According to section "Canonicalization and Consistency Checks" in APM vol 2, the following guest state is illegal: "The MSR or IOIO intercept tables extend to a physical address that is greater than or equal to the maximum supported physical address." Signed-off-by: Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx> --- x86/svm_tests.c | 42 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 41 insertions(+), 1 deletion(-) diff --git a/x86/svm_tests.c b/x86/svm_tests.c index 29a0b59..7014c40 100644 --- a/x86/svm_tests.c +++ b/x86/svm_tests.c @@ -2304,15 +2304,55 @@ static void test_dr(void) vmcb->save.dr7 = dr_saved; } +/* + * If the MSR or IOIO intercept table extends to a physical address that + * is greater than or equal to the maximum supported physical address, the + * guest state is illegal. + * + * [APM vol 2] + */ +static void test_msrpm_iopm_bitmap_addrs(void) +{ + u64 saved_intercepts = vmcb->control.intercept; + u64 bitmap_addr_1 = + (u64)(((u64)1 << cpuid_maxphyaddr()) - PAGE_SIZE); + u64 bitmap_addr_2 = + (u64)(((u64)1 << cpuid_maxphyaddr()) - PAGE_SIZE * 2); + + /* + * MSR bitmap address + */ + vmcb->control.intercept = saved_intercepts | 1ULL << INTERCEPT_MSR_PROT; + vmcb->control.msrpm_base_pa = bitmap_addr_1; + report(svm_vmrun() == SVM_EXIT_ERR, "Test MSRPM address: %lx", + bitmap_addr_1); + vmcb->control.msrpm_base_pa = bitmap_addr_2; + report(svm_vmrun() == SVM_EXIT_ERR, "Test MSRPM address: %lx", + bitmap_addr_2); + + /* + * IOIO bitmap address + */ + vmcb->control.intercept = saved_intercepts | 1ULL << INTERCEPT_IOIO_PROT; + vmcb->control.iopm_base_pa = bitmap_addr_1; + report(svm_vmrun() == SVM_EXIT_ERR, "Test IOPM address: %lx", + bitmap_addr_1); + vmcb->control.iopm_base_pa = bitmap_addr_2 += 1; + report(svm_vmrun() == SVM_EXIT_ERR, "Test IOPM address: %lx", + bitmap_addr_2); + + vmcb->control.intercept = saved_intercepts; +} + static void svm_guest_state_test(void) { test_set_guest(basic_guest_main); - test_efer(); test_cr0(); test_cr3(); test_cr4(); test_dr(); + test_msrpm_iopm_bitmap_addrs(); } -- 2.27.0