[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 05/10] x86/SVM: Add AVIC vmexit handlers

To: Jan Beulich <JBeulich@xxxxxxxx>, Janakarajan Natarajan <Janakarajan.Natarajan@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
From: "Natarajan, Janakarajan" <jnataraj@xxxxxxx>
Date: Wed, 30 May 2018 13:30:48 -0500
Authentication-results: spf=none (sender IP is ) smtp.mailfrom=Janakarajan.Natarajan@xxxxxxx;
Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Suravee Suthikulpanit <suravee.suthikulpanit@xxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxx, Julien Grall <julien.grall@xxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
Delivery-date: Wed, 30 May 2018 18:31:25 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Spamdiagnosticmetadata: NSPM
Spamdiagnosticoutput: 1:99

On 5/30/2018 2:24 AM, Jan Beulich wrote:

On 30.05.18 at 01:33, <andrew.cooper3@xxxxxxxxxx> wrote:

Would this be better suited ?

Almost.

The purpose of the validate function is to fix an inherent race
condition which occurs with a vmexit.

After a vmexit, rereading the instruction for emulation is inherently
racy, and a malicious VM could rewrite the instruction stream while the
vmexit is occuring.  As a result, we provide a validate function to
check that the instruction decoded matches one which plausibly broke for
emulation here.

Therefore, you want a validate function which checks that the
instruction has a memory operand, and that it falls within the 4k region
which maps the APIC registers.

The validate hook is called right after decode, i.e. before operands have
been evaluated, so the latter part of what you suggest cannot be done.


So check to see if there is a memory operand. Something along the lines of:

bool has_memory_operand(const struct x86_emulate_state *state,

const structx86_emulate_ctxt *ctxt)

{
        if ( (state->desc & DstMask) == DstMem )
                return true;

        return false;
}

Thanks,
Janak



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v2 05/10] x86/SVM: Add AVIC vmexit handlers
  - From: Andrew Cooper

References:
- [Xen-devel] [PATCH v2 00/10] Introduce AMD SVM AVIC
  - From: Janakarajan Natarajan
- [Xen-devel] [PATCH v2 05/10] x86/SVM: Add AVIC vmexit handlers
  - From: Janakarajan Natarajan
- Re: [Xen-devel] [PATCH v2 05/10] x86/SVM: Add AVIC vmexit handlers
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v2 05/10] x86/SVM: Add AVIC vmexit handlers
  - From: Natarajan, Janakarajan
- Re: [Xen-devel] [PATCH v2 05/10] x86/SVM: Add AVIC vmexit handlers
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH v2 05/10] x86/SVM: Add AVIC vmexit handlers
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH 6/9] x86/vmx: Pass an MSR value into vmx_msr_add()
Next by Date: [Xen-devel] [distros-debian-squeeze test] 74761: tolerable FAIL
Previous by thread: Re: [Xen-devel] [PATCH v2 05/10] x86/SVM: Add AVIC vmexit handlers
Next by thread: Re: [Xen-devel] [PATCH v2 05/10] x86/SVM: Add AVIC vmexit handlers
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.