KVM: vmx: use local variable for current_vmptr when emulating VMPTRST
Do not expose the address of vmx->nested.current_vmptr to kvm_write_guest_virt_system() as the resulting __copy_to_user() call will trigger a WARN when CONFIG_HARDENED_USERCOPY is enabled. Opportunistically clean up variable names in handle_vmptrst() to improve readability, e.g. vmcs_gva is misleading as the memory operand of VMPTRST is plain memory, not a VMCS. Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Tested-by: Peter Shier <pshier@google.com> Reviewed-by: Peter Shier <pshier@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
parent
28c20cc73b
commit
0a06d42566
@ -8480,21 +8480,20 @@ static int handle_vmptrld(struct kvm_vcpu *vcpu)
|
||||
/* Emulate the VMPTRST instruction */
|
||||
static int handle_vmptrst(struct kvm_vcpu *vcpu)
|
||||
{
|
||||
unsigned long exit_qualification = vmcs_readl(EXIT_QUALIFICATION);
|
||||
u32 vmx_instruction_info = vmcs_read32(VMX_INSTRUCTION_INFO);
|
||||
gva_t vmcs_gva;
|
||||
unsigned long exit_qual = vmcs_readl(EXIT_QUALIFICATION);
|
||||
u32 instr_info = vmcs_read32(VMX_INSTRUCTION_INFO);
|
||||
gpa_t current_vmptr = to_vmx(vcpu)->nested.current_vmptr;
|
||||
struct x86_exception e;
|
||||
gva_t gva;
|
||||
|
||||
if (!nested_vmx_check_permission(vcpu))
|
||||
return 1;
|
||||
|
||||
if (get_vmx_mem_address(vcpu, exit_qualification,
|
||||
vmx_instruction_info, true, &vmcs_gva))
|
||||
if (get_vmx_mem_address(vcpu, exit_qual, instr_info, true, &gva))
|
||||
return 1;
|
||||
/* *_system ok, nested_vmx_check_permission has verified cpl=0 */
|
||||
if (kvm_write_guest_virt_system(vcpu, vmcs_gva,
|
||||
(void *)&to_vmx(vcpu)->nested.current_vmptr,
|
||||
sizeof(u64), &e)) {
|
||||
if (kvm_write_guest_virt_system(vcpu, gva, (void *)¤t_vmptr,
|
||||
sizeof(gpa_t), &e)) {
|
||||
kvm_inject_page_fault(vcpu, &e);
|
||||
return 1;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user