[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH± SVM I/O permission bitmap for user-level (ring
|
From: |
Paolo Bonzini |
|
Subject: |
Re: [Qemu-devel] [PATCH± SVM I/O permission bitmap for user-level (ring-3) code ignored |
|
Date: |
Thu, 9 Mar 2017 13:42:34 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 |
On 05/03/2017 19:21, Alexander Boettcher wrote:
> the SVM I/O permission bitmap for user-level (ring-3) VM code running in
> SVM seems to be ignored and causes a GP-fault. (Actual the IO permission
> was granted by the kernel via the TSS I/O port permission bitmap).
>
> After some debugging the GP code originates from target/i386/translate.c
> gen_check_io() within the if(s->pe && (s->cpl > s->iopl || s->vm86))
> condition. However, the actual SVM IO permission bitmap is checked after
> that condition, which succeeds and would permit the access.
>From your message it's not clear what is going wrong. The code as is
written now matches the AMD manual: "Exceptions related to virtual x86
mode, IOPL, or the TSS-bitmap are checked before the SVM intercept
check. All other exceptions are checked after the SVM intercept check".
Please explain better what is going on:
1) does the TSS I/O permission bitmap grant permission to access the
port (the answer seems to be yes here)?
2) does the SVM I/O permission bitmap grant permission to access the port?
3) you get a #GP, do you expect the access to be trapped to the
hypervisor or not?
4) what is the exact instruction that the user-level code is executing?
Paolo