diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2015-08-27 14:12:41 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2015-08-27 14:12:41 -0400 |
| commit | 95803812cfb3ece8ee1bb3747611ead48300fca2 (patch) | |
| tree | 70f613f890a656c9be1e3bfbb43947cd336629dc | |
| parent | f9ed72dde34e3d5253e206e4bc3edbc6373015d6 (diff) | |
| parent | 126c69a0bd0e441bf6766a5d9bf20de011be9f68 (diff) | |
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Pull amr64 kvm fix from Will Deacon:
"We've uncovered a nasty bug in the arm64 KVM code which allows a badly
behaved 32-bit guest to bring down the host. The fix is simple (it's
what I believe we call a "brown paper bag" bug) and I don't think it
makes sense to sit on this, particularly as Russell ended up
triggering this rather than just somebody noticing a potential problem
by inspection.
Usually arm64 KVM changes would go via Paolo's tree, but he's on
holiday at the moment and the deal is that anything urgent gets
shuffled via the arch trees, so here it is.
Summary:
Fix arm64 KVM issue when injecting an abort into a 32-bit guest, which
would lead to an illegal exception return at EL2 and a subsequent host
crash"
* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
arm64: KVM: Fix host crash when injecting a fault into a 32bit guest
| -rw-r--r-- | arch/arm64/kvm/inject_fault.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/arch/arm64/kvm/inject_fault.c b/arch/arm64/kvm/inject_fault.c index f02530e726f6..85c57158dcd9 100644 --- a/arch/arm64/kvm/inject_fault.c +++ b/arch/arm64/kvm/inject_fault.c | |||
| @@ -168,8 +168,8 @@ void kvm_inject_dabt(struct kvm_vcpu *vcpu, unsigned long addr) | |||
| 168 | { | 168 | { |
| 169 | if (!(vcpu->arch.hcr_el2 & HCR_RW)) | 169 | if (!(vcpu->arch.hcr_el2 & HCR_RW)) |
| 170 | inject_abt32(vcpu, false, addr); | 170 | inject_abt32(vcpu, false, addr); |
| 171 | 171 | else | |
| 172 | inject_abt64(vcpu, false, addr); | 172 | inject_abt64(vcpu, false, addr); |
| 173 | } | 173 | } |
| 174 | 174 | ||
| 175 | /** | 175 | /** |
| @@ -184,8 +184,8 @@ void kvm_inject_pabt(struct kvm_vcpu *vcpu, unsigned long addr) | |||
| 184 | { | 184 | { |
| 185 | if (!(vcpu->arch.hcr_el2 & HCR_RW)) | 185 | if (!(vcpu->arch.hcr_el2 & HCR_RW)) |
| 186 | inject_abt32(vcpu, true, addr); | 186 | inject_abt32(vcpu, true, addr); |
| 187 | 187 | else | |
| 188 | inject_abt64(vcpu, true, addr); | 188 | inject_abt64(vcpu, true, addr); |
| 189 | } | 189 | } |
| 190 | 190 | ||
| 191 | /** | 191 | /** |
| @@ -198,6 +198,6 @@ void kvm_inject_undefined(struct kvm_vcpu *vcpu) | |||
| 198 | { | 198 | { |
| 199 | if (!(vcpu->arch.hcr_el2 & HCR_RW)) | 199 | if (!(vcpu->arch.hcr_el2 & HCR_RW)) |
| 200 | inject_undef32(vcpu); | 200 | inject_undef32(vcpu); |
| 201 | 201 | else | |
| 202 | inject_undef64(vcpu); | 202 | inject_undef64(vcpu); |
| 203 | } | 203 | } |