From nobody Fri Dec 19 19:14:26 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 325A5C19F28 for ; Wed, 3 Aug 2022 15:50:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238284AbiHCPuj (ORCPT ); Wed, 3 Aug 2022 11:50:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49268 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238218AbiHCPua (ORCPT ); Wed, 3 Aug 2022 11:50:30 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id E33E12DC3 for ; Wed, 3 Aug 2022 08:50:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1659541829; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WNhWOc+yr+2wT/jsCzj92Jb7fDCD7N/zAbD0yvwDZp4=; b=N+f+cRfejLnlQcfGi15oRAQPh+5pZ+RVCThe/Y8G7EuJqM7VL2Y9epPUkP0ddpUhI/sn8Z 93xpWDvoFETeTPRqnSHC20ENZ1oXK0GWAIXIBblN7+m50Jx9qIQmQ2Jl+SF0slQB9WrGeJ dznWc0w9s7RMo++nE+14AHdPJKsEkuQ= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-515-5FKKviBjP1KIafHzq22m6Q-1; Wed, 03 Aug 2022 11:50:26 -0400 X-MC-Unique: 5FKKviBjP1KIafHzq22m6Q-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 35EE8101A54E; Wed, 3 Aug 2022 15:50:25 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.194.242]) by smtp.corp.redhat.com (Postfix) with ESMTP id 91AB01121314; Wed, 3 Aug 2022 15:50:21 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Borislav Petkov , Dave Hansen , linux-kernel@vger.kernel.org, Wanpeng Li , Maxim Levitsky , Ingo Molnar , Sean Christopherson , x86@kernel.org, Jim Mattson , Kees Cook , Thomas Gleixner , "H. Peter Anvin" , Joerg Roedel , Vitaly Kuznetsov , Paolo Bonzini Subject: [PATCH v3 02/13] KVM: x86: emulator: em_sysexit should update ctxt->mode Date: Wed, 3 Aug 2022 18:50:00 +0300 Message-Id: <20220803155011.43721-3-mlevitsk@redhat.com> In-Reply-To: <20220803155011.43721-1-mlevitsk@redhat.com> References: <20220803155011.43721-1-mlevitsk@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" This is one of the instructions that can change the processor mode. Note that this is likely a benign bug, because the only problematic mode change is from 32 bit to 64 bit which can lead to truncation of RIP, and it is not possible to do with sysexit, since sysexit running in 32 bit mode will be limited to 32 bit version. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/emulate.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index 047c583596bb86..7bdc495710bd0e 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c @@ -2888,6 +2888,7 @@ static int em_sysexit(struct x86_emulate_ctxt *ctxt) ops->set_segment(ctxt, ss_sel, &ss, 0, VCPU_SREG_SS); =20 ctxt->_eip =3D rdx; + ctxt->mode =3D usermode; *reg_write(ctxt, VCPU_REGS_RSP) =3D rcx; =20 return X86EMUL_CONTINUE; --=20 2.26.3