On Tue, Mar 10, 2020 at 04:51:40PM -0700, Jim Mattson wrote:
> On Tue, Mar 10, 2020 at 4:29 PM Krish Sadhukhan
> <krish.sadhukhan@xxxxxxxxxx> wrote:
> >
> > Even thought today's x86 hardware uses paging and not segmentation for memory
> > management, it is still good to have some tests that can verify the sanity of
> > the segment register fields on vmentry of nested guests.
> >
> > The test on SS Selector field is failing because the hardware (I am using
> > Intel Xeon Platinum 8167M 2.00GHz) doesn't raise any error even if the
> > prescribed bit pattern is not set and as a result vmentry succeeds.
>
> Are you sure this isn't just an L0 bug? For instance, does your L0 set
> "unrestricted guest" in vmcs02, even when L1 doesn't set it in vmcs12?
I assume this is the check being discussed? The code is flawed, if CS=3
and SS=3, "sel = sel_saved | (~cs_rpl_bits & 0x3)" will yield SS=3 and pass.
I think you wanted something like:
sel = (sel_saved & ~0x3) | (~cs_rpl_bits & 0x3);
> + if (!(vmcs_read(GUEST_RFLAGS) & X86_EFLAGS_VM) &&
> + !(vmcs_read(CPU_SECONDARY) & CPU_URG)) {
> + u16 cs_rpl_bits = vmcs_read(GUEST_SEL_CS) & 0x3;
> + sel_saved = vmcs_read(GUEST_SEL_SS);
> + sel = sel_saved | (~cs_rpl_bits & 0x3);
> + TEST_SEGMENT_SEL(GUEST_SEL_SS, "GUEST_SEL_SS", sel, sel_saved);
> + }
> +}
