Commit 243b1f6
KVM: arm64: vgic: Add more checks when restoring ITS tables
Try to improve the predictability of ITS save/restores (and debuggability
of failed ITS saves) by failing early on restore when trying to read
corrupted tables.
Restoring the ITS tables does some checks for corrupted tables, but not as
many as in a save: an overflowing device ID will be detected on save but
not on restore. The consequence is that restoring a corrupted table won't
be detected until the next save; including the ITS not working as expected
after the restore. As an example, if the guest sets tables overlapping
each other, which would most likely result in some corrupted table, this is
what we would see from the host point of view:
guest sets base addresses that overlap each other
save ioctl
restore ioctl
save ioctl (fails)
Ideally, we would like the first save to fail, but overlapping tables could
actually be intended by the guest. So, let's at least fail on the restore
with some checks: like checking that device and event IDs don't overflow
their tables.
Signed-off-by: Ricardo Koller <ricarkol@google.com>
Reviewed-by: Oliver Upton <oupton@google.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20220510001633.552496-3-ricarkol@google.com1 parent cafe7e5 commit 243b1f6
1 file changed
Lines changed: 7 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2198 | 2198 | | |
2199 | 2199 | | |
2200 | 2200 | | |
| 2201 | + | |
| 2202 | + | |
| 2203 | + | |
2201 | 2204 | | |
2202 | 2205 | | |
2203 | 2206 | | |
| |||
2319 | 2322 | | |
2320 | 2323 | | |
2321 | 2324 | | |
| 2325 | + | |
2322 | 2326 | | |
2323 | 2327 | | |
2324 | 2328 | | |
| |||
2339 | 2343 | | |
2340 | 2344 | | |
2341 | 2345 | | |
| 2346 | + | |
| 2347 | + | |
| 2348 | + | |
2342 | 2349 | | |
2343 | 2350 | | |
2344 | 2351 | | |
| |||
0 commit comments