Received: by 10.213.65.68 with SMTP id h4csp422291imn;
        Fri, 23 Mar 2018 07:30:26 -0700 (PDT)
X-Google-Smtp-Source: AG47ELteG0p/POiuLXOzrQXBXi1YUpLv4kgHdg2G+jwY5lGTAm/LjdLYs1gKO3HUQ8hrXIAmbU2R
X-Received: by 10.99.147.82 with SMTP id w18mr6827577pgm.181.1521815426854;
        Fri, 23 Mar 2018 07:30:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1521815426; cv=none;
        d=google.com; s=arc-20160816;
        b=bkwY+YXLb+LjGwUM0YGfgljHxVsrw1M+vkyBjJiv/ZrdMojzHI6+Q5+Yc7z1DEMf6b
         9PVyFrEB2P7IF1qgkioZC8H1nPkYRnpwzQ366XQYV2XBa/ZnCPsB9pwQ7zgd+ByG0RCB
         Eu94ElsXP69lVr3/ayt++apvcvgVzCbCNVnoKh9YENE8uDTh4iye71ezkK1qGeNg+xWw
         v/jsAPk+/1I7Yi3bNnrwutQL3qUORV7x/CAPFKqQ6f3GRVz7CYfS89rhL024IMoDnSbR
         P7govKhdkV3hzegyJRJtNmhztSm7LnkmxY1eHTBws6Q3382TcsOeHHcdA7x9+Mk6QqXi
         lprQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=2ZoSBASocQHRmxI4s1EDojWYllKgEuM30mtFYleYCWo=;
        b=sYJQwoVL3JwJCqVZNpaioCBnYD6sWf1mHeYREPiPa6Y3wMxVFgVRUl+P/aPRDAbLdY
         lzpqqmek8hRfetfX6uLQxX0hHdyjcFTz1/NVs0i5vlqCsmRL3fNb9jmOI9xRt2J7G2mH
         rCybnZ3OrLehZvA1NgRpT8gt7sHRsBlf6oqrL5TAfvl+G8aiDKVzWugcDnI2E8Syj+Qr
         ReDhnn8g9T+3TI4sOHeZtjCFmeqpESlSSfnqBxREtJUIvg2Y4LTQL8QukJmJChdZV6eH
         olAtZJ2YJeIkJkhBRIZdy8Ag6DlOr1TuTxrj3TQ125aMf0RbN9pkhe2vO1f9BmV6Rz2V
         08Kg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=F4H1FtJN;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h123si5658189pgc.752.2018.03.23.07.30.11;
        Fri, 23 Mar 2018 07:30:26 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=F4H1FtJN;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752035AbeCWO2N (ORCPT <rfc822;thunderbird.krnldev@gmail.com>
        + 99 others); Fri, 23 Mar 2018 10:28:13 -0400
Received: from mail-ot0-f195.google.com ([74.125.82.195]:46934 "EHLO
        mail-ot0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751658AbeCWO17 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Mar 2018 10:27:59 -0400
Received: by mail-ot0-f195.google.com with SMTP id g97-v6so13413035otg.13;
        Fri, 23 Mar 2018 07:27:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=2ZoSBASocQHRmxI4s1EDojWYllKgEuM30mtFYleYCWo=;
        b=F4H1FtJNMK3Fm+T3o/f2EHndHzrr2WC1GpOqTF1vY731VSLOkNl2R3uzHkGjXu06nJ
         n5p9VnQb7mFmbAhyWG/R6raxrGId2bUfj+mNYXOJhjopHuRxbmT6fPr+unO0U9NjIZlH
         nzlbY80d+uZzaHOAkpEQOh8QXR7In+uaTYYXj3U5/EpuZWq5aSd5Pjt2GTveOa5639AI
         nWH/Z5cpsKhM9fgYS85OqWZXEMnhe0m9+RUUtlV2An2fxjhInI7/xq8QxZtP5aJRRkhn
         iaIA7Vr2izh6TGy6dXOzPjkcWBYsUPz9+zjfoZyOTTOSlU0HFWSbQ6efDAikK5vrHmnT
         UxZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=2ZoSBASocQHRmxI4s1EDojWYllKgEuM30mtFYleYCWo=;
        b=jPIk93jRYtR+TZF+bQylR0/egupTeIfUwxNi4N9b/mic2R6p21B5ILEblD9QWLuzdF
         2/9RmXi+L9ZcIsb1hF/eUhNRkqeIGs8DbLMb2nnUf4cPziysONysnKmsszwtY9+wdY3l
         JvD4Oyp9f4taiUZjrcfZCW2r/xWaomdQgCC7fWPDN87darpZi+P1pFR4jr6ruvo/dncg
         cnqAmYSxDpgMd6Wc5hBiqoy2AUYuKPUuGJ030vgDeuBNYibujTQhjrRGp6Y2Ol1U4AL1
         m75nvr9o185O5Fiu2A26YJKm/bgmfcIg/7d6J7xBOt15A0sE2VGyCCnQZpf8ab9E5KcN
         +iKA==
X-Gm-Message-State: AElRT7FqPBoxkjhPG5UddmmijYzLm15B11YFzqT75OEtjN3Wc4DQDGEU
        1LRnvWFe/5JdcfmdeomIf8WxV6H+dSQV5zGSmsA=
X-Received: by 2002:a9d:1d43:: with SMTP id m61-v6mr17954659otm.270.1521815278504;
 Fri, 23 Mar 2018 07:27:58 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.210.78 with HTTP; Fri, 23 Mar 2018 07:27:57 -0700 (PDT)
In-Reply-To: <94bbfac5-2022-ab92-0b9a-1c3cd2275054@citrix.com>
References: <1521707651-9375-1-git-send-email-wanpengli@tencent.com>
 <aadc47c3-9d5f-b4d5-92d3-cb888a29563c@redhat.com> <49454fe4-16e2-4d8b-7ad5-9e488afc786e@citrix.com>
 <d1126eb9-7203-7044-f72b-174cac6607ab@redhat.com> <e9db6804-4881-be93-f570-e9631dbccac8@citrix.com>
 <9bd82cb0-d88f-4891-a111-3704802e1d4e@redhat.com> <CANRm+CwmJQCFZ7oe1_YatqoOXzzEU+SP9Z5qR6zU_ybd_DoGQQ@mail.gmail.com>
 <94bbfac5-2022-ab92-0b9a-1c3cd2275054@citrix.com>
From:   Wanpeng Li <kernellwp@gmail.com>
Date:   Fri, 23 Mar 2018 22:27:57 +0800
Message-ID: <CANRm+CwsFX7rVkPvENRM20D84zotonxFFJMSq98icS4BQm7o2Q@mail.gmail.com>
Subject: Re: [PATCH] KVM: X86: Fix the decoding of segment overrides in 64bit mode
To:     Andrew Cooper <andrew.cooper3@citrix.com>
Cc:     Paolo Bonzini <pbonzini@redhat.com>,
        LKML <linux-kernel@vger.kernel.org>, kvm <kvm@vger.kernel.org>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

2018-03-22 21:53 GMT+08:00 Andrew Cooper <andrew.cooper3@citrix.com>:
> On 22/03/18 13:39, Wanpeng Li wrote:
>> 2018-03-22 20:38 GMT+08:00 Paolo Bonzini <pbonzini@redhat.com>:
>>> On 22/03/2018 12:04, Andrew Cooper wrote:
>>>> We've got a Force Emulation Prefix (ud2a; .ascii "xen") for doing
>>>> magic.  Originally, this was used for PV guests to explicitly request an
>>>> emulated CPUID, but I extended it to HVM guests for "emulate the next
>>>> instruction", after we had some guest user => guest kernel privilege
>>>> escalations because of incorrect emulation.
>>> Wanpeng, why don't you add it behind a new kvm module parameter? :)
>> Great point! I will have a try. Thanks Paolo and Andrew. :)
>
> Using the force emulation prefix requires intercepting #UD, which is in
> general a BadThing(tm) for security.  Therefore, we have a build time

Yeah, however kvm intercepts and emulates #UD by default, should we
add a new kvm module parameter to enable it and disable by default?
Paolo.

> configuration option to compile in support, and require that test
> systems explicitly opt into using it via a command line parameter.
>
> http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=xen/arch/x86/hvm/hvm.c;h=db52312882205e65b32e587106ca795f4bfab2eb;hb=refs/heads/staging#l3741
> is the general #UD intercept handler if you want a reference.  (You can

Thanks Andrew, it is useful. :) In addition, I didn't see the
test-memop-seg testcase has "Forced Emulation Prefix", when the prefix
is added to each instruction in the testcase?

Regards,
Wanpeng Li