Received: by 10.223.164.221 with SMTP id h29csp1838895wrb;
        Thu, 2 Nov 2017 01:33:01 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+SwZg0wGtiqOTGPzaxqK6IcwfzHM9jzfyf1+xdNETV5cA10NVV0TzNugSBY1WlUY1MYkQ6B
X-Received: by 10.101.65.129 with SMTP id a1mr2741082pgq.203.1509611581300;
        Thu, 02 Nov 2017 01:33:01 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1509611581; cv=none;
        d=google.com; s=arc-20160816;
        b=Iv2D+t8j+rvFQZQbs51bAII9vpZxJAEdNeMYJcl2Fk1+Hsm5NZISnfWWj1oHYsZIeg
         p1yP2+E89po83EivU4lvn0RANCk9cw5BbJaB//YUFsXO4JVcPAdJlkYBYaShtbwwVUtv
         vk5JyWcx1a/bB28qJh/C5b9GhPbUOjs5EyZcmv/HdglEwTMfKgspDy4BSqmUtHVxamuh
         HMduHjP+iPN/6iFYojbCmTXOXn3ZJv2cYSeVFLKgFBRGNWe5cOc46JvBza6RqLDA9ibm
         MMzHdzzuaVMFTX7QPuWdsAar6kWOkl9v+7S2rBGFn4hgFfoAu9N8kUGceA4RP5Biyb4R
         LulQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature:arc-authentication-results;
        bh=TaSurCGaTpSRe+UASULCbBEDpVXI0rBd0H7XHb8AGfc=;
        b=Yf7sEnctSRWvZ2SuUk5obr8lHHadYzIQpdPpqRuASgtCs2Vulane9K8z0b7PssEEVX
         SfZSg8zSgS9KApwqGCApvKlKkkNt/NZHlxos3v/+GtlxMPmgl/k544ev/c8ADP57B+r2
         AvZfu/ffwBEya6kSdIdUgLdgSWxrFMbZz5i85radD/4a8sat2qxu7dqjjk5OleGFsoyi
         zBCwaujk3Bv3jk0pMqDLSx8faL5uVTVT6a4M8h6SsLZ+rejA+G4wfSBncgWwdPxG+yza
         PdlEgZNzl9b0DbLc+atBnZCBHEHJK/AQTbX0rA6g5QMNCc5QrnUa8MdPzEc8y/UCkxEy
         PU9A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=IQSqhupF;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id v5si3173698pfl.215.2017.11.02.01.32.47;
        Thu, 02 Nov 2017 01:33:01 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=IQSqhupF;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755376AbdKBIbu (ORCPT <rfc822;zcyberian@gmail.com> + 99 others);
        Thu, 2 Nov 2017 04:31:50 -0400
Received: from mail-pg0-f66.google.com ([74.125.83.66]:52538 "EHLO
        mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752547AbdKBIbq (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 2 Nov 2017 04:31:46 -0400
Received: by mail-pg0-f66.google.com with SMTP id a192so4431535pge.9;
        Thu, 02 Nov 2017 01:31:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=TaSurCGaTpSRe+UASULCbBEDpVXI0rBd0H7XHb8AGfc=;
        b=IQSqhupFOK3FmfIMcwdGtSC9cJ+UMHdEZZpCg8p0Z6D9MJxs178gNYZaTn4qWmvcTc
         u5u++zpA89fvkuKajYEwuCdA+dONXDyLELsfKycEdCG2OlBdswwIEavHYYcA67+m2ZCc
         qWs5rH/XAJ6g+y+w1LTrxMowRsKzYa9FaBEgGkvDHbogegI44MvdJi/1fg6i16U+zLIA
         ESMW8+U5T0wCQz7/N1sdeJN80it6N0SlHAuHirMWk6W3yjqb+f54J9cgLz6HRocNRMDS
         aNe4YyZhq5X6dnvbhsp4ImsKpulW1abPMYiiUAZZ3ZKeUS62i3LADaOkD9dbObmcZIn9
         QS3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=TaSurCGaTpSRe+UASULCbBEDpVXI0rBd0H7XHb8AGfc=;
        b=epBDsRxD5Z8GILus62hUf3UTc2c5uIfAncScLpkqwAzUR9A/a3pH5KZIvmMzLgbQgU
         nsijKTqXUK+PXHbQ8vs6FmpyCXOEEfJi1/2/w8fndqPx7UzEyV4fs7BNmVI3lGhgdnQ7
         oAhoLhTFWW05+TJIEV+Q2dbZi5f6onbznnfiPmuumEL7T3AXhLQktJKa7dZPsEQP+g0t
         xY6d8caewX1nF0zcxqBIeOTxc+AOfcGb7e+FF3jkeNem+F6aNE8ujcfGkym4PTu8pRF6
         mwI5zLMM/PX8BwJBoDpr0ZjOoBjI8wXYjQvUf38RPoeABLT399gQAeIz3dm88pHxNvft
         D6/w==
X-Gm-Message-State: AMCzsaWurN0VAVng9oUJr9ALkORr8yJZZaZtarp0uCx2qBKkzKU7i14E
        3E9IDU0lVzLNqsiGQbYe1vSGzw==
X-Received: by 10.98.74.93 with SMTP id x90mr2885382pfa.177.1509611506065;
        Thu, 02 Nov 2017 01:31:46 -0700 (PDT)
Received: from localhost ([203.205.141.123])
        by smtp.gmail.com with ESMTPSA id l5sm5543855pfi.165.2017.11.02.01.31.44
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 02 Nov 2017 01:31:45 -0700 (PDT)
From:   Wanpeng Li <kernellwp@gmail.com>
X-Google-Original-From: Wanpeng Li <wanpeng.li@hotmail.com>
To:     linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Cc:     Paolo Bonzini <pbonzini@redhat.com>,
        =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
        Wanpeng Li <wanpeng.li@hotmail.com>,
        Jim Mattson <jmattson@google.com>
Subject: [PATCH v3 2/3] KVM: nVMX: Validate the IA32_BNDCFGS on nested VM-entry
Date:   Thu,  2 Nov 2017 01:31:38 -0700
Message-Id: <1509611499-9401-2-git-send-email-wanpeng.li@hotmail.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1509611499-9401-1-git-send-email-wanpeng.li@hotmail.com>
References: <1509611499-9401-1-git-send-email-wanpeng.li@hotmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Wanpeng Li <wanpeng.li@hotmail.com>

According to the SDM, if the "load IA32_BNDCFGS" VM-entry controls is 1, the
following checks are performed on the field for the IA32_BNDCFGS MSR:
 - Bits reserved in the IA32_BNDCFGS MSR must be 0.
 - The linear address in bits 63:12 must be canonical.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Jim Mattson <jmattson@google.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
---
 arch/x86/kvm/vmx.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index e6c8ffa..f29f57d 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -10805,6 +10805,13 @@ static int check_vmentry_postreqs(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12,
 			return 1;
 	}
 
+	if (kvm_mpx_supported() &&
+		(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS)) {
+		if (is_noncanonical_address(vmcs12->guest_bndcfgs & PAGE_MASK, vcpu) ||
+		    (vmcs12->guest_bndcfgs & MSR_IA32_BNDCFGS_RSVD))
+			return 1;
+	}
+
 	return 0;
 }
 
-- 
2.7.4


From 1582903362611613002@xxx Wed Nov 01 22:11:22 +0000 2017
X-GM-THRID: 1582903362611613002
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread