Received: by 2002:ab2:620c:0:b0:1ef:ffd0:ce49 with SMTP id o12csp1216401lqt; Tue, 19 Mar 2024 17:16:47 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWHfPWi0CfVEI+pQ66apfZkdWf0HT5g2FCOVeClhtpudilMDz04Dqx4bI/WJZ1Eg2XfOPAhCMoMk5Fw38Lcz4DsOM7QQjXD4Qq6SKnKZg== X-Google-Smtp-Source: AGHT+IH+jUsrAUjHE+1gAptmWcNwskvoQ9nXkTnBkjsmR83ZiKw+KX4D6ySzsh77dl5UtdkXurzZ X-Received: by 2002:a05:620a:113b:b0:78a:47b:2156 with SMTP id p27-20020a05620a113b00b0078a047b2156mr444678qkk.49.1710893807598; Tue, 19 Mar 2024 17:16:47 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710893807; cv=pass; d=google.com; s=arc-20160816; b=o3zRcLa7EtkTtiMgmqSi2oFcubbE1I6JnzFi4ouZHTalItVbwSBglsT6Th8NcPh8OK aaN2tHGfgEmOdmKQJeXxoeRWdBCVrp55QGYOflLkGQZ+DYdKNX3IN6eK84WflIp7D8/B pbN/US2muLnpGDAsfBD9LSwiCBpx4sm9p/XQJtS6rFnhAO9gns9Y86bpostHtmBFhMn1 8WXSZSRyeyEDI7KpE4/szGpKeR1Hy25J9ocy3ZqYGqcTp4jpEA4kmbtI4CeBY9rDsQZm sYJD0ehm7DEuXWpr4CgP25qvYMHk68Rmo6mdHPmzJ8uX4USRbAJF9/X/SZVNjmgJzizn Qu0w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=QwdnnYU5NTwIDpJoKUhQ+ev0BrLDudc5wiCqltwp/lk=; fh=bkYu6ZUiG7gbE0upjYUWRZux8KnG7OSRM/z34hv9oe4=; b=AzDMktEhRnfvPVEwL3Kdf0FJv+GD75EmDNRsOqxqOuED4qfyDsMFbnlittikWtX9IC mK3yTyItvciasM+i9m/EDT/HbclRZ65tR1dCFJEk5WnK0iE5UKbkTFgRh4J+aLVVs0FS WQDvM4vENiCJsbViEXoD5c5RW4Yw7b1kW85RKnZszCc83f8+C7yLhXSAaeWWZhS9TgED 26oSwZLLxxK2JVOxfOhxLYvmK2trOYEqX7lfh9+VOT7p4j9gj+1ETy/Mb3kMX4q8ntvD IPjR87MdwUuY7iHOLQaZqXNucgICE/qaxJlxQWCAwnJ/FUFVDL+AW242ugQy3GveFCf9 KC1Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=bSroxVNO; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-108258-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108258-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id wk13-20020a05620a578d00b007887554e509si10477262qkn.492.2024.03.19.17.16.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Mar 2024 17:16:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-108258-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=bSroxVNO; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-108258-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108258-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 25D6B1C224EB for ; Wed, 20 Mar 2024 00:16:40 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 98B42AD31; Wed, 20 Mar 2024 00:15:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="bSroxVNO" Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 58DA1566A for ; Wed, 20 Mar 2024 00:15:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710893752; cv=none; b=o24aRWhiK15r18MGBPAVCQPemsLssCsEtpAyWcziBrkUDnW6A6L1f2MSPnyod6T35iPGi4E4Awe9QvPJiPrcEzfc13+wjnudUP98v6sJmZpqao4SnnaaH054zrFqLoTyAgM9neHjb+05iMQBSvJKM5xfVGSVqT077JkE0O5ymzQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710893752; c=relaxed/simple; bh=w7N5groxenxQwOyx2Bg0o9JgzIKj55+kMVOrUurrk9Y=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=tKeEOTJLknMoRmnSmGr5C8R0+0l8inPBmSz3hCYA6ebHu43EPd1Adkdae1ss8+IJaIoKoutFyAjkBE7uhnfD987An+gvzrGstDGhHSR7nlLVabkSAl/NVX4+bmO0r+7CXu4/S+s8pjywKCmDMMApulW3TdnYPoAlsvKvxufek9E= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=bSroxVNO; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-60cc8d4e1a4so117839187b3.3 for ; Tue, 19 Mar 2024 17:15:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1710893750; x=1711498550; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=QwdnnYU5NTwIDpJoKUhQ+ev0BrLDudc5wiCqltwp/lk=; b=bSroxVNOMlhRMbm4vIfnBfwwKndEXfOCkPSEclAOu/7jzyqG45JIDH5emZRxcsQJLK Vduof3xv6U+bH+X7W+KFKZSj2XqrJjhwaZbplzWkAtYUzjVLwui78jrBzUMgKKczng6F hYb8ATjqkUcDQOigMbrKvluoKJmnA5U0Rk0kyn6Ir0BRdXw0kw+KIjVHlbsV6poefeQR eL02mPPcKWofZIwUuGHRu6J8FQGKZEyUDBckzAl7Y8peMMmiH7i4HjtM5Ca0nv5YUSmS aITDmev19YHOR4ONyWaNghbTbGRbOu0DeyoKKs/0oM8l/1m3vcA0yX3IUjxvx45F/5p7 aaQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710893750; x=1711498550; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=QwdnnYU5NTwIDpJoKUhQ+ev0BrLDudc5wiCqltwp/lk=; b=uxzysmCKGgrgA8e2jdYZCDmcpW8vPjhr54VVYhTvVUcATDURZu3RUqxnEj0FN5KX96 oyMIu60Ysu+fyzHbmhYYxbRj8eozwVS+NnKQFn+G/kKu4ElJBuMWSb+8qtXJcnDn+COA 3nHmLDtewSxlsD8j3JId0vGXBFMYDdVxP0kV+m1H6gzUPPQneWZr7aToIBdGUkFMOIDI aXGbU1RTy8BvVnu+h0OIC6I0C2nDLYs1c9cTBUhlwhmTpQO6hOlu7bY6tiuA9sTYUWeF WaLQgSbb6eDjGunFtas5BS05lrt7ghDc0O5pHWdiPJnHCWpsMHNVnKa8CpehLevLoY5X QJCg== X-Forwarded-Encrypted: i=1; AJvYcCWlYSRWPGAwtWZ6UncU9GkAarIbEQ0G0218Dukn8nYzyEdHdd/hdz7RMLRpQvQhlHnEzacgSPL/3tUeoE1GPZWPEYfjbTReUHa0kcT5 X-Gm-Message-State: AOJu0Yxygh1oeyEaRJd/rHb/VAfOEql/+6nkM8vWu/UHt0t1vVBK35VL JhCqG5kSByEo3yvK/kfPoOuQ8Qj3UmaHdWOi8TYbUTmWrUj3qQ+wI8uIg3scDdSKI9ZTHEwReNE fHQ== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a0d:db01:0:b0:60c:cbdc:48b4 with SMTP id d1-20020a0ddb01000000b0060ccbdc48b4mr1115906ywe.3.1710893750386; Tue, 19 Mar 2024 17:15:50 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 19 Mar 2024 17:15:42 -0700 In-Reply-To: <20240320001542.3203871-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240320001542.3203871-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.291.gc1ea87d7ee-goog Message-ID: <20240320001542.3203871-4-seanjc@google.com> Subject: [PATCH 3/3] KVM: Explicitly disallow activatating a gfn_to_pfn_cache with INVALID_GPA From: Sean Christopherson To: Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Sean Christopherson , syzbot+106a4f72b0474e1d1b33@syzkaller.appspotmail.com, David Woodhouse , Paul Durrant Content-Type: text/plain; charset="UTF-8" Explicit disallow activating a gfn_to_pfn_cache with an error gpa, i.e. INVALID_GPA, to ensure that KVM doesn't mistake a GPA-based cache for an HVA-based cache (KVM uses INVALID_GPA as a magic value to differentiate between GPA-based and HVA-based caches). WARN if KVM attempts to activate a cache with INVALID_GPA, purely so that new caches need to at least consider what to do with a "bad" GPA, as all existing usage of kvm_gpc_activate() guarantees gpa != INVALID_GPA. I.e. removing the WARN in the future is completely reasonable if doing so would yield cleaner/better code overall. Signed-off-by: Sean Christopherson --- virt/kvm/pfncache.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/virt/kvm/pfncache.c b/virt/kvm/pfncache.c index 91b0e329006b..f618719644e0 100644 --- a/virt/kvm/pfncache.c +++ b/virt/kvm/pfncache.c @@ -418,6 +418,13 @@ static int __kvm_gpc_activate(struct gfn_to_pfn_cache *gpc, gpa_t gpa, unsigned int kvm_gpc_activate(struct gfn_to_pfn_cache *gpc, gpa_t gpa, unsigned long len) { + /* + * Explicitly disallow INVALID_GPA so that the magic value can be used + * by KVM to differentiate between GPA-based and HVA-based caches. + */ + if (WARN_ON_ONCE(kvm_is_error_gpa(gpa))) + return -EINVAL; + return __kvm_gpc_activate(gpc, gpa, KVM_HVA_ERR_BAD, len); } -- 2.44.0.291.gc1ea87d7ee-goog