kvm_find_cpuid_entry_index() can return NULL if the guest CPUID
entry is missing, but amd_pmu_refresh() was dereferencing the pointer
without checking. This could cause a kernel crash.

Add a NULL check and fallback to AMD64_NUM_COUNTERS_CORE if the
entry is missing.

Signed-off-by: Chelsy Ratnawat <chelsyratnawat2001@gmail.com>
---
 arch/x86/kvm/svm/pmu.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/svm/pmu.c b/arch/x86/kvm/svm/pmu.c
index bc062285fbf5..aa8313fa98c9 100644
--- a/arch/x86/kvm/svm/pmu.c
+++ b/arch/x86/kvm/svm/pmu.c
@@ -178,6 +178,7 @@ static void amd_pmu_refresh(struct kvm_vcpu *vcpu)
 {
 	struct kvm_pmu *pmu = vcpu_to_pmu(vcpu);
 	union cpuid_0x80000022_ebx ebx;
+	struct kvm_cpuid_entry2 *entry;
 
 	pmu->version = 1;
 	if (guest_cpu_cap_has(vcpu, X86_FEATURE_PERFMON_V2)) {
@@ -188,8 +189,13 @@ static void amd_pmu_refresh(struct kvm_vcpu *vcpu)
 		 */
 		BUILD_BUG_ON(x86_feature_cpuid(X86_FEATURE_PERFMON_V2).function != 0x80000022 ||
 			     x86_feature_cpuid(X86_FEATURE_PERFMON_V2).index);
-		ebx.full = kvm_find_cpuid_entry_index(vcpu, 0x80000022, 0)->ebx;
-		pmu->nr_arch_gp_counters = ebx.split.num_core_pmc;
+		entry = kvm_find_cpuid_entry_index(vcpu, 0x80000022, 0);
+		if (!entry) {
+			pmu->nr_arch_gp_counters = AMD64_NUM_COUNTERS_CORE;
+		} else {
+			ebx.full = entry->ebx;
+			pmu->nr_arch_gp_counters = ebx.split.num_core_pmc;
+		}
 	} else if (guest_cpu_cap_has(vcpu, X86_FEATURE_PERFCTR_CORE)) {
 		pmu->nr_arch_gp_counters = AMD64_NUM_COUNTERS_CORE;
 	} else {
-- 
2.47.3