diff options
| author |  Sven Schnelle <svens@linux.ibm.com>
| 2024-04-15 07:52:13 +0200 |
|---|---|---|
| committer |  Alexander Gordeev <agordeev@linux.ibm.com>
| 2024-04-17 17:26:34 +0200 |
| commit | d111855ab7ffffc552f6a475259dc392f2319b6d (patch) | |
| tree | 46dc36b5dfb422a2e494f095fae4e2a0327e877a | |
| parent | s390/cio: log fake IRB events (diff) | |
| download | linux-d111855ab7ffffc552f6a475259dc392f2319b6d.tar.gz linux-d111855ab7ffffc552f6a475259dc392f2319b6d.tar.bz2 linux-d111855ab7ffffc552f6a475259dc392f2319b6d.zip | |
s390/mm: Fix NULL pointer dereference
The recently added check to figure out if a fault happened on gmap ASCE
dereferences the gmap pointer in lowcore without checking that it is not
NULL. For all non-KVM processes the pointer is NULL, so that some value
from lowcore will be read. With the current layouts of struct gmap and
struct lowcore the read value (aka ASCE) is zero, so that this doesn't lead
to any observable bug; at least currently.
Fix this by adding the missing NULL pointer check.
Fixes: 64c3431808bd ("s390/entry: compare gmap asce to determine guest/host fault")
Signed-off-by: Sven Schnelle <svens@linux.ibm.com>
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
Reviewed-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>
| -rw-r--r-- | arch/s390/kernel/entry.S | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/arch/s390/kernel/entry.S b/arch/s390/kernel/entry.S index 3dc85638bc63..6a1e0fbbaa15 100644 --- a/arch/s390/kernel/entry.S +++ b/arch/s390/kernel/entry.S @@ -340,7 +340,8 @@ SYM_CODE_START(pgm_check_handler) mvc __PT_LAST_BREAK(8,%r11),__LC_PGM_LAST_BREAK stctg %c1,%c1,__PT_CR1(%r11) #if IS_ENABLED(CONFIG_KVM) - lg %r12,__LC_GMAP + ltg %r12,__LC_GMAP + jz 5f clc __GMAP_ASCE(8,%r12), __PT_CR1(%r11) jne 5f BPENTER __SF_SIE_FLAGS(%r10),_TIF_ISOLATE_BP_GUEST |