KVM: x86: fix shift out of bounds reported by UBSAN

stable inclusion from stable-5.10.7 commit 563135ec664ffb80a2297e94d618b04b228a1262 bugzilla: 47429 -------------------------------- commit 2f80d502 upstream. Since we know that e >= s, we can reassociate the left shift, changing the shifted number from 1 to 2 in exchange for decreasing the right hand side by 1. Reported-by: syzbot+e87846c48bf72bc85311@syzkaller.appspotmail.com Signed-off-by: N Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: N Chen Jun <chenjun102@huawei.com> Acked-by: N Xie XiuQi <xiexiuqi@huawei.com>

KVM: x86: fix shift out of bounds reported by UBSAN
stable inclusion from stable-5.10.7 commit 563135ec664ffb80a2297e94d618b04b228a1262 bugzilla: 47429 -------------------------------- commit 2f80d502 upstream. Since we know that e >= s, we can reassociate the left shift, changing the shifted number from 1 to 2 in exchange for decreasing the right hand side by 1. Reported-by: syzbot+e87846c48bf72bc85311@syzkaller.appspotmail.com Signed-off-by: N Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: N Chen Jun <chenjun102@huawei.com> Acked-by: N Xie XiuQi <xiexiuqi@huawei.com>
2ff92444 · Paolo Bonzini · Zheng Zengkai · 87fb483d · 2ff92444
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

arch/x86/kvm/mmu.h arch/x86/kvm/mmu.h +1 -1

未找到文件。
--- a/arch/x86/kvm/mmu.h
+++ b/arch/x86/kvm/mmu.h
@@ -49,7 +49,7 @@ static inline u64 rsvd_bits(int s, int e)
 	if (e < s)
 		return 0;

-	return ((1ULL << (e - s + 1)) - 1) << s;
+	return ((2ULL << (e - s)) - 1) << s;
 }

 void kvm_mmu_set_mmio_spte_mask(u64 mmio_value, u64 access_mask);