From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Laszlo Ersek <lersek@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: [PATCH 4.14 63/74] kvm: x86: fix RSM when PCID is non-zero
Date: Wed, 27 Dec 2017 17:46:36 +0100 [thread overview]
Message-ID: <20171227164616.680500897@linuxfoundation.org> (raw)
In-Reply-To: <20171227164614.109898944@linuxfoundation.org>
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Paolo Bonzini <pbonzini@redhat.com>
commit fae1a3e775cca8c3a9e0eb34443b310871a15a92 upstream.
rsm_load_state_64() and rsm_enter_protected_mode() load CR3, then
CR4 & ~PCIDE, then CR0, then CR4.
However, setting CR4.PCIDE fails if CR3[11:0] != 0. It's probably easier
in the long run to replace rsm_enter_protected_mode() with an emulator
callback that sets all the special registers (like KVM_SET_SREGS would
do). For now, set the PCID field of CR3 only after CR4.PCIDE is 1.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Fixes: 660a5d517aaab9187f93854425c4c63f4a09195c
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/x86/kvm/emulate.c | 32 +++++++++++++++++++++++++-------
1 file changed, 25 insertions(+), 7 deletions(-)
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -2404,9 +2404,21 @@ static int rsm_load_seg_64(struct x86_em
}
static int rsm_enter_protected_mode(struct x86_emulate_ctxt *ctxt,
- u64 cr0, u64 cr4)
+ u64 cr0, u64 cr3, u64 cr4)
{
int bad;
+ u64 pcid;
+
+ /* In order to later set CR4.PCIDE, CR3[11:0] must be zero. */
+ pcid = 0;
+ if (cr4 & X86_CR4_PCIDE) {
+ pcid = cr3 & 0xfff;
+ cr3 &= ~0xfff;
+ }
+
+ bad = ctxt->ops->set_cr(ctxt, 3, cr3);
+ if (bad)
+ return X86EMUL_UNHANDLEABLE;
/*
* First enable PAE, long mode needs it before CR0.PG = 1 is set.
@@ -2425,6 +2437,12 @@ static int rsm_enter_protected_mode(stru
bad = ctxt->ops->set_cr(ctxt, 4, cr4);
if (bad)
return X86EMUL_UNHANDLEABLE;
+ if (pcid) {
+ bad = ctxt->ops->set_cr(ctxt, 3, cr3 | pcid);
+ if (bad)
+ return X86EMUL_UNHANDLEABLE;
+ }
+
}
return X86EMUL_CONTINUE;
@@ -2435,11 +2453,11 @@ static int rsm_load_state_32(struct x86_
struct desc_struct desc;
struct desc_ptr dt;
u16 selector;
- u32 val, cr0, cr4;
+ u32 val, cr0, cr3, cr4;
int i;
cr0 = GET_SMSTATE(u32, smbase, 0x7ffc);
- ctxt->ops->set_cr(ctxt, 3, GET_SMSTATE(u32, smbase, 0x7ff8));
+ cr3 = GET_SMSTATE(u32, smbase, 0x7ff8);
ctxt->eflags = GET_SMSTATE(u32, smbase, 0x7ff4) | X86_EFLAGS_FIXED;
ctxt->_eip = GET_SMSTATE(u32, smbase, 0x7ff0);
@@ -2481,14 +2499,14 @@ static int rsm_load_state_32(struct x86_
ctxt->ops->set_smbase(ctxt, GET_SMSTATE(u32, smbase, 0x7ef8));
- return rsm_enter_protected_mode(ctxt, cr0, cr4);
+ return rsm_enter_protected_mode(ctxt, cr0, cr3, cr4);
}
static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt, u64 smbase)
{
struct desc_struct desc;
struct desc_ptr dt;
- u64 val, cr0, cr4;
+ u64 val, cr0, cr3, cr4;
u32 base3;
u16 selector;
int i, r;
@@ -2505,7 +2523,7 @@ static int rsm_load_state_64(struct x86_
ctxt->ops->set_dr(ctxt, 7, (val & DR7_VOLATILE) | DR7_FIXED_1);
cr0 = GET_SMSTATE(u64, smbase, 0x7f58);
- ctxt->ops->set_cr(ctxt, 3, GET_SMSTATE(u64, smbase, 0x7f50));
+ cr3 = GET_SMSTATE(u64, smbase, 0x7f50);
cr4 = GET_SMSTATE(u64, smbase, 0x7f48);
ctxt->ops->set_smbase(ctxt, GET_SMSTATE(u32, smbase, 0x7f00));
val = GET_SMSTATE(u64, smbase, 0x7ed0);
@@ -2533,7 +2551,7 @@ static int rsm_load_state_64(struct x86_
dt.address = GET_SMSTATE(u64, smbase, 0x7e68);
ctxt->ops->set_gdt(ctxt, &dt);
- r = rsm_enter_protected_mode(ctxt, cr0, cr4);
+ r = rsm_enter_protected_mode(ctxt, cr0, cr3, cr4);
if (r != X86EMUL_CONTINUE)
return r;
next prev parent reply other threads:[~2017-12-27 16:50 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-27 16:45 [PATCH 4.14 00/74] 4.14.10-stable review Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 02/74] objtool: Move synced files to their original relative locations Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 03/74] objtool: Move kernel headers/code sync check to a script Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 04/74] objtool: Fix cross-build Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 05/74] tools/headers: Sync objtool UAPI header Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 06/74] objtool: Fix 64-bit build on 32-bit host Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 07/74] x86/decoder: Fix and update the opcodes map Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 08/74] x86/insn-eval: Add utility functions to get segment selector Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 09/74] x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 10/74] x86/mm/dump_pagetables: Check PAGE_PRESENT for real Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 11/74] x86/mm/dump_pagetables: Make the address hints correct and readable Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 12/74] x86/vsyscall/64: Explicitly set _PAGE_USER in the pagetable hierarchy Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 13/74] x86/vsyscall/64: Warn and fail vsyscall emulation in NATIVE mode Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 14/74] arch, mm: Allow arch_dup_mmap() to fail Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 15/74] x86/ldt: Rework locking Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 16/74] x86/ldt: Prevent LDT inheritance on exec Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 17/74] x86/mm/64: Improve the memory map documentation Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 18/74] x86/doc: Remove obvious weirdnesses from the x86 MM layout documentation Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 19/74] x86/entry: Rename SYSENTER_stack to CPU_ENTRY_AREA_entry_stack Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 20/74] x86/uv: Use the right TLB-flush API Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 21/74] x86/microcode: Dont abuse the TLB-flush interface Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 22/74] x86/mm: Use __flush_tlb_one() for kernel memory Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 23/74] x86/mm: Remove superfluous barriers Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 24/74] x86/mm: Add comments to clarify which TLB-flush functions are supposed to flush what Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 25/74] x86/mm: Move the CR3 construction functions to tlbflush.h Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:45 ` [PATCH 4.14 26/74] x86/mm: Remove hard-coded ASID limit checks Greg Kroah-Hartman
2017-12-27 16:45 ` Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 27/74] x86/mm: Put MMU to hardware ASID translation in one place Greg Kroah-Hartman
2017-12-27 16:46 ` Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 28/74] x86/mm: Create asm/invpcid.h Greg Kroah-Hartman
2017-12-27 16:46 ` Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 29/74] x86/cpu_entry_area: Move it to a separate unit Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 30/74] x86/cpu_entry_area: Move it out of the fixmap Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 31/74] init: Invoke init_espfix_bsp() from mm_init() Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 32/74] x86/cpu_entry_area: Prevent wraparound in setup_cpu_entry_area_ptes() on 32bit Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 33/74] ACPI: APEI / ERST: Fix missing error handling in erst_reader() Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 34/74] acpi, nfit: fix health event notification Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 35/74] crypto: skcipher - set walk.iv for zero-length inputs Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 36/74] crypto: mcryptd - protect the per-CPU queue with a lock Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 37/74] crypto: af_alg - wait for data at beginning of recvmsg Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 38/74] crypto: af_alg - fix race accessing cipher request Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 39/74] mfd: cros ec: spi: Dont send first message too soon Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 40/74] mfd: twl4030-audio: Fix sibling-node lookup Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 41/74] mfd: twl6040: Fix child-node lookup Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 42/74] ALSA: rawmidi: Avoid racy info ioctl via ctl device Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 43/74] ALSA: hda/realtek - Fix Dell AIO LineOut issue Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 44/74] ALSA: hda - Add vendor id for Cannonlake HDMI codec Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 45/74] ALSA: usb-audio: Add native DSD support for Esoteric D-05X Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 46/74] ALSA: usb-audio: Fix the missing ctl name suffix at parsing SU Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 47/74] PCI / PM: Force devices to D0 in pci_pm_thaw_noirq() Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 48/74] block: unalign call_single_data in struct request Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 49/74] block-throttle: avoid double charge Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 50/74] parisc: Align os_hpmc_size on word boundary Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 51/74] parisc: Fix indenting in puts() Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 52/74] parisc: Hide Diva-built-in serial aux and graphics card Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 53/74] Revert "parisc: Re-enable interrupts early" Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 54/74] spi: xilinx: Detect stall with Unknown commands Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 55/74] spi: a3700: Fix clk prescaling for coefficient over 15 Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 56/74] pinctrl: cherryview: Mask all interrupts on Intel_Strago based systems Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 57/74] arm64: kvm: Prevent restoring stale PMSCR_EL1 for vcpu Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 58/74] KVM: arm/arm64: Fix HYP unmapping going off limits Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 60/74] KVM: PPC: Book3S HV: Fix pending_pri value in kvmppc_xive_get_icp() Greg Kroah-Hartman
2017-12-27 16:46 ` Greg Kroah-Hartman [this message]
2017-12-27 16:46 ` [PATCH 4.14 64/74] clk: sunxi: sun9i-mmc: Implement reset callback for reset controls Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 65/74] powerpc/perf: Dereference BHRB entries safely Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 66/74] drm/i915: Flush pending GTT writes before unbinding Greg Kroah-Hartman
2017-12-27 16:46 ` Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 67/74] drm/sun4i: Fix error path handling Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 68/74] libnvdimm, dax: fix 1GB-aligned namespaces vs physical misalignment Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 69/74] libnvdimm, btt: Fix an incompatibility in the log layout Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 70/74] libnvdimm, pfn: fix start_pad handling for aligned namespaces Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 71/74] net: mvneta: clear interface link status on port disable Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 72/74] net: mvneta: use proper rxq_number in loop on rx queues Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 73/74] net: mvneta: eliminate wrong call to handle rx descriptor error Greg Kroah-Hartman
2017-12-27 16:46 ` [PATCH 4.14 74/74] Revert "ipmi_si: fix memory leak on new_smi" Greg Kroah-Hartman
2017-12-28 5:59 ` [PATCH 4.14 00/74] 4.14.10-stable review Naresh Kamboju
2017-12-29 9:18 ` Greg Kroah-Hartman
2017-12-29 10:35 ` Milosz Wasilewski
2017-12-30 16:53 ` Milosz Wasilewski
2017-12-31 10:15 ` Greg Kroah-Hartman
2018-01-02 10:17 ` Milosz Wasilewski
2017-12-28 15:42 ` Guenter Roeck
2017-12-29 9:18 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171227164616.680500897@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=lersek@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.