[PATCH] kvm-kmod: x86: make sure kvm_get_desc_base() doesn't sign extend

[Bernhard Kohl <bernhard.kohl@xxxxxxx>]

The current implementation of kvm_get_desc_base() sign extends the
return value because of integer promotion rules when compiled for
x86_64 kernels. For the most part, this doesn't matter, because
the top bit of base2 is usually 0. If, however, that bit is 1, then
the entire value will be 0xffff... which is probably not what the
caller intended.

We have a legacy OS which runs into errors in certain situations
(task switches) because of this bug, i.e. error on vm_entry followed
by unhandled vm_exit.

dmesg says:
vmx_handle_exit: unexpected, valid vectoring info (0x80000b0d)
and exit reason is 0x80000021
or
vmx_handle_exit: unexpected, valid vectoring info (0x80000300)
and exit reason is 0x80000021

qemu-kvm says:
kvm: unhandled exit 80000021
kvm_run returned -22

This fix was originally applied as patch 2c75910 in kvm.git:
"x86: Make sure get_user_desc() doesn't sign extend."

Signed-off-by: Bernhard Kohl <bernhard.kohl@xxxxxxx>
---
 x86/external-module-compat.h |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/x86/external-module-compat.h b/x86/external-module-compat.h
index 15b0280..a2af776 100644
--- a/x86/external-module-compat.h
+++ b/x86/external-module-compat.h
@@ -435,7 +435,7 @@ struct kvm_desc_ptr {
 static inline unsigned long
 kvm_get_desc_base(const struct kvm_desc_struct *desc)
 {
-	return desc->base0 | ((desc->base1) << 16) | ((desc->base2) << 24);
+	return (unsigned)(desc->base0 | ((desc->base1) << 16) | ((desc->base2) << 24));
 }
 
 static inline void
-- 
1.7.2.3

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html