From mboxrd@z Thu Jan 1 00:00:00 1970 From: Nicholas Piggin Date: Fri, 06 Aug 2021 10:10:44 +0000 Subject: Re: [PATCH v2 2/3] KVM: PPC: Book3S HV: Add sanity check to copy_tofrom_guest Message-Id: <1628244579.t79ynn05df.astroid@bobo.none> List-Id: References: <20210805212616.2641017-1-farosas@linux.ibm.com> <20210805212616.2641017-3-farosas@linux.ibm.com> In-Reply-To: <20210805212616.2641017-3-farosas@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: Fabiano Rosas , kvm-ppc@vger.kernel.org Cc: christophe.leroy@c-s.fr, linuxppc-dev@lists.ozlabs.org Excerpts from Fabiano Rosas's message of August 6, 2021 7:26 am: > Both paths into __kvmhv_copy_tofrom_guest_radix ensure that we arrive > with an effective address that is smaller than our total addressable > space and addresses quadrant 0. > > - The H_COPY_TOFROM_GUEST hypercall path rejects the call with > H_PARAMETER if the effective address has any of the twelve most > significant bits set. > > - The kvmhv_copy_tofrom_guest_radix path clears the top twelve bits > before calling the internal function. > > Although the callers make sure that the effective address is sane, any > future use of the function is exposed to a programming error, so add a > sanity check. We possibly should put these into #defines in radix pgtable headers somewhere but KVM already open codes them so this is good for now. Reviewed-by: Nicholas Piggin > > Suggested-by: Nicholas Piggin > Signed-off-by: Fabiano Rosas > --- > arch/powerpc/kvm/book3s_64_mmu_radix.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/arch/powerpc/kvm/book3s_64_mmu_radix.c b/arch/powerpc/kvm/book3s_64_mmu_radix.c > index 44eb7b1ef289..1b1c9e9e539b 100644 > --- a/arch/powerpc/kvm/book3s_64_mmu_radix.c > +++ b/arch/powerpc/kvm/book3s_64_mmu_radix.c > @@ -44,6 +44,9 @@ unsigned long __kvmhv_copy_tofrom_guest_radix(int lpid, int pid, > (to != NULL) ? __pa(to): 0, > (from != NULL) ? __pa(from): 0, n); > > + if (eaddr & (0xFFFUL << 52)) > + return ret; > + > quadrant = 1; > if (!pid) > quadrant = 2; > -- > 2.29.2 > >