diff options
| author | Sean Christopherson <seanjc@google.com> | 2024-08-29 12:14:13 -0700 | 
|---|---|---|
| committer | Sean Christopherson <seanjc@google.com> | 2024-09-09 20:15:34 -0700 | 
| commit | 025dde582bbf31e7618f9283594ef5e2408e384b (patch) | |
| tree | d722a6ec8fd040e4029ec6b43336d31131b88799 /net/unix/unix_bpf.c | |
| parent | ec495f2ab12290b008a691e826b39b895f458945 (diff) | |
KVM: Harden guest memory APIs against out-of-bounds accesses
When reading or writing a guest page, WARN and bail if offset+len would
result in a read to a different page so that KVM bugs are more likely to
be detected, and so that any such bugs are less likely to escalate to an
out-of-bounds access.  E.g. if userspace isn't using guard pages and the
target page is at the end of a memslot.
Note, KVM already hardens itself in similar APIs, e.g. in the "cached"
variants, it's just the vanilla APIs that are playing with fire.
Link: https://lore.kernel.org/r/20240829191413.900740-3-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
Diffstat (limited to 'net/unix/unix_bpf.c')
0 files changed, 0 insertions, 0 deletions
