[PATCH] KVM: Validate irqchip index for LoongArch and PowerPC

Kernel KVM virtualization development
 help / color / mirror / Atom feed

* [PATCH] KVM: Validate irqchip index for LoongArch and PowerPC
@ 2026-05-25  7:01 Yanfei Xu
  2026-05-26  6:32 ` Harsh Prateek Bora
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Yanfei Xu @ 2026-05-25  7:01 UTC (permalink / raw)
  To: zhaotianrui, maobibo, chenhuacai, maddy, npiggin, sashiko-reviews,
	seanjc, pbonzini
  Cc: kvm, loongarch, linuxppc-dev, caixiangfeng, fangying.tommy,
	yanfei.xu, isyanfei.xu, Sashiko

Sashiko reported that irqchip index is not validated for LoongArch and
PowerPC. Add validation and reject out-of-range irqchip indexes to avoid
indexing past the routing table's chip array.

Fixes: de9ba2f36368 ("KVM: PPC: Support irq routing and irqfd for in-kernel MPIC")
Fixes: 1928254c5ccb ("LoongArch: KVM: Add irqfd support")
Reported-by: Sashiko <sashiko-bot@kernel.org>
Closes: https://lore.kernel.org/kvm/20260525051714.485D51F000E9@smtp.kernel.org/
Signed-off-by: Yanfei Xu <yanfei.xu@bytedance.com>
---
 arch/loongarch/kvm/irqfd.c | 3 ++-
 arch/powerpc/kvm/mpic.c    | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/arch/loongarch/kvm/irqfd.c b/arch/loongarch/kvm/irqfd.c
index f4f953b22419..40ed1081c4b6 100644
--- a/arch/loongarch/kvm/irqfd.c
+++ b/arch/loongarch/kvm/irqfd.c
@@ -51,7 +51,8 @@ int kvm_set_routing_entry(struct kvm *kvm,
 		e->irqchip.irqchip = ue->u.irqchip.irqchip;
 		e->irqchip.pin = ue->u.irqchip.pin;
 
-		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS)
+		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS ||
+		    e->irqchip.irqchip >= KVM_NR_IRQCHIPS)
 			return -EINVAL;
 
 		return 0;
diff --git a/arch/powerpc/kvm/mpic.c b/arch/powerpc/kvm/mpic.c
index 3070f36d9fb8..fb5f9e65e02e 100644
--- a/arch/powerpc/kvm/mpic.c
+++ b/arch/powerpc/kvm/mpic.c
@@ -1833,7 +1833,8 @@ int kvm_set_routing_entry(struct kvm *kvm,
 		e->set = mpic_set_irq;
 		e->irqchip.irqchip = ue->u.irqchip.irqchip;
 		e->irqchip.pin = ue->u.irqchip.pin;
-		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS)
+		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS ||
+		    e->irqchip.irqchip >= KVM_NR_IRQCHIPS)
 			goto out;
 		break;
 	case KVM_IRQ_ROUTING_MSI:
-- 
2.20.1

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] KVM: Validate irqchip index for LoongArch and PowerPC
  2026-05-25  7:01 [PATCH] KVM: Validate irqchip index for LoongArch and PowerPC Yanfei Xu
@ 2026-05-26  6:32 ` Harsh Prateek Bora
  2026-05-26  7:04 ` Bibo Mao
  2026-05-29 22:51 ` Sean Christopherson
  2 siblings, 0 replies; 5+ messages in thread
From: Harsh Prateek Bora @ 2026-05-26  6:32 UTC (permalink / raw)
  To: Yanfei Xu, zhaotianrui, maobibo, chenhuacai, maddy, npiggin,
	sashiko-reviews, seanjc, pbonzini
  Cc: kvm, loongarch, linuxppc-dev, caixiangfeng, fangying.tommy,
	isyanfei.xu, Sashiko, stable

+ cc: stable@vger.kernel.org

On 25/05/26 12:31 pm, Yanfei Xu wrote:
> Sashiko reported that irqchip index is not validated for LoongArch and
> PowerPC. Add validation and reject out-of-range irqchip indexes to avoid
> indexing past the routing table's chip array.
> 
> Fixes: de9ba2f36368 ("KVM: PPC: Support irq routing and irqfd for in-kernel MPIC")
> Fixes: 1928254c5ccb ("LoongArch: KVM: Add irqfd support")
> Reported-by: Sashiko <sashiko-bot@kernel.org>
> Closes: https://lore.kernel.org/kvm/20260525051714.485D51F000E9@smtp.kernel.org/
> Signed-off-by: Yanfei Xu <yanfei.xu@bytedance.com>
> ---
>   arch/loongarch/kvm/irqfd.c | 3 ++-
>   arch/powerpc/kvm/mpic.c    | 3 ++-
>   2 files changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/loongarch/kvm/irqfd.c b/arch/loongarch/kvm/irqfd.c
> index f4f953b22419..40ed1081c4b6 100644
> --- a/arch/loongarch/kvm/irqfd.c
> +++ b/arch/loongarch/kvm/irqfd.c
> @@ -51,7 +51,8 @@ int kvm_set_routing_entry(struct kvm *kvm,
>   		e->irqchip.irqchip = ue->u.irqchip.irqchip;
>   		e->irqchip.pin = ue->u.irqchip.pin;
>   
> -		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS)
> +		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS ||
> +		    e->irqchip.irqchip >= KVM_NR_IRQCHIPS)
>   			return -EINVAL;
>   
>   		return 0;
> diff --git a/arch/powerpc/kvm/mpic.c b/arch/powerpc/kvm/mpic.c
> index 3070f36d9fb8..fb5f9e65e02e 100644
> --- a/arch/powerpc/kvm/mpic.c
> +++ b/arch/powerpc/kvm/mpic.c
> @@ -1833,7 +1833,8 @@ int kvm_set_routing_entry(struct kvm *kvm,
>   		e->set = mpic_set_irq;
>   		e->irqchip.irqchip = ue->u.irqchip.irqchip;
>   		e->irqchip.pin = ue->u.irqchip.pin;
> -		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS)
> +		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS ||
> +		    e->irqchip.irqchip >= KVM_NR_IRQCHIPS)

Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com> # PPC KVM
>   			goto out;
>   		break;
>   	case KVM_IRQ_ROUTING_MSI:


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] KVM: Validate irqchip index for LoongArch and PowerPC
  2026-05-25  7:01 [PATCH] KVM: Validate irqchip index for LoongArch and PowerPC Yanfei Xu
  2026-05-26  6:32 ` Harsh Prateek Bora
@ 2026-05-26  7:04 ` Bibo Mao
  2026-05-29 22:51 ` Sean Christopherson
  2 siblings, 0 replies; 5+ messages in thread
From: Bibo Mao @ 2026-05-26  7:04 UTC (permalink / raw)
  To: Yanfei Xu, zhaotianrui, chenhuacai, maddy, npiggin,
	sashiko-reviews, seanjc, pbonzini
  Cc: kvm, loongarch, linuxppc-dev, caixiangfeng, fangying.tommy,
	isyanfei.xu, Sashiko



On 2026/5/25 下午3:01, Yanfei Xu wrote:
> Sashiko reported that irqchip index is not validated for LoongArch and
> PowerPC. Add validation and reject out-of-range irqchip indexes to avoid
> indexing past the routing table's chip array.
> 
> Fixes: de9ba2f36368 ("KVM: PPC: Support irq routing and irqfd for in-kernel MPIC")
> Fixes: 1928254c5ccb ("LoongArch: KVM: Add irqfd support")
> Reported-by: Sashiko <sashiko-bot@kernel.org>
> Closes: https://lore.kernel.org/kvm/20260525051714.485D51F000E9@smtp.kernel.org/
> Signed-off-by: Yanfei Xu <yanfei.xu@bytedance.com>
> ---
>   arch/loongarch/kvm/irqfd.c | 3 ++-
>   arch/powerpc/kvm/mpic.c    | 3 ++-
>   2 files changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/loongarch/kvm/irqfd.c b/arch/loongarch/kvm/irqfd.c
> index f4f953b22419..40ed1081c4b6 100644
> --- a/arch/loongarch/kvm/irqfd.c
> +++ b/arch/loongarch/kvm/irqfd.c
> @@ -51,7 +51,8 @@ int kvm_set_routing_entry(struct kvm *kvm,
>   		e->irqchip.irqchip = ue->u.irqchip.irqchip;
>   		e->irqchip.pin = ue->u.irqchip.pin;
>   
> -		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS)
> +		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS ||
> +		    e->irqchip.irqchip >= KVM_NR_IRQCHIPS)
>   			return -EINVAL;
>   
>   		return 0;
> diff --git a/arch/powerpc/kvm/mpic.c b/arch/powerpc/kvm/mpic.c
> index 3070f36d9fb8..fb5f9e65e02e 100644
> --- a/arch/powerpc/kvm/mpic.c
> +++ b/arch/powerpc/kvm/mpic.c
> @@ -1833,7 +1833,8 @@ int kvm_set_routing_entry(struct kvm *kvm,
>   		e->set = mpic_set_irq;
>   		e->irqchip.irqchip = ue->u.irqchip.irqchip;
>   		e->irqchip.pin = ue->u.irqchip.pin;
> -		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS)
> +		if (e->irqchip.pin >= KVM_IRQCHIP_NUM_PINS ||
> +		    e->irqchip.irqchip >= KVM_NR_IRQCHIPS)
>   			goto out;
>   		break;
>   	case KVM_IRQ_ROUTING_MSI:
> 
Hi Yanfei,

That is important fixes, thanking for your efforts.

Reviewed-by: Bibo Mao <maobibo@loongson.cn>


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] KVM: Validate irqchip index for LoongArch and PowerPC
  2026-05-25  7:01 [PATCH] KVM: Validate irqchip index for LoongArch and PowerPC Yanfei Xu
  2026-05-26  6:32 ` Harsh Prateek Bora
  2026-05-26  7:04 ` Bibo Mao
@ 2026-05-29 22:51 ` Sean Christopherson
  2026-05-31 14:02   ` Yanfei Xu
  2 siblings, 1 reply; 5+ messages in thread
From: Sean Christopherson @ 2026-05-29 22:51 UTC (permalink / raw)
  To: Yanfei Xu
  Cc: zhaotianrui, maobibo, chenhuacai, maddy, npiggin, sashiko-reviews,
	pbonzini, kvm, loongarch, linuxppc-dev, caixiangfeng,
	fangying.tommy, isyanfei.xu, Sashiko

On Mon, May 25, 2026, Yanfei Xu wrote:
> Sashiko reported that irqchip index is not validated for LoongArch and
> PowerPC. Add validation and reject out-of-range irqchip indexes to avoid
> indexing past the routing table's chip array.

Can you split this into two patches, and send a v2?  I suspect the reason no one
has picked this up is because it straddles two completely different (sub)subsystems.

That would also make it easier to get the fixes backported to stable trees.  PPC
has been around a lot longer than LoongArch, so I assume the PPC fix will need to
go further back in time.

Thanks!

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] KVM: Validate irqchip index for LoongArch and PowerPC
  2026-05-29 22:51 ` Sean Christopherson
@ 2026-05-31 14:02   ` Yanfei Xu
  0 siblings, 0 replies; 5+ messages in thread
From: Yanfei Xu @ 2026-05-31 14:02 UTC (permalink / raw)
  To: Sean Christopherson, Yanfei Xu
  Cc: zhaotianrui, maobibo, chenhuacai, maddy, npiggin, sashiko-reviews,
	pbonzini, kvm, loongarch, linuxppc-dev, caixiangfeng,
	fangying.tommy, Sashiko


On 2026/5/30 06:51, Sean Christopherson wrote:
> Can you split this into two patches, and send a v2?  I suspect the reason no one
> has picked this up is because it straddles two completely different (sub)subsystems.

That makes sense. Done :)

Thanks,
Yanfei

>
> That would also make it easier to get the fixes backported to stable trees.  PPC
> has been around a lot longer than LoongArch, so I assume the PPC fix will need to
> go further back in time.
>
> Thanks!

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2026-05-31 14:02 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-05-25  7:01 [PATCH] KVM: Validate irqchip index for LoongArch and PowerPC Yanfei Xu
2026-05-26  6:32 ` Harsh Prateek Bora
2026-05-26  7:04 ` Bibo Mao
2026-05-29 22:51 ` Sean Christopherson
2026-05-31 14:02   ` Yanfei Xu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox