On Mon, May 14, 2018 at 08:00:29PM +1000, Alexey Kardashevskiy wrote: > Although it does not seem possible to break the host by passing bad > parameters when creating a TCE table in KVM, it is still better to get > an early clear indication of that than debugging weird effect this might > bring. > > This adds some sanity checks that the page size is 4KB..16GB as this is > what the actual LoPAPR supports and that the window actually fits 64bit > space. > > Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx> Reviewed-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> > --- > arch/powerpc/kvm/book3s_64_vio.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/arch/powerpc/kvm/book3s_64_vio.c b/arch/powerpc/kvm/book3s_64_vio.c > index 984f197..80ead38 100644 > --- a/arch/powerpc/kvm/book3s_64_vio.c > +++ b/arch/powerpc/kvm/book3s_64_vio.c > @@ -300,7 +300,8 @@ long kvm_vm_ioctl_create_spapr_tce(struct kvm *kvm, > int ret = -ENOMEM; > int i; > > - if (!args->size) > + if (!args->size || args->page_shift < 12 || args->page_shift > 34 || > + (args->offset + args->size > (ULLONG_MAX >> args->page_shift))) > return -EINVAL; > > size = _ALIGN_UP(args->size, PAGE_SIZE >> 3); -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson
Attachment:
signature.asc
Description: PGP signature
