kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types - android_kernel_xiaomi_sdm660.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Jim Mattson <jmattson@google.com>	2018-02-23 11:42:16 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-02-25 11:03:54 +0100
commit	82a945257ea995db797401eae023ec667967db18 (patch)
tree	a29cfb0dbbc3e47061dd7e60fef52587dad3e99d /arch/x86/kvm/x86.h
parent	04e8b366d3594bc6aaa728e183a13245a7f70653 (diff)

kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types

commit 85c856b39b479dde410ddd09df1da745343010c9 upstream Bitwise shifts by amounts greater than or equal to the width of the left operand are undefined. A malicious guest can exploit this to crash a 32-bit host, due to the BUG_ON(1)'s in handle_{invept,invvpid}. Signed-off-by: Jim Mattson <jmattson@google.com> Message-Id: <1477496318-17681-1-git-send-email-jmattson@google.com> [Change 1UL to 1, to match the range check on the shift count. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> [jwang: port from linux-4.9 to 4.4 ] Signed-off-by: Jack Wang <jinpu.wang@profitbricks.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'arch/x86/kvm/x86.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: