Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
[PATCH] KVM: Make loading cr3 more robust
Prevent the guest's loading of a corrupt cr3 (pointing at no guest phsyical
page) from crashing the host.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
authored by
Ingo Molnar
and committed by
Linus Torvalds
d21225ee
760db773
+13
-1
+13
-1
drivers/kvm/kvm_main.c
+13
-1
drivers/kvm/kvm_main.c
···
463
463
464
464
vcpu->cr3 = cr3;
465
465
spin_lock(&vcpu->kvm->lock);
466
-
vcpu->mmu.new_cr3(vcpu);
466
+
/*
467
+
* Does the new cr3 value map to physical memory? (Note, we
468
+
* catch an invalid cr3 even in real-mode, because it would
469
+
* cause trouble later on when we turn on paging anyway.)
470
+
*
471
+
* A real CPU would silently accept an invalid cr3 and would
472
+
* attempt to use it - with largely undefined (and often hard
473
+
* to debug) behavior on the guest side.
474
+
*/
475
+
if (unlikely(!gfn_to_memslot(vcpu->kvm, cr3 >> PAGE_SHIFT)))
476
+
inject_gp(vcpu);
477
+
else
478
+
vcpu->mmu.new_cr3(vcpu);
467
479
spin_unlock(&vcpu->kvm->lock);
468
480
}
469
481
EXPORT_SYMBOL_GPL(set_cr3);