Thanks David! incorporating all your comments... have a question on
the one excerpted below.
On Mon, Jan 29, 2018 at 1:30 AM, David Hildenbrand <david@xxxxxxxxxx> wrote:
...
>> +/* kvm_sync_regs struct included by kvm_run struct */
>> struct kvm_sync_regs {
>> + /* Members of this structure are potentially malicious.
>> + * Care must be taken by code reading, esp. interpreting,
>> + * data fields from them inside KVM to prevent TOCTOU and
>> + * double-fetch types of vulnerabilities.
>> + */
>> + struct kvm_regs regs;
>> + struct kvm_sregs sregs;
>> + struct kvm_vcpu_events events;
>
> Will all of these be aligned in a way so we don't need any reserved
> fields in between?
>
> sizeof(struct kvm_sync_regs) == siezeof(struct kvm_regs) + ...
The kvm_sync_regs member structs (kvm_regs, kvm_sregs,
kvm_vcpu_events) all appear to be explicitly padded to 8-byte bounds.
And in turn, kvm_sync_regs is wrapped by the union with 2048-byte padding array.
Were you simply asking me to confirm those sizes? If not, please
provide a bit more detail on your concern.
thanks again,
Ken
