From patchwork Thu Oct 27 15:05:44 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 9399697 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id CCCFB6057E for ; Thu, 27 Oct 2016 15:08:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BAD252A331 for ; Thu, 27 Oct 2016 15:08:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AFC8A2A33A; Thu, 27 Oct 2016 15:08:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id A71372A334 for ; Thu, 27 Oct 2016 15:08:44 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bzmFv-00084o-PO; Thu, 27 Oct 2016 15:06:11 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bzmFu-00084g-CN for xen-devel@lists.xen.org; Thu, 27 Oct 2016 15:06:10 +0000 Received: from [85.158.139.211] by server-10.bemta-5.messagelabs.com id CD/9F-21400-1E712185; Thu, 27 Oct 2016 15:06:09 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrOLMWRWlGSWpSXmKPExsXitHRDpO5DcaE Ig0dvuS2WfFzM4sDocXT3b6YAxijWzLyk/IoE1ow3J6ILvohWLDj3m72Bcb5gFyMnh4SAv8Tl h+tYQWw2AX2J3S8+MYHYIgLqEqc7LoLFmQV8JF7+OQgWFxZIkdjfN48ZxGYRUJXY8XgqG4jNK +Apsf5XLzvETDmJ88d/gtUICahJXOu/xA5RIyhxcuYTFoiZEhIHX7wAquEAqueW+NttP4GRZx aSqllIqhYwMq1i1ChOLSpLLdI1tNBLKspMzyjJTczM0TU0MNXLTS0uTkxPzUlMKtZLzs/dxAg MEAYg2MHYtN3zEKMkB5OSKO9KMaEIIb6k/JTKjMTijPii0pzU4kOMMhwcShK8PMCAExIsSk1P rUjLzAGGKkxagoNHSYS3BqSVt7ggMbc4Mx0idYpRUUqc9zlIQgAkkVGaB9cGi49LjLJSwryMQ IcI8RSkFuVmlqDKv2IU52BUEuZlB9nOk5lXAjf9FdBiJqDF09MFQBaXJCKkpBoY9y2QcvBQP7 Prf8/CDUb8vo19rHr1M+IDNBeplAqGzGoQ/K+xRUUqRdMt69zqd8KZqWdkvt9NSInnZ7lXWyQ SmXKQ59TJRUu2hYlf5TLRqVpz49oMwVLh9aeuCXKcy7zlaTi7NC1bQowlXu9DBXd7qGT04cUd zGKypZ9+/fA4fbbZc/us/+5KLMUZiYZazEXFiQAmEoiRigIAAA== X-Env-Sender: prvs=101130c59=Andrew.Cooper3@citrix.com X-Msg-Ref: server-6.tower-206.messagelabs.com!1477580767!66965661!1 X-Originating-IP: [66.165.176.89] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni44OSA9PiAyMDMwMDc=\n, received_headers: No Received headers X-StarScan-Received: X-StarScan-Version: 9.0.13; banners=-,-,- X-VirusChecked: Checked Received: (qmail 50609 invoked from network); 27 Oct 2016 15:06:08 -0000 Received: from smtp.citrix.com (HELO SMTP.CITRIX.COM) (66.165.176.89) by server-6.tower-206.messagelabs.com with RC4-SHA encrypted SMTP; 27 Oct 2016 15:06:08 -0000 X-IronPort-AV: E=Sophos;i="5.31,553,1473120000"; d="scan'208";a="386443063" From: Andrew Cooper To: Xen-devel Date: Thu, 27 Oct 2016 16:05:44 +0100 Message-ID: <1477580744-11951-1-git-send-email-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.1.4 MIME-Version: 1.0 X-DLP: MIA1 Cc: Andrew Cooper , Wei Liu Subject: [Xen-devel] [PATCH v2 for-4.8] x86/hvm: Don't truncate the hvm hypercall index before range checking it X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP c/s 5eeca68f introduced the 64bit ABI for HVM guests, and chose to explicitly truncate the index, despite the fact that the `mov $imm32, %eax` in the hypercall page already provides the expected truncation. The truncation isn't very obvious, and is counterintuitive, seeing as all other 64bit parameters are passed without truncation. It is also different to the PV ABI, which is otherwise identical. As the hypercall page has always been present for HVM guests (and indeed, is basically mandatory to abstract away vendor differences), it is exceedingly unlikely that any code exists which enters hvm_do_hypercall() with upper bits set in %rax. Therefore, take the opportunity to fix the ABI before it becomes impossible to fix. While tweaking this area, fix one piece of trailing whitespace. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Wei Liu v2: * Rework to avoid extra conditionals * Reword the commit message --- xen/arch/x86/hvm/hvm.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 11e2b82..704fd64 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -4279,11 +4279,13 @@ int hvm_do_hypercall(struct cpu_user_regs *regs) struct domain *currd = curr->domain; struct segment_register sreg; int mode = hvm_guest_x86_mode(curr); - uint32_t eax = regs->eax; + unsigned long eax = regs->_eax; switch ( mode ) { - case 8: + case 8: + eax = regs->rax; + /* Fallthrough to permission check. */ case 4: case 2: hvm_get_segment_register(curr, x86_seg_ss, &sreg); @@ -4321,7 +4323,7 @@ int hvm_do_hypercall(struct cpu_user_regs *regs) unsigned long r8 = regs->r8; unsigned long r9 = regs->r9; - HVM_DBG_LOG(DBG_LEVEL_HCALL, "hcall%u(%lx, %lx, %lx, %lx, %lx, %lx)", + HVM_DBG_LOG(DBG_LEVEL_HCALL, "hcall%lu(%lx, %lx, %lx, %lx, %lx, %lx)", eax, rdi, rsi, rdx, r10, r8, r9); #ifndef NDEBUG @@ -4368,7 +4370,7 @@ int hvm_do_hypercall(struct cpu_user_regs *regs) unsigned int edi = regs->_edi; unsigned int ebp = regs->_ebp; - HVM_DBG_LOG(DBG_LEVEL_HCALL, "hcall%u(%x, %x, %x, %x, %x, %x)", eax, + HVM_DBG_LOG(DBG_LEVEL_HCALL, "hcall%lu(%x, %x, %x, %x, %x, %x)", eax, ebx, ecx, edx, esi, edi, ebp); #ifndef NDEBUG @@ -4404,7 +4406,7 @@ int hvm_do_hypercall(struct cpu_user_regs *regs) #endif } - HVM_DBG_LOG(DBG_LEVEL_HCALL, "hcall%u -> %lx", + HVM_DBG_LOG(DBG_LEVEL_HCALL, "hcall%lu -> %lx", eax, (unsigned long)regs->eax); if ( curr->arch.hvm_vcpu.hcall_preempted )