1. Patchew
  2. linux
  3. View series

[PATCH v1] KVM: Use memdup_user instead of kernel stack to allocate kvm_guest_debug

Leesoo Ahn posted 1 patch 2 months ago 
virt/kvm/kvm_main.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
[PATCH v1] KVM: Use memdup_user instead of kernel stack to allocate kvm_guest_debug
Posted by Leesoo Ahn 2 months ago 
Switch to using memdup_user to allocate its memory because the size of
kvm_guest_debug is over 512 bytes on Arm64 and is burdened allocation
from kernel stack.

Signed-off-by: Leesoo Ahn <lsahn@ooseel.net>
---
 virt/kvm/kvm_main.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index 5b5b69c97665..bc0a53129df7 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -4592,12 +4592,15 @@ static long kvm_vcpu_ioctl(struct file *filp,
 		break;
 	}
 	case KVM_SET_GUEST_DEBUG: {
-		struct kvm_guest_debug dbg;
+		struct kvm_guest_debug *dbg;
 
-		r = -EFAULT;
-		if (copy_from_user(&dbg, argp, sizeof(dbg)))
+		dbg = memdup_user(argp, sizeof(*dbg));
+		if (IS_ERR(dbg)) {
+			r = PTR_ERR(dbg);
 			goto out;
-		r = kvm_arch_vcpu_ioctl_set_guest_debug(vcpu, &dbg);
+		}
+		r = kvm_arch_vcpu_ioctl_set_guest_debug(vcpu, dbg);
+		kfree(dbg);
 		break;
 	}
 	case KVM_SET_SIGNAL_MASK: {
-- 
2.51.0
Re: [PATCH v1] KVM: Use memdup_user instead of kernel stack to allocate kvm_guest_debug
Posted by Sean Christopherson 1 month, 3 weeks ago 
On Tue, Feb 10, 2026, Leesoo Ahn wrote:
> Switch to using memdup_user to allocate its memory because the size of
> kvm_guest_debug is over 512 bytes on Arm64 and is burdened allocation
> from kernel stack.

520 bytes is a lot, but it's not _that_ much, especially since
kvm_arch_vcpu_ioctl_set_guest_debug() is leaf function (ignoring tracing).

Is there an actual problem on arm64?  I.e. does this one particular allocation
lead to stack overflows that otherwise don't happen in KVM?
Re: [PATCH v1] KVM: Use memdup_user instead of kernel stack to allocate kvm_guest_debug
Posted by Leesoo Ahn 1 month, 3 weeks ago 
Bump up the patch in order to remind again.

2026년 2월 10일 (화) PM 4:25, Leesoo Ahn <lsahn@ooseel.net>님이 작성:
>
> Switch to using memdup_user to allocate its memory because the size of
> kvm_guest_debug is over 512 bytes on Arm64 and is burdened allocation
> from kernel stack.
>
> Signed-off-by: Leesoo Ahn <lsahn@ooseel.net>
> ---
>  virt/kvm/kvm_main.c | 11 +++++++----
>  1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index 5b5b69c97665..bc0a53129df7 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -4592,12 +4592,15 @@ static long kvm_vcpu_ioctl(struct file *filp,
>                 break;
>         }
>         case KVM_SET_GUEST_DEBUG: {
> -               struct kvm_guest_debug dbg;
> +               struct kvm_guest_debug *dbg;
>
> -               r = -EFAULT;
> -               if (copy_from_user(&dbg, argp, sizeof(dbg)))
> +               dbg = memdup_user(argp, sizeof(*dbg));
> +               if (IS_ERR(dbg)) {
> +                       r = PTR_ERR(dbg);
>                         goto out;
> -               r = kvm_arch_vcpu_ioctl_set_guest_debug(vcpu, &dbg);
> +               }
> +               r = kvm_arch_vcpu_ioctl_set_guest_debug(vcpu, dbg);
> +               kfree(dbg);
>                 break;
>         }
>         case KVM_SET_SIGNAL_MASK: {
> --
> 2.51.0
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.