[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] x86emul: add memory operand low bits checks for ENQCMD{,S}
- To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Tue, 19 Jul 2022 14:56:15 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uzhBdq+jhZM8miUoFcMY7wVOXlpa9XQiV1LdPy+xLQA=; b=gnhiBZiVwzhcm4Eb81tJ5v8kLM9MfS42gQ2HybwAd035N6qrp0qySIUgf0D2K8QQe8yz0U+yfMcx/49Fpb4+n2BsLFeXIz5yrOteiizthnNbAjkfNKYApG8P3RIk7r/qmSsLIdtgu4rShnG2FfzOtvNPNeroa6kkiZK59AotzYHd41C0FSGopXabOOGaTvRfcN1h+7ClkcpuUO2QpKM0eVl3YFnnFrpnaOMo52u7dzmTUNfLjB/x8S8yv3L7ukkPdbcnb0w+CZ6g7L15GxFMplIIbyaKHkhuZImDeBCWaJ1e5z1gzD4aVCRkp5aCG0UzVfJGkXdz5GNTf7TzLypj9w==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JS7qZtJ/O0dXXrB0O9TTVcdOQMZC19OZ/0a7R96Ccbo7dCrlFbC0PBi/JwJoxnHcxdwvKoKs9YpkGPzzIi0ZZlcetPTIe/ubBPKb0JXkVspjXyFvDA2TdQj/kdlRfS62MAtIjA341Rs/MFEkMcGzFdBCaPkjXnzsF+paXhpDi0HokFuKP2XmeGmODvC2S8eNio98dIz8NLeQZqPDvXAgjHXairfqJ0Yk7q8reAJ0rTVM9SdQTkdhuQPF60+nz7D9G7lTodYl+Nbk5n5dUhzWsbiSMCT4LSs1hqIO1cNuv5kkMfv+T+8PMZH6KwRXgtcltW46lTT6yOx0A7kiarwuTQ==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
- Delivery-date: Tue, 19 Jul 2022 12:56:22 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Already ISE rev 044 added text to this effect; rev 045 further dropped
leftover earlier text indicating the contrary:
- ENQCMD requires the low 32 bits of the memory operand to be clear,
- ENDCMDS requires bits 20...30 of the memory operand to be clear.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
I'm a little reluctant to add a Fixes: tag here, because at the time
the code was written the behavior was matching what was documented.
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -10499,6 +10499,7 @@ x86_emulate(
goto done;
if ( vex.pfx == vex_f2 ) /* enqcmd */
{
+ generate_exception_if(mmvalp->data32[0], EXC_GP, 0);
fail_if(!ops->read_msr);
if ( (rc = ops->read_msr(MSR_PASID, &msr_val,
ctxt)) != X86EMUL_OKAY )
@@ -10506,7 +10507,8 @@ x86_emulate(
generate_exception_if(!(msr_val & PASID_VALID), EXC_GP, 0);
mmvalp->data32[0] = MASK_EXTR(msr_val, PASID_PASID_MASK);
}
- mmvalp->data32[0] &= ~0x7ff00000;
+ else
+ generate_exception_if(mmvalp->data32[0] & 0x7ff00000, EXC_GP, 0);
state->blk = blk_enqcmd;
if ( (rc = ops->blk(x86_seg_es, src.val, mmvalp, 64, &_regs.eflags,
state, ctxt)) != X86EMUL_OKAY )
|