Received: by 10.213.65.68 with SMTP id h4csp751033imn;
        Thu, 22 Mar 2018 07:49:27 -0700 (PDT)
X-Google-Smtp-Source: AG47ELs4d/GYQ+KmT57zIor0M20Ez1cfSwzLVUC1GDV5ZtPqb0VlfB/FbFGt1qYSrmQBSaV+D2Cp
X-Received: by 10.101.68.193 with SMTP id g1mr17638024pgs.302.1521730167805;
        Thu, 22 Mar 2018 07:49:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1521730167; cv=none;
        d=google.com; s=arc-20160816;
        b=Cen2O1mOxLG3YYY9mP0bs4m1nKOPVJEE9J6qc6JKonZTSyvzfwDyiVZZouvYs0SySr
         ggHNdz1wEzbHjYE7cBe3nNbCALZ4CYSkp+LOHb1Yp1SGF1usUw0Ogn9DLEkDiI1a0H5f
         YREN2OnEu+PK2b0syNcfrKc6N6/fCbvKSnp0Q+eJF4CEc2xy6MUunvPG0NwPmSHrQdRh
         b5BPjHNFZaOndCbXh+uNubfUMpSiZXgnPdJWqNZri0U+MtwY2aVCR9AmCbZ/y2gKmikM
         6oHUWcdyIijM4lDJ3eGr4aEhA98XtWooTBX4W/C1cg3y4UlZl+WCAN+Xc4nye9eRIcEA
         dKkg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-language
         :content-transfer-encoding:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=qCBRuP2sujb7kyoZ/Y31NEiOC4VF/K/SGZAM1uTUMX8=;
        b=FN7+YC3SLv69VKJ2fpZ61WRqk3q/BNB2jvwCmi1OHMet0550oDsVQKPZb5cKDfSTGK
         bsdIl2LUCL4+1rkDtwpFTk/DsIAEbvC0I1m8JDzhMe46vbR1N1Z+8YJ1T3PIsYUOrVug
         AgXKKGldqwgxTIX5sW8i4ap5kIHJAltsEgwbott/nzbkcptR2YzYs7KcuFdRD0ZxO6y7
         I8b+RpYN78C1VtLfiWPUpGRIo5e6KXMM7RPNnghoEDH3gZzxrk/TQZAdU/d3OyyEWF8K
         LRr8wK2Xp0HbGSSojxzd17dibtDZDfSkZFbDNuu9g587Fo1axVhvHhLAJ7ft/61h1SzC
         fRIA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m11si4574166pgc.243.2018.03.22.07.49.12;
        Thu, 22 Mar 2018 07:49:27 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755287AbeCVNxa (ORCPT <rfc822;414256we@gmail.com> + 99 others);
        Thu, 22 Mar 2018 09:53:30 -0400
Received: from smtp.ctxuk.citrix.com ([185.25.65.24]:9668 "EHLO
        SMTP.EU.CITRIX.COM" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753804AbeCVNx1 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 22 Mar 2018 09:53:27 -0400
X-IronPort-AV: E=Sophos;i="5.48,345,1517875200"; 
   d="scan'208";a="70400810"
Subject: Re: [PATCH] KVM: X86: Fix the decoding of segment overrides in 64bit
 mode
To:     Wanpeng Li <kernellwp@gmail.com>,
        Paolo Bonzini <pbonzini@redhat.com>
CC:     LKML <linux-kernel@vger.kernel.org>, kvm <kvm@vger.kernel.org>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>
References: <1521707651-9375-1-git-send-email-wanpengli@tencent.com>
 <aadc47c3-9d5f-b4d5-92d3-cb888a29563c@redhat.com>
 <49454fe4-16e2-4d8b-7ad5-9e488afc786e@citrix.com>
 <d1126eb9-7203-7044-f72b-174cac6607ab@redhat.com>
 <e9db6804-4881-be93-f570-e9631dbccac8@citrix.com>
 <9bd82cb0-d88f-4891-a111-3704802e1d4e@redhat.com>
 <CANRm+CwmJQCFZ7oe1_YatqoOXzzEU+SP9Z5qR6zU_ybd_DoGQQ@mail.gmail.com>
From:   Andrew Cooper <andrew.cooper3@citrix.com>
Message-ID: <94bbfac5-2022-ab92-0b9a-1c3cd2275054@citrix.com>
Date:   Thu, 22 Mar 2018 13:53:25 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <CANRm+CwmJQCFZ7oe1_YatqoOXzzEU+SP9Z5qR6zU_ybd_DoGQQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Content-Language: en-GB
X-ClientProxiedBy: AMSPEX02CAS01.citrite.net (10.69.22.112) To
 AMSPEX02CL02.citrite.net (10.69.22.126)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 22/03/18 13:39, Wanpeng Li wrote:
> 2018-03-22 20:38 GMT+08:00 Paolo Bonzini <pbonzini@redhat.com>:
>> On 22/03/2018 12:04, Andrew Cooper wrote:
>>> We've got a Force Emulation Prefix (ud2a; .ascii "xen") for doing
>>> magic.  Originally, this was used for PV guests to explicitly request an
>>> emulated CPUID, but I extended it to HVM guests for "emulate the next
>>> instruction", after we had some guest user => guest kernel privilege
>>> escalations because of incorrect emulation.
>> Wanpeng, why don't you add it behind a new kvm module parameter? :)
> Great point! I will have a try. Thanks Paolo and Andrew. :)

Using the force emulation prefix requires intercepting #UD, which is in
general a BadThing(tm) for security.  Therefore, we have a build time
configuration option to compile in support, and require that test
systems explicitly opt into using it via a command line parameter.

http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=xen/arch/x86/hvm/hvm.c;h=db52312882205e65b32e587106ca795f4bfab2eb;hb=refs/heads/staging#l3741
is the general #UD intercept handler if you want a reference.  (You can
ignore the cross-vendor part, which is leftovers from
http://developer.amd.com/wordpress/media/2012/10/CrossVendorMigration.pdf )

~Andrew