|
 |
7238c68 |
From 3ea6ac6fde5cd46d5d8593a493a75eb29e2ccc9b Mon Sep 17 00:00:00 2001
|
|
|
7238c68 |
From: Eduardo Habkost <ehabkost@redhat.com>
|
|
|
7238c68 |
Date: Wed, 14 Oct 2009 15:02:27 -0300
|
|
|
7238c68 |
Subject: [PATCH] fix MSR_COUNT for kvm_arch_save_regs()
|
|
|
7238c68 |
|
|
|
7238c68 |
A new register was added to the load/save list on commit
|
|
|
7238c68 |
d283d5a65a2bdcc570065267be21848bd6fe3d78, but MSR_COUNT was not updated, leading
|
|
|
7238c68 |
to potential stack corruption on kvm_arch_save_regs().
|
|
|
7238c68 |
|
|
|
7238c68 |
The following registers are saved by kvm_arch_save_regs():
|
|
|
7238c68 |
|
|
|
7238c68 |
1) MSR_IA32_SYSENTER_CS
|
|
|
7238c68 |
2) MSR_IA32_SYSENTER_ESP
|
|
|
7238c68 |
3) MSR_IA32_SYSENTER_EIP
|
|
|
7238c68 |
4) MSR_STAR
|
|
|
7238c68 |
5) MSR_IA32_TSC
|
|
|
7238c68 |
6) MSR_VM_HSAVE_PA
|
|
|
7238c68 |
7) MSR_CSTAR (x86_64 only)
|
|
|
7238c68 |
8) MSR_KERNELGSBASE (x86_64 only)
|
|
|
7238c68 |
9) MSR_FMASK (x86_64 only)
|
|
|
7238c68 |
10) MSR_LSTAR (x86_64 only)
|
|
|
7238c68 |
|
|
|
7238c68 |
(cherry picked from commit e7e5448ba387adc20be1cf08411a5b526d684299)
|
|
|
7238c68 |
|
|
|
7238c68 |
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
|
7238c68 |
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
|
|
|
7238c68 |
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
|
|
|
7238c68 |
Fedora-patch: qemu-fix-msr-count-potential-segfault.patch
|
|
|
7238c68 |
---
|
|
|
7238c68 |
qemu-kvm-x86.c | 6 ++++--
|
|
|
7238c68 |
1 files changed, 4 insertions(+), 2 deletions(-)
|
|
|
7238c68 |
|
|
|
7238c68 |
diff --git a/qemu-kvm-x86.c b/qemu-kvm-x86.c
|
|
|
7238c68 |
index 8e0f0b2..89fe77c 100644
|
|
|
7238c68 |
--- a/qemu-kvm-x86.c
|
|
|
7238c68 |
+++ b/qemu-kvm-x86.c
|
|
|
7238c68 |
@@ -116,9 +116,9 @@ static int get_msr_entry(struct kvm_msr_entry *entry, CPUState *env)
|
|
|
7238c68 |
}
|
|
|
7238c68 |
|
|
|
7238c68 |
#ifdef TARGET_X86_64
|
|
|
7238c68 |
-#define MSR_COUNT 9
|
|
|
7238c68 |
+#define MSR_COUNT 10
|
|
|
7238c68 |
#else
|
|
|
7238c68 |
-#define MSR_COUNT 5
|
|
|
7238c68 |
+#define MSR_COUNT 6
|
|
|
7238c68 |
#endif
|
|
|
7238c68 |
|
|
|
7238c68 |
static void set_v8086_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
|
|
|
7238c68 |
@@ -260,6 +260,7 @@ void kvm_arch_load_regs(CPUState *env)
|
|
|
7238c68 |
|
|
|
7238c68 |
/* msrs */
|
|
|
7238c68 |
n = 0;
|
|
|
7238c68 |
+ /* Remember to increase MSR_COUNT if you add new registers below */
|
|
|
7238c68 |
set_msr_entry(&msrs[n++], MSR_IA32_SYSENTER_CS, env->sysenter_cs);
|
|
|
7238c68 |
set_msr_entry(&msrs[n++], MSR_IA32_SYSENTER_ESP, env->sysenter_esp);
|
|
|
7238c68 |
set_msr_entry(&msrs[n++], MSR_IA32_SYSENTER_EIP, env->sysenter_eip);
|
|
|
7238c68 |
@@ -435,6 +436,7 @@ void kvm_arch_save_regs(CPUState *env)
|
|
|
7238c68 |
|
|
|
7238c68 |
/* msrs */
|
|
|
7238c68 |
n = 0;
|
|
|
7238c68 |
+ /* Remember to increase MSR_COUNT if you add new registers below */
|
|
|
7238c68 |
msrs[n++].index = MSR_IA32_SYSENTER_CS;
|
|
|
7238c68 |
msrs[n++].index = MSR_IA32_SYSENTER_ESP;
|
|
|
7238c68 |
msrs[n++].index = MSR_IA32_SYSENTER_EIP;
|
|
|
7238c68 |
--
|
|
|
7238c68 |
1.6.2.5
|
|
|
7238c68 |
|