The array kvpmu->pmc is defined as:

struct kvm_pmc pmc[RISCV_KVM_MAX_COUNTERS];

So, accessing it with index RISCV_KVM_MAX_COUNTERS would be
out-of-bounds by 1.

Change index check from > to >=.

Detected by Smatch:
arch/riscv/kvm/vcpu_pmu.c:528 kvm_riscv_vcpu_pmu_ctr_info() error:
buffer overflow 'kvpmu->pmc' 64 <= 64

Fixes: 8f0153ecd3bf1 ("RISC-V: KVM: Add skeleton support for perf")
Signed-off-by: Ethan Tidmore <ethantidmore06@gmail.com>
---
 arch/riscv/kvm/vcpu_pmu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/riscv/kvm/vcpu_pmu.c b/arch/riscv/kvm/vcpu_pmu.c
index 3a4d54aa96d8..51a12f90fb30 100644
--- a/arch/riscv/kvm/vcpu_pmu.c
+++ b/arch/riscv/kvm/vcpu_pmu.c
@@ -520,7 +520,7 @@ int kvm_riscv_vcpu_pmu_ctr_info(struct kvm_vcpu *vcpu, unsigned long cidx,
 {
 	struct kvm_pmu *kvpmu = vcpu_to_pmu(vcpu);
 
-	if (cidx > RISCV_KVM_MAX_COUNTERS || cidx == 1) {
+	if (cidx >= RISCV_KVM_MAX_COUNTERS || cidx == 1) {
 		retdata->err_val = SBI_ERR_INVALID_PARAM;
 		return 0;
 	}
-- 
2.53.0