diff options
| author | Sean Christopherson <seanjc@google.com> | 2021-01-13 21:45:15 +0100 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2021-01-26 00:52:06 +0100 |
| commit | eb79cd00ce25974c21f34f1eeb92a580ff572971 (patch) | |
| tree | 49e1ba395906d96346e471dd430d76d8fdd1a744 | |
| parent | KVM: Documentation: Fix spec for KVM_CAP_ENABLE_CAP_VM (diff) | |
| download | linux-eb79cd00ce25974c21f34f1eeb92a580ff572971.tar.xz linux-eb79cd00ce25974c21f34f1eeb92a580ff572971.zip | |
KVM: x86: Add more protection against undefined behavior in rsvd_bits()
Add compile-time asserts in rsvd_bits() to guard against KVM passing in
garbage hardcoded values, and cap the upper bound at '63' for dynamic
values to prevent generating a mask that would overflow a u64.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20210113204515.3473079-1-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| -rw-r--r-- | arch/x86/kvm/mmu.h | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 581925e476d6..261be1d2032b 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -44,8 +44,15 @@ #define PT32_ROOT_LEVEL 2 #define PT32E_ROOT_LEVEL 3 -static inline u64 rsvd_bits(int s, int e) +static __always_inline u64 rsvd_bits(int s, int e) { + BUILD_BUG_ON(__builtin_constant_p(e) && __builtin_constant_p(s) && e < s); + + if (__builtin_constant_p(e)) + BUILD_BUG_ON(e > 63); + else + e &= 63; + if (e < s) return 0; |