From: marc.zyngier@arm.com (Marc Zyngier)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH 11/12] KVM: arm/arm64: vgic: Avoid injecting reserved IRQ numbers
Date: Fri, 19 Jun 2015 13:53:15 +0100 [thread overview]
Message-ID: <1434718396-13110-12-git-send-email-marc.zyngier@arm.com> (raw)
In-Reply-To: <1434718396-13110-1-git-send-email-marc.zyngier@arm.com>
Commit fd1d0ddf2ae9 (KVM: arm/arm64: check IRQ number on userland
injection) rightly limited the range of interrupts userspace can
inject in a guest, but failed to consider the (unlikely) case where
a guest is configured with 1024 interrupts.
In this case, interrupts ranging from 1020 to 1023 are unuseable,
as they have a special meaning for the GIC CPU interface.
Make sure that these number cannot be used as an IRQ. Also delete
a redundant (and similarily buggy) check in kvm_set_irq.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Cc: Andre Przywara <andre.przywara@arm.com>
Cc: <stable@vger.kernel.org> # 4.1, 4.0, 3.19, 3.18
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
virt/kvm/arm/vgic.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 78fb820..950064a 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1561,7 +1561,7 @@ int kvm_vgic_inject_irq(struct kvm *kvm, int cpuid, unsigned int irq_num,
goto out;
}
- if (irq_num >= kvm->arch.vgic.nr_irqs)
+ if (irq_num >= min(kvm->arch.vgic.nr_irqs, 1020))
return -EINVAL;
vcpu_id = vgic_update_irq_pending(kvm, cpuid, irq_num, level);
@@ -2161,10 +2161,7 @@ int kvm_set_irq(struct kvm *kvm, int irq_source_id,
BUG_ON(!vgic_initialized(kvm));
- if (spi > kvm->arch.vgic.nr_irqs)
- return -EINVAL;
return kvm_vgic_inject_irq(kvm, 0, spi, level);
-
}
/* MSI not implemented yet */
--
2.1.4
WARNING: multiple messages have this Message-ID (diff)
From: Marc Zyngier <marc.zyngier@arm.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
Gleb Natapov <gleb@kernel.org>
Cc: "Peter Maydell" <peter.maydell@linaro.org>,
"Christoffer Dall" <christoffer.dall@linaro.org>,
"Andre Przywara" <andre.przywara@arm.com>,
"Firo Yang" <firogm@gmail.com>,
"Tiejun Chen" <tiejun.chen@intel.com>,
"Eric Auger" <eric.auger@linaro.org>,
"Alex Bennée" <alex.bennee@linaro.org>,
"Lorenzo Pieralisi" <lorenzo.pieralisi@arm.com>,
linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org,
kvmarm@lists.cs.columbia.edu
Subject: [PATCH 11/12] KVM: arm/arm64: vgic: Avoid injecting reserved IRQ numbers
Date: Fri, 19 Jun 2015 13:53:15 +0100 [thread overview]
Message-ID: <1434718396-13110-12-git-send-email-marc.zyngier@arm.com> (raw)
In-Reply-To: <1434718396-13110-1-git-send-email-marc.zyngier@arm.com>
Commit fd1d0ddf2ae9 (KVM: arm/arm64: check IRQ number on userland
injection) rightly limited the range of interrupts userspace can
inject in a guest, but failed to consider the (unlikely) case where
a guest is configured with 1024 interrupts.
In this case, interrupts ranging from 1020 to 1023 are unuseable,
as they have a special meaning for the GIC CPU interface.
Make sure that these number cannot be used as an IRQ. Also delete
a redundant (and similarily buggy) check in kvm_set_irq.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Cc: Andre Przywara <andre.przywara@arm.com>
Cc: <stable@vger.kernel.org> # 4.1, 4.0, 3.19, 3.18
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
---
virt/kvm/arm/vgic.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/virt/kvm/arm/vgic.c b/virt/kvm/arm/vgic.c
index 78fb820..950064a 100644
--- a/virt/kvm/arm/vgic.c
+++ b/virt/kvm/arm/vgic.c
@@ -1561,7 +1561,7 @@ int kvm_vgic_inject_irq(struct kvm *kvm, int cpuid, unsigned int irq_num,
goto out;
}
- if (irq_num >= kvm->arch.vgic.nr_irqs)
+ if (irq_num >= min(kvm->arch.vgic.nr_irqs, 1020))
return -EINVAL;
vcpu_id = vgic_update_irq_pending(kvm, cpuid, irq_num, level);
@@ -2161,10 +2161,7 @@ int kvm_set_irq(struct kvm *kvm, int irq_source_id,
BUG_ON(!vgic_initialized(kvm));
- if (spi > kvm->arch.vgic.nr_irqs)
- return -EINVAL;
return kvm_vgic_inject_irq(kvm, 0, spi, level);
-
}
/* MSI not implemented yet */
--
2.1.4
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
next prev parent reply other threads:[~2015-06-19 12:53 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-19 12:53 [PULL] KVM/ARM changes for 4.2 Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` [PATCH 01/12] ARM: KVM: Remove pointless void pointer cast Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` [PATCH 02/12] KVM: arm64: add active register handling to GICv3 emulation as well Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` [PATCH 03/12] arm: KVM: force execution of HCPTR access on VM exit Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` [PATCH 04/12] kvm: remove one useless check extension Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` [PATCH 05/12] arm/arm64: KVM: Properly account for guest CPU time Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-07-10 14:16 ` KVM/ARM: trap every load /store instruction hiwu
2015-11-02 18:36 ` Christopher Covington
2015-06-19 12:53 ` [PATCH 06/12] KVM: arm/arm64: Enable the KVM-VFIO device Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` [PATCH 07/12] KVM: arm64: fix misleading comments in save/restore Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` [PATCH 08/12] ARM: kvm: psci: fix handling of unimplemented functions Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` [PATCH 09/12] KVM: arm: vgic: Drop useless Group0 warning Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` [PATCH 10/12] arm/arm64: KVM: vgic: Do not save GICH_HCR / ICH_HCR_EL2 Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier [this message]
2015-06-19 12:53 ` [PATCH 11/12] KVM: arm/arm64: vgic: Avoid injecting reserved IRQ numbers Marc Zyngier
2015-06-19 12:53 ` [PATCH 12/12] KVM: arm/arm64: vgic: Remove useless arm-gic.h #include Marc Zyngier
2015-06-19 12:53 ` Marc Zyngier
2015-06-19 15:16 ` [PULL] KVM/ARM changes for 4.2 Paolo Bonzini
2015-06-19 15:16 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1434718396-13110-12-git-send-email-marc.zyngier@arm.com \
--to=marc.zyngier@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.