From patchwork Thu Jul 6 09:21:16 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 9827793 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id AE3F560361 for ; Thu, 6 Jul 2017 09:23:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9E549285DA for ; Thu, 6 Jul 2017 09:23:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 923F5285FC; Thu, 6 Jul 2017 09:23:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 0B81F285DA for ; Thu, 6 Jul 2017 09:23:25 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dT2yQ-0000id-14; Thu, 06 Jul 2017 09:21:22 +0000 Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dT2yO-0000iR-U8 for xen-devel@lists.xenproject.org; Thu, 06 Jul 2017 09:21:21 +0000 Received: from [85.158.143.35] by server-8.bemta-6.messagelabs.com id 68/A5-03704-0110E595; Thu, 06 Jul 2017 09:21:20 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrLIsWRWlGSWpSXmKPExsXS6fjDS5efMS7 S4P1GHYvvWyYzOTB6HP5whSWAMYo1My8pvyKBNePk5RbWgiuCFfu/fmBqYLzC08XIySEkkCcx ce4/VhCbV8BO4tD9VWwgtoSAocTphTdZuhg5OFgEVCXudUeChNkE1CXanm1nBQmLCBhInDuaB GIyC+hLbFvHAlIhLBAoMefzXEaQsBDQwF9fE0BMXgFBib87hEEqmAW0JB7+usUCYWtLLFv4mh liiLTE8n8cExh5ZyE0zELSMAtJwyyEhgWMLKsYNYpTi8pSi3QNzfSSijLTM0pyEzNzdA0NzPR yU4uLE9NTcxKTivWS83M3MQKDiwEIdjDe3xhwiFGSg0lJlFf8cGykEF9SfkplRmJxRnxRaU5q 8SFGGQ4OJQneJ/+BcoJFqempFWmZOcAwh0lLcPAoifDG/ABK8xYXJOYWZ6ZDpE4xWnJsWL3+C xNHR88GIPlqwv9vTEIsefl5qVLivMdB5gmANGSU5sGNg8XiJUZZKWFeRqADhXgKUotyM0tQ5V 8xinMwKgnz1oFM4cnMK4Hb+groICaggxQbY0AOKklESEk1MC78+WP+pgzNp5Pmel1hOiDotuH 3iw9djzcuNerok73TvaG1UWFHwM9HitPNBdL3z09WvL9hcdLljylrXvz13vp5nua3A9r3eLne X5jDmb1EKiflxultouZeW92ePD0tzhy5orn9De/nOQW8m48LpzLald9WanhvIhXZr/RW4vup9 vCJldY/p/xXYinOSDTUYi4qTgQACSF+MMACAAA= X-Env-Sender: JBeulich@suse.com X-Msg-Ref: server-11.tower-21.messagelabs.com!1499332877!71853704!1 X-Originating-IP: [137.65.248.74] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 9.4.25; banners=-,-,- X-VirusChecked: Checked Received: (qmail 38057 invoked from network); 6 Jul 2017 09:21:19 -0000 Received: from prv-mh.provo.novell.com (HELO prv-mh.provo.novell.com) (137.65.248.74) by server-11.tower-21.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 6 Jul 2017 09:21:19 -0000 Received: from INET-PRV-MTA by prv-mh.provo.novell.com with Novell_GroupWise; Thu, 06 Jul 2017 03:21:17 -0600 Message-Id: <595E1D2C0200007800169106@prv-mh.provo.novell.com> X-Mailer: Novell GroupWise Internet Agent 14.2.2 Date: Thu, 06 Jul 2017 03:21:16 -0600 From: "Jan Beulich" To: "xen-devel" References: <595E1D2C0200007800169106@prv-mh.provo.novell.com> Mime-Version: 1.0 Content-Disposition: inline Cc: Andrew Cooper Subject: [Xen-devel] [PATCH v2] x86/HVM: don't #GP/#SS on wrapping virt->linear translations X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP Real hardware wraps silently, so we should behave the same. Also split real and VM86 mode handling, as the latter really ought to have limit checks applied. Signed-off-by: Jan Beulich --- v2: Extend to non-64-bit modes. Reduce 64-bit check to a single is_canonical_address() invocation. --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -2418,16 +2418,21 @@ bool_t hvm_virtual_to_linear_addr( */ ASSERT(seg < x86_seg_none); - if ( !(curr->arch.hvm_vcpu.guest_cr[0] & X86_CR0_PE) || - (guest_cpu_user_regs()->eflags & X86_EFLAGS_VM) ) + if ( !(curr->arch.hvm_vcpu.guest_cr[0] & X86_CR0_PE) ) { /* - * REAL/VM86 MODE: Don't bother with segment access checks. + * REAL MODE: Don't bother with segment access checks. * Certain of them are not done in native real mode anyway. */ addr = (uint32_t)(addr + reg->base); - last_byte = (uint32_t)addr + bytes - !!bytes; - if ( last_byte < addr ) + } + else if ( (guest_cpu_user_regs()->eflags & X86_EFLAGS_VM) && + is_x86_user_segment(seg) ) + { + /* VM86 MODE: Fixed 64k limits on all user segments. */ + addr = (uint32_t)(addr + reg->base); + last_byte = (uint32_t)offset + bytes - !!bytes; + if ( max(offset, last_byte) >> 16 ) goto out; } else if ( hvm_long_mode_active(curr) && @@ -2449,8 +2454,7 @@ bool_t hvm_virtual_to_linear_addr( addr += reg->base; last_byte = addr + bytes - !!bytes; - if ( !is_canonical_address(addr) || last_byte < addr || - !is_canonical_address(last_byte) ) + if ( !is_canonical_address((long)addr < 0 ? addr : last_byte) ) goto out; } else @@ -2500,8 +2504,8 @@ bool_t hvm_virtual_to_linear_addr( if ( (offset <= reg->limit) || (last_byte < offset) ) goto out; } - else if ( (last_byte > reg->limit) || (last_byte < offset) ) - goto out; /* last byte is beyond limit or wraps 0xFFFFFFFF */ + else if ( last_byte > reg->limit ) + goto out; /* last byte is beyond limit */ } /* All checks ok. */