[PATCH] KVM: PPC: Book3S HV: XIVE: Fix vCPU id sanity check
Michael Ellerman
patch-notifications at ellerman.id.au
Fri Dec 4 22:59:44 AEDT 2020
On Mon, 30 Nov 2020 13:19:27 +0100, Greg Kurz wrote:
> Commit 062cfab7069f ("KVM: PPC: Book3S HV: XIVE: Make VP block size
> configurable") updated kvmppc_xive_vcpu_id_valid() in a way that
> allows userspace to trigger an assertion in skiboot and crash the host:
>
> [ 696.186248988,3] XIVE[ IC 08 ] eq_blk != vp_blk (0 vs. 1) for target 0x4300008c/0
> [ 696.186314757,0] Assert fail: hw/xive.c:2370:0
> [ 696.186342458,0] Aborting!
> xive-kvCPU 0043 Backtrace:
> S: 0000000031e2b8f0 R: 0000000030013840 .backtrace+0x48
> S: 0000000031e2b990 R: 000000003001b2d0 ._abort+0x4c
> S: 0000000031e2ba10 R: 000000003001b34c .assert_fail+0x34
> S: 0000000031e2ba90 R: 0000000030058984 .xive_eq_for_target.part.20+0xb0
> S: 0000000031e2bb40 R: 0000000030059fdc .xive_setup_silent_gather+0x2c
> S: 0000000031e2bc20 R: 000000003005a334 .opal_xive_set_vp_info+0x124
> S: 0000000031e2bd20 R: 00000000300051a4 opal_entry+0x134
> --- OPAL call token: 0x8a caller R1: 0xc000001f28563850 ---
>
> [...]
Applied to powerpc/fixes.
[1/1] KVM: PPC: Book3S HV: XIVE: Fix vCPU id sanity check
https://git.kernel.org/powerpc/c/f54db39fbe40731c40aefdd3bc26e7d56d668c64
cheers
More information about the Linuxppc-dev
mailing list