Commit 2db06c15 authored Mar 26, 2026 by Huacai Chen

LoongArch: KVM: Make kvm_get_vcpu_by_cpuid() more robust



kvm_get_vcpu_by_cpuid() takes a cpuid parameter whose type is int, so
cpuid can be negative. Let kvm_get_vcpu_by_cpuid() return NULL for this
case so as to make it more robust.

This fix an out-of-bounds access to kvm_arch::phyid_map::phys_map[].

Cc: <stable@vger.kernel.org>
Fixes: 73516e9d ("LoongArch: KVM: Add vcpu mapping from physical cpuid")
Reported-by: Aurelien Jarno <aurel32@debian.org>
Link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131431


Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>

parent e4878c37

arch/loongarch/kvm/vcpu.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -588,6 +588,9 @@ struct kvm_vcpu kvm_get_vcpu_by_cpuid(struct kvm kvm, int cpuid)
		{
		struct kvm_phyid_map *map;

		if (cpuid < 0)
		return NULL;

		if (cpuid >= KVM_MAX_PHYID)
		return NULL;