git.baikalelectronics.ru Git - kernel.git/commit

author	Paolo Bonzini <pbonzini@redhat.com>
	Wed, 14 May 2014 07:39:49 +0000 (09:39 +0200)
committer	Paolo Bonzini <pbonzini@redhat.com>
	Thu, 22 May 2014 15:47:17 +0000 (17:47 +0200)
commit	10f0e2360f62a7c1f75c3c9ce861d24e56f63c06
tree	ac40c938ab01e7c943a21d67eeaba5069db54632	tree \| snapshot
parent	66fa52e213b0bed52d892248d353ca0e82be163b	commit \| diff

KVM: x86: get CPL from SS.DPL

CS.RPL is not equal to the CPL in the few instructions between
setting CR0.PE and reloading CS. And CS.DPL is also not equal
to the CPL for conforming code segments.

However, SS.DPL *is* always equal to the CPL except for the weird
case of SYSRET on AMD processors, which sets SS.DPL=SS.RPL from the
value in the STAR MSR, but force CPL=3 (Intel instead forces
SS.DPL=SS.RPL=CPL=3).

So this patch:

- modifies SVM to update the CPL from SS.DPL rather than CS.RPL;
the above case with SYSRET is not broken further, and the way
to fix it would be to pass the CPL to userspace and back

- modifies VMX to always return the CPL from SS.DPL (except
forcing it to 0 if we are emulating real mode via vm86 mode;
in vm86 mode all DPLs have to be 3, but real mode does allow
privileged instructions). It also removes the CPL cache,
which becomes a duplicate of the SS access rights cache.

This fixes doing KVM_IOCTL_SET_SREGS exactly after setting
CR0.PE=1 but before CS has been reloaded.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

arch/x86/include/asm/kvm_host.h		diff \| blob \| history
arch/x86/kvm/svm.c		diff \| blob \| history
arch/x86/kvm/vmx.c		diff \| blob \| history