From mboxrd@z Thu Jan  1 00:00:00 1970
From: Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH] kvm: x86: vmx: add checks on guest RIP
Date: Thu, 04 Dec 2014 08:41:24 +0100
Message-ID: <54801024.2050504@redhat.com>
References: <20141129152726.GA25370@gnote> <547C9700.6020407@redhat.com> <547F9513.3090600@amacapital.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
To: Andy Lutomirski <luto@amacapital.net>,
	Eugene Korenevsky <ekorenevsky@gmail.com>, kvm@vger.kernel.org
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:59345 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751110AbaLDHlc (ORCPT <rfc822;kvm@vger.kernel.org>);
	Thu, 4 Dec 2014 02:41:32 -0500
In-Reply-To: <547F9513.3090600@amacapital.net>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>



On 03/12/2014 23:56, Andy Lutomirski wrote:
> > This check is off by one.  It is checking bits 63:47 instead of bits
> > 63:48 (this quirk is intentionally part of the specification, so that
> > you can reenter a guest at 0x800000000000 after e.g. a VMCALL vmexit and
> > cause a general protection fault).
> 
> Seriously?  Intel did that for vmcall but not sysret?

Yes, it is even tested by kvm-unit-tests. :)

Paolo