mirror of
https://github.com/torvalds/linux.git
synced 2024-11-13 07:31:45 +00:00
571008dacc
When executing a test program called "crashme", we found the KVM guest cannot survive more than ten seconds, then encounterd kernel panic. The basic concept of "crashme" is generating random assembly code and trying to execute it. After some fixes on emulator insn validity judgment, we found it's hard to get the current emulator handle the invalid instructions correctly, for the #UD trap for hypercall patching caused troubles. The problem is, if the opcode itself was OK, but combination of opcode and modrm_reg was invalid, and one operand of the opcode was memory (SrcMem or DstMem), the emulator will fetch the memory operand first rather than checking the validity, and may encounter an error there. For example, ".byte 0xfe, 0x34, 0xcd" has this problem. In the patch, we simply check that if the invalid opcode wasn't vmcall/vmmcall, then return from emulate_instruction() and inject a #UD to guest. With the patch, the guest had been running for more than 12 hours. Signed-off-by: Feng (Eric) Liu <eric.e.liu@intel.com> Signed-off-by: Sheng Yang <sheng.yang@intel.com> Signed-off-by: Avi Kivity <avi@qumranet.com> |
||
|---|---|---|
| .. | ||
| boot | ||
| configs | ||
| crypto | ||
| ia32 | ||
| kernel | ||
| kvm | ||
| lguest | ||
| lib | ||
| mach-default | ||
| mach-es7000 | ||
| mach-generic | ||
| mach-rdc321x | ||
| mach-visws | ||
| mach-voyager | ||
| math-emu | ||
| mm | ||
| oprofile | ||
| pci | ||
| power | ||
| vdso | ||
| video | ||
| xen | ||
| Kconfig | ||
| Kconfig.cpu | ||
| Kconfig.debug | ||
| Makefile | ||
| Makefile_32.cpu | ||