diff options
| author | Paul Mackerras <paulus@ozlabs.org> | 2017-11-10 16:40:24 +1100 |
|---|---|---|
| committer | Paul Mackerras <paulus@ozlabs.org> | 2017-11-23 14:23:00 +1100 |
| commit | cda2eaa35948893d70145490d5d6ded546fc3bc6 (patch) | |
| tree | 0f2190030252e189345f44163ef1fbe56d3c0f35 /arch/powerpc/kvm | |
| parent | ded13fc11b71fd1351e57c68a130d89a0285f1b6 (diff) | |
| download | linux-stable-cda2eaa35948893d70145490d5d6ded546fc3bc6.tar.gz linux-stable-cda2eaa35948893d70145490d5d6ded546fc3bc6.tar.bz2 linux-stable-cda2eaa35948893d70145490d5d6ded546fc3bc6.zip | |
KVM: PPC: Book3S HV: Avoid shifts by negative amounts
The kvmppc_hpte_page_shifts function decodes the actual and base page
sizes for a HPTE, returning -1 if it doesn't recognize the page size
encoding. This then gets used as a shift amount in various places,
which is undefined behaviour. This was reported by Coverity.
In fact this should never occur, since we should only get HPTEs in the
HPT which have a recognized page size encoding. The only place where
this might not be true is in the call to kvmppc_actual_pgsz() near the
beginning of kvmppc_do_h_enter(), where we are validating the HPTE
value passed in from the guest.
So to fix this and eliminate the undefined behaviour, we make
kvmppc_hpte_page_shifts return 0 for unrecognized page size encodings,
and make kvmppc_actual_pgsz() detect that case and return 0 for the
page size, which will then cause kvmppc_do_h_enter() to return an
error and refuse to insert any HPTE with an unrecognized page size
encoding.
To ensure that we don't get undefined behaviour in compute_tlbie_rb(),
we take the 4k page size path for any unrecognized page size encoding.
This should never be hit in practice because it is only used on HPTE
values which have previously been checked for having a recognized
page size encoding.
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Diffstat (limited to 'arch/powerpc/kvm')
0 files changed, 0 insertions, 0 deletions