From mboxrd@z Thu Jan  1 00:00:00 1970
From: Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH v2 2/5] KVM: x86: Emulator performs code segment checks
 on read access
Date: Mon, 13 Oct 2014 06:29:16 +0200
Message-ID: <543B551C.2050306@redhat.com>
References: <20141006203238.GA4989@potion.brq.redhat.com> <1412906870-4322-1-git-send-email-namit@cs.technion.ac.il> <20141010155455.GA17902@potion.brq.redhat.com> <5438FAD6.3010805@redhat.com> <D83A4CBD-59F9-4277-BB62-6AEDDEEE3BC8@gmail.com> <543A7042.2050507@redhat.com> <543B0B9F.9060708@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Cc: =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
	Nadav Amit <namit@cs.technion.ac.il>, kvm@vger.kernel.org
To: Nadav Amit <nadav.amit@gmail.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mail-wg0-f47.google.com ([74.125.82.47]:60559 "EHLO
	mail-wg0-f47.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750771AbaJME3a (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 13 Oct 2014 00:29:30 -0400
Received: by mail-wg0-f47.google.com with SMTP id x13so7652432wgg.6
        for <kvm@vger.kernel.org>; Sun, 12 Oct 2014 21:29:29 -0700 (PDT)
In-Reply-To: <543B0B9F.9060708@gmail.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Il 13/10/2014 01:15, Nadav Amit ha scritto:
> I think the problem might be even more fundamental. According to the
> SDM, the privilege level checks (CPL/DPL/RPL) are only performed when
> the segment is loaded; I see no reference to privilege checks when
> data is accessed. You should be able to load a segment with DPL=0
> while you are in CPL=0, then change CPL to 3 and still access the
> segment (obviously, it is not the best practice).

This can be tested without invoking the emulator...

Paolo