch.apic->pending_events;
> +	return kvm_vcpu_has_lapic(vcpu) && vcpu->arch.apic->pending_events;
>  }
>  
>  bool kvm_apic_pending_eoi(struct kvm_vcpu *vcpu, int vector);
> 

Ack.

Paolo

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] kvm: x86: fix kvm_apic_has_events to check for NULL pointer
  2015-07-29  4:56 ` [PATCH] kvm: x86: fix kvm_apic_has_events to check for NULL pointer Wang Kai
  2015-07-29  8:19   ` Paolo Bonzini
@ 2015-08-14 16:58   ` Greg KH
  1 sibling, 0 replies; 6+ messages in thread
From: Greg KH @ 2015-08-14 16:58 UTC (permalink / raw)
  To: Wang Kai; +Cc: stable, pbonzini

On Wed, Jul 29, 2015 at 04:56:34AM +0000, Wang Kai wrote:
> From: Paolo Bonzini <pbonzini@redhat.com>
> 
> commit ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 upstream.
> 
> Malicious (or egregiously buggy) userspace can trigger it, but it
> should never happen in normal operation.
> 
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> [wangkai: backport to 3.10: adjust context]

It needs to go to all stable trees, not just 3.10, so I've applied it to
the ones I manage.

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH] kvm: x86: fix kvm_apic_has_events to check for NULL pointer
@ 2015-06-04  8:18 Paolo Bonzini
  2015-06-12 14:10 ` Josh Boyer
  0 siblings, 1 reply; 6+ messages in thread
From: Paolo Bonzini @ 2015-06-04  8:18 UTC (permalink / raw)
  To: linux-kernel, kvm; +Cc: pmatouse

Malicious (or egregiously buggy) userspace can trigger it, but it
should never happen in normal operation.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 arch/x86/kvm/lapic.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h
index 71b150cae5f9..9d8fcde52027 100644
--- a/arch/x86/kvm/lapic.h
+++ b/arch/x86/kvm/lapic.h
@@ -150,7 +150,7 @@ static inline bool kvm_apic_vid_enabled(struct kvm *kvm)
 
 static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu)
 {
-	return vcpu->arch.apic->pending_events;
+	return kvm_vcpu_has_lapic(vcpu) && vcpu->arch.apic->pending_events;
 }
 
 static inline bool kvm_lowest_prio_delivery(struct kvm_lapic_irq *irq)
-- 
1.8.3.1


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] kvm: x86: fix kvm_apic_has_events to check for NULL pointer
  2015-06-04  8:18 Paolo Bonzini
@ 2015-06-12 14:10 ` Josh Boyer
  0 siblings, 0 replies; 6+ messages in thread
From: Josh Boyer @ 2015-06-12 14:10 UTC (permalink / raw)
  To: Paolo Bonzini; +Cc: Linux-Kernel@Vger. Kernel. Org, KVM list, Petr Matousek

On Thu, Jun 4, 2015 at 4:18 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
> Malicious (or egregiously buggy) userspace can trigger it, but it
> should never happen in normal operation.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

This should probably be backported to the stable trees, right?

josh

> ---
>  arch/x86/kvm/lapic.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h
> index 71b150cae5f9..9d8fcde52027 100644
> --- a/arch/x86/kvm/lapic.h
> +++ b/arch/x86/kvm/lapic.h
> @@ -150,7 +150,7 @@ static inline bool kvm_apic_vid_enabled(struct kvm *kvm)
>
>  static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu)
>  {
> -       return vcpu->arch.apic->pending_events;
> +       return kvm_vcpu_has_lapic(vcpu) && vcpu->arch.apic->pending_events;
>  }
>
>  static inline bool kvm_lowest_prio_delivery(struct kvm_lapic_irq *irq)
> --
> 1.8.3.1
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2015-08-14 16:58 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-07-29  4:56 [PATCH][request for stable 3.10 inclusion]CVE-2015-4692 Wang Kai
2015-07-29  4:56 ` [PATCH] kvm: x86: fix kvm_apic_has_events to check for NULL pointer Wang Kai
2015-07-29  8:19   ` Paolo Bonzini
2015-08-14 16:58   ` Greg KH
  -- strict thread matches above, loose matches on Subject: below --
2015-06-04  8:18 Paolo Bonzini
2015-06-12 14:10 ` Josh Boyer

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.