On Wed, Dec 04, 2024 at 12:20:36PM -0800, Jing Zhang wrote:
commit 7fe28d7e68f92cc3d0668b8f2fbdf5c303ac3022 upstream.
In all the vgic_its_save_*() functinos, they do not check whether the data length is 8 bytes before calling vgic_write_guest_lock. This patch adds the check. To prevent the kernel from being blown up when the fault occurs, KVM_BUG_ON() is used. And the other BUG_ON()s are replaced together.
Cc: stable@vger.kernel.org Signed-off-by: Kunkun Jiang jiangkunkun@huawei.com [Jing: Update with the new entry read/write helpers] Signed-off-by: Jing Zhang jingzhangos@google.com Link: https://lore.kernel.org/r/20241107214137.428439-4-jingzhangos@google.com Signed-off-by: Oliver Upton oliver.upton@linux.dev
virt/kvm/arm/vgic/vgic-its.c | 20 ++++++++------------ virt/kvm/arm/vgic/vgic.h | 24 ++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 12 deletions(-)
Sorry, but 4.19.y is now end-of-life.