Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp1357091ybf; Thu, 27 Feb 2020 09:24:57 -0800 (PST) X-Google-Smtp-Source: APXvYqyCqNnRMZRXsCKOJDUyhcavi2q+pVMSa3ophgUMWqbJfnB+RwDqCPK8t51c0lDO+b3uvdxA X-Received: by 2002:a05:6830:2102:: with SMTP id i2mr631039otc.123.1582824296855; Thu, 27 Feb 2020 09:24:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582824296; cv=none; d=google.com; s=arc-20160816; b=S4h5lD3kOTsKB9hYNSi17LMkRQQIO2sC9r7ahFA1Pgkbzboz9fLZ+Dp5PmjnInOvyk 0ekjflximwil7EfLDUxyknRD5XxXAYLmwXzu77p0HVAwl09txEGH8tipRElGigVYUF/S wvnZ+awynN6I3cXfW+5QDDGGf+b/sxQOot4ArPfR8CvolAwyAJe3qj23V1oFNNZAAvoI qBfoZZKPRhZhREtWIMf3ERVIrKxxzU8P16DRF6sneYc2//RfPaP0s1xZzWf7EteLhkGV fvVCay1zz9V2xQ8K4f9ElqSnF10P6wKXusxp075J7LLzOGAHd9rl/ytjKtTmk0DC5sYd /Kng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=a0y/j4KW7R+c8IZgk86JY7zUwSLsnh5fFNeVauypTJo=; b=kglOzyzPR1an8F9VPNFnzikEFZEXH8SvEIFUT0lirQLTFV0yIKCk7LLK/Ev+ZR8XGq C2C45bEv7UA2Pfh2LvgG0lwrawuL8a0tuEa3xlkhSJE6MRbXeHWRA6GRl3FLivIyVa+m /bxUn1sRHnGs840Q95cPOQhGmH93KafrQUoV2AbvL7RD3k8gA5ACQh/VMBhsmL+3+SUY 8idcnQUpBVoY4yGzQa2LJx55PW9GYZD7P+y9/nml13Yaof49/OPWBdkISgGRkvz/aAtM GP/TpMrdeIO0E6f3Wb/cIsWCQQB7Z+J78YhFNoGTYCHK6BXbDZihXTW6Z+mOKbikGrip +gkg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FSJlJfFm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l14si223168oic.222.2020.02.27.09.24.43; Thu, 27 Feb 2020 09:24:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FSJlJfFm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729948AbgB0RXm (ORCPT + 99 others); Thu, 27 Feb 2020 12:23:42 -0500 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:60858 "EHLO us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1730150AbgB0RXm (ORCPT ); Thu, 27 Feb 2020 12:23:42 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1582824220; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=a0y/j4KW7R+c8IZgk86JY7zUwSLsnh5fFNeVauypTJo=; b=FSJlJfFmYW3XCqTp1ACaMO5LIx14IRKFrvfwvgvJiMfBpwLnJaYPUqTArXQrWsqkBW2W4k GnNELN/i3OAAiPCiCzpx41M6M+7HdDKpy4Mac9okJEeIfIFdFRVg14r6cfXi2vDDt8nUSB 5+DX+5ccuuhg7wvY5UbZ3cr/W2AtpqY= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-267-fv0YXZNdMtuo_5rIlChthw-1; Thu, 27 Feb 2020 12:23:39 -0500 X-MC-Unique: fv0YXZNdMtuo_5rIlChthw-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 65951477; Thu, 27 Feb 2020 17:23:37 +0000 (UTC) Received: from millenium-falcon.redhat.com (unknown [10.36.118.42]) by smtp.corp.redhat.com (Postfix) with ESMTP id 58CEE1001B2C; Thu, 27 Feb 2020 17:23:34 +0000 (UTC) From: Mohammed Gamal To: kvm@vger.kernel.org, pbonzini@redhat.com Cc: sean.j.christopherson@intel.com, vkuznets@redhat.com, wanpengli@tencent.com, jmattson@google.com, joro@8bytes.org, linux-kernel@vger.kernel.org, Mohammed Gamal Subject: [PATCH 2/5] KVM: VMX: Add guest physical address check in EPT violation and misconfig Date: Thu, 27 Feb 2020 19:23:03 +0200 Message-Id: <20200227172306.21426-3-mgamal@redhat.com> In-Reply-To: <20200227172306.21426-1-mgamal@redhat.com> References: <20200227172306.21426-1-mgamal@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Check guest physical address against it's maximum physical memory. If the guest's physical address exceeds the maximum (i.e. has reserved bits set), inject a guest page fault with PFERR_RSVD_MASK. Signed-off-by: Mohammed Gamal --- arch/x86/kvm/vmx/vmx.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 63aaf44edd1f..477d196aa235 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -5162,6 +5162,12 @@ static int handle_ept_violation(struct kvm_vcpu *v= cpu) gpa =3D vmcs_read64(GUEST_PHYSICAL_ADDRESS); trace_kvm_page_fault(gpa, exit_qualification); =20 + /* Check if guest gpa doesn't exceed physical memory limits */ + if (gpa >=3D (1ull << cpuid_maxphyaddr(vcpu))) { + kvm_inject_rsvd_bits_pf(vcpu, gpa); + return 1; + } + /* Is it a read fault? */ error_code =3D (exit_qualification & EPT_VIOLATION_ACC_READ) ? PFERR_USER_MASK : 0; @@ -5193,6 +5199,13 @@ static int handle_ept_misconfig(struct kvm_vcpu *v= cpu) * nGPA here instead of the required GPA. */ gpa =3D vmcs_read64(GUEST_PHYSICAL_ADDRESS); + + /* Check if guest gpa doesn't exceed physical memory limits */ + if (gpa >=3D (1ull << cpuid_maxphyaddr(vcpu))) { + kvm_inject_rsvd_bits_pf(vcpu, gpa); + return 1; + } + if (!is_guest_mode(vcpu) && !kvm_io_bus_write(vcpu, KVM_FAST_MMIO_BUS, gpa, 0, NULL)) { trace_kvm_fast_mmio(gpa); --=20 2.21.1