On Tue, 4 Sep 2018, Julien Grall wrote:
> vgic_v3_its_free_domain may be called before vgic_v3_its_init_domain if
> the vGIC was failing to initalize itself. This means the list would be
> unitialized and result in a crash.
>
> Thankfully, we only allow ITS for the hardware domain. So the crash is
> not a security issue. Fix it by checking whether the list the NULL.
>
> Signed-off-by: Julien Grall <julien.gr...@arm.com>
Reviewed-by: Stefano Stabellini <sstabell...@kernel.org>
> ---
>
> Cc: Andrew Cooper <andrew.coop...@citrix.com>
> ---
> xen/arch/arm/vgic-v3-its.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/xen/arch/arm/vgic-v3-its.c b/xen/arch/arm/vgic-v3-its.c
> index 32061c6b03..9edd97c4e7 100644
> --- a/xen/arch/arm/vgic-v3-its.c
> +++ b/xen/arch/arm/vgic-v3-its.c
> @@ -1548,6 +1548,10 @@ void vgic_v3_its_free_domain(struct domain *d)
> {
> struct virt_its *pos, *temp;
>
> + /* Cope with unitialized vITS */
> + if ( list_head_is_null(&d->arch.vgic.vits_list) )
> + return;
> +
> list_for_each_entry_safe( pos, temp, &d->arch.vgic.vits_list, vits_list )
> {
> list_del(&pos->vits_list);
> --
> 2.11.0
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
