diff options
| author | Sean Christopherson <sean.j.christopherson@intel.com> | 2018-07-19 13:31:00 -0400 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2018-07-20 11:44:57 -0400 |
| commit | 0a06d4256674c4e041945b52044941995fee237d (patch) | |
| tree | 4c478511a57fd1a59a683d685bbe3905a8eb6d68 | |
| parent | 28c20cc73b9cc4288c86c2a3fc62af4087de4b19 (diff) | |
KVM: vmx: use local variable for current_vmptr when emulating VMPTRST
Do not expose the address of vmx->nested.current_vmptr to
kvm_write_guest_virt_system() as the resulting __copy_to_user()
call will trigger a WARN when CONFIG_HARDENED_USERCOPY is
enabled.
Opportunistically clean up variable names in handle_vmptrst()
to improve readability, e.g. vmcs_gva is misleading as the
memory operand of VMPTRST is plain memory, not a VMCS.
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Tested-by: Peter Shier <pshier@google.com>
Reviewed-by: Peter Shier <pshier@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| -rw-r--r-- | arch/x86/kvm/vmx.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index e30da9a2430c..548bef5359e6 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c | |||
| @@ -8480,21 +8480,20 @@ static int handle_vmptrld(struct kvm_vcpu *vcpu) | |||
| 8480 | /* Emulate the VMPTRST instruction */ | 8480 | /* Emulate the VMPTRST instruction */ |
| 8481 | static int handle_vmptrst(struct kvm_vcpu *vcpu) | 8481 | static int handle_vmptrst(struct kvm_vcpu *vcpu) |
| 8482 | { | 8482 | { |
| 8483 | unsigned long exit_qualification = vmcs_readl(EXIT_QUALIFICATION); | 8483 | unsigned long exit_qual = vmcs_readl(EXIT_QUALIFICATION); |
| 8484 | u32 vmx_instruction_info = vmcs_read32(VMX_INSTRUCTION_INFO); | 8484 | u32 instr_info = vmcs_read32(VMX_INSTRUCTION_INFO); |
| 8485 | gva_t vmcs_gva; | 8485 | gpa_t current_vmptr = to_vmx(vcpu)->nested.current_vmptr; |
| 8486 | struct x86_exception e; | 8486 | struct x86_exception e; |
| 8487 | gva_t gva; | ||
| 8487 | 8488 | ||
| 8488 | if (!nested_vmx_check_permission(vcpu)) | 8489 | if (!nested_vmx_check_permission(vcpu)) |
| 8489 | return 1; | 8490 | return 1; |
| 8490 | 8491 | ||
| 8491 | if (get_vmx_mem_address(vcpu, exit_qualification, | 8492 | if (get_vmx_mem_address(vcpu, exit_qual, instr_info, true, &gva)) |
| 8492 | vmx_instruction_info, true, &vmcs_gva)) | ||
| 8493 | return 1; | 8493 | return 1; |
| 8494 | /* *_system ok, nested_vmx_check_permission has verified cpl=0 */ | 8494 | /* *_system ok, nested_vmx_check_permission has verified cpl=0 */ |
| 8495 | if (kvm_write_guest_virt_system(vcpu, vmcs_gva, | 8495 | if (kvm_write_guest_virt_system(vcpu, gva, (void *)¤t_vmptr, |
| 8496 | (void *)&to_vmx(vcpu)->nested.current_vmptr, | 8496 | sizeof(gpa_t), &e)) { |
| 8497 | sizeof(u64), &e)) { | ||
| 8498 | kvm_inject_page_fault(vcpu, &e); | 8497 | kvm_inject_page_fault(vcpu, &e); |
| 8499 | return 1; | 8498 | return 1; |
| 8500 | } | 8499 | } |