From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marcelo Tosatti <mtosatti@redhat.com>
Subject: [patch 1/3] KVM: x86: disallow multiple KVM_CREATE_IRQCHIP
Date: Tue, 27 Oct 2009 13:10:43 -0200
Message-ID: <20091027151125.287873732@redhat.com>
References: <20091027151042.118902183@redhat.com>
Cc: kvm <kvm@vger.kernel.org>, stable@kernel.org,
	Marcelo Tosatti <mtosatti@redhat.com>
To: avi@redhat.com
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:23956 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753472AbZJ0POU (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 27 Oct 2009 11:14:20 -0400
Content-Disposition: inline; filename=irqchip-create
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Otherwise kvm will leak memory on multiple KVM_CREATE_IRQCHIP.

CC: stable@kernel.org
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: kvm/arch/x86/kvm/x86.c
===================================================================
--- kvm.orig/arch/x86/kvm/x86.c
+++ kvm/arch/x86/kvm/x86.c
@@ -2285,6 +2285,9 @@ long kvm_arch_vm_ioctl(struct file *filp
 			goto out;
 		break;
 	case KVM_CREATE_IRQCHIP:
+		r = -EEXIST;
+		if (kvm->arch.vpic)
+			goto out;
 		r = -ENOMEM;
 		kvm->arch.vpic = kvm_create_pic(kvm);
 		if (kvm->arch.vpic) {
@@ -2300,6 +2303,8 @@ long kvm_arch_vm_ioctl(struct file *filp
 		if (r) {
 			kfree(kvm->arch.vpic);
 			kfree(kvm->arch.vioapic);
+			kvm->arch.vpic = NULL;
+			kvm->arch.vioapic = NULL;
 			goto out;
 		}
 		break;