diff options
| author | Sean Christopherson <seanjc@google.com> | 2021-01-13 12:45:15 -0800 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2021-01-25 18:52:06 -0500 |
| commit | eb79cd00ce25974c21f34f1eeb92a580ff572971 (patch) | |
| tree | 49e1ba395906d96346e471dd430d76d8fdd1a744 | |
| parent | a10f373ad3c760dd40b41e2f69a800ee7b8da15e (diff) | |
| download | linux-eb79cd00ce25974c21f34f1eeb92a580ff572971.tar.bz2 | |
KVM: x86: Add more protection against undefined behavior in rsvd_bits()
Add compile-time asserts in rsvd_bits() to guard against KVM passing in
garbage hardcoded values, and cap the upper bound at '63' for dynamic
values to prevent generating a mask that would overflow a u64.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20210113204515.3473079-1-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| -rw-r--r-- | arch/x86/kvm/mmu.h | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 581925e476d6..261be1d2032b 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -44,8 +44,15 @@ #define PT32_ROOT_LEVEL 2 #define PT32E_ROOT_LEVEL 3 -static inline u64 rsvd_bits(int s, int e) +static __always_inline u64 rsvd_bits(int s, int e) { + BUILD_BUG_ON(__builtin_constant_p(e) && __builtin_constant_p(s) && e < s); + + if (__builtin_constant_p(e)) + BUILD_BUG_ON(e > 63); + else + e &= 63; + if (e < s) return 0; |