Merge branch 'kvm-null-pointer-fix' into HEAD

author: Paolo Bonzini <pbonzini@redhat.com> 2020-03-16 17:59:11 +0100
committer: Paolo Bonzini <pbonzini@redhat.com> 2020-03-16 17:59:11 +0100
commit: 0c546725eecf5fb37bcbb60717d2f465f565e8d3 (patch)
tree: c49da257c3982a06254ed9017d76d3e14c41c066 /arch/x86/kvm
parent: selftests: kvm: Uses TEST_FAIL in tests/utilities (diff)
parent: KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs (diff)
download: linux-0c546725eecf5fb37bcbb60717d2f465f565e8d3.tar.xz
linux-0c546725eecf5fb37bcbb60717d2f465f565e8d3.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 6c489ef95f68..98b82ccdf5f0 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -224,7 +224,7 @@ static inline void nested_release_evmcs(struct kvm_vcpu *vcpu)
 		return;
 
 	kvm_vcpu_unmap(vcpu, &vmx->nested.hv_evmcs_map, true);
-	vmx->nested.hv_evmcs_vmptr = -1ull;
+	vmx->nested.hv_evmcs_vmptr = 0;
 	vmx->nested.hv_evmcs = NULL;
 }
 
@@ -1922,7 +1922,8 @@ static int nested_vmx_handle_enlightened_vmptrld(struct kvm_vcpu *vcpu,
 	if (!nested_enlightened_vmentry(vcpu, &evmcs_gpa))
 		return 1;
 
-	if (unlikely(evmcs_gpa != vmx->nested.hv_evmcs_vmptr)) {
+	if (unlikely(!vmx->nested.hv_evmcs ||
+		     evmcs_gpa != vmx->nested.hv_evmcs_vmptr)) {
 		if (!vmx->nested.hv_evmcs)
 			vmx->nested.current_vmptr = -1ull;
author	Paolo Bonzini <pbonzini@redhat.com>	2020-03-16 17:59:11 +0100
committer	Paolo Bonzini <pbonzini@redhat.com>	2020-03-16 17:59:11 +0100
commit	0c546725eecf5fb37bcbb60717d2f465f565e8d3 (patch)
tree	c49da257c3982a06254ed9017d76d3e14c41c066 /arch/x86/kvm
parent	selftests: kvm: Uses TEST_FAIL in tests/utilities (diff)
parent	KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs (diff)
download	linux-0c546725eecf5fb37bcbb60717d2f465f565e8d3.tar.xz linux-0c546725eecf5fb37bcbb60717d2f465f565e8d3.zip