Re: [kvm-unit-tests PATCH v3 1/3] x86/emulator: Add some tests for far ret instruction emulation

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sean Christopherson <seanjc@google.com>
To: Hou Wenlong <houwenlong.hwl@antgroup.com>
Cc: kvm@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [kvm-unit-tests PATCH v3 1/3] x86/emulator: Add some tests for far ret instruction emulation
Date: Thu, 10 Feb 2022 16:39:02 +0000	[thread overview]
Message-ID: <YgU/pjL8hW628hTV@google.com> (raw)
In-Reply-To: <5e4eab590cb46108d2b007a117edf1b9f566446d.1644481282.git.houwenlong.hwl@antgroup.com>

On Thu, Feb 10, 2022, Hou Wenlong wrote:
> Per Intel's SDM on the "Instruction Set Reference", when
> loading segment descriptor for far return, not-present segment
> check should be after all type and privilege checks. However,
> __load_segment_descriptor() in x86's emulator does not-present
> segment check first, so it would trigger #NP instead of #GP
> if type or privilege checks fail and the segment is not present.
> 
> And if RPL < CPL, it should trigger #GP, but the check is missing
> in emulator.
> 
> So add some tests for far ret instruction, and it will test
> those tests on hardware and emulator. Enable
> kvm.force_emulation_prefix when try to test them on emulator.
> 
> Signed-off-by: Hou Wenlong <houwenlong.hwl@antgroup.com>
> ---

With fixup for the -fPIC issue...

Reviewed-and-tested-by: Sean Christopherson <seanjc@google.com>

> +#define TEST_FAR_RET_ASM(seg, prefix)		\
> +({						\
> +	asm volatile("lea 1f(%%rip), %%rax\n\t" \
> +		     "pushq %[asm_seg]\n\t"	\
> +		     "pushq $2f\n\t"		\
> +		      prefix "lretq\n\t"	\
> +		     "1: addq $16, %%rsp\n\t"	\
> +		     "2:"			\
> +		     : : [asm_seg]"r"((u64)seg)	\
> +		     : "eax", "memory");	\
> +})


The "push $2f" generates an absolute address and fails to build with --target-efi,
which requires -fPIC.  The easiest thing that comes to mind is to load the address
into RAX and then push RAX.  The lea to get the exception IRET target into RAX needs
to be moved down, but that's ok.

---
 x86/emulator.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/x86/emulator.c b/x86/emulator.c
index c56b32b..c62dced 100644
--- a/x86/emulator.c
+++ b/x86/emulator.c
@@ -66,9 +66,10 @@ static struct far_xfer_test far_ret_test = {

 #define TEST_FAR_RET_ASM(seg, prefix)		\
 ({						\
-	asm volatile("lea 1f(%%rip), %%rax\n\t" \
-		     "pushq %[asm_seg]\n\t"	\
-		     "pushq $2f\n\t"		\
+	asm volatile("pushq %[asm_seg]\n\t"	\
+		     "lea 2f(%%rip), %%rax\n\t" \
+		     "pushq %%rax\n\t"		\
+		     "lea 1f(%%rip), %%rax\n\t" \
 		      prefix "lretq\n\t"	\
 		     "1: addq $16, %%rsp\n\t"	\
 		     "2:"			\

base-commit: 41d3306e19784478679910ee0afa55de05279b42
--

next prev parent reply	other threads:[~2022-02-10 16:39 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-02-10  8:46 [kvm-unit-tests PATCH v3 0/2] x86/emulator: Add some tests for loading segment descriptor in emulator Hou Wenlong
2022-02-10  8:46 ` [kvm-unit-tests PATCH v3 1/3] x86/emulator: Add some tests for far ret instruction emulation Hou Wenlong
2022-02-10 16:39   ` Sean Christopherson [this message]
2022-02-10  8:46 ` [kvm-unit-tests PATCH v3 2/3] x86/emulator: Rename test_ljmp() as test_far_jmp() Hou Wenlong
2022-02-10 16:39   ` Sean Christopherson
2022-02-10  8:46 ` [kvm-unit-tests PATCH v3 3/3] x86/emulator: Add some tests for far jmp instruction emulation Hou Wenlong
2022-02-10 16:41   ` Sean Christopherson

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:c56b32b dfblob:c62dced )
 OR (
bs:"Re: [kvm-unit-tests PATCH v3 1/3] x86/emulator: Add some tests for far ret instruction emulation" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YgU/pjL8hW628hTV@google.com \
    --to=seanjc@google.com \
    --cc=houwenlong.hwl@antgroup.com \
    --cc=kvm@vger.kernel.org \
    --cc=pbonzini@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.