| Message ID | 20220803155011.43721-3-mlevitsk@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show
Return-Path: <kvm-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
by smtp.lore.kernel.org (Postfix) with ESMTP id 9D2F3C19F28
for <kvm@archiver.kernel.org>; Wed, 3 Aug 2022 15:50:40 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S238288AbiHCPuj (ORCPT <rfc822;kvm@archiver.kernel.org>);
Wed, 3 Aug 2022 11:50:39 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49328 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S237726AbiHCPuc (ORCPT <rfc822;kvm@vger.kernel.org>);
Wed, 3 Aug 2022 11:50:32 -0400
Received: from us-smtp-delivery-124.mimecast.com
(us-smtp-delivery-124.mimecast.com [170.10.129.124])
by lindbergh.monkeyblade.net (Postfix) with ESMTP id 012B05FBB
for <kvm@vger.kernel.org>; Wed, 3 Aug 2022 08:50:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1659541830;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=WNhWOc+yr+2wT/jsCzj92Jb7fDCD7N/zAbD0yvwDZp4=;
b=JzVpMfLYUMXcLJz+657vAXkvozz2sM93DSIDU/+nXbYhA5cksHchv4LrhVCKJd1YAPEmdD
TKXeaLLeG0hLwIBJwvxkLI3TyWVJqb0NWWyUIRm73/GZ1UkPEjy7APE5uanL5yRQ9Oa/w0
AUfgmOb7vvTD0IcyOWowfqq1Lul5ovU=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
[66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
(version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
us-mta-515-5FKKviBjP1KIafHzq22m6Q-1; Wed, 03 Aug 2022 11:50:26 -0400
X-MC-Unique: 5FKKviBjP1KIafHzq22m6Q-1
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com
[10.11.54.3])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 35EE8101A54E;
Wed, 3 Aug 2022 15:50:25 +0000 (UTC)
Received: from localhost.localdomain (unknown [10.40.194.242])
by smtp.corp.redhat.com (Postfix) with ESMTP id 91AB01121314;
Wed, 3 Aug 2022 15:50:21 +0000 (UTC)
From: Maxim Levitsky <mlevitsk@redhat.com>
To: kvm@vger.kernel.org
Cc: Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
linux-kernel@vger.kernel.org, Wanpeng Li <wanpengli@tencent.com>,
Maxim Levitsky <mlevitsk@redhat.com>,
Ingo Molnar <mingo@redhat.com>,
Sean Christopherson <seanjc@google.com>, x86@kernel.org,
Jim Mattson <jmattson@google.com>,
Kees Cook <keescook@chromium.org>,
Thomas Gleixner <tglx@linutronix.de>,
"H. Peter Anvin" <hpa@zytor.com>, Joerg Roedel <joro@8bytes.org>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: [PATCH v3 02/13] KVM: x86: emulator: em_sysexit should update
ctxt->mode
Date: Wed, 3 Aug 2022 18:50:00 +0300
Message-Id: <20220803155011.43721-3-mlevitsk@redhat.com>
In-Reply-To: <20220803155011.43721-1-mlevitsk@redhat.com>
References: <20220803155011.43721-1-mlevitsk@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
|
| Series |
SMM emulation and interrupt shadow fixes
|
expand
|
diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index 047c583596bb86..7bdc495710bd0e 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c @@ -2888,6 +2888,7 @@ static int em_sysexit(struct x86_emulate_ctxt *ctxt) ops->set_segment(ctxt, ss_sel, &ss, 0, VCPU_SREG_SS); ctxt->_eip = rdx; + ctxt->mode = usermode; *reg_write(ctxt, VCPU_REGS_RSP) = rcx; return X86EMUL_CONTINUE;
This is one of the instructions that can change the processor mode. Note that this is likely a benign bug, because the only problematic mode change is from 32 bit to 64 bit which can lead to truncation of RIP, and it is not possible to do with sysexit, since sysexit running in 32 bit mode will be limited to 32 bit version. Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com> --- arch/x86/kvm/emulate.c | 1 + 1 file changed, 1 insertion(+)