On 09/03/20 16:52, Vitaly Kuznetsov wrote: > Miaohe Lin noticed that we incorrectly handle enlightened vmptrld failures > in nested_vmx_run(). Trying to handle errors correctly, I fixed > a few things: > - NULL pointer dereference with invalid eVMCS GPAs [PATCH1] > - moved eVMCS mapping after migration to nested_get_vmcs12_pages() from > nested_sync_vmcs12_to_shadow() [PATCH2] > - added propper nested_vmx_handle_enlightened_vmptrld() error handling > [PATCH3] > - added selftests for incorrect eVMCS revision id and GPA [PATCHes4-6] > > PATCH1 fixes a DoS and thus marked for stable@. > > Vitaly Kuznetsov (6): > KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs > KVM: nVMX: stop abusing need_vmcs12_to_shadow_sync for eVMCS mapping > KVM: nVMX: properly handle errors in > nested_vmx_handle_enlightened_vmptrld() > KVM: selftests: define and use EVMCS_VERSION > KVM: selftests: test enlightened vmenter with wrong eVMCS version > KVM: selftests: enlightened VMPTRLD with an incorrect GPA > > arch/x86/kvm/vmx/evmcs.h | 7 ++ > arch/x86/kvm/vmx/nested.c | 64 +++++++++++++------ > tools/testing/selftests/kvm/include/evmcs.h | 2 + > tools/testing/selftests/kvm/lib/x86_64/vmx.c | 2 +- > .../testing/selftests/kvm/x86_64/evmcs_test.c | 25 ++++++-- > 5 files changed, 72 insertions(+), 28 deletions(-) > Queued, thanks. Paolo
