[PATCH v3 0/3] KVM: Fix use-after-free in debugfs
Marc Zyngier
maz at kernel.org
Thu Apr 7 02:47:25 PDT 2022
On Wed, 6 Apr 2022 23:56:12 +0000, Oliver Upton wrote:
> Funny enough, dirty_log_perf_test on arm64 highlights some issues around
> the use of debugfs in KVM. The test leaks a GIC FD across test
> iterations, and as such the associated VM is never destroyed.
> Nonetheless, the VM FD is reused for the next VM, which collides with
> the old debugfs directory.
>
> Where things get off is when the vgic-state debugfs file is created. KVM
> does not check if the VM directory exists before creating the file,
> which results in the file being added to the root of debugfs when the
> aforementioned collision occurs.
>
> [...]
Applied to fixes, thanks!
[1/3] KVM: Don't create VM debugfs files outside of the VM directory
commit: a44a4cc1c969afec97dbb2aedaf6f38eaa6253bb
[2/3] selftests: KVM: Don't leak GIC FD across dirty log test iterations
commit: 386ba265a8197716076a88853244f4437b92b167
[3/3] selftests: KVM: Free the GIC FD when cleaning up in arch_timer
commit: 21db83846683d3987666505a3ec38f367708199a
Cheers,
M.
--
Without deviation from the norm, progress is not possible.
More information about the linux-arm-kernel
mailing list