From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marcelo Tosatti <mtosatti@redhat.com>
Subject: [patch 2/3] KVM: x86: disallow KVM_{SET,GET}_LAPIC without allocated in-kernel lapic
Date: Wed, 28 Oct 2009 18:42:39 -0200
Message-ID: <20091028204359.820155370@amt.cnet>
References: <20091028204237.663479892@amt.cnet>
Cc: kvm@vger.kernel.org, mst@redhat.com, gleb@redhat.com,
	Marcelo Tosatti <mtosatti@redhat.com>
To: avi@redhat.com
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:36543 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1755564AbZJ1UqY (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 28 Oct 2009 16:46:24 -0400
Received: from int-mx05.intmail.prod.int.phx2.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.18])
	by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id n9SKkTIb009575
	for <kvm@vger.kernel.org>; Wed, 28 Oct 2009 16:46:30 -0400
Content-Disposition: inline; filename=get-set-lapic
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Otherwise kvm might attempt to dereference a NULL pointer.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: kvm/arch/x86/kvm/x86.c
===================================================================
--- kvm.orig/arch/x86/kvm/x86.c
+++ kvm/arch/x86/kvm/x86.c
@@ -1893,6 +1893,9 @@ long kvm_arch_vcpu_ioctl(struct file *fi
 
 	switch (ioctl) {
 	case KVM_GET_LAPIC: {
+		r = -EINVAL;
+		if (!vcpu->arch.apic)
+			goto out;
 		lapic = kzalloc(sizeof(struct kvm_lapic_state), GFP_KERNEL);
 
 		r = -ENOMEM;
@@ -1908,6 +1911,9 @@ long kvm_arch_vcpu_ioctl(struct file *fi
 		break;
 	}
 	case KVM_SET_LAPIC: {
+		r = -EINVAL;
+		if (!vcpu->arch.apic)
+			goto out;
 		lapic = kmalloc(sizeof(struct kvm_lapic_state), GFP_KERNEL);
 		r = -ENOMEM;
 		if (!lapic)