Re: [PATCH] x86emul: fix SYSENTER/SYSCALL switching into 64-bit mode

From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jan Beulich <jbeulich@suse.com>,
	"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Cc: "Wei Liu" <wl@xen.org>, "Roger Pau Monné" <roger.pau@citrix.com>
Subject: Re: [PATCH] x86emul: fix SYSENTER/SYSCALL switching into 64-bit mode
Date: Wed, 10 Feb 2021 12:28:37 +0000	[thread overview]
Message-ID: <d66cce4b-6563-4857-30be-5889788ca6c8@citrix.com> (raw)
In-Reply-To: <7ce15e4b-8bf1-0cfd-ca9e-5f6eba12cac1@suse.com>

On 10/02/2021 09:57, Jan Beulich wrote:
> When invoked by compat mode, mode_64bit() will be false at the start of
> emulation. The logic after complete_insn, however, needs to consider the
> mode switched into, in particular to avoid truncating RIP.
>
> Inspired by / paralleling and extending Linux commit 943dea8af21b ("KVM:
> x86: Update emulator context mode if SYSENTER xfers to 64-bit mode").
>
> While there, tighten a related assertion in x86_emulate_wrapper() - we
> want to be sure to not switch into an impossible mode when the code gets
> built for 32-bit only (as is possible for the test harness).
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> ---
> In principle we could drop SYSENTER's ctxt->lma dependency when setting
> _regs.r(ip). I wasn't certain whether leaving it as is serves as kind of
> documentation ...
>
> --- a/xen/arch/x86/x86_emulate/x86_emulate.c
> +++ b/xen/arch/x86/x86_emulate/x86_emulate.c
> @@ -6127,6 +6127,10 @@ x86_emulate(
>               (rc = ops->write_segment(x86_seg_ss, &sreg, ctxt)) )
>              goto done;
>  
> +        if ( ctxt->lma )
> +            /* In particular mode_64bit() needs to return true from here on. */
> +            ctxt->addr_size = ctxt->sp_size = 64;

I think this is fine as presented, but don't we want the logical
opposite for SYSRET/SYSEXIT ?

We truncate rip suitably already, but don't know what other checks may
appear in the future.

~Andrew