From patchwork Mon Oct 30 02:55:56 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Christoffer Dall <christoffer.dall@linaro.org>
X-Patchwork-Id: 10031911
Return-Path: 
 <linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	07880603B5 for <patchwork-linux-arm@patchwork.kernel.org>;
	Mon, 30 Oct 2017 02:56:53 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E6C7528716
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Mon, 30 Oct 2017 02:56:52 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id DB34F2871D; Mon, 30 Oct 2017 02:56:52 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1
Received: from bombadil.infradead.org (bombadil.infradead.org
	[65.50.211.133])
	(using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 65A7E28716
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Mon, 30 Oct 2017 02:56:52 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe:
	List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References:
	In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:List-Owner;
	bh=U9HFglre94sz51fVqA5rxB7MDHAXBgE16G1tqppjojU=;
	b=WSyK6tA/tHu6bnmv8UF0zY4WxC
	80QVeVxa7bpwRJr5Ar2j56e58tXUfmZUpsCXV8qyTa9bvAl8jGtE1CuTlPsffwuU/yg3G/m0LMAC5
	9kUinCalBvjR9hRdLYLAA4gkR/0/oHFZeShF2FdZNZn26kseDjgJC/lTXn+yyuouWI2EizsrHY93e
	G6Oocmta+bTd7iRxSxluylbZcLtzwkHJAnyW6+n2CF/UHY4LMGjWv3MXzV1dXokB8ciY0DaTahUMQ
	jLc0M/0pltobGzeIG4y0zUOWa+cFYl7EAYGuD3RO7PqV74VtyvdoOkX7RmgUkt/WG/HustMp6PGaC
	VMtNVfdA==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux))
	id 1e90Fv-0006Ii-Qr; Mon, 30 Oct 2017 02:56:51 +0000
Received: from mail-wm0-x243.google.com ([2a00:1450:400c:c09::243])
	by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux))
	id 1e90Fa-0005zp-8X for linux-arm-kernel@lists.infradead.org;
	Mon, 30 Oct 2017 02:56:32 +0000
Received: by mail-wm0-x243.google.com with SMTP id y80so6109413wmd.0
	for <linux-arm-kernel@lists.infradead.org>;
	Sun, 29 Oct 2017 19:56:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=q9nmbJxbxPgn0BsGyQlVJTCNZwqTNzJZOiPh1QA6UkM=;
	b=CzOXMe7HM844TST4Es68U/3g0ve3ovv+aAZDB5/vbAq4rO3rxZqfFawXCxf8Fu64xs
	MZI1GJ/hjZl7F0CNNzxsdJbTMdDd35CU2xXauhDS9OhegB9Q5PDMhKk4asyFgYSrZXZF
	KEDE5oOtKQmQqG55Rkv253G3LynYY5S4XJBW8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=q9nmbJxbxPgn0BsGyQlVJTCNZwqTNzJZOiPh1QA6UkM=;
	b=Wr0+qKvcGElVwuuN/aEJx7DcDyDgLyLgoX8wrLjtFAT4/C3QLUM826UUMef42gIfhy
	rOyhAIKueycJqbE3ezw27TNUyyLn45fvHum8ULQT/kGCwAGH62hLHwD4sN8DgoKA74Ei
	+mlfOM3b3JQOA3Y4XOkqH6hjpkbtZKH7biQabj2qJ6ZKttwInAC+/qvZTf83WSZUQaEo
	si+lVT3TfH4QQG7PMm0o0dcRqS/L47Ckg/2TPAvXpUZCP/nTLNZNfXHzFBIkO34IeBTo
	Inb5Twe6dF8FjBXXy0oG1diZs/Nr2f8psB+nD5WyQBN6cW8hBQvtQa3HWDjB9B0vlPqE
	yUUA==
X-Gm-Message-State: AMCzsaXWP3XDxmqZgSCk4KE3jlHbm9QDrNAI0VLu4nfcK649gJTtFesb
	o7VEWn0Va/QICFEzHr7CzNCcAQ==
X-Google-Smtp-Source: 
 ABhQp+TO54CgbZNNiBRHFRnYRtBb6cwk9xuOT8hAfvtTVc3EK3Qk8ZfwJcOeS+/U7/QlXpf4k/PA9Q==
X-Received: by 10.80.153.48 with SMTP id k45mr10032786edb.208.1509332169614;
	Sun, 29 Oct 2017 19:56:09 -0700 (PDT)
Received: from localhost.localdomain (xd93dd96b.cust.hiper.dk.
	[217.61.217.107]) by smtp.gmail.com with ESMTPSA id
	u14sm7856415edd.47.2017.10.29.19.56.07
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Sun, 29 Oct 2017 19:56:08 -0700 (PDT)
From: Christoffer Dall <christoffer.dall@linaro.org>
To: Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>
Subject: [PULL 1/8] KVM: arm64: its: Fix missing dynamic allocation check in
	scan_its_table
Date: Mon, 30 Oct 2017 03:55:56 +0100
Message-Id: <20171030025603.23550-2-christoffer.dall@linaro.org>
X-Mailer: git-send-email 2.14.2
In-Reply-To: <20171030025603.23550-1-christoffer.dall@linaro.org>
References: <20171030025603.23550-1-christoffer.dall@linaro.org>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20171029_195630_457930_03AA14FD 
X-CRM114-Status: GOOD (  12.59  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: kvm@vger.kernel.org, Marc Zyngier <marc.zyngier@arm.com>,
	stable@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	kvmarm@lists.cs.columbia.edu,
	Christoffer Dall <christoffer.dall@linaro.org>
MIME-Version: 1.0
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
X-Virus-Scanned: ClamAV using ClamSMTP

We currently allocate an entry dynamically, but we never check if the
allocation actually succeeded.  We actually don't need a dynamic
allocation, because we know the maximum size of an ITS table entry, so
we can simply use an allocation on the stack.

Cc: <stable@vger.kernel.org>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
---
 virt/kvm/arm/vgic/vgic-its.c | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/virt/kvm/arm/vgic/vgic-its.c b/virt/kvm/arm/vgic/vgic-its.c
index f51c1e1b3f70..77652885a7c1 100644
--- a/virt/kvm/arm/vgic/vgic-its.c
+++ b/virt/kvm/arm/vgic/vgic-its.c
@@ -1801,37 +1801,33 @@ typedef int (*entry_fn_t)(struct vgic_its *its, u32 id, void *entry,
 static int scan_its_table(struct vgic_its *its, gpa_t base, int size, int esz,
 			  int start_id, entry_fn_t fn, void *opaque)
 {
-	void *entry = kzalloc(esz, GFP_KERNEL);
 	struct kvm *kvm = its->dev->kvm;
 	unsigned long len = size;
 	int id = start_id;
 	gpa_t gpa = base;
+	char entry[esz];
 	int ret;
 
+	memset(entry, 0, esz);
+
 	while (len > 0) {
 		int next_offset;
 		size_t byte_offset;
 
 		ret = kvm_read_guest(kvm, gpa, entry, esz);
 		if (ret)
-			goto out;
+			return ret;
 
 		next_offset = fn(its, id, entry, opaque);
-		if (next_offset <= 0) {
-			ret = next_offset;
-			goto out;
-		}
+		if (next_offset <= 0)
+			return next_offset;
 
 		byte_offset = next_offset * esz;
 		id += next_offset;
 		gpa += byte_offset;
 		len -= byte_offset;
 	}
-	ret =  1;
-
-out:
-	kfree(entry);
-	return ret;
+	return 1;
 }
 
 /**