diff options
| author | Sean Christopherson <[email protected]> | 2022-05-26 21:08:10 +0000 |
|---|---|---|
| committer | Paolo Bonzini <[email protected]> | 2022-06-10 10:01:29 -0400 |
| commit | 61d9c412d0416aa1f7914a732d424a9e8ff24c36 (patch) | |
| tree | 7d34c9d08eb4fd7ce25793adcdb208ec6e4efccb /tools/perf/scripts/python/flamegraph.py | |
| parent | e15f5e6fa6ca1b3baf087314b2541afa935d00e7 (diff) | |
KVM: x86: Grab regs_dirty in local 'unsigned long'
Capture ctxt->regs_dirty in a local 'unsigned long' instead of casting it
to an 'unsigned long *' for use in for_each_set_bit(). The bitops helpers
really do read the entire 'unsigned long', even though the walking of the
read value is capped at the specified size. I.e. 64-bit KVM is reading
memory beyond ctxt->regs_dirty, which is a u32 and thus 4 bytes, whereas
an unsigned long is 8 bytes. Functionally it's not an issue because
regs_dirty is in the middle of x86_emulate_ctxt, i.e. KVM is just reading
its own memory, but relying on that coincidence is gross and unsafe.
Reviewed-by: Vitaly Kuznetsov <[email protected]>
Reviewed-by: Kees Cook <[email protected]>
Signed-off-by: Sean Christopherson <[email protected]>
Message-Id: <[email protected]>
Signed-off-by: Paolo Bonzini <[email protected]>
Diffstat (limited to 'tools/perf/scripts/python/flamegraph.py')
0 files changed, 0 insertions, 0 deletions