| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e9850fab-9908-7c38-8564-a3597bebd33b@redhat.com>
Date: Fri, 25 Nov 2016 17:10:45 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: Radim Krčmář <rkrcmar@...hat.com>,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Subject: Re: [PATCH] KVM: x86: restrict maximal physical address
On 25/11/2016 15:51, Radim Krčmář wrote:
> The guest could have configured a maximal physical address that exceeds
> the host. Prevent that situation as it could easily lead to a bug.
>
> Signed-off-by: Radim Krčmář <rkrcmar@...hat.com>
> ---
> arch/x86/kvm/cpuid.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index 25f0f15fab1a..aed910e9fbed 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -136,7 +136,13 @@ int kvm_update_cpuid(struct kvm_vcpu *vcpu)
> ((best->eax & 0xff00) >> 8) != 0)
> return -EINVAL;
>
> - /* Update physical-address width */
> +
> + /*
> + * Update physical-address width.
> + * Make sure that it does not exceed hardware capabilities.
> + */
> + if (cpuid_query_maxphyaddr(vcpu) > boot_cpu_data.x86_phys_bits)
> + return -EINVAL;
> vcpu->arch.maxphyaddr = cpuid_query_maxphyaddr(vcpu);
>
> kvm_pmu_refresh(vcpu);
>
Not possible unfortunately, this would break most versions of QEMU that
hard-code 40 for MAXPHYADDR.
Also, "wider" physical addresses in the guest are actually possible with
shadow paging.
Paolo
Powered by blists - more mailing lists