KVM: arm/arm64: vgic-v2: Limit ITARGETSR bits to number of VCPUs The GICv2 spec says in section 4.3.12 that a "CPU targets field bit that corresponds to an unimplemented CPU interface is RAZ/WI." Currently we allow the guest to write any value in there and it can read that back. Mask the written value with the proper CPU mask to be spec compliant. Signed-off-by: Andre Przywara <andre.przywara@arm.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>

commit: 266068eabb1077adf7d74a66de6610e7a6205d02 [log] [tgz]
author: Andre Przywara <andre.przywara@arm.com> Wed Nov 16 17:57:16 2016 +0000
committer: Marc Zyngier <marc.zyngier@arm.com> Fri Dec 09 15:46:59 2016 +0000
tree: d070029ff263a01a25fce431e08134e256c57f33
parent: fd5ebf99f814fadae0dd50893699ba17e1b4af42 [diff] [blame]
diff --git a/virt/kvm/arm/vgic/vgic-mmio-v2.c b/virt/kvm/arm/vgic/vgic-mmio-v2.c
index b44b359..78e34bc 100644
--- a/virt/kvm/arm/vgic/vgic-mmio-v2.c
+++ b/virt/kvm/arm/vgic/vgic-mmio-v2.c

@@ -129,6 +129,7 @@
 				   unsigned long val)
 {
 	u32 intid = VGIC_ADDR_TO_INTID(addr, 8);
+	u8 cpu_mask = GENMASK(atomic_read(&vcpu->kvm->online_vcpus) - 1, 0);
 	int i;
 
 	/* GICD_ITARGETSR[0-7] are read-only */
@@ -141,7 +142,7 @@
 
 		spin_lock(&irq->irq_lock);
 
-		irq->targets = (val >> (i * 8)) & 0xff;
+		irq->targets = (val >> (i * 8)) & cpu_mask;
 		target = irq->targets ? __ffs(irq->targets) : 0;
 		irq->target_vcpu = kvm_get_vcpu(vcpu->kvm, target);
commit	266068eabb1077adf7d74a66de6610e7a6205d02	[log] [tgz]
author	Andre Przywara <andre.przywara@arm.com>	Wed Nov 16 17:57:16 2016 +0000
committer	Marc Zyngier <marc.zyngier@arm.com>	Fri Dec 09 15:46:59 2016 +0000
tree	d070029ff263a01a25fce431e08134e256c57f33
parent	fd5ebf99f814fadae0dd50893699ba17e1b4af42 [diff] [blame]