From patchwork Mon Mar 6 11:34:25 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Auger X-Patchwork-Id: 9605861 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 49946602B4 for ; Mon, 6 Mar 2017 11:46:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2585C28236 for ; Mon, 6 Mar 2017 11:46:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1A2A528305; Mon, 6 Mar 2017 11:46:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 8789328236 for ; Mon, 6 Mar 2017 11:46:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=xEhLfi8ENTIpI0fYT/SKB4BK6ftRoPylyBD814ffDIY=; b=KPcHQKvAjG4rHVuxun1Qt8pZhC 2aHjj6JbI6F9nFPYjUPu0HP++yot+S57SJk9TffeGmdBIox1DfSba9tyBrvkZh2E6xCeGuHf1Qcmi QfZPGvobVcEUDPPc0s7wu08N/IP1GeeKQt4IBSywn9gq95Zl5CXNf5G603o6CX27XO3PpsGeZis2w SdQwo4u2rIhN1ZcGOUMb8SrC+lmE1sciki2kwNeYXOzTXTomH+X7Um77jijSxga/YdixZtmlp6XNv Pcdh6Qe2EE9bJuDgEqo4EvrB7Scq9sL4nvS/Ox7QLafe241OSH77pHEOPQqEJK2gMt8rfh1Z2bo2c ofvyzDCQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1ckr5g-0003na-7l; Mon, 06 Mar 2017 11:46:12 +0000 Received: from casper.infradead.org ([2001:770:15f::2]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1ckr2h-0000A4-4w for linux-arm-kernel@bombadil.infradead.org; Mon, 06 Mar 2017 11:43:07 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=References:In-Reply-To:Message-Id:Date: Subject:Cc:To:From:Sender:Reply-To:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=WLJ36kqYM2U4Z8vMsuJMhlAvjkhnU5HMQt/9oU/hbpU=; b=VNzOtH7eQNRiLTZFvol4zDbYX oFUxRnFT4ev972iKeh1gJ+mf6fFh9PQyA4Rd3Ku3qTJyLjNs2GB03pWDrBRrrugYCosbTUzClcM5Q doc9zdiSoyZw8hb1wmmVGcIF82c+ZrfMYOj/kHKl5kxmwPP2tNinU16Lxa2fdv26OFKhBJxYccamz ELHOe0QfpTz97RVDu4kjR4/Eufql6JwZL4wZ+V7z5422pQYxa5aQY1Be61sANh2JyuRNKUDDJuBpm jiY/EFhoYQDMByJyRHXC5bipQZ46pD9feK/a1rp+pQxmnJXEYkTHDEcZsGt9+rW14RzkbQY+HkQhN 1SNl4q67g==; Received: from mx1.redhat.com ([209.132.183.28]) by casper.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1ckqvq-0003N8-FV for linux-arm-kernel@lists.infradead.org; Mon, 06 Mar 2017 11:36:05 +0000 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id BE279811AC; Mon, 6 Mar 2017 11:35:24 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-116-100.ams2.redhat.com [10.36.116.100]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v26BYbnZ002618; Mon, 6 Mar 2017 06:35:21 -0500 From: Eric Auger To: eric.auger.pro@gmail.com, eric.auger@redhat.com, marc.zyngier@arm.com, christoffer.dall@linaro.org, vijayak@caviumnetworks.com, Vijaya.Kumar@cavium.com, peter.maydell@linaro.org, linux-arm-kernel@lists.infradead.org, drjones@redhat.com, kvmarm@lists.cs.columbia.edu, kvm@vger.kernel.org Subject: [PATCH v3 10/19] KVM: arm64: ITS: Check the device id matches TYPER DEVBITS range Date: Mon, 6 Mar 2017 12:34:25 +0100 Message-Id: <1488800074-21991-11-git-send-email-eric.auger@redhat.com> In-Reply-To: <1488800074-21991-1-git-send-email-eric.auger@redhat.com> References: <1488800074-21991-1-git-send-email-eric.auger@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Mon, 06 Mar 2017 11:35:24 +0000 (UTC) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20170306_113602_678649_3E1BB4AF X-CRM114-Status: GOOD ( 17.13 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: andre.przywara@arm.com, pbonzini@redhat.com, dgilbert@redhat.com, quintela@redhat.com, Prasun.Kapoor@cavium.com MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP On MAPD we currently check the device id can be stored in the device table. Let's first check it can be encoded within the range defined by TYPER DEVBITS. Signed-off-by: Eric Auger --- virt/kvm/arm/vgic/vgic-its.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/virt/kvm/arm/vgic/vgic-its.c b/virt/kvm/arm/vgic/vgic-its.c index 694023f..322e370 100644 --- a/virt/kvm/arm/vgic/vgic-its.c +++ b/virt/kvm/arm/vgic/vgic-its.c @@ -180,6 +180,7 @@ static struct its_ite *find_ite(struct vgic_its *its, u32 device_id, #define VITS_ESZ 8 #define VITS_TYPER_IDBITS 0xF +#define VITS_TYPER_DEVBITS 0xF /* * Finds and returns a collection in the ITS collection table. @@ -402,7 +403,7 @@ static unsigned long vgic_mmio_read_its_typer(struct kvm *kvm, * To avoid memory waste in the guest, we keep the number of IDBits and * DevBits low - as least for the time being. */ - reg |= 0x0f << GITS_TYPER_DEVBITS_SHIFT; + reg |= VITS_TYPER_DEVBITS << GITS_TYPER_DEVBITS_SHIFT; reg |= VITS_TYPER_IDBITS << GITS_TYPER_IDBITS_SHIFT; reg |= (VITS_ESZ - 1) << GITS_TYPER_ITT_ENTRY_SIZE_SHIFT; @@ -631,7 +632,7 @@ static int vgic_its_cmd_handle_movi(struct kvm *kvm, struct vgic_its *its, * Check whether an ID can be stored into the corresponding guest table. * For a direct table this is pretty easy, but gets a bit nasty for * indirect tables. We check whether the resulting guest physical address - * is actually valid (covered by a memslot and guest accessbible). + * is actually valid (covered by a memslot and guest accessible). * For this we have to read the respective first level entry. */ static bool vgic_its_check_id(struct vgic_its *its, u64 baser, int id) @@ -642,6 +643,9 @@ static bool vgic_its_check_id(struct vgic_its *its, u64 baser, int id) gfn_t gfn; int esz = GITS_BASER_ENTRY_SIZE(baser); + if (id >= (2 << (VITS_TYPER_DEVBITS + 1))) + return false; + if (!(baser & GITS_BASER_INDIRECT)) { phys_addr_t addr;