[Devel] [PATCH] KVM: VMX: Do not BUG() on out-of-bounds guest IRQ
Denis V. Lunev
den at virtuozzo.com
Mon Sep 25 15:58:24 MSK 2017
On 09/25/2017 03:53 PM, Kirill Tkhai wrote:
> On 21.09.2017 11:18, Denis Plotnikov wrote:
>> From: Jan H. Schönherr <jschoenh at amazon.de>
>>
>> The value of the guest_irq argument to vmx_update_pi_irte() is
>> ultimately coming from a KVM_IRQFD API call. Do not BUG() in
>> vmx_update_pi_irte() if the value is out-of bounds. (Especially,
>> since KVM as a whole seems to hang after that.)
>>
>> Instead, print a message only once if we find that we don't have a
>> route for a certain IRQ (which can be out-of-bounds or within the
>> array).
>>
>> This fixes CVE-2017-1000252.
>>
>> Fixes: efc644048ecde54 ("KVM: x86: Update IRTE for posted-interrupts")
>> Signed-off-by: Jan H. Schönherr <jschoenh at amazon.de>
>> Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
>> (cherry picked from commit 3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb)
>> fix #PSBM-72381
>> Signed-off-by: Denis Plotnikov <dplotnikov at virtuozzo.com>
> This message is in base64 format. Our scripts become broken on such messages.
> I'll convert it manually, but, please, use plain text in the future.
>
> Thanks,
> Kirill
same here.
Den
More information about the Devel
mailing list