From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Sean Christopherson <seanjc@google.com>,
syzbot+106a4f72b0474e1d1b33@syzkaller.appspotmail.com,
David Woodhouse <dwmw2@infradead.org>,
Paul Durrant <paul@xen.org>
Subject: [PATCH 3/3] KVM: Explicitly disallow activatating a gfn_to_pfn_cache with INVALID_GPA
Date: Tue, 19 Mar 2024 17:15:42 -0700 [thread overview]
Message-ID: <20240320001542.3203871-4-seanjc@google.com> (raw)
In-Reply-To: <20240320001542.3203871-1-seanjc@google.com>
Explicit disallow activating a gfn_to_pfn_cache with an error gpa, i.e.
INVALID_GPA, to ensure that KVM doesn't mistake a GPA-based cache for an
HVA-based cache (KVM uses INVALID_GPA as a magic value to differentiate
between GPA-based and HVA-based caches).
WARN if KVM attempts to activate a cache with INVALID_GPA, purely so that
new caches need to at least consider what to do with a "bad" GPA, as all
existing usage of kvm_gpc_activate() guarantees gpa != INVALID_GPA. I.e.
removing the WARN in the future is completely reasonable if doing so would
yield cleaner/better code overall.
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
virt/kvm/pfncache.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/virt/kvm/pfncache.c b/virt/kvm/pfncache.c
index 91b0e329006b..f618719644e0 100644
--- a/virt/kvm/pfncache.c
+++ b/virt/kvm/pfncache.c
@@ -418,6 +418,13 @@ static int __kvm_gpc_activate(struct gfn_to_pfn_cache *gpc, gpa_t gpa, unsigned
int kvm_gpc_activate(struct gfn_to_pfn_cache *gpc, gpa_t gpa, unsigned long len)
{
+ /*
+ * Explicitly disallow INVALID_GPA so that the magic value can be used
+ * by KVM to differentiate between GPA-based and HVA-based caches.
+ */
+ if (WARN_ON_ONCE(kvm_is_error_gpa(gpa)))
+ return -EINVAL;
+
return __kvm_gpc_activate(gpc, gpa, KVM_HVA_ERR_BAD, len);
}
--
2.44.0.291.gc1ea87d7ee-goog
next prev parent reply other threads:[~2024-03-20 0:15 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-20 0:15 [PATCH 0/3] KVM: Fix for a mostly benign gpc WARN Sean Christopherson
2024-03-20 0:15 ` [PATCH 1/3] KVM: Add helpers to consolidate gfn_to_pfn_cache's page split check Sean Christopherson
2024-03-20 8:20 ` David Woodhouse
2024-03-21 11:07 ` Paul Durrant
2024-03-20 0:15 ` [PATCH 2/3] KVM: Check validity of offset+length of gfn_to_pfn_cache prior to activation Sean Christopherson
2024-03-20 8:20 ` David Woodhouse
2024-03-21 11:11 ` Paul Durrant
2024-03-20 0:15 ` Sean Christopherson [this message]
2024-03-20 8:20 ` [PATCH 3/3] KVM: Explicitly disallow activatating a gfn_to_pfn_cache with INVALID_GPA David Woodhouse
2024-03-21 11:13 ` Paul Durrant
2024-03-22 11:39 ` [PATCH 0/3] KVM: Fix for a mostly benign gpc WARN David Woodhouse
2024-04-08 23:21 ` Sean Christopherson
2024-04-09 2:33 ` David Woodhouse
2024-04-09 14:28 ` Sean Christopherson
2024-04-09 2:01 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240320001542.3203871-4-seanjc@google.com \
--to=seanjc@google.com \
--cc=dwmw2@infradead.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=paul@xen.org \
--cc=pbonzini@redhat.com \
--cc=syzbot+106a4f72b0474e1d1b33@syzkaller.appspotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.