KVM: x86: Assertions to check no overrun in MSR lists (0123be42) · Commits · 戴 / test

Currently there is no check whether shared MSRs list overrun the allocated size which can results in bugs. In addition there is no check that vmx->guest_msrs has sufficient space to accommodate all the VMX msrs. This patch adds the assertions. Signed-off-by:

Nadav Amit <namit@cs.technion.ac.il> Signed-off-by:

Paolo Bonzini <pbonzini@redhat.com>

arch/x86/kvm/vmx.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -7608,6 +7608,8 @@ static struct kvm_vcpu vmx_create_vcpu(struct kvm kvm, unsigned int id)
		goto free_vcpu;

		vmx->guest_msrs = kmalloc(PAGE_SIZE, GFP_KERNEL);
		BUILD_BUG_ON(PAGE_SIZE / sizeof(struct shared_msr_entry) < NR_VMX_MSR);

		err = -ENOMEM;
		if (!vmx->guest_msrs) {
		goto uninit_vcpu;

arch/x86/kvm/x86.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -212,6 +212,7 @@ static void shared_msr_update(unsigned slot, u32 msr)

		void kvm_define_shared_msr(unsigned slot, u32 msr)
		{
		BUG_ON(slot >= KVM_NR_SHARED_MSRS);
		if (slot >= shared_msrs_global.nr)
		shared_msrs_global.nr = slot + 1;
		shared_msrs_global.msrs[slot] = msr;

Admin message