1. Patchew
  2. linux
  3. View series

[PATCH 0/3] x86/umip: Fix UMIP insn decoder false positives

Sean Christopherson posted 3 patches 1 month, 3 weeks ago 
arch/x86/kernel/umip.c | 71 ++++++++++++++++++++++++++++++++++++++++--
1 file changed, 69 insertions(+), 2 deletions(-)
[PATCH 0/3] x86/umip: Fix UMIP insn decoder false positives
Posted by Sean Christopherson 1 month, 3 weeks ago 
Fix two false positives scenarios where the UMIP #GP logic will incorrectly
trigger emulation, e.g. due to a partially decoded instruction, or on
instructions like VMLAUNCH that usurp the register form of '0f 01'.

Tested with the hack-a-test patch at the end, but I haven't done any testing
using a real userspace (neither positive nor negative testing).

Sean Christopherson (3):
  x86/umip: Check that the instruction opcode is at least two bytes
  x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT
    aliases)
  *** DO NOT MERGE *** x86/umip: Lazy person's KUnit test for UMIP
    emulation

 arch/x86/kernel/umip.c | 71 ++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 69 insertions(+), 2 deletions(-)


base-commit: ce0b5eedcb753697d43f61dd2e27d68eb5d3150f
-- 
2.50.1.703.g449372360f-goog
Re: [PATCH 0/3] x86/umip: Fix UMIP insn decoder false positives
Posted by Sean Christopherson 2 weeks, 1 day ago 
On Fri, Aug 08, 2025, Sean Christopherson wrote:
> Fix two false positives scenarios where the UMIP #GP logic will incorrectly
> trigger emulation, e.g. due to a partially decoded instruction, or on
> instructions like VMLAUNCH that usurp the register form of '0f 01'.
> 
> Tested with the hack-a-test patch at the end, but I haven't done any testing
> using a real userspace (neither positive nor negative testing).
> 
> Sean Christopherson (3):
>   x86/umip: Check that the instruction opcode is at least two bytes
>   x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT
>     aliases)

Ping on these two, looks like they slipped through the cracks.  FWIW, I wouldn't
consider these urgent enough to squeeze into 6.17, but it'd be nice to get them
into 6.18.
Re: [PATCH 0/3] x86/umip: Fix UMIP insn decoder false positives
Posted by Borislav Petkov 2 weeks, 1 day ago 
On Fri, Sep 19, 2025 at 07:31:16AM -0700, Sean Christopherson wrote:
> On Fri, Aug 08, 2025, Sean Christopherson wrote:
> > Fix two false positives scenarios where the UMIP #GP logic will incorrectly
> > trigger emulation, e.g. due to a partially decoded instruction, or on
> > instructions like VMLAUNCH that usurp the register form of '0f 01'.
> > 
> > Tested with the hack-a-test patch at the end, but I haven't done any testing
> > using a real userspace (neither positive nor negative testing).
> > 
> > Sean Christopherson (3):
> >   x86/umip: Check that the instruction opcode is at least two bytes
> >   x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT
> >     aliases)
> 
> Ping on these two, looks like they slipped through the cracks.  FWIW, I wouldn't
> consider these urgent enough to squeeze into 6.17, but it'd be nice to get them
> into 6.18.

Lemme take a look...

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.