diff options
author | Mark McLoughlin | 2008-12-01 14:57:48 +0100 |
---|---|---|
committer | Avi Kivity | 2008-12-31 15:55:07 +0100 |
commit | 61552367b2ce5e9bea6b6af670ec80aea386f34e (patch) | |
tree | 51bf4063b00642b2428b734fc6f679112f9f4244 | |
parent | KVM: don't free an unallocated irq source id (diff) | |
download | kernel-qcow2-linux-61552367b2ce5e9bea6b6af670ec80aea386f34e.tar.gz kernel-qcow2-linux-61552367b2ce5e9bea6b6af670ec80aea386f34e.tar.xz kernel-qcow2-linux-61552367b2ce5e9bea6b6af670ec80aea386f34e.zip |
KVM: add KVM_USERSPACE_IRQ_SOURCE_ID assertions
Make sure kvm_request_irq_source_id() never returns
KVM_USERSPACE_IRQ_SOURCE_ID.
Likewise, check that kvm_free_irq_source_id() never accepts
KVM_USERSPACE_IRQ_SOURCE_ID.
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
-rw-r--r-- | virt/kvm/irq_comm.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/virt/kvm/irq_comm.c b/virt/kvm/irq_comm.c index db75045f22f6..aa5d1e5c497e 100644 --- a/virt/kvm/irq_comm.c +++ b/virt/kvm/irq_comm.c @@ -72,11 +72,15 @@ int kvm_request_irq_source_id(struct kvm *kvm) unsigned long *bitmap = &kvm->arch.irq_sources_bitmap; int irq_source_id = find_first_zero_bit(bitmap, sizeof(kvm->arch.irq_sources_bitmap)); + if (irq_source_id >= sizeof(kvm->arch.irq_sources_bitmap)) { printk(KERN_WARNING "kvm: exhaust allocatable IRQ sources!\n"); - irq_source_id = -EFAULT; - } else - set_bit(irq_source_id, bitmap); + return -EFAULT; + } + + ASSERT(irq_source_id != KVM_USERSPACE_IRQ_SOURCE_ID); + set_bit(irq_source_id, bitmap); + return irq_source_id; } @@ -84,7 +88,9 @@ void kvm_free_irq_source_id(struct kvm *kvm, int irq_source_id) { int i; - if (irq_source_id <= 0 || + ASSERT(irq_source_id != KVM_USERSPACE_IRQ_SOURCE_ID); + + if (irq_source_id < 0 || irq_source_id >= sizeof(kvm->arch.irq_sources_bitmap)) { printk(KERN_ERR "kvm: IRQ source ID out of range!\n"); return; |