Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752346AbdLGJYl (ORCPT <rfc822;w@1wt.eu>);
        Thu, 7 Dec 2017 04:24:41 -0500
Received: from mail-ot0-f196.google.com ([74.125.82.196]:35635 "EHLO
        mail-ot0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750857AbdLGJYj (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 7 Dec 2017 04:24:39 -0500
X-Google-Smtp-Source: AGs4zMafoUHvI1kV3TmMlFxnvjxKgc0Pov4EcnmphpzN/5MVgeoYkynfnKxppEcbpl+ZL+YTavk1KQ==
Subject: Re: [PATCH v3] KVM: X86: Fix load RFLAGS w/o the fixed bit
To: Wanpeng Li <kernellwp@gmail.com>, linux-kernel@vger.kernel.org,
        kvm@vger.kernel.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Wanpeng Li <wanpeng.li@hotmail.com>, Jim Mattson <jmattson@google.com>
References: <1512635408-11645-1-git-send-email-wanpeng.li@hotmail.com>
From: Quan Xu <quan.xu0@gmail.com>
Message-ID: <86fcd0c7-c129-8567-c204-fbe7d8ea8f91@gmail.com>
Date: Thu, 7 Dec 2017 17:24:28 +0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <1512635408-11645-1-git-send-email-wanpeng.li@hotmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1592
Lines: 47



On 2017/12/07 16:30, Wanpeng Li wrote:
> From: Wanpeng Li <wanpeng.li@hotmail.com>
>
>   *** Guest State ***
>   CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
>   CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
>   CR3 = 0x00000000fffbc000
>   RSP = 0x0000000000000000  RIP = 0x0000000000000000
>   RFLAGS=0x00000000         DR7 = 0x0000000000000400
>          ^^^^^^^^^^
>
> The failed vmentry is triggered by the following testcase when ept=Y:
>
>      #include <unistd.h>
>      #include <sys/syscall.h>
>      #include <string.h>
>      #include <stdint.h>
>      #include <linux/kvm.h>
>      #include <fcntl.h>
>      #include <sys/ioctl.h>
>      
>      long r[5];
>      int main()
>      {
>      	r[2] = open("/dev/kvm", O_RDONLY);
>      	r[3] = ioctl(r[2], KVM_CREATE_VM, 0);
>      	r[4] = ioctl(r[3], KVM_CREATE_VCPU, 7);
>      	struct kvm_regs regs = {
>      		.rflags = 0,
>      	};
>      	ioctl(r[4], KVM_SET_REGS, &regs);
>      	ioctl(r[4], KVM_RUN, 0);
>      }
>
> X86 RFLAGS bit 1 is fixed set, userspace can simply clearing bit 1
> of RFLAGS with KVM_SET_REGS ioctl which results in vmentry fails.
> This patch fixes it by oring X86_EFLAGS_FIXED during ioctl.
>
> Suggested-by: Jim Mattson <jmattson@google.com>
> Reviewed-by: David Hildenbrand <david@redhat.com>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Radim Krčmář <rkrcmar@redhat.com>
> Cc: Jim Mattson <jmattson@google.com>
> Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
   Reviewed-by: Quan Xu <quan.xu0@gmail.com>