Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp2470866yba; Mon, 15 Apr 2019 12:19:10 -0700 (PDT) X-Google-Smtp-Source: APXvYqzKfd3QxOPoygSK0ODIABrBYELnTvFsahHrjC1aHHqSTDissWdW7PrM/6HtfCFLb4F+A2ya X-Received: by 2002:a63:5057:: with SMTP id q23mr72750540pgl.30.1555355950888; Mon, 15 Apr 2019 12:19:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555355950; cv=none; d=google.com; s=arc-20160816; b=SlRTGCAJLaFyTwhhq1/tkOy27QnklNx9jJZ0P5vUBJx886okxWmU1057FB1HegDptJ u1BufCKxdtrClgnV22Rz9k46uSYySWjdm9zvJtV7zYbmMqHoQ6VTAfx0JW4rcauOMALh SPGLNyR6cUHQf7Gj2comyyu75mRsx8dGKuW2FMUyho8hZOt0RxOTejygOj1CKa6lesj0 QxeImAXpjwavbSy0fdAv6JwhCqfP+txfDQJ5DBSI2wvPB4pBqONj+kiCMgfaJky1t88B +qMXXvRAVcTHlFW33j0+AoIyXpWDNAKHkgUWZZqlKuFy3Ufq47Lv+idC3/2Cd4E80haa u9yQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=bFuvWYioIFm2zh2/Na7eBS6AOcMR/PGPZitN8tGqVUo=; b=asF35RAMRhx6O+MNS0weaJbG+kFSVrByh5tLiYP+Pmq4lW5WiKHbiFUD1XIFK1sPS2 N1iRv9tjnPMl4jEtNXMYRp98Eo4KXYMjHc2pN9fEdC6OC6FG2jph5ghw6XexnclEPkD7 4JCEF/hitQc5dczsa9H8seX/bCiok1gTRGIet5Aa2MYdFCUqPzgtZGDWnLi9kQuGCVIQ JIcwXESWRFvkraWVZrNB1sBpollz3ZdxZCAgfTVWJMaQdr+xAZJUAFsFDR7t2aUekxhX StaPBZxVzWXgu9ZoXp/m92T/SSdlYKo7Pv8YbOaSo3/xVkvXMCKoH5qeYgTUWt/FU9Qn 61cw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="ymJ3/2Bv"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k3si34661258pgh.113.2019.04.15.12.18.54; Mon, 15 Apr 2019 12:19:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="ymJ3/2Bv"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731352AbfDOTML (ORCPT + 99 others); Mon, 15 Apr 2019 15:12:11 -0400 Received: from mail.kernel.org ([198.145.29.99]:49368 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730897AbfDOTMJ (ORCPT ); Mon, 15 Apr 2019 15:12:09 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id CC7CB218D3; Mon, 15 Apr 2019 19:12:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1555355528; bh=jnhI1SW6PzPLfF/eg+DULhf40qnrEEGcKswVWrHmru8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ymJ3/2BvzSew2M8tbg8x0yqGa0gmwb96DEzozwueJ136UWWdbMQhHz2qalaMjrTP6 6K4qDPETNLwotEHYIisqyxc2O3zV7rPkaJ9Bs7q9Lf3Qq1xWRjyEf/m8R9mTX/iZ4K iGnfugEa2rR4vG4RaMmYwNgK4NtfM3A8fg/OTjFs= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Cfir Cohen , David Rientjes , Paolo Bonzini Subject: [PATCH 5.0 069/117] kvm: svm: fix potential get_num_contig_pages overflow Date: Mon, 15 Apr 2019 21:00:39 +0200 Message-Id: <20190415183748.476525476@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190415183744.887851196@linuxfoundation.org> References: <20190415183744.887851196@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Rientjes commit ede885ecb2cdf8a8dd5367702e3d964ec846a2d5 upstream. get_num_contig_pages() could potentially overflow int so make its type consistent with its usage. Reported-by: Cfir Cohen Cc: stable@vger.kernel.org Signed-off-by: David Rientjes Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/svm.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -6422,11 +6422,11 @@ e_free: return ret; } -static int get_num_contig_pages(int idx, struct page **inpages, - unsigned long npages) +static unsigned long get_num_contig_pages(unsigned long idx, + struct page **inpages, unsigned long npages) { unsigned long paddr, next_paddr; - int i = idx + 1, pages = 1; + unsigned long i = idx + 1, pages = 1; /* find the number of contiguous pages starting from idx */ paddr = __sme_page_pa(inpages[idx]); @@ -6445,12 +6445,12 @@ static int get_num_contig_pages(int idx, static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) { - unsigned long vaddr, vaddr_end, next_vaddr, npages, size; + unsigned long vaddr, vaddr_end, next_vaddr, npages, pages, size, i; struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; struct kvm_sev_launch_update_data params; struct sev_data_launch_update_data *data; struct page **inpages; - int i, ret, pages; + int ret; if (!sev_guest(kvm)) return -ENOTTY;