KVM: nVMX: Set cached_vmcs12 and cached_shadow_vmcs12 NULL after free
authorJan Kiszka <jan.kiszka@siemens.com>
Sun, 21 Jul 2019 14:01:36 +0000 (16:01 +0200)
committerPaolo Bonzini <pbonzini@redhat.com>
Mon, 22 Jul 2019 11:55:49 +0000 (13:55 +0200)
Shall help finding use-after-free bugs earlier.

Suggested-by: Liran Alon <liran.alon@oracle.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
arch/x86/kvm/vmx/nested.c

index 4cdab4b4eff1e8e42d457d8c40831c4dbd75bedf..ced9fba32598d8435ef9f1d59e963f5c3e134d20 100644 (file)
@@ -234,7 +234,9 @@ static void free_nested(struct kvm_vcpu *vcpu)
                vmx->vmcs01.shadow_vmcs = NULL;
        }
        kfree(vmx->nested.cached_vmcs12);
+       vmx->nested.cached_vmcs12 = NULL;
        kfree(vmx->nested.cached_shadow_vmcs12);
+       vmx->nested.cached_shadow_vmcs12 = NULL;
        /* Unpin physical memory we referred to in the vmcs02 */
        if (vmx->nested.apic_access_page) {
                kvm_release_page_dirty(vmx->nested.apic_access_page);