Re: [PATCH v4 2/4] KVM: s390: vsie: Fix length of facility list shadowed

From: Janosch Frank
Date: Wed Dec 20 2023 - 05:45:22 EST

Next message: syzbot: "Re: [syzbot] [crypto?] KASAN: slab-out-of-bounds Read in arc4_crypt"
Previous message: James Clark: "Re: [PATCH 1/3] perf scripts python: arm-cs-trace-disasm.py: print dso base address"
In reply to: Nina Schoetterl-Glausch: "[PATCH v4 2/4] KVM: s390: vsie: Fix length of facility list shadowed"
Next in thread: Nina Schoetterl-Glausch: "[PATCH v4 4/4] KVM: s390: Minor refactor of base/ext facility lists"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/19/23 15:08, Nina Schoetterl-Glausch wrote:

The length of the facility list accessed when interpretively executing
STFLE is the same as the hosts facility list (in case of format-0)
The memory following the facility list doesn't need to be accessible.
The current VSIE implementation accesses a fixed length that exceeds the
guest/host facility list length and can therefore wrongly inject a
validity intercept.
Instead, find out the host facility list length by running STFLE and
copy only as much as necessary when shadowing.

Acked-by: David Hildenbrand <david@xxxxxxxxxx>
Reviewed-by: Claudio Imbrenda <imbrenda@xxxxxxxxxxxxx>
Acked-by: Heiko Carstens <hca@xxxxxxxxxxxxx>
Signed-off-by: Nina Schoetterl-Glausch <nsg@xxxxxxxxxxxxx>

Reviewed-by: Janosch Frank <frankja@xxxxxxxxxxxxx>

Next message: syzbot: "Re: [syzbot] [crypto?] KASAN: slab-out-of-bounds Read in arc4_crypt"
Previous message: James Clark: "Re: [PATCH 1/3] perf scripts python: arm-cs-trace-disasm.py: print dso base address"
In reply to: Nina Schoetterl-Glausch: "[PATCH v4 2/4] KVM: s390: vsie: Fix length of facility list shadowed"
Next in thread: Nina Schoetterl-Glausch: "[PATCH v4 4/4] KVM: s390: Minor refactor of base/ext facility lists"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]