From: Paolo Bonzini <pbonzini@redhat.com>
To: Nadav Amit <namit@cs.technion.ac.il>
Cc: kvm@vger.kernel.org, nadav.amit@gmail.com
Subject: Re: [PATCH 2/6] KVM: x86: Wrong error code on limit violation during emulation
Date: Mon, 27 Oct 2014 15:37:11 +0100 [thread overview]
Message-ID: <544E5897.4080507@redhat.com> (raw)
In-Reply-To: <1412099359-5316-3-git-send-email-namit@cs.technion.ac.il>
On 09/30/2014 07:49 PM, Nadav Amit wrote:
> GP and SS exceptions deliver as error-code the segment selector if the
> exception occurred when the segment is loaded. However, if the exception
> occurs during the memory access itself, due to limit violations, the error-code
> should be zero. Fix it.
>
> Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
> ---
> arch/x86/kvm/emulate.c | 20 +++++++++++---------
> 1 file changed, 11 insertions(+), 9 deletions(-)
>
> diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
> index a46207a..13a1c76 100644
> --- a/arch/x86/kvm/emulate.c
> +++ b/arch/x86/kvm/emulate.c
> @@ -621,7 +621,7 @@ static int __linearize(struct x86_emulate_ctxt *ctxt,
> bool usable;
> ulong la;
> u32 lim;
> - u16 sel;
> + u16 sel, error_code = 0;
> unsigned cpl;
>
> la = seg_base(ctxt, addr.seg) + addr.ea;
> @@ -634,14 +634,14 @@ static int __linearize(struct x86_emulate_ctxt *ctxt,
> usable = ctxt->ops->get_segment(ctxt, &sel, &desc, NULL,
> addr.seg);
> if (!usable)
> - goto bad;
> + goto bad_sel;
This can only happen because of a NULL selector, which means the error
code is zero anyway.
> /* code segment in protected mode or read-only data segment */
> if ((((ctxt->mode != X86EMUL_MODE_REAL) && (desc.type & 8))
> || !(desc.type & 2)) && write)
> - goto bad;
> + goto bad_sel;
This is not "detected while loading a segment descriptor", so the error
code should be zero.
> /* unreadable code segment */
> if (!fetch && (desc.type & 8) && !(desc.type & 2))
> - goto bad;
> + goto bad_sel;
Same here.
> lim = desc_limit_scaled(&desc);
> if ((ctxt->mode == X86EMUL_MODE_REAL) && !fetch &&
> (ctxt->d & NoBigReal)) {
> @@ -664,15 +664,15 @@ static int __linearize(struct x86_emulate_ctxt *ctxt,
> if (!(desc.type & 8)) {
> /* data segment */
> if (cpl > desc.dpl)
> - goto bad;
> + goto bad_sel;
> } else if ((desc.type & 8) && !(desc.type & 4)) {
> /* nonconforming code segment */
> if (cpl != desc.dpl)
> - goto bad;
> + goto bad_sel;
> } else if ((desc.type & 8) && (desc.type & 4)) {
> /* conforming code segment */
> if (cpl < desc.dpl)
> - goto bad;
> + goto bad_sel;
These three should be deleted, as you pointed out in patch 5.
So I've dropped this patch, and posted a simpler alternative that just
uses error code 0 in __linearize. Can you look at it?
Paolo
> }
> break;
> }
> @@ -682,11 +682,13 @@ static int __linearize(struct x86_emulate_ctxt *ctxt,
> return emulate_gp(ctxt, 0);
> *linear = la;
> return X86EMUL_CONTINUE;
> +bad_sel:
> + error_code = sel;
> bad:
> if (addr.seg == VCPU_SREG_SS)
> - return emulate_ss(ctxt, sel);
> + return emulate_ss(ctxt, error_code);
> else
> - return emulate_gp(ctxt, sel);
> + return emulate_gp(ctxt, error_code);
> }
>
> static int linearize(struct x86_emulate_ctxt *ctxt,
>
next prev parent reply other threads:[~2014-10-27 14:37 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-30 17:49 [PATCH 0/6] KVM: x86: Miscellaneous bug fixes Nadav Amit
2014-09-30 17:49 ` [PATCH 1/6] KVM: x86: DR7.GD should be cleared upon any #DB exception Nadav Amit
2014-10-01 15:24 ` Radim Krčmář
2014-10-01 18:22 ` Nadav Amit
2014-10-01 19:22 ` Radim Krčmář
2014-09-30 17:49 ` [PATCH 2/6] KVM: x86: Wrong error code on limit violation during emulation Nadav Amit
2014-10-01 15:44 ` Radim Krčmář
2014-10-27 14:37 ` Paolo Bonzini [this message]
2014-10-27 14:46 ` Nadav Amit
2014-10-27 14:48 ` Paolo Bonzini
2014-09-30 17:49 ` [PATCH 3/6] KVM: x86: NoBigReal was mistakenly considering la instead of ea Nadav Amit
2014-10-01 15:58 ` Radim Krčmář
2014-10-02 14:52 ` Nadav Amit
2014-10-03 12:50 ` Radim Krčmář
2014-10-06 15:19 ` Nadav Amit
2014-09-30 17:49 ` [PATCH 4/6] KVM: x86: Fix determining flat mode in recalculate_apic_map Nadav Amit
2014-10-01 16:04 ` Radim Krčmář
2014-10-01 17:30 ` Nadav Amit
2014-10-01 18:27 ` Radim Krčmář
2014-10-01 19:16 ` Nadav Amit
2014-10-01 20:58 ` Radim Krčmář
2014-10-04 6:50 ` Gleb Natapov
2014-09-30 17:49 ` [PATCH 5/6] KVM: x86: Wrong assertion on paging_tmpl.h Nadav Amit
2014-10-01 16:26 ` Radim Krčmář
2014-10-01 17:14 ` Nadav Amit
2014-10-01 17:54 ` Radim Krčmář
2014-10-08 9:17 ` Paolo Bonzini
2014-09-30 17:49 ` [PATCH 6/6] KVM: x86: Emulator does not calculate address correctly Nadav Amit
2014-10-01 17:21 ` Radim Krčmář
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=544E5897.4080507@redhat.com \
--to=pbonzini@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=nadav.amit@gmail.com \
--cc=namit@cs.technion.ac.il \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.