Skip to content

Commit 90b5d4f

Browse files
mpempe
committed
powerpc/powernv: Avoid crashing if rng is NULL
On a bare-metal Power8 system that doesn't have an "ibm,power-rng", a malicious QEMU and guest that ignore the absence of the KVM_CAP_PPC_HWRNG flag, and calls H_RANDOM anyway, will dereference a NULL pointer. In practice all Power8 machines have an "ibm,power-rng", but let's not rely on that, add a NULL check and early return in powernv_get_random_real_mode(). Fixes: e928e9c ("KVM: PPC: Book3S HV: Add fast real-mode H_RANDOM implementation.") Cc: stable@vger.kernel.org # v4.1+ Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20220727143219.2684192-1-mpe@ellerman.id.au
1 parent cd1e649 commit 90b5d4f

1 file changed

Lines changed: 2 additions & 0 deletions

File tree

  • arch/powerpc/platforms/powernv

arch/powerpc/platforms/powernv/rng.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,8 @@ int powernv_get_random_real_mode(unsigned long *v)
6363
struct powernv_rng *rng;
6464

6565
rng = raw_cpu_read(powernv_rng);
66+
if (!rng)
67+
return 0;
6668

6769
*v = rng_whiten(rng, __raw_rm_readq(rng->regs_real));
6870

0 commit comments

Comments
 (0)