superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/arch
History
Michal Luczaj 0d033770d4 KVM: x86: Fix KVM_CAP_SYNC_REGS's sync_regs() TOCTOU issues 
In a spirit of using a sledgehammer to crack a nut, make sync_regs() feed
__set_sregs() and kvm_vcpu_ioctl_x86_set_vcpu_events() with kernel's own
copy of data.

Both __set_sregs() and kvm_vcpu_ioctl_x86_set_vcpu_events() assume they
have exclusive rights to structs they operate on. While this is true when
coming from an ioctl handler (caller makes a local copy of user's data),
sync_regs() breaks this contract; a pointer to a user-modifiable memory
(vcpu->run->s.regs) is provided. This can lead to a situation when incoming
data is checked and/or sanitized only to be re-set by a user thread running
in parallel.

Signed-off-by: Michal Luczaj <mhal@rbox.co>
Fixes: 01643c51bf ("KVM: x86: KVM_CAP_SYNC_REGS")
Link: https://lore.kernel.org/r/20230728001606.2275586-2-mhal@rbox.co
Signed-off-by: Sean Christopherson <seanjc@google.com>
 		2023-08-02 13:30:15 -07:00
..
alpha Merge branch 'expand-stack' 2023-06-28 20:35:21 -07:00
arc asm-generic updates for 6.5 2023-07-06 10:06:04 -07:00
arm asm-generic updates for 6.5 2023-07-06 10:06:04 -07:00
arm64 tracing: arm64: Avoid missing-prototype warnings 2023-07-12 12:06:04 -04:00
csky arch/csky patches for 6.5 2023-07-01 21:12:32 -07:00
hexagon Merge branch 'expand-stack' 2023-06-28 20:35:21 -07:00
ia64 Kbuild updates for v6.5 2023-07-01 09:24:31 -07:00
loongarch asm-generic updates for 6.5 2023-07-06 10:06:04 -07:00
m68k asm-generic updates for 6.5 2023-07-06 10:06:04 -07:00
microblaze slab updates for 6.5 2023-06-29 16:34:12 -07:00
mips - fixes for KVM 2023-07-09 10:02:49 -07:00
nios2 slab updates for 6.5 2023-06-29 16:34:12 -07:00
openrisc OpenRISC fix for 6.5 2023-07-12 16:28:53 -07:00
parisc parisc: syscalls: Avoid compiler warnings with W=1 2023-07-03 18:56:03 +02:00
powerpc powerpc/mm/book3s64/hash/4k: Add pmd_same callback for 4K page size 2023-07-10 09:47:47 +10:00
riscv RISC-V Fixes for 6.5-rc2 2023-07-14 11:14:07 -07:00
s390 s390 updates for 6.5 merge window part 2 2023-07-06 13:18:30 -07:00
sh sh fixes for v6.5 2023-07-13 13:34:00 -07:00
sparc sparc: mark __arch_xchg() as __always_inline 2023-07-13 09:54:32 -07:00
um x86/alternative: Rename apply_ibt_endbr() 2023-07-10 09:52:23 +02:00
x86 KVM: x86: Fix KVM_CAP_SYNC_REGS's sync_regs() TOCTOU issues 2023-08-02 13:30:15 -07:00
xtensa xtensa: fix unaligned and load/store configuration interaction 2023-07-10 21:41:04 -07:00
.gitignore
Kconfig - Arnd Bergmann has fixed a bunch of -Wmissing-prototypes in 2023-06-28 10:59:38 -07:00