Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp150309imm; Wed, 22 Aug 2018 01:34:14 -0700 (PDT) X-Google-Smtp-Source: AA+uWPzQuX79Za10q2whz61akOKpKi0tdi0UTfnXGoXwHNoAREGYApmUVmF3pxbEInMAgF6//6dU X-Received: by 2002:a17:902:7d93:: with SMTP id a19-v6mr14470495plm.215.1534926854128; Wed, 22 Aug 2018 01:34:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534926854; cv=none; d=google.com; s=arc-20160816; b=P0voJVTDAxWm7EJbJ54hx4fUkHJ1PpVlBVgWN07SUjKHiJzZmz+iCgj/HUMJsNRdzM BDCf6H5grUj/bSfkZ4N8Nj2CML0mct/QECWh2gtKBn3FkYBXAgxmKr2XGdLSYPe7wdst VdBeE9WjgQh5D1GMhyqqbnBlQ7HJqZThfD+Sdwsv79lh3F1b7pI7zQQSTpZX/DCTx2ud ni/u7z25gQhU0Wp819kL9NSwZ39o6+3gpSAvHKYtn3UfoXn1GS2E0G7RohaZK5Y5xnej 0vuZoVkO+oRrkISmHvu/BEjJqPMA8YF+6+jAKOgVY17mwuLEb+3pazuEU+8y9Pa7RB/h toyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature:arc-authentication-results; bh=JlIhNKWoRmlu3BCz1LONL1NCdAbQZ8VJt+Ce3M8WYEU=; b=brMdq5n8CaPHUvaE4DR7I4HatFbsGQAc9OnDcRHBt5/eV6S2KDGpxh7nfzCjw0jZjp Ny9aHEzB6+d7xL/djgpS8s48UEMZYBZTQKmq3KXwaE5jNvr50DQZSJ1hfTlwAZoDUxQl AZZCDz8lawX7a9XZ1ugS4Za3qKd/PTMVXVllq4UnnECkD5wze4K4n2+7VMUuwxXQGDyV wob+j77MjK1apOL1bRlTbYUhAqWtuMqUO5AGh3Erv1oOIvFLbyB68bQoRRjcpN27g1MC 9i6viIihImi4if9sHTONSTBjuKqyKJh7Pgw97DN8BgJj+iPHLf6kcag/5xSJ8uCEWcvB lyVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@profitbricks-com.20150623.gappssmtp.com header.s=20150623 header.b=cWAsLcxo; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k64-v6si1119686pge.129.2018.08.22.01.33.57; Wed, 22 Aug 2018 01:34:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@profitbricks-com.20150623.gappssmtp.com header.s=20150623 header.b=cWAsLcxo; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728483AbeHVL4k (ORCPT + 99 others); Wed, 22 Aug 2018 07:56:40 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:36389 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727985AbeHVL4j (ORCPT ); Wed, 22 Aug 2018 07:56:39 -0400 Received: by mail-wr1-f68.google.com with SMTP id m27-v6so901821wrf.3 for ; Wed, 22 Aug 2018 01:32:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=profitbricks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=JlIhNKWoRmlu3BCz1LONL1NCdAbQZ8VJt+Ce3M8WYEU=; b=cWAsLcxoob8uvsLt9TI2u/qMmBAnJ3syPzHjh69icZbU4XK/OjANI9rtBabNYxZO5M BseJGR2MFY9i5IV0jifBQZRmmKBerWGh1BUsWWCByrSNerJ5xaMgEZP0DBicu8LdvKXS LA571RUNjt3m0mNqhdfeVqdMT/8mIiW6aj8e/SV48YpH/3E1iHscA4/Px0PvFY2XDh6o n4d878HOQqYlkJ0WIjeA7l+pxYAVNYQ/r/ZQcHMgxjCRT9A0bz6viGVdQdqUGty0c+oV tnhSjw340AA4jGgg5DGBK91lm1iHtv+rG4TJdIGSYGXWV885Xnb1JWNdTFgxDvSujuh3 +mZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=JlIhNKWoRmlu3BCz1LONL1NCdAbQZ8VJt+Ce3M8WYEU=; b=oqj7a2DouCNk0qphkYHKr7RxyTDAD9l4+vh6qyxYlJhkFHE4JA2kDuH4yHZyVbl19K 9zkIgF8Ze5urSeNw2BNZ8eHT5jiBfEWj8crdlAjqkBttLj7rWzxPAXC+xjLulU/YRfZ9 K5//WK2SfsrrwBkB5Gyo77NE1JIfJLTknnuJ5+WxDZa/FmtpkC0W4Rz8DnuL1Np1WxFp iS9rFy/AzxDP8n5cDsdDJYfah2irzpfl/LJ/VNVAPzXNUaErT0XfQOzI8R2mmVrfjWcQ p5O1SNu1Ut4CIjfuRg2ZuyGsOoFR4QHxYu5a2MS+Q+1vNVC/FOpKHaWpstD/gGSmb48I rNXA== X-Gm-Message-State: APzg51B/S91FXIq7TGhqiq7gSUIsZjAk2lb7jyVt110q6IdMd8jQQ5Sx s3WfIVtHR/gUF9UCAXuvoQ5fmeGu4RxooyhOvjdAw0Gwq66Yqw== X-Received: by 2002:adf:f504:: with SMTP id q4-v6mr8743389wro.241.1534926766518; Wed, 22 Aug 2018 01:32:46 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Jinpu Wang Date: Wed, 22 Aug 2018 10:32:35 +0200 Message-ID: Subject: Re: [PATCH] x86/kvm/vmx: Fix GPF on reading vmentry_l1d_flush To: minoura@valinux.co.jp, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: stable Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > From: MINOURA Makoto / =E7=AE=95=E6=B5=A6 =E7=9C=9F > Date: 2018=E5=B9=B48=E6=9C=8822=E6=97=A5=E5=91=A8=E4=B8=89 =E4=B8=8A=E5= =8D=889:50 > Subject: [PATCH] x86/kvm/vmx: Fix GPF on reading vmentry_l1d_flush > To: > Cc: > > > > When EPT is not enabled, reading > /sys/module/kvm_intel/parameters/vmentry_l1d_flush causes > general protection fault in vmentry_l1d_flush_get() due to > access beyond the end of the array vmentry_l1d_param[]. > > Signed-off-by: Minoura Makoto > --- > arch/x86/include/asm/vmx.h | 1 + > arch/x86/kvm/vmx.c | 4 +++- > 2 files changed, 4 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h > index 95f9107449bf..c4b834b05178 100644 > --- a/arch/x86/include/asm/vmx.h > +++ b/arch/x86/include/asm/vmx.h > @@ -581,6 +581,7 @@ enum vmx_l1d_flush_state { > VMENTER_L1D_FLUSH_NEVER, > VMENTER_L1D_FLUSH_COND, > VMENTER_L1D_FLUSH_ALWAYS, > + VMENTER_L1D_FLUSH_PARAM_MAX =3D VMENTER_L1D_FLUSH_ALWAYS, > VMENTER_L1D_FLUSH_EPT_DISABLED, > VMENTER_L1D_FLUSH_NOT_REQUIRED, > }; > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index 1519f030fd73..155ba2a9139f 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -204,6 +204,8 @@ static const struct { > {"never", VMENTER_L1D_FLUSH_NEVER}, > {"cond", VMENTER_L1D_FLUSH_COND}, > {"always", VMENTER_L1D_FLUSH_ALWAYS}, > + {"ept-disabled", VMENTER_L1D_FLUSH_EPT_DISABLED}, > + {"not-required", VMENTER_L1D_FLUSH_NOT_REQUIRED}, > }; > > #define L1D_CACHE_ORDER 4 > @@ -286,7 +288,7 @@ static int vmentry_l1d_flush_parse(const char *s) > unsigned int i; > > if (s) { > - for (i =3D 0; i < ARRAY_SIZE(vmentry_l1d_param); i++) { > + for (i =3D 0; i <=3D VMENTER_L1D_FLUSH_PARAM_MAX; i++) { > if (sysfs_streq(s, vmentry_l1d_param[i].option)) > return vmentry_l1d_param[i].cmd; > } Easy to reproduce. Thanks. Tested-by: Jack Wang -- Jack Wang Linux Kernel Developer ProfitBricks GmbH Greifswalder Str. 207 D - 10405 Berlin Tel: +49 30 577 008 042 Fax: +49 30 577 008 299 Email: jinpu.wang@profitbricks.com URL: https://www.profitbricks.de Sitz der Gesellschaft: Berlin Registergericht: Amtsgericht Charlottenburg, HRB 125506 B Gesch=C3=A4ftsf=C3=BChrer: Achim Weiss, Matthias Steinberg, Christoph Steff= ens