From patchwork Sun Mar 29 20:56:27 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eugene Korenevsky <ekorenevsky@gmail.com>
X-Patchwork-Id: 6117611
Return-Path: <kvm-owner@kernel.org>
X-Original-To: patchwork-kvm@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id ED15E9F1BE
	for <patchwork-kvm@patchwork.kernel.org>;
	Sun, 29 Mar 2015 20:53:07 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 186772026C
	for <patchwork-kvm@patchwork.kernel.org>;
	Sun, 29 Mar 2015 20:53:07 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 3682120263
	for <patchwork-kvm@patchwork.kernel.org>;
	Sun, 29 Mar 2015 20:53:06 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752803AbbC2UxD (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Sun, 29 Mar 2015 16:53:03 -0400
Received: from mail-la0-f52.google.com ([209.85.215.52]:33488 "EHLO
	mail-la0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752455AbbC2UxB (ORCPT <rfc822; kvm@vger.kernel.org>);
	Sun, 29 Mar 2015 16:53:01 -0400
Received: by lajy8 with SMTP id y8so3019578laj.0
	for <kvm@vger.kernel.org>; Sun, 29 Mar 2015 13:53:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=date:from:to:cc:subject:message-id:mime-version:content-type
	:content-disposition:user-agent;
	bh=F3z3w4alE/sT8korza4tm2rWwcImohmfg6VlYT7RGMU=;
	b=hmi1QK+J1zxMIdQRlRldTL/LU7/v8SXvscg4dcRcJPoHq3MHXn/Efp4kZtDikZwWoP
	0dC0pjjoESwEEeo7H1cvW4poG1xkoDDaBSj1LBzKx9ncv5z8sJ8KMq+DLU4lncjpdWDL
	p7F+UK8r8BIkr5AGGtTjMK5iIshM0wy7bg56EtMs34GavIzVXTPTAH8vHD9Z4YDvfa3f
	Yj1xASOaRUnNCZfQ3Yna92Lbcd1QA/KKixZhZOhG650ToIxJ+Mj1b6sG80qKlhUM5DsF
	p+HvP5wG9TYDz8kl3jNwcEnMPDBODy65ggF4Z51AGQR9dsB/WphaTbEn1V5go9rSPVhn
	N80Q==
X-Received: by 10.112.8.76 with SMTP id p12mr22655929lba.29.1427662380125;
	Sun, 29 Mar 2015 13:53:00 -0700 (PDT)
Received: from localhost ([176.193.228.125]) by mx.google.com with ESMTPSA id
	i15sm1159498lab.1.2015.03.29.13.52.59
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Sun, 29 Mar 2015 13:52:59 -0700 (PDT)
Date: Sun, 29 Mar 2015 23:56:27 +0300
From: Eugene Korenevsky <ekorenevsky@gmail.com>
To: kvm@vger.kernel.org
Cc: Paolo Bonzini <pbonzini@redhat.com>
Subject: [PATCH 2/3] KVM: nVMX: add missing checks for address bits beyond
	physical address width on VM-entry
Message-ID: <20150329205627.GA1244@gnote>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID,
	T_RP_MATCHES_RCVD,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

On each VM-entry CPU should check the following VMCS fields for zero bits
beyond physical address width:
-  APIC-access address
-  virtual-APIC address
-  posted-interrupt descriptor address
This patch adds these checks required by Intel SDM.

Signed-off-by: Eugene Korenevsky <ekorenevsky@gmail.com>
---
 arch/x86/kvm/vmx.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index f7b20b4..b3dcf73 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -8616,10 +8616,11 @@ static bool nested_get_vmcs12_pages(struct kvm_vcpu *vcpu,
 					struct vmcs12 *vmcs12)
 {
 	struct vcpu_vmx *vmx = to_vmx(vcpu);
+	int maxphyaddr = cpuid_maxphyaddr(vcpu);
 
 	if (nested_cpu_has2(vmcs12, SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)) {
-		/* TODO: Also verify bits beyond physical address width are 0 */
-		if (!PAGE_ALIGNED(vmcs12->apic_access_addr))
+		if (!PAGE_ALIGNED(vmcs12->apic_access_addr) ||
+		    vmcs12->apic_access_addr >> maxphyaddr)
 			return false;
 
 		/*
@@ -8635,8 +8636,8 @@ static bool nested_get_vmcs12_pages(struct kvm_vcpu *vcpu,
 	}
 
 	if (nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW)) {
-		/* TODO: Also verify bits beyond physical address width are 0 */
-		if (!PAGE_ALIGNED(vmcs12->virtual_apic_page_addr))
+		if (!PAGE_ALIGNED(vmcs12->virtual_apic_page_addr) ||
+		    vmcs12->virtual_apic_page_addr >> maxphyaddr)
 			return false;
 
 		if (vmx->nested.virtual_apic_page) /* shouldn't happen */
@@ -8659,7 +8660,8 @@ static bool nested_get_vmcs12_pages(struct kvm_vcpu *vcpu,
 	}
 
 	if (nested_cpu_has_posted_intr(vmcs12)) {
-		if (!IS_ALIGNED(vmcs12->posted_intr_desc_addr, 64))
+		if (!IS_ALIGNED(vmcs12->posted_intr_desc_addr, 64) ||
+		    vmcs12->posted_intr_desc_addr >> maxphyaddr)
 			return false;
 
 		if (vmx->nested.pi_desc_page) { /* shouldn't happen */
@@ -9379,7 +9381,6 @@ static int nested_vmx_run(struct kvm_vcpu *vcpu, bool launch)
 	}
 
 	if (!nested_get_vmcs12_pages(vcpu, vmcs12)) {
-		/*TODO: Also verify bits beyond physical address width are 0*/
 		nested_vmx_failValid(vcpu, VMXERR_ENTRY_INVALID_CONTROL_FIELD);
 		return 1;
 	}