From patchwork Sun Aug 13 01:33:38 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicholas Piggin X-Patchwork-Id: 800942 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=kvm-ppc-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="lgG3RVp9"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3xVLr65r6qz9t2h for ; Sun, 13 Aug 2017 11:34:14 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752221AbdHMBeN (ORCPT ); Sat, 12 Aug 2017 21:34:13 -0400 Received: from mail-pf0-f193.google.com ([209.85.192.193]:36009 "EHLO mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752207AbdHMBeN (ORCPT ); Sat, 12 Aug 2017 21:34:13 -0400 Received: by mail-pf0-f193.google.com with SMTP id t83so6796015pfj.3 for ; Sat, 12 Aug 2017 18:34:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=UnRL5Cao+Y9WhJ1E2YctDlj7HJYrL5YenbulIdlo9jU=; b=lgG3RVp9i4koqFXylqiLCAuozg+51oCqW1c/+i2mrfo2ACg8Pe0ZDSDCvJssI90xmU zSZ6f81AOU4z6sM+GDHuv82GBzIwdxY6GM3zj9i0VeqpVdFFWMZb9Fir4n8S3rN4XRMU EV4LRd8Hf3OdgXE0QCaeQdYSlMFf7dYiccxtYdufT+C1R6DvzbpJKAolLlmpua2oLUps ndsp4anPywwBTLBKTUGsdqTpX1HKdRLhMbN3tVzXziQ2sWieWGKnfuxXWaM7JRBlvT9C bs9AfjukXVJRVv3zcZ64AdrKGsNql7zB6+z5Xw2s5IwAt5dcSmeb0p9r1ff+CHCCLeSw J3XA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=UnRL5Cao+Y9WhJ1E2YctDlj7HJYrL5YenbulIdlo9jU=; b=CDNoquUottnBmpQ6jrJlFvOIdF0cWLzTTavYJywuaV+aHH95rtHzkWqQsQMz77OpXG E33hg1/qA9JwMCEltKuoxYSEO9M+JB+hSY7A7LJKd/4Ri5A2VPhOZOUzgn5PnhJ8xbsv qMh6fYIKUqduszkyung+U7PbNKqINQ9ElVLYADmShs7vp75pjTl4B13t2tlA9lis6SUB dtByoOv+oyhD5OauiB31Zb/XDc2P2yUJdkNjNQzDh6H1fQb2gHqA+PC2U2q/tav1AJyS FjraCWIGL2kexnZrbKAF7CIcix2Qpo2FuBEYa+hpQIVNAPb5nESMrinwmZas1eCb5AeZ zlqQ== X-Gm-Message-State: AHYfb5gzsocXYNDmAZ9ow7XyGfGwDSKjaBK1ub13MzGAtUvCkiyrLOGl VUg4cYyTcACrKA== X-Received: by 10.99.101.132 with SMTP id z126mr19624373pgb.64.1502588052558; Sat, 12 Aug 2017 18:34:12 -0700 (PDT) Received: from roar.local0.net (203-219-56-202.tpgi.com.au. [203.219.56.202]) by smtp.gmail.com with ESMTPSA id u69sm7776237pfa.70.2017.08.12.18.34.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 12 Aug 2017 18:34:11 -0700 (PDT) From: Nicholas Piggin To: linuxppc-dev@lists.ozlabs.org Cc: Nicholas Piggin , kvm-ppc@vger.kernel.org Subject: [PATCH v2 1/9] KVM: PPC: Book3S HV: Fix H_REGISTER_VPA VPA size validation Date: Sun, 13 Aug 2017 11:33:38 +1000 Message-Id: <20170813013346.14002-1-npiggin@gmail.com> X-Mailer: git-send-email 2.13.3 In-Reply-To: <20170812113416.15978-1-npiggin@gmail.com> References: <20170812113416.15978-1-npiggin@gmail.com> Sender: kvm-ppc-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm-ppc@vger.kernel.org KVM currently validates the size of the VPA registered by the client against sizeof(struct lppaca), however we align (and therefore size) that struct to 1kB to avoid crossing a 4kB boundary in the client. PAPR calls for sizes >= 640 bytes to be accepted. Hard code this with a comment. Signed-off-by: Nicholas Piggin --- arch/powerpc/kvm/book3s_hv.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index 359c79cdf0cc..1182cfd79857 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -485,7 +485,13 @@ static unsigned long do_h_register_vpa(struct kvm_vcpu *vcpu, switch (subfunc) { case H_VPA_REG_VPA: /* register VPA */ - if (len < sizeof(struct lppaca)) + /* + * The size of our lppaca is 1kB because of the way we align + * it for the guest to avoid crossing a 4kB boundary. We only + * use 640 bytes of the structure though, so we should accept + * clients that set a size of 640. + */ + if (len < 640) break; vpap = &tvcpu->arch.vpa; err = 0;