From patchwork Tue Feb 14 19:42:59 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Thomas Garnier <thgarnie@google.com>
X-Patchwork-Id: 9572623
Return-Path: 
 <kernel-hardening-return-6662-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	9B8DF60573 for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Tue, 14 Feb 2017 19:43:41 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 95FEC28391
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Tue, 14 Feb 2017 19:43:41 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 889C7283A6; Tue, 14 Feb 2017 19:43:41 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, RCVD_IN_DNSWL_MED,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id BC78728391
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Tue, 14 Feb 2017 19:43:40 +0000 (UTC)
Received: (qmail 15407 invoked by uid 550); 14 Feb 2017 19:43:22 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 14237 invoked from network); 14 Feb 2017 19:43:21 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=iitYwezpjUyKVmLZ7WNApIXSeCIdeGxFdEcLZjsh3tM=;
	b=FcN7wVg/2c8Ia2vGBx+J/t2x6g/UvK4bSKSXXz2fgQuWtIAGv7Uqfd3Jvhe55TlflG
	csZx2u2VNIqHK15IkTPKrQTX4p0CtZWJGD9WvyfS6Bn+mVSzNKWpqqw91VXhyqGcN2R8
	mzrNlxrAtj/dWOgoGTr+QIdbobZhPNpuTPIb9ox2mSWahQ1uuz42Jpr9S/x3IS/T3oGC
	Kxwhvts3s8on2NycypenSOWlwdTd7wF8K57TKYR3duKj21I/b+jUIvRIqhMmzAq+jU++
	Aqe2+smViYMpDr/uWwYujmpYcYMgRyJv54GaMnDjo1YkwHwgxt+/FSJzJNgvS8feQZk1
	GP2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=iitYwezpjUyKVmLZ7WNApIXSeCIdeGxFdEcLZjsh3tM=;
	b=AN3xVtbxwd3tm8B5JDtfWS3syFor46mIoOtj7hDXs/aez1Nsv+Z4UuiN52QeZHM0S4
	u+GCcPSGZ8jLnGYrQlLSUqnZV9p0fyjK9OcnO9NgNkAlv27dxZ0Pn6gV0DRp1UuSJsfO
	EokeBAJA1qHxs7/uvBBDq4y8nuJP/IdN2UUjjy+i421gJl8D9shEEf2qSePb2cg89P2p
	UEH8MJ44ugP7/+DkfN11nLig/l54CG1aQeX/vnuf8/3o5EQXIWT/vND/ki3MsQ+FBYNE
	kfMwhw3H2y0tmOxIecl09FyTd+yTTIYE6/bbapSBcDOGzQGxmgi9O3FPOSdKhrsxWmrZ
	DRWg==
X-Gm-Message-State: 
 AMke39mgoKr9k8/II6CF2CmcimvzVtW9uqQVKptFIRIOHGPI+9rQ6oX3Az/0bCbtBGrIugxs
X-Received: by 10.84.176.137 with SMTP id v9mr4000927plb.59.1487101389206;
	Tue, 14 Feb 2017 11:43:09 -0800 (PST)
From: Thomas Garnier <thgarnie@google.com>
To: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
	"H . Peter Anvin" <hpa@zytor.com>,
	Andrey Ryabinin <aryabinin@virtuozzo.com>,
	Alexander Potapenko <glider@google.com>,
	Dmitry Vyukov <dvyukov@google.com>, Thomas Garnier <thgarnie@google.com>,
	Kees Cook <keescook@chromium.org>, Andy Lutomirski <luto@kernel.org>,
	Borislav Petkov <bp@suse.de>,
	Paul Gortmaker <paul.gortmaker@windriver.com>,
	Andy Lutomirski <luto@amacapital.net>,
	"Rafael J . Wysocki" <rjw@rjwysocki.net>,
	Len Brown <len.brown@intel.com>, Pavel Machek <pavel@ucw.cz>,
	Jiri Kosina <jikos@kernel.org>, Matt Fleming <matt@codeblueprint.co.uk>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Boris Ostrovsky <boris.ostrovsky@oracle.com>,
	Juergen Gross <jgross@suse.com>, Rusty Russell <rusty@rustcorp.com.au>,
	Peter Zijlstra <peterz@infradead.org>,
	Christian Borntraeger <borntraeger@de.ibm.com>,
	"Luis R . Rodriguez" <mcgrof@kernel.org>,
	He Chen <he.chen@linux.intel.com>, Brian Gerst <brgerst@gmail.com>,
	Stanislaw Gruszka <sgruszka@redhat.com>, Arnd Bergmann <arnd@arndb.de>,
	Adam Buchbinder <adam.buchbinder@gmail.com>,
	Dave Hansen <dave.hansen@intel.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Tim Chen <tim.c.chen@linux.intel.com>, Rik van Riel <riel@redhat.com>,
	Andi Kleen <ak@linux.intel.com>, Jiri Olsa <jolsa@redhat.com>,
	Michael Ellerman <mpe@ellerman.id.au>, Joerg Roedel <joro@8bytes.org>,
	Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com,
	linux-pm@vger.kernel.org, linux-efi@vger.kernel.org,
	xen-devel@lists.xenproject.org, lguest@lists.ozlabs.org,
	kvm@vger.kernel.org, kernel-hardening@lists.openwall.com
Date: Tue, 14 Feb 2017 11:42:59 -0800
Message-Id: <20170214194259.75960-4-thgarnie@google.com>
X-Mailer: git-send-email 2.11.0.483.g087da7b7c-goog
In-Reply-To: <20170214194259.75960-1-thgarnie@google.com>
References: <20170214194259.75960-1-thgarnie@google.com>
Subject: [kernel-hardening] [PATCH v3 4/4] KVM: VMX: Simplify segment_base
X-Virus-Scanned: ClamAV using ClamSMTP

The KVM segment_base function is confusing. This patch replaces integers
with appropriate flags, simplify constructs and add comments.

Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
Based on next-20170213
---
 arch/x86/kvm/vmx.c | 26 ++++++++++++++++++--------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 99167f20bc34..edb8326108dd 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2062,25 +2062,35 @@ static unsigned long segment_base(u16 selector)
 	struct desc_struct *d;
 	unsigned long table_base;
 	unsigned long v;
+	u32 high32;
 
-	if (!(selector & ~3))
+	if (!(selector & ~SEGMENT_RPL_MASK))
 		return 0;
 
-	table_base = get_current_gdt_rw_vaddr();
-
-	if (selector & 4) {           /* from ldt */
+	/* LDT selector */
+	if ((selector & SEGMENT_TI_MASK) == SEGMENT_LDT) {
 		u16 ldt_selector = kvm_read_ldt();
 
-		if (!(ldt_selector & ~3))
+		if (!(ldt_selector & ~SEGMENT_RPL_MASK))
 			return 0;
 
 		table_base = segment_base(ldt_selector);
+	} else {
+		table_base = get_current_gdt_rw_vaddr();
 	}
-	d = (struct desc_struct *)(table_base + (selector & ~7));
+
+	d = (struct desc_struct *)table_base + (selector >> 3);
 	v = get_desc_base(d);
 #ifdef CONFIG_X86_64
-       if (d->s == 0 && (d->type == 2 || d->type == 9 || d->type == 11))
-               v |= ((unsigned long)((struct ldttss_desc64 *)d)->base3) << 32;
+	/*
+	 * Extend the virtual address if we have a system descriptor entry for
+	 * LDT or TSS (available or busy).
+	 */
+	if (d->s == 0 && (d->type == DESC_LDT || d->type == DESC_TSS ||
+			  d->type == 11/*Busy TSS */)) {
+		high32 = ((struct ldttss_desc64 *)d)->base3;
+		v |= (u64)high32 << 32;
+	}
 #endif
 	return v;
 }