From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jan Kiszka <jan.kiszka@web.de>
Subject: Re: kvm ptrace 32bit DoS bug - bisected
Date: Tue, 08 Sep 2009 18:53:51 +0200
Message-ID: <4AA68C1F.1010704@web.de>
References: <4AA26A86.8060908@nagafix.co.uk> <20090905204336.GA6991@amt.cnet> <4AA366AA.7010806@nagafix.co.uk> <4AA369A8.3040008@nagafix.co.uk> <20090908163312.GA18155@amt.cnet>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enig7EA64E22FA7953FB6087E79B"
Cc: Antoine Martin <antoine@nagafix.co.uk>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	Roland McGrath <roland@redhat.com>
To: Marcelo Tosatti <mtosatti@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from fmmailgate03.web.de ([217.72.192.234]:43408 "EHLO
	fmmailgate03.web.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751195AbZIHQxv (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 8 Sep 2009 12:53:51 -0400
In-Reply-To: <20090908163312.GA18155@amt.cnet>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig7EA64E22FA7953FB6087E79B
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Marcelo Tosatti wrote:
> On Sun, Sep 06, 2009 at 02:50:00PM +0700, Antoine Martin wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA512
>>
>> [snip]
>>>> Is this an AMD host?=20
>>> Nope, Intel Core2, more host info :
>> I have put all the relevant binaries and their config files here:
>> http://uml.devloop.org.uk/kvmbug/
>> Host kernel, qemu binary, kvm guest kernel and the UML binary I have
>> used for bisecting.
>=20
> Antoine,
>=20
> Works for me with master branch. Its likely this commit fixed it:
>=20
> commit 76d4622776d007de3f90f311591babc5f6ba6f39
> Author: Avi Kivity <avi@redhat.com>
> Date:   Tue Sep 1 12:03:25 2009 +0300
>=20
>     KVM: VMX: Check cpl before emulating debug register access
>    =20
>     Debug registers may only be accessed from cpl 0.  Unfortunately, vm=
x will
>     code to emulate the instruction even though it was issued from gues=
t
>     userspace, possibly leading to an unexpected trap later.
>=20
> It will be included in 2.6.30 / 2.6.27 stable (.29 is not maintained
> anymore).

Easy to check: Does the UML image still contain mov-to-db instructions?
If not, this commit cannot make the difference.

Jan


--------------enig7EA64E22FA7953FB6087E79B
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iEYEARECAAYFAkqmjB8ACgkQniDOoMHTA+kdGQCfbhwnM+alzbEFuKqsalNMjbGj
Yl0An1pxOhH5VQocen56RfyrSJfDt1RM
=bMt+
-----END PGP SIGNATURE-----

--------------enig7EA64E22FA7953FB6087E79B--