diff mbox series

[4/5,v6] nSVM: Test addresses of MSR and IO permissions maps

Message ID 20210402004331.91658-5-krish.sadhukhan@oracle.com (mailing list archive)
State New, archived
Headers show
Series KVM: nSVM: Check addresses of MSR bitmap and IO bitmap tables on vmrun of nested guests | expand

Commit Message

Krish Sadhukhan April 2, 2021, 12:43 a.m. UTC
According to section "Canonicalization and Consistency Checks" in APM vol 2,
the following guest state is illegal:

    "The MSR or IOIO intercept tables extend to a physical address that
     is greater than or equal to the maximum supported physical address."

Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
(cherry picked from commit 0513cf071255c7d5a1b7a813d017bbdd2d1da263)
Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
---
 x86/svm_tests.c | 42 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/x86/svm_tests.c b/x86/svm_tests.c
index 29a0b59..7014c40 100644
--- a/x86/svm_tests.c
+++ b/x86/svm_tests.c
@@ -2304,15 +2304,55 @@  static void test_dr(void)
 	vmcb->save.dr7 = dr_saved;
 }
 
+/*
+ * If the MSR or IOIO intercept table extends to a physical address that
+ * is greater than or equal to the maximum supported physical address, the
+ * guest state is illegal.
+ *
+ * [APM vol 2]
+ */
+static void test_msrpm_iopm_bitmap_addrs(void)
+{
+	u64 saved_intercepts = vmcb->control.intercept;
+	u64 bitmap_addr_1 =
+	    (u64)(((u64)1 << cpuid_maxphyaddr()) - PAGE_SIZE);
+	u64 bitmap_addr_2 =
+	    (u64)(((u64)1 << cpuid_maxphyaddr()) - PAGE_SIZE * 2);
+
+	/*
+	 * MSR bitmap address
+	 */
+	vmcb->control.intercept = saved_intercepts | 1ULL << INTERCEPT_MSR_PROT;
+	vmcb->control.msrpm_base_pa = bitmap_addr_1;
+	report(svm_vmrun() == SVM_EXIT_ERR, "Test MSRPM address: %lx",
+	    bitmap_addr_1);
+	vmcb->control.msrpm_base_pa = bitmap_addr_2;
+	report(svm_vmrun() == SVM_EXIT_ERR, "Test MSRPM address: %lx",
+	    bitmap_addr_2);
+
+	/*
+	 * IOIO bitmap address
+	 */
+	vmcb->control.intercept = saved_intercepts | 1ULL << INTERCEPT_IOIO_PROT;
+	vmcb->control.iopm_base_pa = bitmap_addr_1;
+	report(svm_vmrun() == SVM_EXIT_ERR, "Test IOPM address: %lx",
+	    bitmap_addr_1);
+	vmcb->control.iopm_base_pa = bitmap_addr_2 += 1;
+	report(svm_vmrun() == SVM_EXIT_ERR, "Test IOPM address: %lx",
+	    bitmap_addr_2);
+
+	vmcb->control.intercept = saved_intercepts;
+}
+
 static void svm_guest_state_test(void)
 {
 	test_set_guest(basic_guest_main);
-
 	test_efer();
 	test_cr0();
 	test_cr3();
 	test_cr4();
 	test_dr();
+	test_msrpm_iopm_bitmap_addrs();
 }