From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:50354) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ui3rW-0001Bj-D8 for qemu-devel@nongnu.org; Thu, 30 May 2013 10:29:59 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Ui3rR-0004AC-8g for qemu-devel@nongnu.org; Thu, 30 May 2013 10:29:54 -0400 Message-ID: <51A7625B.60800@suse.de> Date: Thu, 30 May 2013 16:29:47 +0200 From: =?ISO-8859-1?Q?Andreas_F=E4rber?= MIME-Version: 1.0 References: <20130528141922.135a6dd0@redhat.com> In-Reply-To: <20130528141922.135a6dd0@redhat.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [PATCH] walk_pml4e(): fix abort on bad PML4E/PDPTE/PDE/PTE addresses List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Luiz Capitulino Cc: qiaonuohan@cn.fujitsu.com, qemu-devel , qemu-stable@nongnu.org Am 28.05.2013 20:19, schrieb Luiz Capitulino: > The code used to walk IA-32e page-tables, and possibly PAE page-tables, > uses the bit mask ~0xfff to get the next PML4E/PDPTE/PDE/PTE address. >=20 > However, as we use a uint64_t to store the resulting address, that mask > gets expanded to 0xfffffffffffff000 which not only ends up selecting > reserved bits but also selects the XD bit (execute-disable) which > happens to be enabled by Windows 8, causing qemu_get_ram_ptr() to abort= . >=20 > This commit fixes that problem by replacing ~0xfff by a correct mask > that only selects the address bit range (ie. bits 51:12). >=20 > Signed-off-by: Luiz Capitulino Reviewed-by: Andreas F=E4rber But please add a target-i386: prefix when queuing it. Andreas --=20 SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 N=FCrnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imend=F6rffer; HRB 16746 AG N=FCrnbe= rg