FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 07-11-2012, 04:37 PM
Brad Figg
 
Default Ack: KVM: fix backport of 3e51570 on hardy

On 07/11/2012 09:09 AM, Herton Ronaldo Krzesinski wrote:
> CVE-2012-1601
>
> BugLink: http://bugs.launchpad.net/bugs/971685
>
> John Johansen reported that our backport of 3e51570 ("KVM: Ensure all
> vcpus are consistent with in-kernel irqchip settings") has a bug, and
> suggested possible fixes. We increment kvm->online_vcpus, but not
> decrement it in the case create_vcpu_fd fails, which could cause issues
> if it fails and vm is not destroyed after (counter will be out of sync).
> In the upstream change this is not a problem since the increment is done
> after create_vcpu_fd is called. The solution chosen here is to just
> decrement it on the failure path.
>
> Reported-by: John Johansen <john.johansen@canonical.com>
> Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>
> ---
> virt/kvm/kvm_main.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index d9a8ae0..61c18ba 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -823,6 +823,7 @@ static int kvm_vm_ioctl_create_vcpu(struct kvm *kvm, int n)
> unlink:
> mutex_lock(&kvm->lock);
> kvm->vcpus[n] = NULL;
> + atomic_dec(&kvm->online_vcpus);
> vcpu_destroy:
> mutex_unlock(&kvm->lock);
> kvm_arch_vcpu_destroy(vcpu);
>


--
Brad Figg brad.figg@canonical.com http://www.canonical.com



--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 12:56 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org