Xen project Mailing List

Re: [Xen-devel] [PATCH 0/9] x86/vvmx: Read instruction operands correctly on VM exit

To: Euan Harris <euan.harris@xxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Thu, 26 Oct 2017 18:59:07 +0100

Cc: kevin.tian@xxxxxxxxx, jun.nakajima@xxxxxxxxx, jbeulich@xxxxxxxx

Delivery-date: Thu, 26 Oct 2017 17:59:48 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 26/10/17 18:03, Euan Harris wrote: > decode_vmx_inst() does not read instruction operands correctly on VM exit: > > * It incorrectly uses vmx_inst_info's address_size field to calculate > the sizes of the exit-causing instruction's operands. The sizes of > the operands are specified in the SDM and might depend on whether the > guest is running in 32-bit or 64-bit mode, but they have nothing to do > with the address_size field. > > * It includes its own segmentation logic, duplicating code elsewhere. > This segmentation logic is also incorrect and will raise #GP fault > rather than a #SS fault in response to an invalid memory access > through the stack segment. > > Patches 1-6 (up to 'Remove operand decoding from decode_vmx_inst()') > refactor decode_vmx_inst() in preparation for fixing the bugs mentioned > above. They remove unnecessary code and extract the logic for reading > operands from decode_vmx_inst() into a new operand_read() function. > These patches should not cause any functional changes. > > Patch 7 ('Use correct sizes when reading operands') replaces the incorrect > operand size calculations based on address_size with the correct sizes > from the SDM. > > Patches 8 and 9 add new hvm_copy_{to,from}_guest_virt() helpers and use > them to read memory operands in place of the incorrect segmentation > logic in decode_vmx_inst(). > > Euan Harris (9): > x86/vvmx: Remove enum vmx_regs_enc > x86/vvmx: Unify operands in struct vmx_inst_decoded > x86/vvmx: Extract operand reading logic into operand_read() > x86/vvmx: Remove unnecessary VMX operand reads > x86/vvmx: Replace direct calls to reg_read() with operand_read() > x86/vvmx: Remove operand reading from decode_vmx_inst() > x86/vvmx: Use correct sizes when reading operands > x86/hvm: Add hvm_copy_{to,from}_guest_virt() helpers > x86/vvmx: Use hvm_copy_{to,from}_guest_virt() to read operands All Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>. I've noticed a few trivial style issues which can be fixed up on commit if there are no other issues. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.