* [PATCH 3/5] KVM: nVMX: add limit check for expand-down segments
@ 2015-08-20 19:37 Eugene Korenevsky
2015-09-07 11:39 ` Paolo Bonzini
0 siblings, 1 reply; 2+ messages in thread
From: Eugene Korenevsky @ 2015-08-20 19:37 UTC (permalink / raw)
To: kvm; +Cc: Paolo Bonzini
Add limit checking for expand-down data segments. For such segments, the
effective limit specifies the last address that is not allowed to be accessed
within the segment. I.e. offset <= limit means means limit exceeding.
Signed-off-by: Eugene Korenevsky <ekorenevsky@gmail.com>
---
arch/x86/kvm/vmx.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index faa05a4..4a4d677 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -6377,7 +6377,10 @@ static int vmx_protmode_seg_check(struct kvm_vcpu *vcpu,
/* #GP(0)/#SS(0) if the segment is unusable. */
exn = (s->unusable != 0);
/* #GP(0)/#SS(0) if the memory operand is outside the segment limit. */
- exn = exn || (off + mem_op_size - 1 > s->limit);
+ if (!(s->type & 8) && (s->type & 4)) /* expand-down segment? */
+ exn = exn || (off <= s->limit);
+ else
+ exn = exn || (off + mem_op_size - 1 > s->limit);
if (exn) {
kvm_queue_exception_e(vcpu,
seg == VCPU_SREG_SS ?
--
2.1.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH 3/5] KVM: nVMX: add limit check for expand-down segments
2015-08-20 19:37 [PATCH 3/5] KVM: nVMX: add limit check for expand-down segments Eugene Korenevsky
@ 2015-09-07 11:39 ` Paolo Bonzini
0 siblings, 0 replies; 2+ messages in thread
From: Paolo Bonzini @ 2015-09-07 11:39 UTC (permalink / raw)
To: Eugene Korenevsky, kvm
On 20/08/2015 21:37, Eugene Korenevsky wrote:
> Add limit checking for expand-down data segments. For such segments, the
> effective limit specifies the last address that is not allowed to be accessed
> within the segment. I.e. offset <= limit means means limit exceeding.
>
> Signed-off-by: Eugene Korenevsky <ekorenevsky@gmail.com>
> ---
> arch/x86/kvm/vmx.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index faa05a4..4a4d677 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -6377,7 +6377,10 @@ static int vmx_protmode_seg_check(struct kvm_vcpu *vcpu,
> /* #GP(0)/#SS(0) if the segment is unusable. */
> exn = (s->unusable != 0);
> /* #GP(0)/#SS(0) if the memory operand is outside the segment limit. */
> - exn = exn || (off + mem_op_size - 1 > s->limit);
> + if (!(s->type & 8) && (s->type & 4)) /* expand-down segment? */
> + exn = exn || (off <= s->limit);
> + else
> + exn = exn || (off + mem_op_size - 1 > s->limit);
For expand-down segments you also have to check against the size of the
segment (48 bits for 64-bit segments and positive addresses, 32 bits for
32-bit segments, 16 bits for 16-bit segments; see __linearize in emulate.c).
Paolo
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-09-07 11:39 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-08-20 19:37 [PATCH 3/5] KVM: nVMX: add limit check for expand-down segments Eugene Korenevsky
2015-09-07 11:39 ` Paolo Bonzini
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).