KVM: x86: fix overlap between SPTE_MMIO_MASK and generation - kernel/linux.git

diff options

author	Paolo Bonzini <pbonzini@redhat.com>	2020-01-18 22:09:03 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-02-11 15:35:53 +0300
commit	1d6cfa003c210f48ec9657296229927caec00c4c (patch)
tree	bd79622759ac14cbdb4d6ce2dc822bc8a2d483fd /virt
parent	8a1cd01bee30bd1033a452035f66be127728d4fd (diff)
download	linux-1d6cfa003c210f48ec9657296229927caec00c4c.tar.xz

KVM: x86: fix overlap between SPTE_MMIO_MASK and generation

[ Upstream commit 56871d444bc4d7ea66708775e62e2e0926384dbc ] The SPTE_MMIO_MASK overlaps with the bits used to track MMIO generation number. A high enough generation number would overwrite the SPTE_SPECIAL_MASK region and cause the MMIO SPTE to be misinterpreted. Likewise, setting bits 52 and 53 would also cause an incorrect generation number to be read from the PTE, though this was partially mitigated by the (useless if it weren't for the bug) removal of SPTE_SPECIAL_MASK from the spte in get_mmio_spte_generation. Drop that removal, and replace it with a compile-time assertion. Fixes: 6eeb4ef049e7 ("KVM: x86: assign two bits to track SPTE kinds") Reported-by: Ben Gardon <bgardon@google.com> Cc: stable@vger.kernel.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Sasha Levin <sashal@kernel.org>

Diffstat (limited to 'virt')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: