Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp2958370imm; Sun, 13 May 2018 00:54:13 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrsbZmIREeclPoCl5YJkrMMYqba+JDzENPp8Nq3IV7OQmbZjrxEVqMbutO/TWamU/LYCOVe X-Received: by 2002:a62:f80c:: with SMTP id d12-v6mr5780345pfh.159.1526198053177; Sun, 13 May 2018 00:54:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526198053; cv=none; d=google.com; s=arc-20160816; b=QklrDE6WLDPDVP3jk2ty7YawiEKu6tayA8/ljL+s+RD4A8EP11LlYhXrrxXG54HRUn fg3d4KcoVERNPM4WCKXYPW1c9m1Pb0kgyvJUqH5KjiV7XYRO6872yNv/nq1ekVfLI2ln vaUVBxlXCCGSfG9/0UQlJFf9MD+NtNobZVyFbT2rfT3ODSujbNcNcaiAEPykK8dJWoT4 6AjppUkc3/g0LlAi3524oonT292PAbQ40PJiYwkQsIfQR261W0ePbCE1sawVxaJzuwa4 iCPxNZKvBtT9An89zB8S+1ajieqdz5VRDAk5YQmnocW6+AI2o/vzYdJYar7xriUXZQF1 JG6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition :content-transfer-encoding:subject:cc:to:from:date:message-id :mime-version:dkim-signature:arc-authentication-results; bh=F3sruQcoVBnjN1X4q65FXbnQ4ymLpiwQKHpuSWLimUI=; b=lLdZ998IzKJxBiLFJl5ukhQrA8QL9mzsLx/gZ7iIfaEoWKA4jAeB5H4oaqru+srdRe T51IYbUP3wS5IwxLi1zxKWXA5OlqsPV6/LjhlRe3VmY9t7TrWAXeMRML+m53cblEiE9x U3mGwaTMxn2jxK6sQYflsE5beKHGBn6lRS8q3FTc5ewGM9qIbS2nKzplQggJRMPK1vgy wQRUwPVNqpZCrwNbGuz9W+Z3/LUy5qEYXPyDhESlXrCWOzurYqgqWRDp9sw7E6eiAGJu x7nawdgcPLWE2VIGKZH9cqSYYYq8lra36ot8z4RCzvaiDJFE1dS03ywzt1D09djEv60I 8M1w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=sGcvUUbj; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c1-v6si6805069plz.307.2018.05.13.00.53.48; Sun, 13 May 2018 00:54:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=sGcvUUbj; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751293AbeEMHxj (ORCPT + 99 others); Sun, 13 May 2018 03:53:39 -0400 Received: from aserp2120.oracle.com ([141.146.126.78]:46730 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751022AbeEMHxh (ORCPT ); Sun, 13 May 2018 03:53:37 -0400 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w4D7pEK9189670; Sun, 13 May 2018 07:53:12 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=mime-version : message-id : date : from : to : cc : subject : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=F3sruQcoVBnjN1X4q65FXbnQ4ymLpiwQKHpuSWLimUI=; b=sGcvUUbj13S7tIBr6jGCsVCFPQ/kJUvjZszJ4WnFnzAauDcXU27VG1Fgz8nqWB+Mq88l 8qfAzE2VWb6QdH7Tb/XqzxvMFiv8vVRv5uhcIL97289sLKQgODRzIlaLUH3B34d7w/ty Tuoz1tTlcGONWRm9VXtVdx+QJKWX8BnXZIkx/gxCw+Bo0vzSBo2xacVgSVct1UYnd6kv qWcA8Ql+Gd9W/2hFDCnvjq3ekcRJN/wnmF2lI5zkQmG//v4CBqMCdU52SpNsGX1N8+W/ 6ohdvrn0YfLVum8/OHC6gYYK5LVNDF4481N1Gjv0u4XKuesFTmJswg3AMEW8IikH4dRJ vA== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp2120.oracle.com with ESMTP id 2hx29vrupp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 13 May 2018 07:53:12 +0000 Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w4D7rB29022573 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 13 May 2018 07:53:11 GMT Received: from abhmp0010.oracle.com (abhmp0010.oracle.com [141.146.116.16]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w4D7rBFQ017365; Sun, 13 May 2018 07:53:11 GMT MIME-Version: 1.0 Message-ID: Date: Sun, 13 May 2018 00:53:10 -0700 (PDT) From: Liran Alon To: Cc: , , , , Subject: Re: [PATCH 1/2] KVM: X86: Fix CR3 reserve bits X-Mailer: Zimbra on Oracle Beehive Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8891 signatures=668698 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=739 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1805130083 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org ----- kernellwp@gmail.com wrote: > From: Wanpeng Li >=20 > MSB of CR3 is a reserved bit if the PCIDE bit is not set in CR4.=20 > It should be checked when PCIDE bit is not set, however commit=20 > 'd1cd3ce900441 ("KVM: MMU: check guest CR3 reserved bits based on=20 > its physical address width")' removes the bit 63 checking=20 > unconditionally. This patch fixes it by checking bit 63 of CR3=20 > when PCIDE bit is not set in CR4. >=20 > Fixes: d1cd3ce900441 (KVM: MMU: check guest CR3 reserved bits based on > its physical address width) > Cc: Paolo Bonzini > Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 > Cc: Junaid Shahid > Signed-off-by: Wanpeng Li > --- > arch/x86/kvm/emulate.c | 4 +++- > arch/x86/kvm/x86.c | 2 +- > 2 files changed, 4 insertions(+), 2 deletions(-) >=20 > diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c > index b3705ae..b21f427 100644 > --- a/arch/x86/kvm/emulate.c > +++ b/arch/x86/kvm/emulate.c > @@ -4189,7 +4189,9 @@ static int check_cr_write(struct > x86_emulate_ctxt *ctxt) > =09=09=09=09maxphyaddr =3D eax & 0xff; > =09=09=09else > =09=09=09=09maxphyaddr =3D 36; > -=09=09=09rsvd =3D rsvd_bits(maxphyaddr, 62); > +=09=09=09if (ctxt->ops->get_cr(ctxt, 4) & X86_CR4_PCIDE) > +=09=09=09=09new_val &=3D ~CR3_PCID_INVD; > +=09=09=09rsvd =3D rsvd_bits(maxphyaddr, 63); I would prefer instead to do this: if (ctxt->ops->get_cr(ctxt, 4) & X86_CR4_PCIDE) rsvd &=3D ~CR3_PCID_INVD; It makes more sense as opposed to temporary removing the CR3_PCID_INVD bit = from new_val. > =09=09} > =20 > =09=09if (new_val & rsvd) > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index 87e4805..9a90668 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -863,7 +863,7 @@ int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned > long cr3) > =09} > =20 > =09if (is_long_mode(vcpu) && > -=09 (cr3 & rsvd_bits(cpuid_maxphyaddr(vcpu), 62))) > +=09 (cr3 & rsvd_bits(cpuid_maxphyaddr(vcpu), 63))) > =09=09return 1; > =09else if (is_pae(vcpu) && is_paging(vcpu) && > =09=09 !load_pdptrs(vcpu, vcpu->arch.walk_mmu, cr3)) > --=20 > 2.7.4