Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp937337ybt; Fri, 19 Jun 2020 18:46:44 -0700 (PDT) X-Google-Smtp-Source: ABdhPJytGDrFq9/ZpNANW+BWlozz6GN7e5tk88oq7sibTQzGIO8hLrN2L63yj7bLgJetT4EoaTww X-Received: by 2002:a05:6402:1fc:: with SMTP id i28mr6283149edy.63.1592617604538; Fri, 19 Jun 2020 18:46:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592617604; cv=none; d=google.com; s=arc-20160816; b=P6vvcpq4YFQQK6AlymxDzatC+riCQAVGKbvZaK2sUi1O/mz+Iwjnr4FXgx6UBBSmoN ++P0BBsV/EpslhwRKfWW6RsGz+3Z/U9lJBMuF+/XEo/BlFdM+p7GYVA5W4uBojhuvTDX F/i2qWGKCnT652DZO/i/wV4osCYU+A5wMetZrqttKGsc8rWIOqCn0/HUXhaSfQs024iI ALDyzGwaYY8yOi9N5stda3ubYzD79uoJVSw1fwqqQILNKwmg64DUMjH1tkP7e6iwe5Jf ngMIvh528mFHkltURARJnzWAv6d7Lkdygkx2hmf9t9/6Xj3zQU0OnJARpXqpLioqE4Lj 3OFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=W2d2JapHGwonfdQ2MXhweIvFlT4SreATKnYblLfQf4k=; b=n008q7up1NKyM4X1B3w+z/y/M9cGvlCnkEDkkqdAQXOd1BmOhyf3kkOBffH+Drswd9 MZSjf4R7BMmKo9D2lIlXgByfXFTwo6/9eaBfYrUt2cuT7vVZmZ4dF7QZFbSONAEE57s4 2U8xCs3XRU2lXkL5pwSS98hbv6zHExiRd5jhCvivFM/a8OxW516paS5K6x3mlBEtpJLW PlF9DkiIawASFClIwwgNFTC0JmDiVMIJ3k2PMAyv01eS2Ml6t1rdL07D3rMtyE3Dc//f pZKytz8+pus6EQrL8xN5aC5Z83A7O9s+Efvc9jzij9VrTe3MhBqgi0xspr5EAag2w1wa J15Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=KMhjSDKU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c102si159978edf.216.2020.06.19.18.46.18; Fri, 19 Jun 2020 18:46:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=KMhjSDKU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2404703AbgFSPls (ORCPT + 99 others); Fri, 19 Jun 2020 11:41:48 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:40615 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2393803AbgFSPj4 (ORCPT ); Fri, 19 Jun 2020 11:39:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592581194; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=W2d2JapHGwonfdQ2MXhweIvFlT4SreATKnYblLfQf4k=; b=KMhjSDKUCJ9QlvdnTzUw/evNs15Zga4f/C0IWcljnD5qJ3CjXJHMgfFocSDGWaPG3bYLts 9Ed/x25DPX4aLcynvagkPY3r88I1j87oVQLkEYAnfaBA+XZpNTI2cvSGuLFQWfJvCiGH7n vvU5sSfy5X1Fnv/vPEQMVuTs0t+Z1wU= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-152-fvhVVxG-MKiPbgIAqv5AzQ-1; Fri, 19 Jun 2020 11:39:53 -0400 X-MC-Unique: fvhVVxG-MKiPbgIAqv5AzQ-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C718A18A077B; Fri, 19 Jun 2020 15:39:44 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-254.ams2.redhat.com [10.36.112.254]) by smtp.corp.redhat.com (Postfix) with ESMTP id 61E2460BF4; Fri, 19 Jun 2020 15:39:42 +0000 (UTC) From: Mohammed Gamal To: kvm@vger.kernel.org, pbonzini@redhat.com Cc: linux-kernel@vger.kernel.org, vkuznets@redhat.com, sean.j.christopherson@intel.com, wanpengli@tencent.com, jmattson@google.com, joro@8bytes.org, thomas.lendacky@amd.com, babu.moger@amd.com, Mohammed Gamal Subject: [PATCH v2 03/11] KVM: x86: mmu: Add guest physical address check in translate_gpa() Date: Fri, 19 Jun 2020 17:39:17 +0200 Message-Id: <20200619153925.79106-4-mgamal@redhat.com> In-Reply-To: <20200619153925.79106-1-mgamal@redhat.com> References: <20200619153925.79106-1-mgamal@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In case of running a guest with 4-level page tables on a 5-level page table host, it might happen that a guest might have a physical address with reserved bits set, but the host won't see that and trap it. Hence, we need to check page faults' physical addresses against the guest's maximum physical memory and if it's exceeded, we need to add the PFERR_RSVD_MASK bits to the PF's error code. Also make sure the error code isn't overwritten by the page table walker. Signed-off-by: Mohammed Gamal Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu/mmu.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index ee113fc1f1bf..10409b76b2d8 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -518,6 +518,12 @@ static bool check_mmio_spte(struct kvm_vcpu *vcpu, u64 spte) static gpa_t translate_gpa(struct kvm_vcpu *vcpu, gpa_t gpa, u32 access, struct x86_exception *exception) { + /* Check if guest physical address doesn't exceed guest maximum */ + if (kvm_mmu_is_illegal_gpa(vcpu, gpa)) { + exception->error_code |= PFERR_RSVD_MASK; + return UNMAPPED_GVA; + } + return gpa; } -- 2.26.2