|
|
@@ -8622,10 +8622,11 @@ static bool nested_get_vmcs12_pages(struct kvm_vcpu *vcpu,
|
|
|
struct vmcs12 *vmcs12)
|
|
|
{
|
|
|
struct vcpu_vmx *vmx = to_vmx(vcpu);
|
|
|
+ int maxphyaddr = cpuid_maxphyaddr(vcpu);
|
|
|
|
|
|
if (nested_cpu_has2(vmcs12, SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)) {
|
|
|
- /* TODO: Also verify bits beyond physical address width are 0 */
|
|
|
- if (!PAGE_ALIGNED(vmcs12->apic_access_addr))
|
|
|
+ if (!PAGE_ALIGNED(vmcs12->apic_access_addr) ||
|
|
|
+ vmcs12->apic_access_addr >> maxphyaddr)
|
|
|
return false;
|
|
|
|
|
|
/*
|
|
|
@@ -8641,8 +8642,8 @@ static bool nested_get_vmcs12_pages(struct kvm_vcpu *vcpu,
|
|
|
}
|
|
|
|
|
|
if (nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW)) {
|
|
|
- /* TODO: Also verify bits beyond physical address width are 0 */
|
|
|
- if (!PAGE_ALIGNED(vmcs12->virtual_apic_page_addr))
|
|
|
+ if (!PAGE_ALIGNED(vmcs12->virtual_apic_page_addr) ||
|
|
|
+ vmcs12->virtual_apic_page_addr >> maxphyaddr)
|
|
|
return false;
|
|
|
|
|
|
if (vmx->nested.virtual_apic_page) /* shouldn't happen */
|
|
|
@@ -8665,7 +8666,8 @@ static bool nested_get_vmcs12_pages(struct kvm_vcpu *vcpu,
|
|
|
}
|
|
|
|
|
|
if (nested_cpu_has_posted_intr(vmcs12)) {
|
|
|
- if (!IS_ALIGNED(vmcs12->posted_intr_desc_addr, 64))
|
|
|
+ if (!IS_ALIGNED(vmcs12->posted_intr_desc_addr, 64) ||
|
|
|
+ vmcs12->posted_intr_desc_addr >> maxphyaddr)
|
|
|
return false;
|
|
|
|
|
|
if (vmx->nested.pi_desc_page) { /* shouldn't happen */
|
|
|
@@ -9386,7 +9388,6 @@ static int nested_vmx_run(struct kvm_vcpu *vcpu, bool launch)
|
|
|
}
|
|
|
|
|
|
if (!nested_get_vmcs12_pages(vcpu, vmcs12)) {
|
|
|
- /*TODO: Also verify bits beyond physical address width are 0*/
|
|
|
nested_vmx_failValid(vcpu, VMXERR_ENTRY_INVALID_CONTROL_FIELD);
|
|
|
return 1;
|
|
|
}
|
Eugene Korenevsky