Xen project Mailing List

Re: [PATCH 5/6] vVMX: operand size in decode_vmx_inst()

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Wed, 11 Jun 2025 14:04:56 +0200

Autocrypt: addr=jbeulich@xxxxxxxx; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL

Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 11 Jun 2025 12:05:09 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 11.06.2025 13:32, Andrew Cooper wrote: > On 11/06/2025 11:44 am, Jan Beulich wrote: >> Address size is entirely irrelevant to operand size determination; For >> VMREAD and VMWRITE outside of 64-bit mode operand size is 32 bits, while >> in 64-bit mode it's (naturally) 64 bits. For all other insns it's 64 >> bits (a physical address) or 128 bits (INVEPT, INVVPID). To limit the >> amount of change here, keep the latter at reading only 64 bits from >> guest space. >> >> Fixes: 09fce8016596 ("Nested VMX: Emulation of guest VMXON/OFF instruction") >> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> >> --- >> Beyond the wrong operand handling for INVEPT and INVVPID, the latter >> also doesn't even have the part read checked to have bits 16 and above >> all clear. > > There are more bugs than these. > > https://xenbits.xen.org/gitweb/?p=people/andrewcoop/xen.git;a=shortlog;h=refs/heads/x86-next-euan > > Judging by the choice of branch name, I think I'd collected those > pending the re-opening of a dev window, and apparently forgotten. > > At this point I don't think we want to take the branch as is (especially > as I've forgotten why it wasn't taken before), but I think there is some > salvageable work in there, beyond the changes in this patch. Interesting. Apparently it has been too long since this was posted, as I don't recall it at all. However, I'm not convinced everything's right there. E.g. in "x86/vvmx: Use correct sizes when reading operands" there is this hunk: @@ -427,6 +427,7 @@ static int decode_vmx_inst(struct cpu_user_regs *regs, struct segment_register seg; unsigned long base, index, seg_base, disp, offset; int scale, size; + unsigned int bytes = vmx_guest_x86_mode(v); __vmread(VMX_INSTRUCTION_INFO, &offset); info.word = offset; Which is hardly correct for 16-bit protected mode. INVEPT and INVVPID handling also isn't moving to 128-bit operands, despite what the title suggests. The commit message wrongly claims the upper halves don't need to be read. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.