On Mon, 2020-09-14 at 20:45 +0100, Alex Dewar wrote:
> In svm_set_nested_state(), if nested_svm_vmrun_msrpm() returns false,
> then variables save and ctl will leak. Fix this.
>
> Fixes: 772b81bb2f9b ("SVM: nSVM: setup nested msr permission bitmap on nested
> state load")
> Signed-off-by: Alex Dewar <alex.dewa...@gmail.com>
> ---
> arch/x86/kvm/svm/nested.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
> index 598a769f1961..85f572cbabe4 100644
> --- a/arch/x86/kvm/svm/nested.c
> +++ b/arch/x86/kvm/svm/nested.c
> @@ -1148,7 +1148,7 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu,
> nested_prepare_vmcb_control(svm);
>
> if (!nested_svm_vmrun_msrpm(svm))
> - return -EINVAL;
> + goto out_free; /* ret == -EINVAL */
>
> out_set_gif:
> svm_set_gif(svm, !!(kvm_state->flags & KVM_STATE_NESTED_GIF_SET));
I think that this patch is based on unmerged patch, since I don't see
any memory allocation in nested_svm_vmrun_msrpm, nor out_free label.
in nether kvm/master, kvm/queue nor in upstream/master
If I recall correctly that would be something about allocating ctrl/save
dynamically rather than on stack.
Best regards,
Maxim Levitsky
