KVM: VMX: Ensure that vmx_create_vcpu always returns proper error

In case certain allocations fail, vmx_create_vcpu may return 0 as error instead of a negative value encoded via ERR_PTR. This causes a NULL pointer dereferencing later on in kvm_vm_ioctl_vcpu_create. Reported-by: Sasha Levin <levinsasha928@gmail.com> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
author: Jan Kiszka <jan.kiszka@siemens.com> 2011-04-13 01:27:55 +0200
committer: Avi Kivity <avi@redhat.com> 2011-05-11 07:57:08 -0400
commit: be6d05cfdf1f2ddbdc367a6433d8eac49d6bfe6f (patch)
tree: 4e20ff818c63f8b9a7c7b84d101f5c669eee454a /arch
parent: 7ae441eac521b2006c9f03c4f2a23582c07fd76d (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index aabe3334d064..af5206983154 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -4251,8 +4251,8 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
 		goto free_vcpu;
 
 	vmx->guest_msrs = kmalloc(PAGE_SIZE, GFP_KERNEL);
+	err = -ENOMEM;
 	if (!vmx->guest_msrs) {
-		err = -ENOMEM;
 		goto uninit_vcpu;
 	}
 
@@ -4271,7 +4271,8 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
 	if (err)
 		goto free_vmcs;
 	if (vm_need_virtualize_apic_accesses(kvm))
-		if (alloc_apic_access_page(kvm) != 0)
+		err = alloc_apic_access_page(kvm);
+		if (err)
 			goto free_vmcs;
 
 	if (enable_ept) {
author	Jan Kiszka <jan.kiszka@siemens.com>	2011-04-13 01:27:55 +0200
committer	Avi Kivity <avi@redhat.com>	2011-05-11 07:57:08 -0400
commit	be6d05cfdf1f2ddbdc367a6433d8eac49d6bfe6f (patch)
tree	4e20ff818c63f8b9a7c7b84d101f5c669eee454a /arch
parent	7ae441eac521b2006c9f03c4f2a23582c07fd76d (diff)