Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-09-28 19:03:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
fd56e1546a
linux/arch/x86/kvm
History
Paolo Bonzini fd56e1546a KVM: emulator: fix execution close to the segment limit 
Emulation of code that is 14 bytes to the segment limit or closer
(e.g. RIP = 0xFFFFFFF2 after reset) is broken because we try to read as
many as 15 bytes from the beginning of the instruction, and __linearize
fails when the passed (address, size) pair reaches out of the segment.

To fix this, let __linearize return the maximum accessible size (clamped
to 2^32-1) for usage in __do_insn_fetch_bytes, and avoid the limit check
by passing zero for the desired size.

For expand-down segments, __linearize is performing a redundant check.
(u32)(addr.ea + size - 1) <= lim can only happen if addr.ea is close
to 4GB; in this case, addr.ea + size - 1 will also fail the check against
the upper bound of the segment (which is provided by the D/B bit).
After eliminating the redundant check, it is simple to compute
the *max_size for expand-down segments too.

Now that the limit check is done in __do_insn_fetch_bytes, we want
to inject a general protection fault there if size < op_size (like
__linearize would have done), instead of just aborting.

This fixes booting Tiano Core from emulated flash with EPT disabled.

Cc: stable@vger.kernel.org
Fixes: 719d5a9b24
Reported-by: Borislav Petkov <bp@suse.de>
Tested-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-29 13:13:48 +01:00
..
cpuid.c KVM: nested VMX: disable perf cpuid reporting 2014-09-24 14:07:50 +02:00
cpuid.h KVM: x86: Warn if guest virtual address space is not 48-bits 2014-09-24 14:07:48 +02:00
emulate.c KVM: emulator: fix execution close to the segment limit 2014-10-29 13:13:48 +01:00
i8254.c KVM: x86: Improve thread safety in pit 2014-10-24 13:21:14 +02:00
i8254.h
i8259.c
irq.c KVM: nVMX: fix "acknowledge interrupt on exit" when APICv is in use 2014-08-05 15:00:24 +02:00
irq.h
Kconfig KVM: Give IRQFD its own separate enabling Kconfig option 2014-08-05 14:26:28 +02:00
kvm_cache_regs.h
lapic.c KVM: x86: make apic_accept_irq tracepoint more generic 2014-09-11 11:51:02 +02:00
lapic.h KVM: x86: Validate guest writes to MSR_IA32_APICBASE 2014-01-27 14:39:44 +01:00
Makefile kvm: Add VFIO device 2013-10-30 19:02:03 +01:00
mmu_audit.c arch/x86: replace strict_strto calls 2014-08-08 15:57:28 -07:00
mmu.c Merge branch 'for-3.18' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu 2014-10-10 07:26:02 -04:00
mmu.h KVM: mmio: cleanup kvm_set_mmio_spte_mask 2014-09-03 10:04:10 +02:00
mmutrace.h x86/kvm: Resolve shadow warnings in macro expansion 2014-07-31 16:33:29 +02:00
paging_tmpl.h KVM: x86: Wrong assertion on paging_tmpl.h 2014-10-24 13:30:37 +02:00
pmu.c KVM: x86: Clarify PMU related features bit manipulation 2014-08-20 13:01:25 +02:00
svm.c kvm: x86: don't kill guest on unknown exit reason 2014-10-24 13:21:17 +02:00
trace.h KVM: x86: make apic_accept_irq tracepoint more generic 2014-09-11 11:51:02 +02:00
tss.h
vmx.c kvm: x86: don't kill guest on unknown exit reason 2014-10-24 13:21:17 +02:00
x86.c KVM: x86: Prevent host from panicking on shared MSR writes. 2014-10-24 13:21:08 +02:00
x86.h KVM: vmx: Inject #GP on invalid PAT CR 2014-09-24 14:07:52 +02:00