AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-02-08 12:45:12 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
0a47cd8583
linux_dsm_epyc7002/arch/x86/kvm
History
Paolo Bonzini 0a47cd8583 KVM: MMU: Fix ubsan warnings 
kvm_mmu_pages_init is doing some really yucky stuff.  It is setting
up a sentinel for mmu_page_clear_parents; however, because of a) the
way levels are numbered starting from 1 and b) the way mmu_page_path
sizes its arrays with PT64_ROOT_LEVEL-1 elements, the access can be
out of bounds.  This is harmless because the code overwrites up to the
first two elements of parents->idx and these are initialized, and
because the sentinel is not needed in this case---mmu_page_clear_parents
exits anyway when it gets to the end of the array.  However ubsan
complains, and everyone else should too.

This fix does three things.  First it makes the mmu_page_path arrays
PT64_ROOT_LEVEL elements in size, so that we can write to them without
checking the level in advance.  Second it disintegrates kvm_mmu_pages_init
between mmu_unsync_walk (to reset the struct kvm_mmu_pages) and
for_each_sp (to place the NULL sentinel at the end of the current path).
This is okay because the mmu_page_path is only used in
mmu_pages_clear_parents; mmu_pages_clear_parents itself is called within
a for_each_sp iterator, and hence always after a call to mmu_pages_next.
Third it changes mmu_pages_clear_parents to just use the sentinel to
stop iteration, without checking the bounds on level.

Reported-by: Sasha Levin <sasha.levin@oracle.com>
Reported-by: Mike Krinkin <krinkin.m.u@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-04 12:35:23 +01:00
..
assigned-dev.c KVM: x86: use list_for_each_entry* 2016-02-23 15:40:54 +01:00
assigned-dev.h KVM: x86: move device assignment out of kvm_host.h 2014-11-24 16:53:50 +01:00
cpuid.c s390: A bunch of fixes and optimizations for interrupt and time 2015-11-05 16:26:26 -08:00
cpuid.h Merge branch 'x86-cpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-01-11 16:46:20 -08:00
emulate.c KVM: x86: allow RSM from 64-bit mode 2015-11-04 16:24:38 +01:00
hyperv.c kvm/x86: Hyper-V VMBus hypercall userspace exit 2016-02-16 18:48:44 +01:00
hyperv.h kvm/x86: Hyper-V SynIC timers 2015-12-16 18:49:45 +01:00
i8254.c KVM: i8254: turn kvm_kpit_state.reinject into atomic_t 2016-03-04 09:30:25 +01:00
i8254.h KVM: i8254: turn kvm_kpit_state.reinject into atomic_t 2016-03-04 09:30:25 +01:00
i8259.c KVM: x86: clean/fix memory barriers in irqchip_in_kernel 2015-07-30 16:02:56 +02:00
ioapic.c kvm: x86: Check dest_map->vector to match eoi signals for rtc 2016-03-03 14:36:18 +01:00
ioapic.h kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map 2016-03-03 14:36:18 +01:00
iommu.c kvm: rename pfn_t to kvm_pfn_t 2016-01-15 17:56:32 -08:00
irq_comm.c kvm: x86: Convert ioapic->rtc_status.dest_map to a struct 2016-03-03 14:36:17 +01:00
irq.c KVM: x86: consolidate "has lapic" checks into irq.c 2016-02-09 16:57:39 +01:00
irq.h KVM: x86: consolidate different ways to test for in-kernel LAPIC 2016-02-09 16:57:45 +01:00
Kconfig KVM: x86: select IRQ_BYPASS_MANAGER 2015-10-01 15:06:52 +02:00
kvm_cache_regs.h KVM: x86: API changes for SMM support 2015-06-04 16:01:11 +02:00
lapic.c kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map 2016-03-03 14:36:18 +01:00
lapic.h kvm: x86: Convert ioapic->rtc_status.dest_map to a struct 2016-03-03 14:36:17 +01:00
Makefile KVM: page track: add the framework of guest page tracking 2016-03-03 14:36:20 +01:00
mmu_audit.c kvm: rename pfn_t to kvm_pfn_t 2016-01-15 17:56:32 -08:00
mmu.c KVM: MMU: Fix ubsan warnings 2016-03-04 12:35:23 +01:00
mmu.h KVM: MMU: introduce kvm_mmu_slot_gfn_write_protect 2016-03-03 14:36:20 +01:00
mmutrace.h tracing: Rename ftrace_event.h to trace_events.h 2015-05-13 14:05:12 -04:00
mtrr.c KVM: MTRR: treat memory as writeback if MTRR is disabled in guest CPUID 2015-12-22 15:29:00 +01:00
page_track.c KVM: page track: add notifier support 2016-03-03 14:36:22 +01:00
paging_tmpl.h KVM: MMU: clear write-flooding on the fast path of tracked page 2016-03-03 14:36:22 +01:00
pmu_amd.c KVM: x86/vPMU: Fix unnecessary signed extension for AMD PERFCTRn 2015-08-11 15:19:41 +02:00
pmu_intel.c KVM: x86/vPMU: Define kvm_pmu_ops to support vPMU function dispatch 2015-06-23 14:12:14 +02:00
pmu.c KVM: x86: consolidate different ways to test for in-kernel LAPIC 2016-02-09 16:57:45 +01:00
pmu.h KVM: x86/vPMU: Define kvm_pmu_ops to support vPMU function dispatch 2015-06-23 14:12:14 +02:00
svm.c kvm/x86: Pass return code of kvm_emulate_hypercall 2016-02-16 18:48:41 +01:00
trace.h KVM/VMX: Add host irq information in trace event when updating IRTE for posted interrupts 2016-02-09 13:24:43 +01:00
tss.h KVM: x86: hardware task switching support 2008-04-27 12:00:39 +03:00
vmx.c KVM: VMX: use vmcs_clear/set_bits for debug register exits 2016-03-04 12:35:20 +01:00
x86.c KVM: i8254: don't assume layout of kvm_kpit_state 2016-03-04 09:30:18 +01:00
x86.h KVM: x86: Use vector-hashing to deliver lowest-priority interrupts 2016-02-09 13:24:40 +01:00