Received: by 10.213.65.68 with SMTP id h4csp595589imn;
        Thu, 22 Mar 2018 04:34:59 -0700 (PDT)
X-Google-Smtp-Source: AG47ELshZxPEIHWVc1EFJb6OTrSl0lnGjwz+eQcGh7D+Q1Ie554qDHSYZtllkGJH0e67LV3gW/ju
X-Received: by 2002:a17:902:6b0c:: with SMTP id o12-v6mr25237254plk.295.1521718499170;
        Thu, 22 Mar 2018 04:34:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1521718499; cv=none;
        d=google.com; s=arc-20160816;
        b=IjvBTZb88NrqDq0QKava8dXANuyhvlHQ/cDXK7EjqvlRdmdwlz+K8fSd2h3yRwf9w+
         tpIQxL6K4qVhbnohmsJ81GInW7Be3e1zDLxkZoKVhrJsAnNuBVyY9qkwrFAdZ2DHwlqC
         5jsgv2AX0E2bJ2WFTmNy0VP8T0mi7xIuW7h/KKiX+kBm1EV3XUO7j6ZaVJ0xByLMh9G3
         p6pySR31RpL5AzqSz/yPJ5E1SJqLx5WLJE86Q8Pk5opaFSJdDOMgcqTsnivqFpCAa9j6
         1bwzF3OLYPzOAs+9Fjyc44tHW34SsQ3WoKOQsEA+IRcyw9sxQbWliEpdalIzFDm7kUjJ
         iz4Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject
         :message-id:date:from:references:in-reply-to:mime-version
         :dkim-signature:arc-authentication-results;
        bh=csVKokocWe62T1irchJZ8YfK9yK7Kg32auMQijMCFKI=;
        b=WxtBGxEQEzG8Aa/wBGt9Y8c4k6IEmJHxkTV6IGiJjdVNmDqKa9OkUbtkcFj5HzW3xP
         3ICIyBXNY/jkawMJ95Akb4nWIGynLciEbjw2H1/W6NuEb8iVMX59wwL7D/xNuAHbzwHw
         nZ9Tb+NWURaeJDOtv76UynvwfZ7W3G06TYafS4ywjsylMSgxGvPLGTVBg9zNG6fPdfUB
         ZI+2MCLgvOZmFoAJpoywxgtNHSdNtOOM8oEROiYKcbTLp1bbOUMBCdnmgo8t0D4iiAi9
         5Rjaf8Et5pTxFqV7uOBYY8mhegWu2Sp+nDSsyjnj8CUsliUhVNQdPwrkXGAaAQhe2ZLn
         hFGg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=Lhn4Y5P9;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h191si4273169pgc.716.2018.03.22.04.34.41;
        Thu, 22 Mar 2018 04:34:59 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=Lhn4Y5P9;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754113AbeCVLOe (ORCPT <rfc822;tanxianhu@gmail.com> + 99 others);
        Thu, 22 Mar 2018 07:14:34 -0400
Received: from mail-ot0-f194.google.com ([74.125.82.194]:36723 "EHLO
        mail-ot0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751742AbeCVLOb (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 22 Mar 2018 07:14:31 -0400
Received: by mail-ot0-f194.google.com with SMTP id 108-v6so8997353otv.3;
        Thu, 22 Mar 2018 04:14:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc:content-transfer-encoding;
        bh=csVKokocWe62T1irchJZ8YfK9yK7Kg32auMQijMCFKI=;
        b=Lhn4Y5P9K28F41XWNQC3iELmm82QIma0p8sGUoWMRo/YK4sbAxWfQkNuRSJnQsRUGu
         cvyGzTC6scplJT3qftl6/SbkWOq8138Y8zT6h5+obWu5/feIYweivqffy8iU5zUnu7VQ
         ESpKJY0wkDB192N1uWOLDe55Q6A9WWzo6284MN9LYZ+xgaOPReiwscY8Tgx38gKE9RDF
         JwCjpBYhJvpXwSGDRNNQTR3mBO6HNNqCOFzWnPAwEk36KbGYectnB3mnYUzn1TRnZ3tv
         38Cdc635RVRo1yj3Cw2uHjxT2uWfNOFjuG2CKjd4WWHWanMda4+xrhTo9tKY9hXKdYqF
         mBOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc:content-transfer-encoding;
        bh=csVKokocWe62T1irchJZ8YfK9yK7Kg32auMQijMCFKI=;
        b=Nmom5yWvhidhyCBtT1bXFarugefc0iH6qN9JPPfMs/nyHKi4EoMyg1a5n5mNv9T3Ts
         ExxBJCqXBI007iLmsSyx3FoTHVXCurjpcJ9pLEwEbP89EKDXt37n/H3niD3T0q+/LSoi
         KglT5qxgFtGrmodFfNl6MwKL+jNzRpy3QTmAFhKqGfWjtgCRjgMgdBDQmeRXuC6ss7Mr
         hfnlB5Y2XQzUkLTwoIWV5YWpdEJs/rvstHRQ8WNF6+HBBHilhXayNPHpbGKF6KS8Sy1H
         ZUL7UI8BVPB2tCWs9sMrKuGP3M+SF1pzPTzy34IxE9akflxrmhBGrTiE+9Rt/lw5adoG
         aZVA==
X-Gm-Message-State: AElRT7GX9WOiQguK77e0Bsr4rGluWjP3m5xLNlSoHx2KgypdFVDn+UhO
        +OCJLQh0AIJhWK0zCz+ffolZWzEdXN57AxQtzUo=
X-Received: by 2002:a9d:55cc:: with SMTP id z12-v6mr14805201oti.203.1521717270756;
 Thu, 22 Mar 2018 04:14:30 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.210.78 with HTTP; Thu, 22 Mar 2018 04:14:30 -0700 (PDT)
In-Reply-To: <e9db6804-4881-be93-f570-e9631dbccac8@citrix.com>
References: <1521707651-9375-1-git-send-email-wanpengli@tencent.com>
 <aadc47c3-9d5f-b4d5-92d3-cb888a29563c@redhat.com> <49454fe4-16e2-4d8b-7ad5-9e488afc786e@citrix.com>
 <d1126eb9-7203-7044-f72b-174cac6607ab@redhat.com> <e9db6804-4881-be93-f570-e9631dbccac8@citrix.com>
From:   Wanpeng Li <kernellwp@gmail.com>
Date:   Thu, 22 Mar 2018 19:14:30 +0800
Message-ID: <CANRm+Cx=Mo_vVy68PN+AiaxVSO=HwE5FhRm9FRVeS8nS9Vbeyw@mail.gmail.com>
Subject: Re: [PATCH] KVM: X86: Fix the decoding of segment overrides in 64bit mode
To:     Andrew Cooper <andrew.cooper3@citrix.com>
Cc:     Paolo Bonzini <pbonzini@redhat.com>,
        LKML <linux-kernel@vger.kernel.org>, kvm <kvm@vger.kernel.org>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

2018-03-22 19:04 GMT+08:00 Andrew Cooper <andrew.cooper3@citrix.com>:
> On 22/03/2018 10:42, Paolo Bonzini wrote:
>> On 22/03/2018 11:19, Andrew Cooper wrote:
>>> On 22/03/2018 10:07, Paolo Bonzini wrote:
>>>> On 22/03/2018 09:34, Wanpeng Li wrote:
>>>>> From: Wanpeng Li <wanpengli@tencent.com>
>>>>>
>>>>> Explicit segment overides other than %fs and %gs are documented as ig=
nored by
>>>>> both Intel and AMD.
>>>>>
>>>>> In practice, this means that:
>>>>>
>>>>>  * Explicit uses of %ss don't actually yield #SS[0] for non-canonical
>>>>>    memory references.
>>>>>  * Explicit uses of %{e,c,d}s don't override %rbp/%rsp-based memory r=
eferences
>>>>>    to yield #GP[0] for non-canonical memory references.
>>>>>
>>>>> Cc: Paolo Bonzini <pbonzini@redhat.com>
>>>>> Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat.com>
>>>>> Signed-off-by: Wanpeng Li <wanpengli@tencent.com>
>>> When porting fixes from other projects, it is customary to identify so
>>> in the commit message.  In this case, the fix you've ported is
>>> http://xenbits.xen.org/gitweb/?p=3Dxen.git;a=3Dcommitdiff;h=3Db7dce29d9=
faf3597d009c853ed1fcbed9f7a7f68
>>>
>>> Here is an example of how Xen ports fixes from Linux for the drivers
>>> that we share.
>>> http://xenbits.xen.org/gitweb/?p=3Dxen.git;a=3Dcommitdiff;h=3D4e131596f=
1defec9407b6e60d584a696beaf5d7e
>> Thanks Andrew.  The code is of course completely different, but the
>> commit message is 1:1.  Wanpeng, please acknowledge Jan in v2!
>
> Thanks, but it is actually my patch, which is why I was confused at
> seeing my own commit message on LKML.

Thanks Andrew's original patch. Anyway, it is a really small stuff, I
will drop this patch to avoid the confusing.

Regards,
Wanpeng Li

>
> Also, the chances are that there are similar issues decoding the
> instruction info field in the VMCS, which is how I stumbled onto this in
> the first place.  I haven't yet fixed that side of things for Xen.
>
>>
>>>> Testcase, please...
>>> If you want to crib from one, this is the testcase I made for Xen.
>>>
>>> http://xenbits.xen.org/docs/xtf/test-memop-seg.html
>> How does it ensure that the code is executed through the emulator and
>> not by the processor?
>
> This test, and most of the tests in general, deliberately set things up
> to execute the test cases first on the main processor, and then via the
> emulator, and complain when any result is unexpected.
>
> We've got a Force Emulation Prefix (ud2a; .ascii "xen") for doing
> magic.  Originally, this was used for PV guests to explicitly request an
> emulated CPUID, but I extended it to HVM guests for "emulate the next
> instruction", after we had some guest user =3D> guest kernel privilege
> escalations because of incorrect emulation.
>
> Fundamentally, any multi-vcpu guest can force an arbitrary instruction
> through the emulator, because rewriting a couple of bytes of instruction
> stream is far far far faster than a vmexit.  I chose to introduce a
> explicit way to force this to occur, for testing purposes.
>
>>
>>> With the impending KVM/PVH work which is ongoing, it will soon be easy
>>> to run Xen's HVM test suite unmodified under KVM, but we're not quite
>>> there yet.
>> What does the test suite use for console I/O?
>
> Depends on what it available as it boots, but one of the default
> consoles is port 0x12.  If things need to be tweaked to work more
> cleanly, then that is entirely fine.
>
> ~Andrew