x86/sev-es: Handle instruction fetches from user-space
When a #VC exception is triggered by user-space, the instruction decoder needs to read the instruction bytes from user addresses. Enhance vc_decode_insn() to safely fetch kernel and user instructions. Signed-off-by: Joerg Roedel <jroedel@suse.de> Signed-off-by: Borislav Petkov <bp@suse.de> Link: https://lkml.kernel.org/r/20200907131613.12703-49-joro@8bytes.org
This commit is contained in:
Родитель
d3529bb73f
Коммит
5e3427a7bc
|
@ -232,16 +232,29 @@ static enum es_result vc_decode_insn(struct es_em_ctxt *ctxt)
|
|||
enum es_result ret;
|
||||
int res;
|
||||
|
||||
res = vc_fetch_insn_kernel(ctxt, buffer);
|
||||
if (unlikely(res == -EFAULT)) {
|
||||
if (user_mode(ctxt->regs)) {
|
||||
res = insn_fetch_from_user(ctxt->regs, buffer);
|
||||
if (!res) {
|
||||
ctxt->fi.vector = X86_TRAP_PF;
|
||||
ctxt->fi.error_code = 0;
|
||||
ctxt->fi.error_code = X86_PF_INSTR | X86_PF_USER;
|
||||
ctxt->fi.cr2 = ctxt->regs->ip;
|
||||
return ES_EXCEPTION;
|
||||
}
|
||||
|
||||
if (!insn_decode(&ctxt->insn, ctxt->regs, buffer, res))
|
||||
return ES_DECODE_FAILED;
|
||||
} else {
|
||||
res = vc_fetch_insn_kernel(ctxt, buffer);
|
||||
if (res) {
|
||||
ctxt->fi.vector = X86_TRAP_PF;
|
||||
ctxt->fi.error_code = X86_PF_INSTR;
|
||||
ctxt->fi.cr2 = ctxt->regs->ip;
|
||||
return ES_EXCEPTION;
|
||||
}
|
||||
|
||||
insn_init(&ctxt->insn, buffer, MAX_INSN_SIZE - res, 1);
|
||||
insn_get_length(&ctxt->insn);
|
||||
}
|
||||
|
||||
ret = ctxt->insn.immediate.got ? ES_OK : ES_DECODE_FAILED;
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче