| From f0367ee1d64d27fa08be2407df5c125442e885e3 Mon Sep 17 00:00:00 2001 |
| From: =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com> |
| Date: Thu, 18 May 2017 19:37:30 +0200 |
| Subject: KVM: x86: zero base3 of unusable segments |
| MIME-Version: 1.0 |
| Content-Type: text/plain; charset=UTF-8 |
| Content-Transfer-Encoding: 8bit |
| |
| From: Radim Krčmář <rkrcmar@redhat.com> |
| |
| commit f0367ee1d64d27fa08be2407df5c125442e885e3 upstream. |
| |
| Static checker noticed that base3 could be used uninitialized if the |
| segment was not present (useable). Random stack values probably would |
| not pass VMCS entry checks. |
| |
| Reported-by: Dan Carpenter <dan.carpenter@oracle.com> |
| Fixes: 1aa366163b8b ("KVM: x86 emulator: consolidate segment accessors") |
| Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> |
| Reviewed-by: David Hildenbrand <david@redhat.com> |
| Signed-off-by: Radim Krčmář <rkrcmar@redhat.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| arch/x86/kvm/x86.c | 2 ++ |
| 1 file changed, 2 insertions(+) |
| |
| --- a/arch/x86/kvm/x86.c |
| +++ b/arch/x86/kvm/x86.c |
| @@ -4853,6 +4853,8 @@ static bool emulator_get_segment(struct |
| |
| if (var.unusable) { |
| memset(desc, 0, sizeof(*desc)); |
| + if (base3) |
| + *base3 = 0; |
| return false; |
| } |
| |