diff options
| author | Eugene Korenevsky <ekorenevsky@gmail.com> | 2019-06-06 00:17:39 +0300 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2019-06-18 11:43:45 +0200 |
| commit | c1a9acbc5295e278d788e9f7510f543bc9864fa2 (patch) | |
| tree | 36ecbc2d28a22fcbfa7d861d58b99171307b6746 /lib/debugobjects.c | |
| parent | a87f2d3a6eadabad3ce3a8a57c1dd04c14b856ba (diff) | |
kvm: vmx: fix limit checking in get_vmx_mem_address()
Intel SDM vol. 3, 5.3:
The processor causes a
general-protection exception (or, if the segment is SS, a stack-fault
exception) any time an attempt is made to access the following addresses
in a segment:
- A byte at an offset greater than the effective limit
- A word at an offset greater than the (effective-limit – 1)
- A doubleword at an offset greater than the (effective-limit – 3)
- A quadword at an offset greater than the (effective-limit – 7)
Therefore, the generic limit checking error condition must be
exn = (off > limit + 1 - access_len) = (off + access_len - 1 > limit)
but not
exn = (off + access_len > limit)
as for now.
Also avoid integer overflow of `off` at 32-bit KVM by casting it to u64.
Note: access length is currently sizeof(u64) which is incorrect. This
will be fixed in the subsequent patch.
Signed-off-by: Eugene Korenevsky <ekorenevsky@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'lib/debugobjects.c')
0 files changed, 0 insertions, 0 deletions