From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marcelo Tosatti Subject: Re: [PATCH v2 4/4] KVM: x86: get CPL from SS.DPL Date: Mon, 26 May 2014 13:10:10 -0300 Message-ID: <20140526161009.GA30582@amt.cnet> References: <1400172691-27030-1-git-send-email-pbonzini@redhat.com> <1400172691-27030-5-git-send-email-pbonzini@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: linux-kernel@vger.kernel.org, jan.kiszka@siemens.com, kvm@vger.kernel.org, gleb@kernel.org, avi.kivity@gmail.com To: Paolo Bonzini Return-path: Content-Disposition: inline In-Reply-To: <1400172691-27030-5-git-send-email-pbonzini@redhat.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: kvm.vger.kernel.org On Thu, May 15, 2014 at 06:51:31PM +0200, Paolo Bonzini wrote: > CS.RPL is not equal to the CPL in the few instructions between > setting CR0.PE and reloading CS. And CS.DPL is also not equal > to the CPL for conforming code segments. > > However, SS.DPL *is* always equal to the CPL except for the weird > case of SYSRET on AMD processors, which sets SS.DPL=SS.RPL from the > value in the STAR MSR, but force CPL=3 (Intel instead forces > SS.DPL=SS.RPL=CPL=3). > > So this patch: > > - modifies SVM to update the CPL from SS.DPL rather than CS.RPL; > the above case with SYSRET is not broken further, and the way > to fix it would be to pass the CPL to userspace and back > > - modifies VMX to always return the CPL from SS.DPL (except > forcing it to 0 if we are emulating real mode via vm86 mode; > in vm86 mode all DPLs have to be 3, but real mode does allow > privileged instructions). It also removes the CPL cache, > which becomes a duplicate of the SS access rights cache. > > This fixes doing KVM_IOCTL_SET_SREGS exactly after setting > CR0.PE=1 but before CS has been reloaded. > > Signed-off-by: Paolo Bonzini Reviewed-by: Marcelo Tosatti