diff options
Diffstat (limited to 'virt')
-rw-r--r-- | virt/kvm/kvm_main.c | 33 |
1 files changed, 22 insertions, 11 deletions
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 31db9b4d3016..41d4b6519136 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c | |||
@@ -852,28 +852,39 @@ static long kvm_vcpu_ioctl(struct file *filp, | |||
852 | r = kvm_arch_vcpu_ioctl_run(vcpu, vcpu->run); | 852 | r = kvm_arch_vcpu_ioctl_run(vcpu, vcpu->run); |
853 | break; | 853 | break; |
854 | case KVM_GET_REGS: { | 854 | case KVM_GET_REGS: { |
855 | struct kvm_regs kvm_regs; | 855 | struct kvm_regs *kvm_regs; |
856 | 856 | ||
857 | memset(&kvm_regs, 0, sizeof kvm_regs); | 857 | r = -ENOMEM; |
858 | r = kvm_arch_vcpu_ioctl_get_regs(vcpu, &kvm_regs); | 858 | kvm_regs = kzalloc(sizeof(struct kvm_regs), GFP_KERNEL); |
859 | if (r) | 859 | if (!kvm_regs) |
860 | goto out; | 860 | goto out; |
861 | r = kvm_arch_vcpu_ioctl_get_regs(vcpu, kvm_regs); | ||
862 | if (r) | ||
863 | goto out_free1; | ||
861 | r = -EFAULT; | 864 | r = -EFAULT; |
862 | if (copy_to_user(argp, &kvm_regs, sizeof kvm_regs)) | 865 | if (copy_to_user(argp, kvm_regs, sizeof(struct kvm_regs))) |
863 | goto out; | 866 | goto out_free1; |
864 | r = 0; | 867 | r = 0; |
868 | out_free1: | ||
869 | kfree(kvm_regs); | ||
865 | break; | 870 | break; |
866 | } | 871 | } |
867 | case KVM_SET_REGS: { | 872 | case KVM_SET_REGS: { |
868 | struct kvm_regs kvm_regs; | 873 | struct kvm_regs *kvm_regs; |
869 | 874 | ||
870 | r = -EFAULT; | 875 | r = -ENOMEM; |
871 | if (copy_from_user(&kvm_regs, argp, sizeof kvm_regs)) | 876 | kvm_regs = kzalloc(sizeof(struct kvm_regs), GFP_KERNEL); |
877 | if (!kvm_regs) | ||
872 | goto out; | 878 | goto out; |
873 | r = kvm_arch_vcpu_ioctl_set_regs(vcpu, &kvm_regs); | 879 | r = -EFAULT; |
880 | if (copy_from_user(kvm_regs, argp, sizeof(struct kvm_regs))) | ||
881 | goto out_free2; | ||
882 | r = kvm_arch_vcpu_ioctl_set_regs(vcpu, kvm_regs); | ||
874 | if (r) | 883 | if (r) |
875 | goto out; | 884 | goto out_free2; |
876 | r = 0; | 885 | r = 0; |
886 | out_free2: | ||
887 | kfree(kvm_regs); | ||
877 | break; | 888 | break; |
878 | } | 889 | } |
879 | case KVM_GET_SREGS: { | 890 | case KVM_GET_SREGS: { |