| From ede885ecb2cdf8a8dd5367702e3d964ec846a2d5 Mon Sep 17 00:00:00 2001 |
| From: David Rientjes <rientjes@google.com> |
| Date: Tue, 19 Mar 2019 15:19:56 -0700 |
| Subject: kvm: svm: fix potential get_num_contig_pages overflow |
| |
| From: David Rientjes <rientjes@google.com> |
| |
| commit ede885ecb2cdf8a8dd5367702e3d964ec846a2d5 upstream. |
| |
| get_num_contig_pages() could potentially overflow int so make its type |
| consistent with its usage. |
| |
| Reported-by: Cfir Cohen <cfir@google.com> |
| Cc: stable@vger.kernel.org |
| Signed-off-by: David Rientjes <rientjes@google.com> |
| Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| arch/x86/kvm/svm.c | 10 +++++----- |
| 1 file changed, 5 insertions(+), 5 deletions(-) |
| |
| --- a/arch/x86/kvm/svm.c |
| +++ b/arch/x86/kvm/svm.c |
| @@ -6422,11 +6422,11 @@ e_free: |
| return ret; |
| } |
| |
| -static int get_num_contig_pages(int idx, struct page **inpages, |
| - unsigned long npages) |
| +static unsigned long get_num_contig_pages(unsigned long idx, |
| + struct page **inpages, unsigned long npages) |
| { |
| unsigned long paddr, next_paddr; |
| - int i = idx + 1, pages = 1; |
| + unsigned long i = idx + 1, pages = 1; |
| |
| /* find the number of contiguous pages starting from idx */ |
| paddr = __sme_page_pa(inpages[idx]); |
| @@ -6445,12 +6445,12 @@ static int get_num_contig_pages(int idx, |
| |
| static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) |
| { |
| - unsigned long vaddr, vaddr_end, next_vaddr, npages, size; |
| + unsigned long vaddr, vaddr_end, next_vaddr, npages, pages, size, i; |
| struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; |
| struct kvm_sev_launch_update_data params; |
| struct sev_data_launch_update_data *data; |
| struct page **inpages; |
| - int i, ret, pages; |
| + int ret; |
| |
| if (!sev_guest(kvm)) |
| return -ENOTTY; |