On Thu, Jul 21, 2022, Sean Christopherson wrote:
> On Tue, Jun 21, 2022, Maxim Levitsky wrote:
> > On 64 bit host, if the guest doesn't have X86_FEATURE_LM, we would
>
> s/we would/KVM will
>
> > access 16 gprs to 32-bit smram image, causing out-ouf-bound ram
> > access.
> >
> > On 32 bit host, the rsm_load_state_64/enter_smm_save_state_64
> > is compiled out, thus access overflow can't happen.
> >
> > Fixes: b443183a25ab61 ("KVM: x86: Reduce the number of emulator GPRs to '8' for 32-bit KVM")
>
> Argh, I forgot that this one of the like five places KVM actually respects the
> long mode flag. Even worse, I fixed basically the same thing a while back,
> commit b68f3cc7d978 ("KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels").
>
> We should really harden put_smstate() and GET_SMSTATE()...
Or I could read the next few patches and see that they go away...
