git.ipfire.org Git - thirdparty/qemu.git/commit

author	Paolo Bonzini <pbonzini@redhat.com>
	Fri, 22 Dec 2023 16:47:38 +0000 (17:47 +0100)
committer	Michael Tokarev <mjt@tls.msk.ru>
	Wed, 28 Feb 2024 18:03:19 +0000 (21:03 +0300)
commit	5c4091fe07a1a4447d1db749db34da3f7c599c0d
tree	c5591373bdcfa9e30dd3fee8c83a0ee9e612312a	tree
parent	6ed8211379b8bbd9d4d9f56a734819945a9711d6	commit \| diff

target/i386: check validity of VMCB addresses

MSR_VM_HSAVE_PA bits 0-11 are reserved, as are the bits above the
maximum physical address width of the processor. Setting them to
1 causes a #GP (see "15.30.4 VM_HSAVE_PA MSR" in the AMD manual).

The same is true of VMCB addresses passed to VMRUN/VMLOAD/VMSAVE,
even though the manual is not clear on that.

Cc: qemu-stable@nongnu.org
Fixes: 4a1e9d4d11c ("target/i386: Use atomic operations for pte updates", 2022-10-18)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit d09c79010ffd880dc69e7a21e3cfdef90b928fb8)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

target/i386/tcg/sysemu/misc_helper.c		diff \| blob \| blame \| history
target/i386/tcg/sysemu/svm_helper.c		diff \| blob \| blame \| history