* [PATCH] KVM: arm64: Harden clock for nvhe/pKVM
@ 2026-04-30 10:37 Mostafa Saleh
0 siblings, 0 replies; only message in thread
From: Mostafa Saleh @ 2026-04-30 10:37 UTC (permalink / raw)
To: linux-arm-kernel, linux-kernel, kvmarm
Cc: catalin.marinas, will, maz, oliver.upton, joey.gouly,
suzuki.poulose, yuzenghui, vdonnefort, tabba, Mostafa Saleh
Sashiko(locally) reports possiblity of division by zero and
out-of-bounds bitwise shift in trace_clock_update().
Although the clock update is untrusted, we should at least have some
basic checks to avoid the clock value getting out of sync if the host
is buggy.
Signed-off-by: Mostafa Saleh <smostafa@google.com>
---
arch/arm64/kvm/hyp/nvhe/clock.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/arch/arm64/kvm/hyp/nvhe/clock.c b/arch/arm64/kvm/hyp/nvhe/clock.c
index 32fc4313fe43..a7fc61976fd0 100644
--- a/arch/arm64/kvm/hyp/nvhe/clock.c
+++ b/arch/arm64/kvm/hyp/nvhe/clock.c
@@ -35,6 +35,9 @@ void trace_clock_update(u32 mult, u32 shift, u64 epoch_ns, u64 epoch_cyc)
struct clock_data *clock = &trace_clock_data;
u64 bank = clock->cur ^ 1;
+ if (!mult || shift >= 64)
+ return;
+
clock->data[bank].mult = mult;
clock->data[bank].shift = shift;
clock->data[bank].epoch_ns = epoch_ns;
--
2.54.0.545.g6539524ca2-goog
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2026-04-30 10:37 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-30 10:37 [PATCH] KVM: arm64: Harden clock for nvhe/pKVM Mostafa Saleh
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox