From: Ben Gardon <bgardon@google.com>
To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <sean.j.christopherson@intel.com>,
Peter Shier <pshier@google.com>,
Jim Mattson <jmattson@google.com>,
Zdenek Kaspar <zkaspar82@gmail.com>,
Ben Gardon <bgardon@google.com>
Subject: [PATCH] kvm: x86/mmu: Fix is_tdp_mmu_check when using PAE
Date: Wed, 11 Nov 2020 10:53:37 -0800 [thread overview]
Message-ID: <20201111185337.1237383-1-bgardon@google.com> (raw)
When PAE is in use, the root_hpa will not have a shadow page assoicated
with it. In this case the kernel will crash with a NULL pointer
dereference. Add checks to ensure is_tdp_mmu_root works as intended even
when using PAE.
Tested: compiles
Fixes: 02c00b3a2f7e ("kvm: x86/mmu: Allocate and free TDP MMU roots")
Reported-by: Zdenek Kaspar <zkaspar82@gmail.com>
Signed-off-by: Ben Gardon <bgardon@google.com>
---
arch/x86/kvm/mmu/tdp_mmu.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c
index 27e381c9da6c..13013f4d98ad 100644
--- a/arch/x86/kvm/mmu/tdp_mmu.c
+++ b/arch/x86/kvm/mmu/tdp_mmu.c
@@ -49,8 +49,18 @@ bool is_tdp_mmu_root(struct kvm *kvm, hpa_t hpa)
{
struct kvm_mmu_page *sp;
+ if (WARN_ON(!VALID_PAGE(hpa)))
+ return false;
+
sp = to_shadow_page(hpa);
+ /*
+ * If this VM is being run with PAE, the TDP MMU will not be enabled
+ * and the root HPA will not have a shadow page associated with it.
+ */
+ if (!sp)
+ return false;
+
return sp->tdp_mmu_page && sp->root_count;
}
--
2.29.2.222.g5d2a92d10f8-goog
next reply other threads:[~2020-11-11 18:53 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-11 18:53 Ben Gardon [this message]
2020-11-11 22:57 ` [PATCH] kvm: x86/mmu: Fix is_tdp_mmu_check when using PAE Jamie Heilman
2020-11-11 23:46 ` Zdenek Kaspar
2020-11-13 20:58 ` Paolo Bonzini
2020-11-16 17:18 ` Ben Gardon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201111185337.1237383-1-bgardon@google.com \
--to=bgardon@google.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=pshier@google.com \
--cc=sean.j.christopherson@intel.com \
--cc=zkaspar82@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.