diff mbox series

[v2] KVM: vmx: add mismatched size assertions in vmcs_check32()

Message ID 20210409022456.23528-1-lihaiwei.kernel@gmail.com (mailing list archive)
State New, archived
Headers show
Series [v2] KVM: vmx: add mismatched size assertions in vmcs_check32() | expand

Commit Message

Haiwei Li April 9, 2021, 2:24 a.m. UTC 
From: Haiwei Li <lihaiwei@tencent.com>

Add compile-time assertions in vmcs_check32() to disallow accesses to
64-bit and 64-bit high fields via vmcs_{read,write}32().  Upper level KVM
code should never do partial accesses to VMCS fields.  KVM handles the
split accesses automatically in vmcs_{read,write}64() when running as a
32-bit kernel.

Reviewed-and-tested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Haiwei Li <lihaiwei@tencent.com>
---
v1 -> v2:
* Improve the changelog 

 arch/x86/kvm/vmx/vmx_ops.h | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Paolo Bonzini April 17, 2021, 1:17 p.m. UTC | #1 
On 09/04/21 04:24, lihaiwei.kernel@gmail.com wrote:
> From: Haiwei Li <lihaiwei@tencent.com>
> 
> Add compile-time assertions in vmcs_check32() to disallow accesses to
> 64-bit and 64-bit high fields via vmcs_{read,write}32().  Upper level KVM
> code should never do partial accesses to VMCS fields.  KVM handles the
> split accesses automatically in vmcs_{read,write}64() when running as a
> 32-bit kernel.
> 
> Reviewed-and-tested-by: Sean Christopherson <seanjc@google.com>
> Signed-off-by: Haiwei Li <lihaiwei@tencent.com>
> ---
> v1 -> v2:
> * Improve the changelog
> 
>   arch/x86/kvm/vmx/vmx_ops.h | 4 ++++
>   1 file changed, 4 insertions(+)
> 
> diff --git a/arch/x86/kvm/vmx/vmx_ops.h b/arch/x86/kvm/vmx/vmx_ops.h
> index 692b0c3..164b64f 100644
> --- a/arch/x86/kvm/vmx/vmx_ops.h
> +++ b/arch/x86/kvm/vmx/vmx_ops.h
> @@ -37,6 +37,10 @@ static __always_inline void vmcs_check32(unsigned long field)
>   {
>   	BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0,
>   			 "32-bit accessor invalid for 16-bit field");
> +	BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6001) == 0x2000,
> +			 "32-bit accessor invalid for 64-bit field");
> +	BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6001) == 0x2001,
> +			 "32-bit accessor invalid for 64-bit high field");
>   	BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x6000,
>   			 "32-bit accessor invalid for natural width field");
>   }
> 

Queued, thanks.

paolo
diff mbox series

Patch

diff --git a/arch/x86/kvm/vmx/vmx_ops.h b/arch/x86/kvm/vmx/vmx_ops.h
index 692b0c3..164b64f 100644
--- a/arch/x86/kvm/vmx/vmx_ops.h
+++ b/arch/x86/kvm/vmx/vmx_ops.h
@@ -37,6 +37,10 @@  static __always_inline void vmcs_check32(unsigned long field)
 {
 	BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0,
 			 "32-bit accessor invalid for 16-bit field");
+	BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6001) == 0x2000,
+			 "32-bit accessor invalid for 64-bit field");
+	BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6001) == 0x2001,
+			 "32-bit accessor invalid for 64-bit high field");
 	BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x6000,
 			 "32-bit accessor invalid for natural width field");
 }