CVE-2022-50117

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> vfio: Split migration ops from main device ops<br /> <br /> vfio core checks whether the driver sets some migration op (e.g.<br /> set_state/get_state) and accordingly calls its op.<br /> <br /> However, currently mlx5 driver sets the above ops without regards to its<br /> migration caps.<br /> <br /> This might lead to unexpected usage/Oops if user space may call to the<br /> above ops even if the driver doesn&amp;#39;t support migration. As for example,<br /> the migration state_mutex is not initialized in that case.<br /> <br /> The cleanest way to manage that seems to split the migration ops from<br /> the main device ops, this will let the driver setting them separately<br /> from the main ops when it&amp;#39;s applicable.<br /> <br /> As part of that, validate ops construction on registration and include a<br /> check for VFIO_MIGRATION_STOP_COPY since the uAPI claims it must be set<br /> in migration_flags.<br /> <br /> HISI driver was changed as well to match this scheme.<br /> <br /> This scheme may enable down the road to come with some extra group of<br /> ops (e.g. DMA log) that can be set without regards to the other options<br /> based on driver caps.