[xen staging-4.18] xen: vm_event: do not do vm_event_op for an invalid domain

[patchbot@xxxxxxx]

commit 398e2a7a15b02b545c17ffe99541fe7e621cf2c7
Author:     Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>
AuthorDate: Tue Apr 29 12:06:59 2025 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Apr 29 12:06:59 2025 +0200

    xen: vm_event: do not do vm_event_op for an invalid domain
    
    A privileged domain can issue XEN_DOMCTL_vm_event_op with
    op->domain == DOMID_INVALID. In this case vm_event_domctl()
    function will get NULL as the first parameter and this will
    cause hypervisor panic, as it tries to derefer this pointer.
    
    Fix the issue by checking if valid domain is passed in.
    
    Fixes: 48b84249459f ("xen/vm-event: Drop unused u_domctl parameter from 
vm_event_domctl()")
    Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>
    Acked-by: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
    master commit: 6a884750f3b86a45ee5ffbd825c346fcbce86080
    master date: 2025-04-08 09:36:38 +0200
---
 xen/common/vm_event.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
index ecf49c38a9..71d2898174 100644
--- a/xen/common/vm_event.c
+++ b/xen/common/vm_event.c
@@ -600,6 +600,10 @@ int vm_event_domctl(struct domain *d, struct 
xen_domctl_vm_event_op *vec)
         return 0;
     }
 
+    /* All other subops need to target a real domain. */
+    if ( unlikely(d == NULL) )
+        return -ESRCH;
+
     rc = xsm_vm_event_control(XSM_PRIV, d, vec->mode, vec->op);
     if ( rc )
         return rc;
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.18