AcoSail/kernel_optimize_test
8
0
Fork 0
forked from luck/tmp_suning_uos_patched
Code Pull Requests Activity
7ec28e264f
kernel_optimize_test/include
History
Paolo Bonzini d56f5136b0 KVM: let kvm_destroy_vm_debugfs clean up vCPU debugfs directories 
After commit 63d0434 ("KVM: x86: move kvm_create_vcpu_debugfs after
last failure point") we are creating the pre-vCPU debugfs files
after the creation of the vCPU file descriptor.  This makes it
possible for userspace to reach kvm_vcpu_release before
kvm_create_vcpu_debugfs has finished.  The vcpu->debugfs_dentry
then does not have any associated inode anymore, and this causes
a NULL-pointer dereference in debugfs_create_file.

The solution is simply to avoid removing the files; they are
cleaned up when the VM file descriptor is closed (and that must be
after KVM_CREATE_VCPU returns).  We can stop storing the dentry
in struct kvm_vcpu too, because it is not needed anywhere after
kvm_create_vcpu_debugfs returns.

Reported-by: syzbot+705f4401d5a93a59b87d@syzkaller.appspotmail.com
Fixes: 63d0434837 ("KVM: x86: move kvm_create_vcpu_debugfs after last failure point")
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-06-04 11:00:54 -04:00
..
acpi Merge branches 'acpi-apei', 'acpi-pmic', 'acpi-video' and 'acpi-dptf' 2020-06-01 17:19:43 +02:00
asm-generic Merge branch 'akpm' (patches from Andrew) 2020-06-03 20:24:15 -07:00
clocksource
crypto
drm drm pull for 5.8-rc1 2020-06-02 15:04:15 -07:00
dt-bindings
keys
kunit
kvm
linux KVM: let kvm_destroy_vm_debugfs clean up vCPU debugfs directories 2020-06-04 11:00:54 -04:00
math-emu
media media updates for v5.8-rc1 2020-06-03 20:59:38 -07:00
misc
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-06-03 16:27:18 -07:00
pcmcia
ras
rdma
scsi
soc
sound
target
trace Merge branch 'akpm' (patches from Andrew) 2020-06-03 20:24:15 -07:00
uapi media updates for v5.8-rc1 2020-06-03 20:59:38 -07:00
vdso
video
xen