Skip to content

L
linux
Switch branch/tag
Find file BlameHistoryPermalink
  • Eugene Korenevsky's avatar
    kvm: vmx: fix limit checking in get_vmx_mem_address() · c1a9acbc
    Eugene Korenevsky authored 
    Intel SDM vol. 3, 5.3:
The processor causes a
general-protection exception (or, if the segment is SS, a stack-fault
exception) any time an attempt is made to access the following addresses
in a segment:
- A byte at an offset greater than the effective limit
- A word at an offset greater than the (effective-limit – 1)
- A doubleword at an offset greater than the (effective-limit – 3)
- A quadword at an offset greater than the (effective-limit – 7)

Therefore, the generic limit checking error condition must be

exn = (off > limit + 1 - access_len) = (off + access_len - 1 > limit)

but not

exn = (off + access_len > limit)

as for now.

Also avoid integer overflow of `off` at 32-bit KVM by casting it to u64.

Note: access length is currently sizeof(u64) which is incorrect. This
will be fixed in the subsequent patch.
Signed-off-by: default avatarEugene Korenevsky <ekorenevsky@gmail.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    c1a9acbc
nested.c 175 KB
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7