drm/i915/gvt: Warning for invalid ggtt access

Instead of silently return virtual ggtt entries that guest is allowed
to access, this patch add extra range check. If guest read out of
range, it will print a warning and return 0. If guest write out
of range, the write will be dropped without any message.

Reviewed-by: Zhenyu Wang <zhenyuw@linux.intel.com>
Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.com>
Signed-off-by: Zhenyu Wang <zhenyuw@linux.intel.com>

diff --git a/drivers/gpu/drm/i915/gvt/gtt.c b/drivers/gpu/drm/i915/gvt/gtt.c
index 53115bdae12be320e3de82562fa6d36a39684686..4b04af569c05c13df7cc4f6ca235abb0b281d025 100644 (file)
--- a/drivers/gpu/drm/i915/gvt/gtt.c
+++ b/drivers/gpu/drm/i915/gvt/gtt.c
@@ -2141,11 +2141,20 @@ static int emulate_ggtt_mmio_read(struct intel_vgpu *vgpu,
        struct intel_vgpu_mm *ggtt_mm = vgpu->gtt.ggtt_mm;
        const struct intel_gvt_device_info *info = &vgpu->gvt->device_info;
        unsigned long index = off >> info->gtt_entry_size_shift;
+       unsigned long gma;
        struct intel_gvt_gtt_entry e;
 
        if (bytes != 4 && bytes != 8)
                return -EINVAL;
 
+       gma = index << I915_GTT_PAGE_SHIFT;
+       if (!intel_gvt_ggtt_validate_range(vgpu,
+                                          gma, 1 << I915_GTT_PAGE_SHIFT)) {
+               gvt_dbg_mm("read invalid ggtt at 0x%lx\n", gma);
+               memset(p_data, 0, bytes);
+               return 0;
+       }
+
        ggtt_get_guest_entry(ggtt_mm, &e, index);
        memcpy(p_data, (void *)&e.val64 + (off & (info->gtt_entry_size - 1)),
                        bytes);