From: <gregkh@linuxfoundation.org>
To: james.hogan@imgtec.com, gregkh@linuxfoundation.org,
kvm@vger.kernel.org, linux-mips@linux-mips.org,
pbonzini@redhat.com, ralf@linux-mips.org, rkrcmar@redhat.com,
stable@vger.kernel.org
Cc: <stable@vger.kernel.org>, <stable-commits@vger.kernel.org>
Subject: Patch "[PATCH BACKPORT 3.10-3.15 2/4] MIPS: KVM: Add missing gfn range check" has been added to the 3.14-stable tree
Date: Thu, 18 Aug 2016 11:47:00 +0200 [thread overview]
Message-ID: <1471513620253162@kroah.com> (raw)
In-Reply-To: <54b01d37d3ac6ff18fdef80d1189d3c1285d4f46.1471021142.git-series.james.hogan@imgtec.com>
This is a note to let you know that I've just added the patch titled
[PATCH BACKPORT 3.10-3.15 2/4] MIPS: KVM: Add missing gfn range check
to the 3.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mips-kvm-add-missing-gfn-range-check.patch
and it can be found in the queue-3.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.
WARNING: multiple messages have this Message-ID (diff)
From: <gregkh@linuxfoundation.org>
To: james.hogan@imgtec.com, gregkh@linuxfoundation.org,
kvm@vger.kernel.org, linux-mips@linux-mips.org,
pbonzini@redhat.com, ralf@linux-mips.org, rkrcmar@redhat.com,
stable@vger.kernel.org
Cc: stable-commits@vger.kernel.org
Subject: Patch "[PATCH BACKPORT 3.10-3.15 2/4] MIPS: KVM: Add missing gfn range check" has been added to the 3.14-stable tree
Date: Thu, 18 Aug 2016 11:47:00 +0200 [thread overview]
Message-ID: <1471513620253162@kroah.com> (raw)
Message-ID: <20160818094700.EImrWEm5X1Ek3UG4e5hsLhlL9D368GyIaDwrdszKPwQ@z> (raw)
In-Reply-To: <54b01d37d3ac6ff18fdef80d1189d3c1285d4f46.1471021142.git-series.james.hogan@imgtec.com>
This is a note to let you know that I've just added the patch titled
[PATCH BACKPORT 3.10-3.15 2/4] MIPS: KVM: Add missing gfn range check
to the 3.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mips-kvm-add-missing-gfn-range-check.patch
and it can be found in the queue-3.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.
WARNING: multiple messages have this Message-ID (diff)
From: <gregkh@linuxfoundation.org>
To: james.hogan@imgtec.com, gregkh@linuxfoundation.org,
kvm@vger.kernel.org, linux-mips@linux-mips.org,
pbonzini@redhat.com, ralf@linux-mips.org, rkrcmar@redhat.com,
stable@vger.kernel.org
Cc: <stable@vger.kernel.org>, <stable-commits@vger.kernel.org>
Subject: Patch "[PATCH BACKPORT 3.10-3.15 2/4] MIPS: KVM: Add missing gfn range check" has been added to the 3.14-stable tree
Date: Thu, 18 Aug 2016 11:47:00 +0200 [thread overview]
Message-ID: <1471513620253162@kroah.com> (raw)
In-Reply-To: <54b01d37d3ac6ff18fdef80d1189d3c1285d4f46.1471021142.git-series.james.hogan@imgtec.com>
This is a note to let you know that I've just added the patch titled
[PATCH BACKPORT 3.10-3.15 2/4] MIPS: KVM: Add missing gfn range check
to the 3.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mips-kvm-add-missing-gfn-range-check.patch
and it can be found in the queue-3.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.
>From james.hogan@imgtec.com Thu Aug 18 11:46:20 2016
From: James Hogan <james.hogan@imgtec.com>
Date: Thu, 18 Aug 2016 10:22:53 +0100
Subject: [PATCH BACKPORT 3.10-3.15 2/4] MIPS: KVM: Add missing gfn range check
To: <stable@vger.kernel.org>
Cc: James Hogan <james.hogan@imgtec.com>, Paolo Bonzini <pbonzini@redhat.com>, Radim Krčmář <rkrcmar@redhat.com>, Ralf Baechle <ralf@linux-mips.org>, <linux-mips@linux-mips.org>, <kvm@vger.kernel.org>
Message-ID: <54b01d37d3ac6ff18fdef80d1189d3c1285d4f46.1471021142.git-series.james.hogan@imgtec.com>
From: James Hogan <james.hogan@imgtec.com>
commit 8985d50382359e5bf118fdbefc859d0dbf6cebc7 upstream.
kvm_mips_handle_mapped_seg_tlb_fault() calculates the guest frame number
based on the guest TLB EntryLo values, however it is not range checked
to ensure it lies within the guest_pmap. If the physical memory the
guest refers to is out of range then dump the guest TLB and emit an
internal error.
Fixes: 858dd5d45733 ("KVM/MIPS32: MMU/TLB operations for the Guest.")
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: linux-mips@linux-mips.org
Cc: kvm@vger.kernel.org
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
[james.hogan@imgtec.com: Backport to v3.10.y - v3.15.y]
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/mips/kvm/kvm_tlb.c | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
--- a/arch/mips/kvm/kvm_tlb.c
+++ b/arch/mips/kvm/kvm_tlb.c
@@ -370,6 +370,7 @@ kvm_mips_handle_mapped_seg_tlb_fault(str
unsigned long entryhi = 0, entrylo0 = 0, entrylo1 = 0;
struct kvm *kvm = vcpu->kvm;
pfn_t pfn0, pfn1;
+ gfn_t gfn0, gfn1;
long tlb_lo[2];
tlb_lo[0] = tlb->tlb_lo0;
@@ -383,14 +384,24 @@ kvm_mips_handle_mapped_seg_tlb_fault(str
VPN2_MASK & (PAGE_MASK << 1)))
tlb_lo[(KVM_GUEST_COMMPAGE_ADDR >> PAGE_SHIFT) & 1] = 0;
- if (kvm_mips_map_page(kvm, mips3_tlbpfn_to_paddr(tlb_lo[0]) >> PAGE_SHIFT) < 0)
+ gfn0 = mips3_tlbpfn_to_paddr(tlb_lo[0]) >> PAGE_SHIFT;
+ gfn1 = mips3_tlbpfn_to_paddr(tlb_lo[1]) >> PAGE_SHIFT;
+ if (gfn0 >= kvm->arch.guest_pmap_npages ||
+ gfn1 >= kvm->arch.guest_pmap_npages) {
+ kvm_err("%s: Invalid gfn: [%#llx, %#llx], EHi: %#lx\n",
+ __func__, gfn0, gfn1, tlb->tlb_hi);
+ kvm_mips_dump_guest_tlbs(vcpu);
return -1;
+ }
- if (kvm_mips_map_page(kvm, mips3_tlbpfn_to_paddr(tlb_lo[1]) >> PAGE_SHIFT) < 0)
+ if (kvm_mips_map_page(kvm, gfn0) < 0)
return -1;
- pfn0 = kvm->arch.guest_pmap[mips3_tlbpfn_to_paddr(tlb_lo[0]) >> PAGE_SHIFT];
- pfn1 = kvm->arch.guest_pmap[mips3_tlbpfn_to_paddr(tlb_lo[1]) >> PAGE_SHIFT];
+ if (kvm_mips_map_page(kvm, gfn1) < 0)
+ return -1;
+
+ pfn0 = kvm->arch.guest_pmap[gfn0];
+ pfn1 = kvm->arch.guest_pmap[gfn1];
if (hpa0)
*hpa0 = pfn0 << PAGE_SHIFT;
Patches currently in stable-queue which might be from james.hogan@imgtec.com are
queue-3.14/mips-kvm-add-missing-gfn-range-check.patch
queue-3.14/mips-kvm-propagate-kseg0-mapped-tlb-fault-errors.patch
queue-3.14/mips-kvm-fix-mapped-fault-broken-commpage-handling.patch
queue-3.14/mips-kvm-fix-gfn-range-check-in-kseg0-tlb-faults.patch
next prev parent reply other threads:[~2016-08-18 9:47 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-18 9:22 [PATCH BACKPORT 3.10-3.15 0/4] MIPS: KVM: Fix MMU/TLB management issues James Hogan
2016-08-18 9:22 ` James Hogan
2016-08-18 9:22 ` [PATCH BACKPORT 3.10-3.15 1/4] MIPS: KVM: Fix mapped fault broken commpage handling James Hogan
2016-08-18 9:22 ` James Hogan
2016-08-18 9:22 ` James Hogan
2016-08-18 9:47 ` Patch "[PATCH BACKPORT 3.10-3.15 1/4] MIPS: KVM: Fix mapped fault broken commpage handling" has been added to the 3.14-stable tree gregkh
2016-08-18 9:47 ` gregkh
2016-08-18 9:47 ` gregkh
2016-08-18 9:22 ` [PATCH BACKPORT 3.10-3.15 2/4] MIPS: KVM: Add missing gfn range check James Hogan
2016-08-18 9:22 ` James Hogan
2016-08-18 9:22 ` James Hogan
2016-08-18 9:47 ` gregkh [this message]
2016-08-18 9:47 ` Patch "[PATCH BACKPORT 3.10-3.15 2/4] MIPS: KVM: Add missing gfn range check" has been added to the 3.14-stable tree gregkh
2016-08-18 9:47 ` gregkh
2016-08-18 9:22 ` [PATCH BACKPORT 3.10-3.15 3/4] MIPS: KVM: Fix gfn range check in kseg0 tlb faults James Hogan
2016-08-18 9:22 ` James Hogan
2016-08-18 9:22 ` James Hogan
2016-08-18 9:47 ` Patch "[PATCH BACKPORT 3.10-3.15 3/4] MIPS: KVM: Fix gfn range check in kseg0 tlb faults" has been added to the 3.14-stable tree gregkh
2016-08-18 9:47 ` gregkh
2016-08-18 9:47 ` gregkh
2016-08-18 9:22 ` [PATCH BACKPORT 3.10-3.15 4/4] MIPS: KVM: Propagate kseg0/mapped tlb fault errors James Hogan
2016-08-18 9:22 ` James Hogan
2016-08-18 9:22 ` James Hogan
2016-08-18 9:47 ` Patch "[PATCH BACKPORT 3.10-3.15 4/4] MIPS: KVM: Propagate kseg0/mapped tlb fault errors" has been added to the 3.14-stable tree gregkh
2016-08-18 9:47 ` gregkh
2016-08-18 9:47 ` gregkh
2016-08-18 9:39 ` [PATCH BACKPORT 3.10-3.15 0/4] MIPS: KVM: Fix MMU/TLB management issues Jiri Slaby
2016-08-18 9:46 ` Greg KH
2016-08-18 20:02 ` Willy Tarreau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1471513620253162@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=james.hogan@imgtec.com \
--cc=kvm@vger.kernel.org \
--cc=linux-mips@linux-mips.org \
--cc=pbonzini@redhat.com \
--cc=ralf@linux-mips.org \
--cc=rkrcmar@redhat.com \
--cc=stable-commits@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.