From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: [PATCH] VMX: Fix and improve guest state validity checks
Date: Tue, 25 May 2010 14:22:13 +0300
Message-ID: <4BFBB2E5.6070906@redhat.com>
References: <1273596761-29923-1-git-send-email-m.gamal005@gmail.com>	<4BEB9B04.4060302@redhat.com>	<AANLkTiliMemL7ccsaaSAQHtB-1dpclCnyHj6FE1qxI-S@mail.gmail.com>	<4BFB9A64.8070803@redhat.com> <AANLkTilOnavcSTHkJ4V99GQkIB0coP1dVabieHFdFVV5@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252;
	format=flowed
Content-Transfer-Encoding: QUOTED-PRINTABLE
Cc: mtosatti@redhat.com, kvm@vger.kernel.org
To: Mohammed Gamal <m.gamal005@gmail.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:63156 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S932265Ab0EYLWR (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 25 May 2010 07:22:17 -0400
In-Reply-To: <AANLkTilOnavcSTHkJ4V99GQkIB0coP1dVabieHFdFVV5@mail.gmail.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 05/25/2010 01:36 PM, Mohammed Gamal wrote:
>
>> Any reference to back this up?  I think rpl is valid regardless of
>> ss.unusable (i.e. loading selector 0003 results in an unusable segme=
nt with
>> rpl=3D3), but I don't see how dpl can be valid in an unusable segmen=
t.
>>
>>     =20
> Intel 64 and IA-32 Architectures Software Developer=92s Manual Volume
> 3B, System Programming Guide, Part 2, Chapter 22, Section 22.3.1.2:
> Checks on Guest Segment Registers.
> You'll note that DS, ES, FS, GS checks are done when the segment is
> usable. SS checks are not necessarily checked only when the segment i=
s
> usable.
>   =20

Strange, but consistent with

>   If the unusable bit is 1, the base address, the segment limit, and =
the
>   remainder of the access rights are undefined after VM entry. The on=
ly
>   exceptions are the following:
>   =97 Bits 3:0 of the base address for SS are cleared to 0.
>   =97 SS.DPL: always loaded from the SS access-rights field. This wil=
l be
>        the current privilege level (CPL) after the VM entry completes=
=2E
>   =97 SS.B: set to 1.
>   =97 The base addresses for FS and GS: always loaded. On processors
>        that support Intel 64 architecture, the values loaded for base
>        addresses for FS and GS are also manifest in the FS.base and
>        GS.base MSRs.
>   =97 The base address for LDTR on processors that support Intel 64 a=
rchi-
>        tecture: set to an undefined but canonical value.
>   =97 Bits 63:32 of the base addresses for SS, DS, and ES on processo=
rs
>        that support Intel 64 architecture: cleared to 0.

So you are right.

Seems to me we can simplify vmx_get_cpl() on this basis to look at ss.d=
pl.

--=20
error compiling committee.c: too many arguments to function