KVM: Use memdup_user instead of kmalloc/copy_from_user

Switch to using memdup_user when possible. This makes code more smaller and compact, and prevents errors. Signed-off-by: Sasha Levin <levinsasha928@gmail.com> Signed-off-by: Avi Kivity <avi@redhat.com>
author: Sasha Levin <levinsasha928@gmail.com> 2011-12-04 12:36:29 -0500
committer: Avi Kivity <avi@redhat.com> 2011-12-27 04:22:21 -0500
commit: ff5c2c0316ff0e3e2dba3ca14167d994453df093 (patch)
tree: a2cba54bb5486f508315842ac9ee026cd5d87981 /arch/x86/kvm
parent: cdfca7b346e6dbab1ba33260c28ccb8333485a5b (diff)
1 files changed, 35 insertions, 47 deletions
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 03042d60a8fc..0a646e2b57c5 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1309,12 +1309,11 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data)
        if (page_num >= blob_size)
                goto out;
        r = -ENOMEM;
-        page = kzalloc(PAGE_SIZE, GFP_KERNEL);
+        page = memdup_user(blob_addr + (page_num * PAGE_SIZE), PAGE_SIZE);
-        if (!page)
+        if (IS_ERR(page)) {
+                r = PTR_ERR(page);
                goto out;
-        r = -EFAULT;
+        }
-        if (copy_from_user(page, blob_addr + (page_num * PAGE_SIZE), PAGE_SIZE))
-                goto out_free;
        if (kvm_write_guest(kvm, page_addr, page, PAGE_SIZE))
                goto out_free;
        r = 0;
@@ -1988,15 +1987,12 @@ static int msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs __user *user_msrs,
        if (msrs.nmsrs >= MAX_IO_MSRS)
                goto out;
-        r = -ENOMEM;
        size = sizeof(struct kvm_msr_entry) * msrs.nmsrs;
-        entries = kmalloc(size, GFP_KERNEL);
+        entries = memdup_user(user_msrs->entries, size);
-        if (!entries)
+        if (IS_ERR(entries)) {
+                r = PTR_ERR(entries);
                goto out;
+        }
-        r = -EFAULT;
-        if (copy_from_user(entries, user_msrs->entries, size))
-                goto out_free;
        r = n = __msr_io(vcpu, &msrs, entries, do_msr);
        if (r < 0)
@@ -2533,13 +2529,12 @@ long kvm_arch_vcpu_ioctl(struct file *filp,
                r = -EINVAL;
                if (!vcpu->arch.apic)
                        goto out;
-                u.lapic = kmalloc(sizeof(struct kvm_lapic_state), GFP_KERNEL);
+                u.lapic = memdup_user(argp, sizeof(*u.lapic));
-                r = -ENOMEM;
+                if (IS_ERR(u.lapic)) {
-                if (!u.lapic)
+                        r = PTR_ERR(u.lapic);
-                        goto out;
-                r = -EFAULT;
-                if (copy_from_user(u.lapic, argp, sizeof(struct kvm_lapic_state)))
                        goto out;
+                }
                r = kvm_vcpu_ioctl_set_lapic(vcpu, u.lapic);
                if (r)
                        goto out;
@@ -2718,14 +2713,11 @@ long kvm_arch_vcpu_ioctl(struct file *filp,
                break;
        }
        case KVM_SET_XSAVE: {
-                u.xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL);
+                u.xsave = memdup_user(argp, sizeof(*u.xsave));
-                r = -ENOMEM;
+                if (IS_ERR(u.xsave)) {
-                if (!u.xsave)
+                        r = PTR_ERR(u.xsave);
-                        break;
+                        goto out;
+                }
-                r = -EFAULT;
-                if (copy_from_user(u.xsave, argp, sizeof(struct kvm_xsave)))
-                        break;
                r = kvm_vcpu_ioctl_x86_set_xsave(vcpu, u.xsave);
                break;
@@ -2746,15 +2738,11 @@ long kvm_arch_vcpu_ioctl(struct file *filp,
                break;
        }
        case KVM_SET_XCRS: {
-                u.xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL);
+                u.xcrs = memdup_user(argp, sizeof(*u.xcrs));
-                r = -ENOMEM;
+                if (IS_ERR(u.xcrs)) {
-                if (!u.xcrs)
+                        r = PTR_ERR(u.xcrs);
-                        break;
+                        goto out;
+                }
-                r = -EFAULT;
-                if (copy_from_user(u.xcrs, argp,
-                                   sizeof(struct kvm_xcrs)))
-                        break;
                r = kvm_vcpu_ioctl_x86_set_xcrs(vcpu, u.xcrs);
                break;
@@ -3190,14 +3178,14 @@ long kvm_arch_vm_ioctl(struct file *filp,
        }
        case KVM_GET_IRQCHIP: {
                /* 0: PIC master, 1: PIC slave, 2: IOAPIC */
-                struct kvm_irqchip *chip = kmalloc(sizeof(*chip), GFP_KERNEL);
+                struct kvm_irqchip *chip;
-                r = -ENOMEM;
+                chip = memdup_user(argp, sizeof(*chip));
-                if (!chip)
+                if (IS_ERR(chip)) {
+                        r = PTR_ERR(chip);
                        goto out;
-                r = -EFAULT;
+                }
-                if (copy_from_user(chip, argp, sizeof *chip))
-                        goto get_irqchip_out;
                r = -ENXIO;
                if (!irqchip_in_kernel(kvm))
                        goto get_irqchip_out;
@@ -3216,14 +3204,14 @@ long kvm_arch_vm_ioctl(struct file *filp,
        }
        case KVM_SET_IRQCHIP: {
                /* 0: PIC master, 1: PIC slave, 2: IOAPIC */
-                struct kvm_irqchip *chip = kmalloc(sizeof(*chip), GFP_KERNEL);
+                struct kvm_irqchip *chip;
-                r = -ENOMEM;
+                chip = memdup_user(argp, sizeof(*chip));
-                if (!chip)
+                if (IS_ERR(chip)) {
+                        r = PTR_ERR(chip);
                        goto out;
-                r = -EFAULT;
+                }
-                if (copy_from_user(chip, argp, sizeof *chip))
-                        goto set_irqchip_out;
                r = -ENXIO;
                if (!irqchip_in_kernel(kvm))
                        goto set_irqchip_out;
author	Sasha Levin <levinsasha928@gmail.com>	2011-12-04 12:36:29 -0500
committer	Avi Kivity <avi@redhat.com>	2011-12-27 04:22:21 -0500
commit	ff5c2c0316ff0e3e2dba3ca14167d994453df093 (patch)
tree	a2cba54bb5486f508315842ac9ee026cd5d87981 /arch/x86/kvm
parent	cdfca7b346e6dbab1ba33260c28ccb8333485a5b (diff)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 03042d60a8fc..0a646e2b57c5 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c
@@ -1309,12 +1309,11 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data)
1309	if (page_num >= blob_size)	1309	if (page_num >= blob_size)
1310	goto out;	1310	goto out;
1311	r = -ENOMEM;	1311	r = -ENOMEM;
1312	page = kzalloc(PAGE_SIZE, GFP_KERNEL);	1312	page = memdup_user(blob_addr + (page_num * PAGE_SIZE), PAGE_SIZE);
1313	if (!page)	1313	if (IS_ERR(page)) {
		1314	r = PTR_ERR(page);
1314	goto out;	1315	goto out;
1315	r = -EFAULT;	1316	}
1316	if (copy_from_user(page, blob_addr + (page_num * PAGE_SIZE), PAGE_SIZE))
1317	goto out_free;
1318	if (kvm_write_guest(kvm, page_addr, page, PAGE_SIZE))	1317	if (kvm_write_guest(kvm, page_addr, page, PAGE_SIZE))
1319	goto out_free;	1318	goto out_free;
1320	r = 0;	1319	r = 0;
@@ -1988,15 +1987,12 @@ static int msr_io(struct kvm_vcpu vcpu, struct kvm_msrs __user user_msrs,
1988	if (msrs.nmsrs >= MAX_IO_MSRS)	1987	if (msrs.nmsrs >= MAX_IO_MSRS)
1989	goto out;	1988	goto out;
1990		1989
1991	r = -ENOMEM;
1992	size = sizeof(struct kvm_msr_entry) * msrs.nmsrs;	1990	size = sizeof(struct kvm_msr_entry) * msrs.nmsrs;
1993	entries = kmalloc(size, GFP_KERNEL);	1991	entries = memdup_user(user_msrs->entries, size);
1994	if (!entries)	1992	if (IS_ERR(entries)) {
		1993	r = PTR_ERR(entries);
1995	goto out;	1994	goto out;
1996		1995	}
1997	r = -EFAULT;
1998	if (copy_from_user(entries, user_msrs->entries, size))
1999	goto out_free;
2000		1996
2001	r = n = __msr_io(vcpu, &msrs, entries, do_msr);	1997	r = n = __msr_io(vcpu, &msrs, entries, do_msr);
2002	if (r < 0)	1998	if (r < 0)
@@ -2533,13 +2529,12 @@ long kvm_arch_vcpu_ioctl(struct file *filp,
2533	r = -EINVAL;	2529	r = -EINVAL;
2534	if (!vcpu->arch.apic)	2530	if (!vcpu->arch.apic)
2535	goto out;	2531	goto out;
2536	u.lapic = kmalloc(sizeof(struct kvm_lapic_state), GFP_KERNEL);	2532	u.lapic = memdup_user(argp, sizeof(*u.lapic));
2537	r = -ENOMEM;	2533	if (IS_ERR(u.lapic)) {
2538	if (!u.lapic)	2534	r = PTR_ERR(u.lapic);
2539	goto out;
2540	r = -EFAULT;
2541	if (copy_from_user(u.lapic, argp, sizeof(struct kvm_lapic_state)))
2542	goto out;	2535	goto out;
		2536	}
		2537
2543	r = kvm_vcpu_ioctl_set_lapic(vcpu, u.lapic);	2538	r = kvm_vcpu_ioctl_set_lapic(vcpu, u.lapic);
2544	if (r)	2539	if (r)
2545	goto out;	2540	goto out;
@@ -2718,14 +2713,11 @@ long kvm_arch_vcpu_ioctl(struct file *filp,
2718	break;	2713	break;
2719	}	2714	}
2720	case KVM_SET_XSAVE: {	2715	case KVM_SET_XSAVE: {
2721	u.xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL);	2716	u.xsave = memdup_user(argp, sizeof(*u.xsave));
2722	r = -ENOMEM;	2717	if (IS_ERR(u.xsave)) {
2723	if (!u.xsave)	2718	r = PTR_ERR(u.xsave);
2724	break;	2719	goto out;
2725		2720	}
2726	r = -EFAULT;
2727	if (copy_from_user(u.xsave, argp, sizeof(struct kvm_xsave)))
2728	break;
2729		2721
2730	r = kvm_vcpu_ioctl_x86_set_xsave(vcpu, u.xsave);	2722	r = kvm_vcpu_ioctl_x86_set_xsave(vcpu, u.xsave);
2731	break;	2723	break;
@@ -2746,15 +2738,11 @@ long kvm_arch_vcpu_ioctl(struct file *filp,
2746	break;	2738	break;
2747	}	2739	}
2748	case KVM_SET_XCRS: {	2740	case KVM_SET_XCRS: {
2749	u.xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL);	2741	u.xcrs = memdup_user(argp, sizeof(*u.xcrs));
2750	r = -ENOMEM;	2742	if (IS_ERR(u.xcrs)) {
2751	if (!u.xcrs)	2743	r = PTR_ERR(u.xcrs);
2752	break;	2744	goto out;
2753		2745	}
2754	r = -EFAULT;
2755	if (copy_from_user(u.xcrs, argp,
2756	sizeof(struct kvm_xcrs)))
2757	break;
2758		2746
2759	r = kvm_vcpu_ioctl_x86_set_xcrs(vcpu, u.xcrs);	2747	r = kvm_vcpu_ioctl_x86_set_xcrs(vcpu, u.xcrs);
2760	break;	2748	break;
@@ -3190,14 +3178,14 @@ long kvm_arch_vm_ioctl(struct file *filp,
3190	}	3178	}
3191	case KVM_GET_IRQCHIP: {	3179	case KVM_GET_IRQCHIP: {
3192	/* 0: PIC master, 1: PIC slave, 2: IOAPIC */	3180	/* 0: PIC master, 1: PIC slave, 2: IOAPIC */
3193	struct kvm_irqchip chip = kmalloc(sizeof(chip), GFP_KERNEL);	3181	struct kvm_irqchip *chip;
3194		3182
3195	r = -ENOMEM;	3183	chip = memdup_user(argp, sizeof(*chip));
3196	if (!chip)	3184	if (IS_ERR(chip)) {
		3185	r = PTR_ERR(chip);
3197	goto out;	3186	goto out;
3198	r = -EFAULT;	3187	}
3199	if (copy_from_user(chip, argp, sizeof *chip))	3188
3200	goto get_irqchip_out;
3201	r = -ENXIO;	3189	r = -ENXIO;
3202	if (!irqchip_in_kernel(kvm))	3190	if (!irqchip_in_kernel(kvm))
3203	goto get_irqchip_out;	3191	goto get_irqchip_out;
@@ -3216,14 +3204,14 @@ long kvm_arch_vm_ioctl(struct file *filp,
3216	}	3204	}
3217	case KVM_SET_IRQCHIP: {	3205	case KVM_SET_IRQCHIP: {
3218	/* 0: PIC master, 1: PIC slave, 2: IOAPIC */	3206	/* 0: PIC master, 1: PIC slave, 2: IOAPIC */
3219	struct kvm_irqchip chip = kmalloc(sizeof(chip), GFP_KERNEL);	3207	struct kvm_irqchip *chip;
3220		3208
3221	r = -ENOMEM;	3209	chip = memdup_user(argp, sizeof(*chip));
3222	if (!chip)	3210	if (IS_ERR(chip)) {
		3211	r = PTR_ERR(chip);
3223	goto out;	3212	goto out;
3224	r = -EFAULT;	3213	}
3225	if (copy_from_user(chip, argp, sizeof *chip))	3214
3226	goto set_irqchip_out;
3227	r = -ENXIO;	3215	r = -ENXIO;
3228	if (!irqchip_in_kernel(kvm))	3216	if (!irqchip_in_kernel(kvm))
3229	goto set_irqchip_out;	3217	goto set_irqchip_out;