From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Cooper Subject: Re: [PATCH] VMX: values written to MSR_IA32_SYSENTER_E[IS]P should be canonical Date: Thu, 30 Oct 2014 14:46:18 +0000 Message-ID: <54524F3A.5050004@citrix.com> References: <54525C1D0200007800043911@mail.emea.novell.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2450896289874916850==" Return-path: Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Xjr05-00053S-Fv for xen-devel@lists.xenproject.org; Thu, 30 Oct 2014 14:46:57 +0000 In-Reply-To: <54525C1D0200007800043911@mail.emea.novell.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Jan Beulich , xen-devel Cc: Kevin Tian , Eddie Dong , Jun Nakajima List-Id: xen-devel@lists.xenproject.org --===============2450896289874916850== Content-Type: multipart/alternative; boundary="------------070904090602050908020802" --------------070904090602050908020802 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit On 30/10/14 14:41, Jan Beulich wrote: > A recent KVM change by Nadav Amit helped spot > that we have the same issue as they did. > > Signed-off-by: Jan Beulich > Reviewed-by: Tim Deegan Reviewed-by: Andrew Cooper > > --- a/xen/arch/x86/hvm/vmx/vmx.c > +++ b/xen/arch/x86/hvm/vmx/vmx.c > @@ -2273,9 +2273,13 @@ static int vmx_msr_write_intercept(unsig > __vmwrite(GUEST_SYSENTER_CS, msr_content); > break; > case MSR_IA32_SYSENTER_ESP: > + if ( !is_canonical_address(msr_content) ) > + goto gp_fault; > __vmwrite(GUEST_SYSENTER_ESP, msr_content); > break; > case MSR_IA32_SYSENTER_EIP: > + if ( !is_canonical_address(msr_content) ) > + goto gp_fault; > __vmwrite(GUEST_SYSENTER_EIP, msr_content); > break; > case MSR_IA32_DEBUGCTLMSR: { > > > > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > http://lists.xen.org/xen-devel --------------070904090602050908020802 Content-Type: text/html; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit
On 30/10/14 14:41, Jan Beulich wrote:
A recent KVM change by Nadav Amit <namit@cs.technion.ac.il> helped spot
that we have the same issue as they did.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Tim Deegan <tim@xen.org>

Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>


--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -2273,9 +2273,13 @@ static int vmx_msr_write_intercept(unsig
         __vmwrite(GUEST_SYSENTER_CS, msr_content);
         break;
     case MSR_IA32_SYSENTER_ESP:
+        if ( !is_canonical_address(msr_content) )
+            goto gp_fault;
         __vmwrite(GUEST_SYSENTER_ESP, msr_content);
         break;
     case MSR_IA32_SYSENTER_EIP:
+        if ( !is_canonical_address(msr_content) )
+            goto gp_fault;
         __vmwrite(GUEST_SYSENTER_EIP, msr_content);
         break;
     case MSR_IA32_DEBUGCTLMSR: {






_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

--------------070904090602050908020802-- --===============2450896289874916850== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel --===============2450896289874916850==--