diff options
| author | Ingo Molnar <mingo@elte.hu> | 2007-01-05 19:36:59 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.osdl.org> | 2007-01-06 02:55:28 -0500 |
| commit | d21225ee2b6fa9f7669526927f2e0bedebd90940 (patch) | |
| tree | c606fa6b98a7f30215bb8702fd5e22d1d4123589 /drivers | |
| parent | 760db773fbd0ad2ece89393218c4a4213b5bae6a (diff) | |
[PATCH] KVM: Make loading cr3 more robust
Prevent the guest's loading of a corrupt cr3 (pointing at no guest phsyical
page) from crashing the host.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'drivers')
| -rw-r--r-- | drivers/kvm/kvm_main.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/drivers/kvm/kvm_main.c b/drivers/kvm/kvm_main.c index 0675d3e51692..67c1154960f0 100644 --- a/drivers/kvm/kvm_main.c +++ b/drivers/kvm/kvm_main.c | |||
| @@ -463,7 +463,19 @@ void set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3) | |||
| 463 | 463 | ||
| 464 | vcpu->cr3 = cr3; | 464 | vcpu->cr3 = cr3; |
| 465 | spin_lock(&vcpu->kvm->lock); | 465 | spin_lock(&vcpu->kvm->lock); |
| 466 | vcpu->mmu.new_cr3(vcpu); | 466 | /* |
| 467 | * Does the new cr3 value map to physical memory? (Note, we | ||
| 468 | * catch an invalid cr3 even in real-mode, because it would | ||
| 469 | * cause trouble later on when we turn on paging anyway.) | ||
| 470 | * | ||
| 471 | * A real CPU would silently accept an invalid cr3 and would | ||
| 472 | * attempt to use it - with largely undefined (and often hard | ||
| 473 | * to debug) behavior on the guest side. | ||
| 474 | */ | ||
| 475 | if (unlikely(!gfn_to_memslot(vcpu->kvm, cr3 >> PAGE_SHIFT))) | ||
| 476 | inject_gp(vcpu); | ||
| 477 | else | ||
| 478 | vcpu->mmu.new_cr3(vcpu); | ||
| 467 | spin_unlock(&vcpu->kvm->lock); | 479 | spin_unlock(&vcpu->kvm->lock); |
| 468 | } | 480 | } |
| 469 | EXPORT_SYMBOL_GPL(set_cr3); | 481 | EXPORT_SYMBOL_GPL(set_cr3); |