KVM: x86: Do kvm_cpuid_array capacity checks in terminal functions

Perform the capacity checks on the userspace provided kvm_cpuid_array
in the lower __do_cpuid_func() and __do_cpuid_func_emulated().
Pre-checking the array in do_cpuid_func() no longer adds value now that
__do_cpuid_func() has been trimmed down to size, i.e. doesn't invoke a
big pile of retpolined functions before doing anything useful.

Note, __do_cpuid_func() already checks the array capacity via
do_host_cpuid(), "moving" the check to __do_cpuid_func() simply means
removing a WARN_ON().

Suggested-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 214bcb3..1934f5d 100644 (file)
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -473,8 +473,12 @@ static struct kvm_cpuid_entry2 *do_host_cpuid(struct kvm_cpuid_array *array,
 
 static int __do_cpuid_func_emulated(struct kvm_cpuid_array *array, u32 func)
 {
-       struct kvm_cpuid_entry2 *entry = &array->entries[array->nent];
+       struct kvm_cpuid_entry2 *entry;
+
+       if (array->nent >= array->maxnent)
+               return -E2BIG;
 
+       entry = &array->entries[array->nent];
        entry->function = func;
        entry->index = 0;
        entry->flags = 0;
@@ -511,7 +515,7 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
        r = -E2BIG;
 
        entry = do_host_cpuid(array, function, 0);
-       if (WARN_ON(!entry))
+       if (!entry)
                goto out;
 
        switch (function) {
@@ -782,9 +786,6 @@ out:
 static int do_cpuid_func(struct kvm_cpuid_array *array, u32 func,
                         unsigned int type)
 {
-       if (array->nent >= array->maxnent)
-               return -E2BIG;
-
        if (type == KVM_GET_EMULATED_CPUID)
                return __do_cpuid_func_emulated(array, func);