diff options
| author | Sean Christopherson <seanjc@google.com> | 2026-06-02 10:09:21 -0700 |
|---|---|---|
| committer | Sean Christopherson <seanjc@google.com> | 2026-06-03 05:39:24 -0700 |
| commit | b408b52e7111c560dcd7d69612c2e07c59c36ae3 (patch) | |
| tree | faafee39955e7da24a8421a75ccb773d39d64b02 /scripts/git.orderFile | |
| parent | b7a23fb0ed7e37774997f9b2029dd9dce5653d74 (diff) | |
KVM: selftests: Add guest_memfd regression test signed offset+size bug
Add a regression (and proof-of-bug) testcase to ensure KVM rejects an
offset+size that would result in a negative value when computed as a signed
64-bit value. KVM had a flaw where it would allow binding a memslot to a
guest_memfd instance even with a wildly out-of-range offset, if the offset
and size were both positive values, but the combined offset+size was
negative.
Use "0x7fffffffffffffffull - page_size", i.e. "INT64_MAX - page_size", for
the offset as the size of the guest_memfd file must be at least page_size
(KVM requires memslots and gmem files to be host page-size aligned). I.e.
"INT64_MAX - page_size + size" is guaranteed to generate an offset+size
that is negative when converted to a signed 64-bit value *and* honors KVM's
alignment requirements.
Reviewed-by: Ackerley Tng <ackerleytng@google.com>
Tested-by: Ackerley Tng <ackerleytng@google.com>
Link: https://patch.msgid.link/20260602170921.1304394-4-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
Diffstat (limited to 'scripts/git.orderFile')
0 files changed, 0 insertions, 0 deletions