KVM: s390: check cpu_id prior to using it
We use the cpu id provided by userspace as array index here. Thus we clearly need to check it first. Ooops. CC: <stable@vger.kernel.org> Signed-off-by: Carsten Otte <cotte@de.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
This commit is contained in:
parent
a3e06bbe84
commit
4d47555a80
|
@ -312,11 +312,17 @@ int kvm_arch_vcpu_setup(struct kvm_vcpu *vcpu)
|
||||||
struct kvm_vcpu *kvm_arch_vcpu_create(struct kvm *kvm,
|
struct kvm_vcpu *kvm_arch_vcpu_create(struct kvm *kvm,
|
||||||
unsigned int id)
|
unsigned int id)
|
||||||
{
|
{
|
||||||
struct kvm_vcpu *vcpu = kzalloc(sizeof(struct kvm_vcpu), GFP_KERNEL);
|
struct kvm_vcpu *vcpu;
|
||||||
int rc = -ENOMEM;
|
int rc = -EINVAL;
|
||||||
|
|
||||||
|
if (id >= KVM_MAX_VCPUS)
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
rc = -ENOMEM;
|
||||||
|
|
||||||
|
vcpu = kzalloc(sizeof(struct kvm_vcpu), GFP_KERNEL);
|
||||||
if (!vcpu)
|
if (!vcpu)
|
||||||
goto out_nomem;
|
goto out;
|
||||||
|
|
||||||
vcpu->arch.sie_block = (struct kvm_s390_sie_block *)
|
vcpu->arch.sie_block = (struct kvm_s390_sie_block *)
|
||||||
get_zeroed_page(GFP_KERNEL);
|
get_zeroed_page(GFP_KERNEL);
|
||||||
|
@ -352,7 +358,7 @@ out_free_sie_block:
|
||||||
free_page((unsigned long)(vcpu->arch.sie_block));
|
free_page((unsigned long)(vcpu->arch.sie_block));
|
||||||
out_free_cpu:
|
out_free_cpu:
|
||||||
kfree(vcpu);
|
kfree(vcpu);
|
||||||
out_nomem:
|
out:
|
||||||
return ERR_PTR(rc);
|
return ERR_PTR(rc);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue