| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <24080992-801c-4606-c801-65ee68cf8779@redhat.com> Date: Thu, 23 Jun 2016 18:03:01 +0200 From: Paolo Bonzini <pbonzini@...hat.com> To: Quentin Casasnovas <quentin.casasnovas@...cle.com>, x86 <x86@...nel.org>, kvm <kvm@...r.kernel.org>, lkml <linux-kernel@...r.kernel.org> Cc: Eugene Korenevsky <ekorenevsky@...il.com>, Radim Krčmář <rkrcmar@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, "H . Peter Anvin" <hpa@...or.com>, linux-stable <stable@...r.kernel.org> Subject: Re: [PATCH] KVM: nVMX: VMX instructions: fix segment checks when L1 is in long mode. On 18/06/2016 11:01, Quentin Casasnovas wrote: > Cross-checking the KVM/VMX VMREAD emulation code with the Intel Software > Developper Manual Volume 3C - "VMREAD - Read Field from Virtual-Machine > Control Structure", I found that we're enforcing that the destination > operand is NOT located in a read-only data segment or any code segment when > the L1 is in long mode - BUT that check should only happen when it is in > protected mode. > > Shuffling the code a bit to make our emulation follow the specification > allows me to boot a Xen dom0 in a nested KVM and start HVM L2 guests > without problems. That's great, and I'm applying the patch, but it's also pretty weird. :) Do you have a pointer to Xen source code that does a VMREAD into a read-only data segment or a code segment? Thanks, Paolo
Powered by blists - more mailing lists