Intel EPT: Fix out of range right shift on 32-bit host

Currently, there has a logic to check whether the EPT GFN is exceeding
guest physical address width. It uses right shift(>>) to implement the
check. But the right shift count is greater than the width of the
type(unsigned long = 32) under the PAE. And this will cause guest boot
fail under PAE with EPT supported.

Signed-off-by: Li Xin <xin.li@intel.com>
Signed-off-by: Zhang Yang <yang.z.zhang@intel.com>

diff --git a/xen/arch/x86/mm/hap/p2m-ept.c b/xen/arch/x86/mm/hap/p2m-ept.c
index ed6bc7a85815dc295473e73a98f38bf1e52bef46..3e43a3650455b7ff045d56988b0b551d75930a60 100644 (file)
--- a/xen/arch/x86/mm/hap/p2m-ept.c
+++ b/xen/arch/x86/mm/hap/p2m-ept.c
@@ -267,7 +267,7 @@ ept_set_entry(struct domain *d, unsigned long gfn, mfn_t mfn,
      * 3. passing a valid order.
      */
     if ( ((gfn | mfn_x(mfn)) & ((1UL << order) - 1)) ||
-         (gfn >> ((ept_get_wl(d) + 1) * EPT_TABLE_ORDER)) ||
+         ((u64)gfn >> ((ept_get_wl(d) + 1) * EPT_TABLE_ORDER)) ||
          (order % EPT_TABLE_ORDER) )
         return 0;