Re: [PATCH] KVM: x86 emulator: Fix segment loading in VM86

Gleb Natapov <gleb@xxxxxxxxxx> · Thu, 11 Apr 2013 15:53:26 +0300



On Thu, Apr 11, 2013 at 02:06:03PM +0200, Kevin Wolf wrote:
> This fixes a regression introduced in commit 03ebebeb1 ("KVM: x86
> emulator: Leave segment limit and attributs alone in real mode").
> 
> The mentioned commit changed the segment descriptors for both real mode
> and VM86 to only update the segment base instead of creating a
> completely new descriptor with limit 0xffff so that unreal mode keeps
> working across a segment register reload.
> 
> This leads to an invalid segment descriptor in the eyes of VMX, which
> seems to be okay for real mode because KVM will fix it up before the
> next VM entry or emulate the state, but it doesn't do this if the guest
> is in VM86, so we end up with:
> 
>   KVM: entry failed, hardware error 0x80000021
> 
> Fix this by effectively reverting commit 03ebebeb1 for VM86 and leaving
> it only in place for real mode, which is where it's really needed.
> 
> Signed-off-by: Kevin Wolf <kwolf@xxxxxxxxxx>
Applied, thanks.

> ---
>  arch/x86/kvm/emulate.c | 15 ++++++++++++---
>  1 file changed, 12 insertions(+), 3 deletions(-)
> 
> diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
> index a335cc6..069d799 100644
> --- a/arch/x86/kvm/emulate.c
> +++ b/arch/x86/kvm/emulate.c
> @@ -1578,12 +1578,21 @@ static int load_segment_descriptor(struct x86_emulate_ctxt *ctxt,
>  
>  	memset(&seg_desc, 0, sizeof seg_desc);
>  
> -	if ((seg <= VCPU_SREG_GS && ctxt->mode == X86EMUL_MODE_VM86)
> -	    || ctxt->mode == X86EMUL_MODE_REAL) {
> -		/* set real mode segment descriptor */
> +	if (ctxt->mode == X86EMUL_MODE_REAL) {
> +		/* set real mode segment descriptor (keep limit etc. for
> +		 * unreal mode) */
>  		ctxt->ops->get_segment(ctxt, &dummy, &seg_desc, NULL, seg);
>  		set_desc_base(&seg_desc, selector << 4);
>  		goto load;
> +	} else if (seg <= VCPU_SREG_GS && ctxt->mode == X86EMUL_MODE_VM86) {
> +		/* VM86 needs a clean new segment descriptor */
> +		set_desc_base(&seg_desc, selector << 4);
> +		set_desc_limit(&seg_desc, 0xffff);
> +		seg_desc.type = 3;
> +		seg_desc.p = 1;
> +		seg_desc.s = 1;
> +		seg_desc.dpl = 3;
> +		goto load;
>  	}
>  
>  	rpl = selector & 3;
> -- 
> 1.8.1.4

--
			Gleb.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html