Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752572AbdLFOlG (ORCPT <rfc822;w@1wt.eu>);
        Wed, 6 Dec 2017 09:41:06 -0500
Received: from mx1.redhat.com ([209.132.183.28]:51562 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1752211AbdLFOkZ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 6 Dec 2017 09:40:25 -0500
Subject: Re: [PATCH v2] KVM: X86: Fix load RFLAGS w/o the fixed bit
To: Wanpeng Li <kernellwp@gmail.com>, linux-kernel@vger.kernel.org,
        kvm@vger.kernel.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Wanpeng Li <wanpeng.li@hotmail.com>, Jim Mattson <jmattson@google.com>
References: <1512561558-15470-1-git-send-email-wanpeng.li@hotmail.com>
From: David Hildenbrand <david@redhat.com>
Organization: Red Hat GmbH
Message-ID: <ff263366-69a1-eac1-8c4c-dac290e98e94@redhat.com>
Date: Wed, 6 Dec 2017 15:40:22 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <1512561558-15470-1-git-send-email-wanpeng.li@hotmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Wed, 06 Dec 2017 14:40:24 +0000 (UTC)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2188
Lines: 74

On 06.12.2017 12:59, Wanpeng Li wrote:
> From: Wanpeng Li <wanpeng.li@hotmail.com>
> 
>  *** Guest State ***
>  CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
>  CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
>  CR3 = 0x00000000fffbc000
>  RSP = 0x0000000000000000  RIP = 0x0000000000000000
>  RFLAGS=0x00000000         DR7 = 0x0000000000000400
>         ^^^^^^^^^^
> 
> The failed vmentry is triggered by the following testcase when ept=Y:
> 
>     #include <unistd.h>
>     #include <sys/syscall.h>
>     #include <string.h>
>     #include <stdint.h>
>     #include <linux/kvm.h>
>     #include <fcntl.h>
>     #include <sys/ioctl.h>
>     
>     long r[5];
>     int main()
>     {
>     	r[2] = open("/dev/kvm", O_RDONLY);
>     	r[3] = ioctl(r[2], KVM_CREATE_VM, 0);
>     	r[4] = ioctl(r[3], KVM_CREATE_VCPU, 7);
>     	struct kvm_regs regs = {
>     		.rflags = 0,
>     	};
>     	ioctl(r[4], KVM_SET_REGS, &regs);
>     	ioctl(r[4], KVM_RUN, 0);
>     }
> 
> X86 RFLAGS bit 1 is fixed set, userspace can simply clearing bit 1 
> of RFLAGS with KVM_SET_REGS ioctl which results in vmentry fails.
> This patch fixes it by oring X86_EFLAGS_FIXED during ioctl.
> 
> Suggested-by: Jim Mattson <jmattson@google.com>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Radim Krčmář <rkrcmar@redhat.com>
> Cc: Jim Mattson <jmattson@google.com>
> Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
> ---
> v1 -> v2:
>  * Oring X86_EFLAGS_FIXED
> 
>  virt/kvm/kvm_main.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index b55bad3..0f3f283 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -2602,6 +2602,7 @@ static long kvm_vcpu_ioctl(struct file *filp,
>  			r = PTR_ERR(kvm_regs);
>  			goto out;
>  		}
> +		kvm_regs->rflags |= X86_EFLAGS_FIXED;
>  		r = kvm_arch_vcpu_ioctl_set_regs(vcpu, kvm_regs);
>  		kfree(kvm_regs);
>  		break;
> 

Not sure if failing KVM_SET_REGS would be nicer, but maybe this has
already been discussed. So this should be fine.

Reviewed-by: David Hildenbrand <david@redhat.com>

-- 

Thanks,

David / dhildenb