Re: [PATCH 1/2][KVM nVMX]: Add a vmentry check for HOST_SYSENTER_ESP and HOST_SYSENTER_EIP fields

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 02/04/2019 10:22 AM, Jim Mattson wrote:

On Mon, Feb 4, 2019 at 9:41 AM Krish Sadhukhan
<krish.sadhukhan@xxxxxxxxxx> wrote:

According to section "Checks on VMX Controls" in Intel SDM vol 3C, the
following check is performed on vmentry of L2 guests:

     On processors that support Intel 64 architecture, the IA32_SYSENTER_ESP
     field and the IA32_SYSENTER_EIP field must each contain a canonical
     address.

Signed-off-by: Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx>
Reviewed-by: Mihai Carabas <mihai.carabas@xxxxxxxxxx>
---
  arch/x86/kvm/vmx/nested.c | 9 +++++++++
  1 file changed, 9 insertions(+)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 7bb5e565f3fa..65b29726ad7a 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -2595,6 +2595,15 @@ static int nested_check_host_control_regs(struct kvm_vcpu *vcpu,
             !nested_host_cr4_valid(vcpu, vmcs12->host_cr4) ||
             !nested_cr3_valid(vcpu, vmcs12->host_cr3))
                 return -EINVAL;
+
+#ifdef CONFIG_X86_64
+       if (is_noncanonical_address(vmcs_readl(HOST_IA32_SYSENTER_ESP),
+                                               vcpu) ||
+           is_noncanonical_address(vmcs_readl(HOST_IA32_SYSENTER_EIP),
+                                               vcpu))
+               return -EINVAL;
+#endif
+

Shouldn't these checks be against the relevant VMCS12 fields?


Yes, you are right. Will send a revised one.
[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux