From: Marcelo Tosatti <mtosatti@redhat.com>
To: Nadav Amit <namit@cs.technion.ac.il>
Cc: gleb@kernel.org, pbonzini@redhat.com, tglx@linutronix.de,
mingo@redhat.com, hpa@zytor.com, x86@kernel.org,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] KVM: x86: Fix CR3 and LDT sel should not be saved in TSS
Date: Wed, 16 Apr 2014 16:20:41 -0300 [thread overview]
Message-ID: <20140416192041.GC8773@amt.cnet> (raw)
In-Reply-To: <1396885067-6491-1-git-send-email-namit@cs.technion.ac.il>
On Mon, Apr 07, 2014 at 06:37:47PM +0300, Nadav Amit wrote:
> According to Intel specifications, only general purpose registers and segment
> selectors should are saved in the old TSS during 32-bit task-switch.
should be
> Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
> ---
> arch/x86/kvm/emulate.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
> index 205b17e..0dec502 100644
> --- a/arch/x86/kvm/emulate.c
> +++ b/arch/x86/kvm/emulate.c
> @@ -2496,7 +2496,7 @@ static int task_switch_16(struct x86_emulate_ctxt *ctxt,
> static void save_state_to_tss32(struct x86_emulate_ctxt *ctxt,
> struct tss_segment_32 *tss)
> {
> - tss->cr3 = ctxt->ops->get_cr(ctxt, 3);
> + /* CR3 and ldt selector are not saved intentionally */
> tss->eip = ctxt->_eip;
> tss->eflags = ctxt->eflags;
> tss->eax = reg_read(ctxt, VCPU_REGS_RAX);
> @@ -2514,7 +2514,6 @@ static void save_state_to_tss32(struct x86_emulate_ctxt *ctxt,
> tss->ds = get_segment_selector(ctxt, VCPU_SREG_DS);
> tss->fs = get_segment_selector(ctxt, VCPU_SREG_FS);
> tss->gs = get_segment_selector(ctxt, VCPU_SREG_GS);
> - tss->ldt_selector = get_segment_selector(ctxt, VCPU_SREG_LDTR);
> }
>
> static int load_state_from_tss32(struct x86_emulate_ctxt *ctxt,
Only this hunk is enough ?
> @@ -2604,6 +2603,8 @@ static int task_switch_32(struct x86_emulate_ctxt *ctxt,
> struct tss_segment_32 tss_seg;
> int ret;
> u32 new_tss_base = get_desc_base(new_desc);
> + u32 eip_offset = offsetof(struct tss_segment_32, eip);
> + u32 ldt_sel_offset = offsetof(struct tss_segment_32, ldt_selector);
>
> ret = ops->read_std(ctxt, old_tss_base, &tss_seg, sizeof tss_seg,
> &ctxt->exception);
> @@ -2613,8 +2614,9 @@ static int task_switch_32(struct x86_emulate_ctxt *ctxt,
>
> save_state_to_tss32(ctxt, &tss_seg);
>
> - ret = ops->write_std(ctxt, old_tss_base, &tss_seg, sizeof tss_seg,
> - &ctxt->exception);
> + /* Only GP registers and segment selectors are saved */
> + ret = ops->write_std(ctxt, old_tss_base + eip_offset, &tss_seg.eip,
> + ldt_sel_offset - eip_offset, &ctxt->exception);
> if (ret != X86EMUL_CONTINUE)
> /* FIXME: need to provide precise fault address */
> return ret;
> --
> 1.7.10.4
>
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2014-04-16 19:20 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-07 15:37 [PATCH] KVM: x86: Fix CR3 and LDT sel should not be saved in TSS Nadav Amit
2014-04-16 19:20 ` Marcelo Tosatti [this message]
2014-04-28 10:49 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140416192041.GC8773@amt.cnet \
--to=mtosatti@redhat.com \
--cc=gleb@kernel.org \
--cc=hpa@zytor.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=namit@cs.technion.ac.il \
--cc=pbonzini@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.