From patchwork Tue Dec 20 15:34:27 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 35121
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:e747:0:0:0:0:0 with SMTP id c7csp3034509wrn;
        Tue, 20 Dec 2022 07:41:55 -0800 (PST)
X-Google-Smtp-Source: 
 AA0mqf5EgpJ11Eqzhh8E6F/4F5o+jDJ7JSwpc94tiNufso7+B5ji2GOYo3VWH+Cy+UeY4vzvTJB2
X-Received: by 2002:a17:907:ca2:b0:7c1:26b9:c556 with SMTP id
 gi34-20020a1709070ca200b007c126b9c556mr31947643ejc.15.1671550915179;
        Tue, 20 Dec 2022 07:41:55 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1671550915; cv=none;
        d=google.com; s=arc-20160816;
        b=zoDKHyRIJ7yOXwznxjUCbj1CrlVC4E1bUdz1SJRw/3LlLgJATqQ6XfqXKGv/rk1is8
         hZReUeJ19wDnEzJAln3+nkIYuS2dhgwayIeQ63y7uZMcfs3UsA7++WK5OYEjHN0vBXZr
         6OqJrUHr85EolWiOUfmcwbw/vjejGKqUvv3QR7SXvek75SEwOJekXDfgcjj6AYQDD/6z
         Xt9glnO5PCjqCp8Na1mAx6MSw1oc571tqxgBEPtYYsV7abRZtZFG5qOu7pdM4HrIGxs/
         D5a1BgXbIZJitErgtjAgs9+28cMZ7AxccMJrezZuVpAKOwpVwg3Y5lXwxoZ73fqPkWZ5
         QLbw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:cc:to:from:subject:message-id:mime-version:date
         :reply-to:dkim-signature;
        bh=lFWkgUzHga/e5JHoMlfzC+mErHa+mSIMGGohb+jRGNo=;
        b=Y5l6n0eXAsXHDm2p6HDOrvqGtzCZXuFiTfKpSHI50xRyqPEh+dSKs4LtjHS3wVJWkr
         a2SPReF4Nk1gt9dizCT7zCltttQVS2KoDMOX+ltluxb/g4u17GFlwi0/Oj0LqP1vsf6Q
         xtsNIQV63mlyKaJf1VgRm16gujyN1y1VGVGkJtr2ZK73HpUUCRakqmZPpUGM7X4P3hXC
         Ex5/isYmqqlilKkzpsO1mSCEmO47y2BbTTwAFK/GKINQTK4IL4QeFUkzYo9YoR5MDJcp
         E1Fhy07xW0xCNLsxuAfP0ki1sELr2JBGskRW9mcTi7iBY8PujZVC60MKZh4WBqh1F0g+
         Tbgg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=fi7fXpoG;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 xe10-20020a170907318a00b0078d484e0e7esi1297792ejb.488.2022.12.20.07.41.31;
        Tue, 20 Dec 2022 07:41:55 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=fi7fXpoG;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230054AbiLTPep (ORCPT <rfc822;abdi.embedded@gmail.com>
        + 99 others); Tue, 20 Dec 2022 10:34:45 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35368 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233208AbiLTPej (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 20 Dec 2022 10:34:39 -0500
Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com
 [IPv6:2607:f8b0:4864:20::54a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3A8501AF3B
        for <linux-kernel@vger.kernel.org>;
 Tue, 20 Dec 2022 07:34:37 -0800 (PST)
Received: by mail-pg1-x54a.google.com with SMTP id
 38-20020a630b26000000b004773803dda1so7397859pgl.17
        for <linux-kernel@vger.kernel.org>;
 Tue, 20 Dec 2022 07:34:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:message-id:mime-version:date:reply-to:from:to:cc
         :subject:date:message-id:reply-to;
        bh=lFWkgUzHga/e5JHoMlfzC+mErHa+mSIMGGohb+jRGNo=;
        b=fi7fXpoGUB+Abb4BxUCuSzcg9/bZWNR15BAEfaXLucXwwrahK1PJ697VeDtiRT4SDW
         1KZjgyicGKoWPnFA1A5xjVMowe+BbXe1aYE0cbAqSydDf2ZKkB9IImY26fl6v0sw0mcp
         n/HMxH8Ir5eo/6xTYmdSvrfa5hWCT9ChexUnI54r9i7jnnJK5g2QOLQ1qybAzIMBXfc+
         J+dUFEhSzcNy40FlO/YyaXiwGAxt9Ex7ZKlubMfs7E/swYdGTH0sW4OylwZh4v/SE1/c
         GmgSlWBhlH1gSuOPHDAPmJuXzEyV87lM3KR62lW72dtSbS72cqbYempUuPLdRw3fUhJD
         Dllw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:message-id:mime-version:date:reply-to
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=lFWkgUzHga/e5JHoMlfzC+mErHa+mSIMGGohb+jRGNo=;
        b=DNNRdqeT2Lp3flEy+1fh8Edo1K4BKlAHpdKyAmOKtma/uK0Lz1/cYvJeDlgLVczsEp
         SZnwxSzx8Xvtx3LciBSe8+rEbyu/XXfbJWE8LGVki1mZ1tNn50OkChKVfjBWANpjrFTv
         IvYLrk3fP1AA4rnhzB2uB1kplySGeU3TA2TyurY3qosKXHu7OHLhef/DXBqZAGOvOyd/
         DbaN225apr5+tp2JoQ3q1fLV0B5OrjaSrEOvnLAroHcrW5rxfPZQMdb66Ek1mlDd/TQB
         Ztr5hWszdNLy4JpxDe8eNLNdws/80METr8cz1H0+TubX7Lge3M01XfYOc+min58EwmAS
         8knQ==
X-Gm-Message-State: ANoB5pkWp4+m3+xqtdWJdeAziAalAHGSMG621enVU4cqb/3vuiegEAqC
        /cB9VHNEtk7up9gi8konGRlkxQ/C04Y=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a17:903:2350:b0:189:8ea3:7455 with SMTP id
 c16-20020a170903235000b001898ea37455mr51904343plh.19.1671550476739; Tue, 20
 Dec 2022 07:34:36 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 20 Dec 2022 15:34:27 +0000
Mime-Version: 1.0
X-Mailer: git-send-email 2.39.0.314.g84b9a713c41-goog
Message-ID: <20221220153427.514032-1-seanjc@google.com>
Subject: [PATCH] KVM: x86: Sanity check inputs to kvm_handle_memory_failure()
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
        Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org
X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1752748172337599018?=
X-GMAIL-MSGID: =?utf-8?q?1752748172337599018?=

Add a sanity check in kvm_handle_memory_failure() to assert that a valid
x86_exception structure is provided if the memory "failure" wants to
propagate a fault into the guest.  If a memory failure happens during a
direct guest physical memory access, e.g. for nested VMX, KVM hardcodes
the failure to X86EMUL_IO_NEEDED and doesn't provide an exception pointer
(because the exception struct would just be filled with garbage).

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/x86.c | 3 +++
 1 file changed, 3 insertions(+)


base-commit: 9d75a3251adfbcf444681474511b58042a364863

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 312aea1854ae..da4bbd043a7b 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -13132,6 +13132,9 @@ int kvm_handle_memory_failure(struct kvm_vcpu *vcpu, int r,
 			      struct x86_exception *e)
 {
 	if (r == X86EMUL_PROPAGATE_FAULT) {
+		if (KVM_BUG_ON(!e, vcpu->kvm))
+			return -EIO;
+
 		kvm_inject_emulated_page_fault(vcpu, e);
 		return 1;
 	}