diff options
| author | Nadav Amit <namit@cs.technion.ac.il> | 2014-07-24 15:06:56 +0300 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2014-07-24 14:16:57 +0200 |
| commit | 0123be429fef40f067e5b1811576c3994229f59e (patch) | |
| tree | 7a4b1a24036413133baadde140475aab6ac693d0 | |
| parent | d6e8c8545651b05a86c5b9d29d2fe11ad4cbb9aa (diff) | |
KVM: x86: Assertions to check no overrun in MSR lists
Currently there is no check whether shared MSRs list overrun the allocated size
which can results in bugs. In addition there is no check that vmx->guest_msrs
has sufficient space to accommodate all the VMX msrs. This patch adds the
assertions.
Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| -rw-r--r-- | arch/x86/kvm/vmx.c | 2 | ||||
| -rw-r--r-- | arch/x86/kvm/x86.c | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index fd24f68378a7..3397a88b7463 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -7608,6 +7608,8 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id) goto free_vcpu; vmx->guest_msrs = kmalloc(PAGE_SIZE, GFP_KERNEL); + BUILD_BUG_ON(PAGE_SIZE / sizeof(struct shared_msr_entry) < NR_VMX_MSR); + err = -ENOMEM; if (!vmx->guest_msrs) { goto uninit_vcpu; diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 439f96bf424d..d38abc81db65 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -212,6 +212,7 @@ static void shared_msr_update(unsigned slot, u32 msr) void kvm_define_shared_msr(unsigned slot, u32 msr) { + BUG_ON(slot >= KVM_NR_SHARED_MSRS); if (slot >= shared_msrs_global.nr) shared_msrs_global.nr = slot + 1; shared_msrs_global.msrs[slot] = msr; |