From patchwork Fri Jun 22 23:35:22 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Liran Alon <liran.alon@oracle.com>
X-Patchwork-Id: 10483321
Return-Path: <kvm-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	141C960388 for <patchwork-kvm@patchwork.kernel.org>;
	Fri, 22 Jun 2018 23:36:42 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 047AE28FAF
	for <patchwork-kvm@patchwork.kernel.org>;
	Fri, 22 Jun 2018 23:36:42 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id EC37C29065; Fri, 22 Jun 2018 23:36:41 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9EFD628FAF
	for <patchwork-kvm@patchwork.kernel.org>;
	Fri, 22 Jun 2018 23:36:41 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S934344AbeFVXgj (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Fri, 22 Jun 2018 19:36:39 -0400
Received: from userp2120.oracle.com ([156.151.31.85]:34644 "EHLO
	userp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S934331AbeFVXgc (ORCPT <rfc822;kvm@vger.kernel.org>);
	Fri, 22 Jun 2018 19:36:32 -0400
Received: from pps.filterd (userp2120.oracle.com [127.0.0.1])
	by userp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id
	w5MNYjNb117902; Fri, 22 Jun 2018 23:36:17 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com;
	h=from : to : cc :
	subject : date : message-id : in-reply-to : references;
	s=corp-2017-10-26;
	bh=noaXJ4hM7dOnuXWelcWokjd49n1RAPxRfjo/fx07xFU=;
	b=AWdEfzWVAFJm10Q9bWPvMKBjhPQ4SrAPXnlwTD27h0BM3JoACtuD1Mph+AOxdZszxMB/
	H0/7R8dN0h+0wXCrBGKkVqxfG+OZqzykPgi++mBWaUxd3hdxjCG+b644RxMezNLnlmJN
	+lVkTCDTwbHk7vaX5aGkZJvPD3X89gS9R+n+RJrHRQCdVBTBBC5+JVAVgSkzkOnxTu2a
	l/Lh+o+dKGgE5FJe8SPPdOonq9+zCGKgRaHCGVL3u8ZYdmiS7Jisy6g03GiYVSHfxAwG
	9dQLDpi715oSXynKji1uYE+IF0R6tFMSF/gk1uOMi6zBFVBH3VglyzaZILzjDMjpCmi4
	tQ==
Received: from userv0021.oracle.com (userv0021.oracle.com [156.151.31.71])
	by userp2120.oracle.com with ESMTP id 2jrp8huqfr-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256
	verify=OK); Fri, 22 Jun 2018 23:36:17 +0000
Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236])
	by userv0021.oracle.com (8.14.4/8.14.4) with ESMTP id
	w5MNaG3N010322
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256
	verify=OK); Fri, 22 Jun 2018 23:36:17 GMT
Received: from abhmp0008.oracle.com (abhmp0008.oracle.com [141.146.116.14])
	by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id
	w5MNaGlr005346; Fri, 22 Jun 2018 23:36:16 GMT
Received: from liran-pc.mynet (/79.183.72.72)
	by default (Oracle Beehive Gateway v4.0)
	with ESMTP ; Fri, 22 Jun 2018 16:36:16 -0700
From: Liran Alon <liran.alon@oracle.com>
To: pbonzini@redhat.com, rkrcmar@redhat.com, kvm@vger.kernel.org
Cc: jmattson@google.com, idan.brown@oracle.com
Subject: [PATCH 22/22] KVM: nVMX: Mask guest access rights fields
Date: Sat, 23 Jun 2018 02:35:22 +0300
Message-Id: <1529710522-28315-23-git-send-email-liran.alon@oracle.com>
X-Mailer: git-send-email 1.9.1
In-Reply-To: <1529710522-28315-1-git-send-email-liran.alon@oracle.com>
References: <1529710522-28315-1-git-send-email-liran.alon@oracle.com>
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8932
	signatures=668703
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0
	suspectscore=0 malwarescore=0
	phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=612
	adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
	engine=8.0.1-1806210000 definitions=main-1806220260
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Jim Mattson <jmattson@google.com>

Haswell and later hardware masks off the irrelevant bits if the guest
access rights fields on vmwrite, storing only the 13 relevant
bits. This masking isn't documented anywhere. When using VMCS
shadowing for these fields, these fields will be masked when written
to the shadow vmcs12. For consistency, mask these fields when the
vmwrite is handled in software.

Reviewed-by: Liran Alon <liran.alon@oracle.com>
Signed-off-by: Jim Mattson <jmattson@google.com>
---
 arch/x86/kvm/vmx.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 4b63d6bae6bd..262029c6e3e5 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -8263,6 +8263,13 @@ static inline int vmcs12_write_any(struct vmcs12 *vmcs12,
 	if (offset < 0)
 		return offset;
 
+	/*
+	 * For compatibility with Haswell and later, mask off the
+	 * irrelevant bits of the guest access rights fields.
+	 */
+	if (field >= GUEST_ES_AR_BYTES && field <= GUEST_TR_AR_BYTES)
+		field_value &= 0x1f0ff;
+
 	switch (vmcs_field_width(field)) {
 	case VMCS_FIELD_WIDTH_U16:
 		*(u16 *)p = field_value;