- Kernel - mailweb.openeuler.org

[PATCH OLK-5.10 0/1] zcopy: Fix invalid paging request while attach transhugepage to same addr
by Liu Mingrui 08 Dec '25

08 Dec '25

Fix invalid paging request while attach transhugepage to same addr Liu Mingrui (1): zcopy: Fix invalid paging request while attach transhugepage to same addr drivers/misc/zcopy/zcopy.c | 68 +++++++++++++++++++------------------- 1 file changed, 34 insertions(+), 34 deletions(-) -- 2.25.1

2 2

[PATCH OLK-6.6 0/3] arm64/mpam: Reset mbwu_state while creating new monitor group
by Zeng Heng 08 Dec '25

08 Dec '25

Zeng Heng (3): arm64/mpam: Reset mbwu_state while creating new monitor group arm64/mpam: Remove the redundant prev_val member variable arm64/mpam: Need to reset MPAM component when umounting resctrl drivers/platform/mpam/mpam_devices.c | 9 +-------- drivers/platform/mpam/mpam_internal.h | 3 --- drivers/platform/mpam/mpam_resctrl.c | 3 ++- 3 files changed, 3 insertions(+), 12 deletions(-) -- 2.25.1

2 4

[openeuler:OLK-6.6 3485/3485] drivers/media/v4l2-core/v4l2-subdev.c:2253:17: error: implicit declaration of function 'v4l2_subdev_get_locked_active_state'
by kernel test robot 08 Dec '25

08 Dec '25

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: 79aa4f2e99baed837a6933aa6b1a852197d30b91 commit: c1be6d998806425f28600e867a8e9a2dd9bac741 [3485/3485] media: subdev: Add v4l2_subdev_is_streaming() config: x86_64-randconfig-003-20251208 (https://download.01.org/0day-ci/archive/20251208/202512081445.4S7Y9xWG-lkp@…) compiler: gcc-14 (Debian 14.2.0-19) 14.2.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20251208/202512081445.4S7Y9xWG-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202512081445.4S7Y9xWG-lkp@intel.com/ All errors (new ones prefixed by >>): drivers/media/v4l2-core/v4l2-subdev.c: In function 'v4l2_subdev_is_streaming': >> drivers/media/v4l2-core/v4l2-subdev.c:2253:17: error: implicit declaration of function 'v4l2_subdev_get_locked_active_state' [-Wimplicit-function-declaration] 2253 | state = v4l2_subdev_get_locked_active_state(sd); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> drivers/media/v4l2-core/v4l2-subdev.c:2253:15: error: assignment to 'struct v4l2_subdev_state *' from 'int' makes pointer from integer without a cast [-Wint-conversion] 2253 | state = v4l2_subdev_get_locked_active_state(sd); | ^ vim +/v4l2_subdev_get_locked_active_state +2253 drivers/media/v4l2-core/v4l2-subdev.c 2242 2243 bool v4l2_subdev_is_streaming(struct v4l2_subdev *sd) 2244 { 2245 struct v4l2_subdev_state *state; 2246 2247 if (!v4l2_subdev_has_op(sd, pad, enable_streams)) 2248 return sd->s_stream_enabled; 2249 2250 if (!(sd->flags & V4L2_SUBDEV_FL_STREAMS)) 2251 return !!sd->enabled_pads; 2252 > 2253 state = v4l2_subdev_get_locked_active_state(sd); 2254 2255 for (unsigned int i = 0; i < state->stream_configs.num_configs; ++i) { 2256 const struct v4l2_subdev_stream_config *cfg; 2257 2258 cfg = &state->stream_configs.configs[i]; 2259 2260 if (cfg->enabled) 2261 return true; 2262 } 2263 2264 return false; 2265 } 2266 EXPORT_SYMBOL_GPL(v4l2_subdev_is_streaming); 2267 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-6.6 0/2] Fix unexpected behavior in resctrl mounting
by Quanmin Yan 08 Dec '25

08 Dec '25

When mounting resctrl, some options that should be present are not shown in the mount list. Additionally, there is a lack of validation for the effectiveness of mount parameters when mounting resctrl. This patch set fixes the aforementioned unexpected behavior during resctrl mounting. Quanmin Yan (2): fs/resctrl: Fix resctrl mount options display in mount list fs/resctrl: Prevent mounting with unsupported options fs/resctrl/rdtgroup.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) -- 2.43.0

2 3

[openeuler:OLK-6.6 3482/3482] kernel/xsched/cgroup.c:30:21: sparse: sparse: symbol 'root_xcg' was not declared. Should it be static?
by kernel test robot 08 Dec '25

08 Dec '25

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: 79aa4f2e99baed837a6933aa6b1a852197d30b91 commit: 43bbefc53356009d3603faa2c6e6a2858f724e4d [3482/3482] xsched: Add XCU control group implementation and its backend in xsched CFS config: arm64-randconfig-r111-20251206 (https://download.01.org/0day-ci/archive/20251208/202512081339.m9dijSrU-lkp@…) compiler: clang version 20.1.8 (https://github.com/llvm/llvm-project 87f0227cb60147a26a1eeb4fb06e3b505e9c7261) reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20251208/202512081339.m9dijSrU-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202512081339.m9dijSrU-lkp@intel.com/ sparse warnings: (new ones prefixed by >>) >> kernel/xsched/cgroup.c:30:21: sparse: sparse: symbol 'root_xcg' was not declared. Should it be static? >> kernel/xsched/cgroup.c:368:6: sparse: sparse: symbol 'xcu_move_task' was not declared. Should it be static? kernel/xsched/cgroup.c:368:6: sparse: sparse: context imbalance in 'xcu_move_task' - different lock contexts for basic block vim +/root_xcg +30 kernel/xsched/cgroup.c 28 29 static struct xsched_group root_xsched_group; > 30 struct xsched_group *root_xcg = &root_xsched_group; 31 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-5.10] ext4: xattr: fix null pointer deref in ext4_raw_inode()
by Yongjian Sun 08 Dec '25

08 Dec '25

From: Karina Yankevich <k.yankevich(a)omp.ru> mainline inclusion from mainline-v6.19-rc1 commit b97cb7d6a051aa6ebd57906df0e26e9e36c26d14 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IDB04G Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- If ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED), iloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all() lacks error checking, this will lead to a null pointer dereference in ext4_raw_inode(), called right after ext4_get_inode_loc(). Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: c8e008b60492 ("ext4: ignore xattrs past end") Cc: stable(a)kernel.org Signed-off-by: Karina Yankevich <k.yankevich(a)omp.ru> Reviewed-by: Sergey Shtylyov <s.shtylyov(a)omp.ru> Reviewed-by: Baokun Li <libaokun1(a)huawei.com> Message-ID: <20251022093253.3546296-1-k.yankevich(a)omp.ru> Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Yongjian Sun <sunyongjian1(a)huawei.com> --- fs/ext4/xattr.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 3e5efa68698e..fd44b8c0c4af 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1133,7 +1133,11 @@ ext4_xattr_inode_dec_ref_all(handle_t *handle, struct inode *parent, if (block_csum) end = (void *)bh->b_data + bh->b_size; else { - ext4_get_inode_loc(parent, &iloc); + err = ext4_get_inode_loc(parent, &iloc); + if (err) { + EXT4_ERROR_INODE(parent, "parent inode loc (error %d)", err); + return; + } end = (void *)ext4_raw_inode(&iloc) + EXT4_SB(parent->i_sb)->s_inode_size; } -- 2.39.2

2 1

[PATCH OLK-6.6] ext4: xattr: fix null pointer deref in ext4_raw_inode()
by Yongjian Sun 08 Dec '25

08 Dec '25

From: Karina Yankevich <k.yankevich(a)omp.ru> mainline inclusion from mainline-v6.19-rc1 commit b97cb7d6a051aa6ebd57906df0e26e9e36c26d14 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IDB04G Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- If ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED), iloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all() lacks error checking, this will lead to a null pointer dereference in ext4_raw_inode(), called right after ext4_get_inode_loc(). Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: c8e008b60492 ("ext4: ignore xattrs past end") Cc: stable(a)kernel.org Signed-off-by: Karina Yankevich <k.yankevich(a)omp.ru> Reviewed-by: Sergey Shtylyov <s.shtylyov(a)omp.ru> Reviewed-by: Baokun Li <libaokun1(a)huawei.com> Message-ID: <20251022093253.3546296-1-k.yankevich(a)omp.ru> Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Yongjian Sun <sunyongjian1(a)huawei.com> --- fs/ext4/xattr.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 6ef8820625b9..5009fdcfe150 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1184,7 +1184,11 @@ ext4_xattr_inode_dec_ref_all(handle_t *handle, struct inode *parent, if (block_csum) end = (void *)bh->b_data + bh->b_size; else { - ext4_get_inode_loc(parent, &iloc); + err = ext4_get_inode_loc(parent, &iloc); + if (err) { + EXT4_ERROR_INODE(parent, "parent inode loc (error %d)", err); + return; + } end = (void *)ext4_raw_inode(&iloc) + EXT4_SB(parent->i_sb)->s_inode_size; } -- 2.39.2

2 1

[openeuler:OLK-6.6 3482/3482] kernel/xsched/cfs.c:22:6: sparse: sparse: symbol 'xs_rq_add' was not declared. Should it be static?
by kernel test robot 08 Dec '25

08 Dec '25

tree: https://gitee.com/openeuler/kernel.git OLK-6.6 head: 4b48fa45408a2757255bdd0c640c1f693b424fe4 commit: 024b851138509252da4531dc2e69b1e8df50fd3b [3482/3482] xsched: Add xsched CFS class config: arm64-randconfig-r111-20251206 (https://download.01.org/0day-ci/archive/20251208/202512081156.izr1Nkua-lkp@…) compiler: clang version 20.1.8 (https://github.com/llvm/llvm-project 87f0227cb60147a26a1eeb4fb06e3b505e9c7261) reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20251208/202512081156.izr1Nkua-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202512081156.izr1Nkua-lkp@intel.com/ sparse warnings: (new ones prefixed by >>) >> kernel/xsched/cfs.c:22:6: sparse: sparse: symbol 'xs_rq_add' was not declared. Should it be static? >> kernel/xsched/cfs.c:45:6: sparse: sparse: symbol 'xs_rq_remove' was not declared. Should it be static? >> kernel/xsched/cfs.c:159:6: sparse: sparse: symbol 'rq_init_fair' was not declared. Should it be static? >> kernel/xsched/cfs.c:164:6: sparse: sparse: symbol 'xse_init_fair' was not declared. Should it be static? >> kernel/xsched/cfs.c:169:6: sparse: sparse: symbol 'xse_deinit_fair' was not declared. Should it be static? vim +/xs_rq_add +22 kernel/xsched/cfs.c 18 19 #define CFS_INNER_RQ_EMPTY(cfs_xse) \ 20 ((cfs_xse)->xruntime == XSCHED_TIME_INF) 21 > 22 void xs_rq_add(struct xsched_entity_cfs *xse) 23 { 24 struct xsched_rq_cfs *cfs_rq = xse->cfs_rq; 25 struct rb_node **link = &cfs_rq->ctx_timeline.rb_root.rb_node; 26 struct rb_node *parent = NULL; 27 struct xsched_entity_cfs *entry; 28 bool leftmost = true; 29 30 while (*link) { 31 parent = *link; 32 entry = rb_entry(parent, struct xsched_entity_cfs, run_node); 33 if (xse->xruntime <= entry->xruntime) { 34 link = &parent->rb_left; 35 } else { 36 link = &parent->rb_right; 37 leftmost = false; 38 } 39 } 40 41 rb_link_node(&xse->run_node, parent, link); 42 rb_insert_color_cached(&xse->run_node, &cfs_rq->ctx_timeline, leftmost); 43 } 44 > 45 void xs_rq_remove(struct xsched_entity_cfs *xse) 46 { 47 struct xsched_rq_cfs *cfs_rq = xse->cfs_rq; 48 49 rb_erase_cached(&xse->run_node, &cfs_rq->ctx_timeline); 50 } 51 52 /** 53 * xs_cfs_rq_update() - Update entity's runqueue position with new xruntime 54 */ 55 static void xs_cfs_rq_update(struct xsched_entity_cfs *xse_cfs, u64 new_xrt) 56 { 57 xs_rq_remove(xse_cfs); 58 xse_cfs->xruntime = new_xrt; 59 xs_rq_add(xse_cfs); 60 } 61 62 static inline struct xsched_entity_cfs * 63 xs_pick_first(struct xsched_rq_cfs *cfs_rq) 64 { 65 struct xsched_entity_cfs *xse_cfs; 66 struct rb_node *left = rb_first_cached(&cfs_rq->ctx_timeline); 67 68 if (!left) 69 return NULL; 70 71 xse_cfs = rb_entry(left, struct xsched_entity_cfs, run_node); 72 return xse_cfs; 73 } 74 75 /** 76 * xs_update() - Account xruntime and runtime metrics. 77 * @xse_cfs: Point to CFS scheduling entity. 78 * @delta: Execution time in last period 79 */ 80 static void xs_update(struct xsched_entity_cfs *xse_cfs, u64 delta) 81 { 82 u64 new_xrt = xse_cfs->xruntime + delta * xse_cfs->weight; 83 84 xs_cfs_rq_update(xse_cfs, new_xrt); 85 xse_cfs->sum_exec_runtime += delta; 86 } 87 88 /* 89 * Xsched Fair class methods 90 * For rq manipulation we rely on root runqueue lock already acquired in core. 91 * Access xsched_group_xcu_priv requires no locks because one thread per XCU. 92 */ 93 static void dequeue_ctx_fair(struct xsched_entity *xse) 94 { 95 struct xsched_cu *xcu = xse->xcu; 96 struct xsched_entity_cfs *first; 97 struct xsched_entity_cfs *xse_cfs = &xse->cfs; 98 99 xs_rq_remove(xse_cfs); 100 101 first = xs_pick_first(&xcu->xrq.cfs); 102 xcu->xrq.cfs.min_xruntime = (first) ? first->xruntime : XSCHED_TIME_INF; 103 } 104 105 /** 106 * enqueue_ctx_fair() - Add context to the runqueue 107 * @xse: xsched entity of context 108 * @xcu: executor 109 * 110 * In contrary to enqueue_task it is called once on context init. 111 * Although groups reside in tree, their nodes not counted in nr_running. 112 * The xruntime of a group xsched entitry represented by min xruntime inside. 113 */ 114 static void enqueue_ctx_fair(struct xsched_entity *xse, struct xsched_cu *xcu) 115 { 116 struct xsched_entity_cfs *first; 117 struct xsched_rq_cfs *rq; 118 struct xsched_entity_cfs *xse_cfs = &xse->cfs; 119 120 rq = xse_cfs->cfs_rq = &xcu->xrq.cfs; 121 122 /* If no XSE of only empty groups */ 123 if (xs_pick_first(rq) == NULL || rq->min_xruntime == XSCHED_TIME_INF) 124 rq->min_xruntime = xse_cfs->xruntime; 125 else 126 xse_cfs->xruntime = max(xse_cfs->xruntime, rq->min_xruntime); 127 128 xs_rq_add(xse_cfs); 129 130 first = xs_pick_first(&xcu->xrq.cfs); 131 xcu->xrq.cfs.min_xruntime = (first) ? first->xruntime : XSCHED_TIME_INF; 132 } 133 134 static struct xsched_entity *pick_next_ctx_fair(struct xsched_cu *xcu) 135 { 136 struct xsched_entity_cfs *xse; 137 struct xsched_rq_cfs *rq = &xcu->xrq.cfs; 138 139 xse = xs_pick_first(rq); 140 if (!xse) 141 return NULL; 142 143 return container_of(xse, struct xsched_entity, cfs); 144 } 145 146 static inline bool 147 xs_should_preempt_fair(struct xsched_entity *xse) 148 { 149 return (atomic_read(&xse->submitted_one_kick) >= XSCHED_CFS_KICK_SLICE); 150 } 151 152 static void put_prev_ctx_fair(struct xsched_entity *xse) 153 { 154 struct xsched_entity_cfs *prev = &xse->cfs; 155 156 xs_update(prev, xse->last_exec_runtime); 157 } 158 > 159 void rq_init_fair(struct xsched_cu *xcu) 160 { 161 xcu->xrq.cfs.ctx_timeline = RB_ROOT_CACHED; 162 } 163 > 164 void xse_init_fair(struct xsched_entity *xse) 165 { 166 xse->cfs.weight = XSCHED_CFS_WEIGHT_DFLT; 167 } 168 > 169 void xse_deinit_fair(struct xsched_entity *xse) 170 { 171 /* TODO Cgroup exit */ 172 } 173 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 0

[PATCH OLK-6.6] mm/numa_remote: fix wild-memory-access in numa_remote_hugetlb_nowatermark
by Jinjiang Tu 08 Dec '25

08 Dec '25

hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/IDB01L ---------------------------------------- NUMA_NO_NODE will be passed to numa_remote_hugetlb_nowatermark() if we echo xx > /proc/sys/vm/nr_hugepages. When hugetlb_nowatermark is enabled, numa_remote_hugetlb_nowatermark() will trigger wild-memory-access. To fix it, check nid whether is NUMA_NO_NODE before calling numa_remote_hugetlb_nowatermark(). Fixes: 3a1587ef612c ("mm/numa_remote: introduce hugetlb_nowatermark mode for remote node") Signed-off-by: Jinjiang Tu <tujinjiang(a)huawei.com> --- mm/hugetlb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index b00dda9db0c9..1a98b599c0b0 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -3944,7 +3944,7 @@ static int set_max_huge_pages(struct hstate *h, unsigned long count, int nid, /* yield cpu to avoid soft lockup */ cond_resched(); - if (numa_remote_hugetlb_nowatermark(nid) && !drained && (nid != NUMA_NO_NODE)) { + if ((nid != NUMA_NO_NODE) && numa_remote_hugetlb_nowatermark(nid) && !drained) { hugetlb_drain_remote_pcp(h, nid); drained = true; } -- 2.43.0

2 1

[PATCH OLK-5.10] KVM: arm64: Prevent access to vCPU events before init
by Pu Lehui 08 Dec '25

08 Dec '25

From: Oliver Upton <oliver.upton(a)linux.dev> mainline inclusion from mainline-v6.18-rc2 commit 0aa1b76fe1429629215a7c79820e4b96233ac4a3 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/ID4A6U CVE: CVE-2025-40102 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of uninitialized garbage for routing / injecting the exception. In one case the injection code and the hyp disagree on whether the vCPU has a 32bit EL1 and put the vCPU into an illegal mode for AArch64, tripping the BUG() in exception_target_el() during the next injection: kernel BUG at arch/arm64/kvm/inject_fault.c:40! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP CPU: 3 UID: 0 PID: 318 Comm: repro Not tainted 6.17.0-rc4-00104-g10fd0285305d #6 PREEMPT Hardware name: linux,dummy-virt (DT) pstate: 21402009 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) pc : exception_target_el+0x88/0x8c lr : pend_serror_exception+0x18/0x13c sp : ffff800082f03a10 x29: ffff800082f03a10 x28: ffff0000cb132280 x27: 0000000000000000 x26: 0000000000000000 x25: ffff0000c2a99c20 x24: 0000000000000000 x23: 0000000000008000 x22: 0000000000000002 x21: 0000000000000004 x20: 0000000000008000 x19: ffff0000c2a99c20 x18: 0000000000000000 x17: 0000000000000000 x16: 0000000000000000 x15: 00000000200000c0 x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : ffff800082f03af8 x7 : 0000000000000000 x6 : 0000000000000000 x5 : ffff800080f621f0 x4 : 0000000000000000 x3 : 0000000000000000 x2 : 000000000040009b x1 : 0000000000000003 x0 : ffff0000c2a99c20 Call trace: exception_target_el+0x88/0x8c (P) kvm_inject_serror_esr+0x40/0x3b4 __kvm_arm_vcpu_set_events+0xf0/0x100 kvm_arch_vcpu_ioctl+0x180/0x9d4 kvm_vcpu_ioctl+0x60c/0x9f4 __arm64_sys_ioctl+0xac/0x104 invoke_syscall+0x48/0x110 el0_svc_common.constprop.0+0x40/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x34/0xf0 el0t_64_sync_handler+0xa0/0xe4 el0t_64_sync+0x198/0x19c Code: f946bc01 b4fffe61 9101e020 17fffff2 (d4210000) Reject the ioctls outright as no sane VMM would call these before KVM_ARM_VCPU_INIT anyway. Even if it did the exception would've been thrown away by the eventual reset of the vCPU's state. Cc: stable(a)vger.kernel.org # 6.17 Fixes: b7b27facc7b5 ("arm/arm64: KVM: Add KVM_GET/SET_VCPU_EVENTS") Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Signed-off-by: Marc Zyngier <maz(a)kernel.org> Signed-off-by: Pu Lehui <pulehui(a)huawei.com> --- arch/arm64/kvm/arm.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index 72d298e696fa..afcad77b581a 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -1532,6 +1532,9 @@ long kvm_arch_vcpu_ioctl(struct file *filp, case KVM_GET_VCPU_EVENTS: { struct kvm_vcpu_events events; + if (!kvm_vcpu_initialized(vcpu)) + return -ENOEXEC; + if (kvm_arm_vcpu_get_events(vcpu, &events)) return -EINVAL; @@ -1543,6 +1546,9 @@ long kvm_arch_vcpu_ioctl(struct file *filp, case KVM_SET_VCPU_EVENTS: { struct kvm_vcpu_events events; + if (!kvm_vcpu_initialized(vcpu)) + return -ENOEXEC; + if (copy_from_user(&events, argp, sizeof(events))) return -EFAULT; -- 2.34.1

2 1