From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: [PATCH 10/27] KVM: MMU: Add infrastructure for two-level page
 walker
Date: Mon, 06 Sep 2010 21:05:35 +0300
Message-ID: <4C852D6F.5000101@redhat.com>
References: <1283788566-29186-1-git-send-email-joerg.roedel@amd.com> <1283788566-29186-11-git-send-email-joerg.roedel@amd.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Marcelo Tosatti <mtosatti@redhat.com>,
	Alexander Graf <agraf@suse.de>, joro@8bytes.org,
	kvm@vger.kernel.org, linux-kernel@vger.kernel.org
To: Joerg Roedel <joerg.roedel@amd.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:6217 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754134Ab0IFSFs (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 6 Sep 2010 14:05:48 -0400
In-Reply-To: <1283788566-29186-11-git-send-email-joerg.roedel@amd.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

  On 09/06/2010 06:55 PM, Joerg Roedel wrote:
> This patch introduces a mmu-callback to translate gpa
> addresses in the walk_addr code. This is later used to
> translate l2_gpa addresses into l1_gpa addresses.

> @@ -534,6 +534,11 @@ static inline gpa_t gfn_to_gpa(gfn_t gfn)
>   	return (gpa_t)gfn<<  PAGE_SHIFT;
>   }
>
> +static inline gfn_t gpa_to_gfn(gpa_t gpa)
> +{
> +	return (gfn_t)gpa>>  PAGE_SHIFT;
> +}
> +

That's a bug - gfn_t may be smaller than gpa_t, so you're truncating 
just before the shift.  Note the casts in the surrounding functions are 
widening, not narrowing.

However, gfn_t is u64 so the bug is only theoretical.

-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.