Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp645531ybt; Fri, 10 Jul 2020 08:51:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwndckGqqxvdtdnULrl/PDlgqPLcMkIdzxPpa1fmWqNO5EtWl5YV/HSLUtG02dFPk2CTtcM X-Received: by 2002:a17:906:538e:: with SMTP id g14mr61188732ejo.300.1594396264949; Fri, 10 Jul 2020 08:51:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594396264; cv=none; d=google.com; s=arc-20160816; b=zeAuyzxzSsLYEdyzO5BeTDFPqFAyk6XOwH9jg2yQzyUgkhgf4i/E1a45+N5SDOsrdu TONg7L3dqPMuvLFRb46wRtxMXCrGw27xY4Ht4uL3lVvbkU/o/YN8EMvX4jfwL6gde8ol ze0H9pnwve2JUpykn3y+Vx16spoKSVMQOBcQv3D7geUzYKM5CaUOQrTxyR6OQQb7z0sj DVO+bcU22qoFo3obuqYUkJtc8nF4I1j74+s5DVQuMonkoA9TKyTWMZHB7cOIrkDkU3Jt 4Lbsvh1uWqbrnjvCh4URelZKOtMutgQwXXSCw1Z2pgucH+clOyrrz2DDTVoVJNataYJF oQ3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ysp4pgGf28/Rv6t1JVehGYmHl2LaKg10kElk18AGj/A=; b=n3kCvZhlwamxY8045LoO3Q0dsDbHiJsv6E0XYEOS9m4XBID/sAg/pCGSZDO8FnLs2W wyAkM1egtl8cj5Pvypq5/IIjPdazc3ZubCh3umR7ax21R/Z/mPMW09NxafAYqZKGKT3h 3Vpaxh/zFIFl+WObqM7l31j5KYBfyRyhRP/V+sZ5/JXeMtPz80VatNbsueVC1Gs+5ZLY HRzclQCv8e07eSU2QFBaTRbeI4EpjxCTPklxW0P6hHnh5pNQCn2YgrKzcYBHLkKXphZd cge5LK/OhSZfKipZgZTmQyMRgjJdmBQse7ApfiVCpShm/Phoe7lTUnKiiwARixqRKzQ9 IahQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=iyzHRZfz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n15si3806209ejk.642.2020.07.10.08.50.41; Fri, 10 Jul 2020 08:51:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=iyzHRZfz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728135AbgGJPsd (ORCPT + 99 others); Fri, 10 Jul 2020 11:48:33 -0400 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:20969 "EHLO us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728115AbgGJPsc (ORCPT ); Fri, 10 Jul 2020 11:48:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1594396110; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ysp4pgGf28/Rv6t1JVehGYmHl2LaKg10kElk18AGj/A=; b=iyzHRZfzrgSIYkzF6zV+yzAVszehIXSwqPSg1Ud37epfLiIm7XS0lajNDhXyl7aREOK0VH p5JsECOfRdoLQlLMORaO2Qw3xRkjkziLAw1+F+bN05Q9U+KZd9pIfDcrUAinH0eSQXjgwu t6HE4aJCTIDq9VWGVISTSQkNo4BPWFs= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-270-Q3lgybjmN6-wDuq7YU7rBg-1; Fri, 10 Jul 2020 11:48:29 -0400 X-MC-Unique: Q3lgybjmN6-wDuq7YU7rBg-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id F40ED1083; Fri, 10 Jul 2020 15:48:27 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-114-235.ams2.redhat.com [10.36.114.235]) by smtp.corp.redhat.com (Postfix) with ESMTP id BBDD27EFA1; Fri, 10 Jul 2020 15:48:25 +0000 (UTC) From: Mohammed Gamal To: kvm@vger.kernel.org, pbonzini@redhat.com Cc: linux-kernel@vger.kernel.org, vkuznets@redhat.com, sean.j.christopherson@intel.com, wanpengli@tencent.com, jmattson@google.com, joro@8bytes.org, Mohammed Gamal Subject: [PATCH v3 3/9] KVM: x86: mmu: Add guest physical address check in translate_gpa() Date: Fri, 10 Jul 2020 17:48:05 +0200 Message-Id: <20200710154811.418214-4-mgamal@redhat.com> In-Reply-To: <20200710154811.418214-1-mgamal@redhat.com> References: <20200710154811.418214-1-mgamal@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In case of running a guest with 4-level page tables on a 5-level page table host, it might happen that a guest might have a physical address with reserved bits set, but the host won't see that and trap it. Hence, we need to check page faults' physical addresses against the guest's maximum physical memory and if it's exceeded, we need to add the PFERR_RSVD_MASK bits to the PF's error code. Also make sure the error code isn't overwritten by the page table walker. Signed-off-by: Mohammed Gamal Signed-off-by: Paolo Bonzini --- arch/x86/kvm/mmu/mmu.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index f8b3c5181466..e03e85b21cda 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -518,6 +518,12 @@ static bool check_mmio_spte(struct kvm_vcpu *vcpu, u64 spte) static gpa_t translate_gpa(struct kvm_vcpu *vcpu, gpa_t gpa, u32 access, struct x86_exception *exception) { + /* Check if guest physical address doesn't exceed guest maximum */ + if (kvm_mmu_is_illegal_gpa(vcpu, gpa)) { + exception->error_code |= PFERR_RSVD_MASK; + return UNMAPPED_GVA; + } + return gpa; } -- 2.26.2