[PATCH] x86: mmio: Skip over address size prefix found in x32 code

Fri, 27 Apr 2018 04:02:24 -0700 

The prefix does appear in guests compiled with "-mx32". In the
instruction parser we just have to skip over it.
The patch also adds a few of these instructions to the mmio testcase.

Reported-by: Rene Graf <rene.g...@siemens.com>
Signed-off-by: Henning Schild <henning.sch...@siemens.com>
---
 hypervisor/arch/x86/include/asm/processor.h |  2 ++
 hypervisor/arch/x86/mmio.c                  |  4 ++++
 inmates/tests/x86/mmio-access.c             | 35 +++++++++++++++++++++++++++++
 3 files changed, 41 insertions(+)

diff --git a/hypervisor/arch/x86/include/asm/processor.h 
b/hypervisor/arch/x86/include/asm/processor.h
index df94fc77..eb65c307 100644
--- a/hypervisor/arch/x86/include/asm/processor.h
+++ b/hypervisor/arch/x86/include/asm/processor.h
@@ -143,6 +143,8 @@
 
 #define X86_REX_CODE                                   4
 
+#define X86_PREFIX_ADDR_SZ                             0x67
+
 #define X86_OP_MOVZX_OPC1                              0x0f
 #define X86_OP_MOVZX_OPC2_B                            0xb6
 #define X86_OP_MOVZX_OPC2_W                            0xb7
diff --git a/hypervisor/arch/x86/mmio.c b/hypervisor/arch/x86/mmio.c
index 775ec4b7..e336951a 100644
--- a/hypervisor/arch/x86/mmio.c
+++ b/hypervisor/arch/x86/mmio.c
@@ -103,6 +103,10 @@ restart:
                goto restart;
        }
        switch (op[0].raw) {
+       case X86_PREFIX_ADDR_SZ:
+               if (!ctx_update(&ctx, &pc, 1, pg_structs))
+                       goto error_noinst;
+               goto restart;
        case X86_OP_MOVZX_OPC1:
                if (!ctx_update(&ctx, &pc, 1, pg_structs))
                        goto error_noinst;
diff --git a/inmates/tests/x86/mmio-access.c b/inmates/tests/x86/mmio-access.c
index 243e975b..2c543ee7 100644
--- a/inmates/tests/x86/mmio-access.c
+++ b/inmates/tests/x86/mmio-access.c
@@ -53,11 +53,21 @@ void inmate_main(void)
                : "=a" (reg64) : "a" (0), "b" (mmio_reg));
        EXPECT_EQUAL(reg64, (u32)pattern);
 
+       /* MOV_FROM_MEM (8b), 32-bit data, 32-bit address */
+       asm volatile("movl (%%ebx), %%eax"
+               : "=a" (reg64) : "a" (0), "b" (mmio_reg));
+       EXPECT_EQUAL((u32)reg64, (u32)pattern);
+
        /* MOVZXB (0f b6), to 64-bit, mod=0, reg=0, rm=3 */
        asm volatile("movzxb (%%rbx), %%rax"
                : "=a" (reg64) : "a" (0), "b" (mmio_reg));
        EXPECT_EQUAL(reg64, (u8)pattern);
 
+       /* MOVZXB (0f b6), 32-bit data, 32-bit address */
+       asm volatile("movzxb (%%ebx), %%eax"
+               : "=a" (reg64) : "a" (0), "b" (mmio_reg));
+       EXPECT_EQUAL(reg64, (u8)pattern);
+
        /* MOVZXW (0f b7) */
        asm volatile("movzxw (%%rbx), %%rax"
                : "=a" (reg64) : "a" (0), "b" (mmio_reg));
@@ -109,17 +119,36 @@ void inmate_main(void)
                : : "i" (0xccddeeff), "b" (mmio_reg));
        EXPECT_EQUAL(*comm_page_reg, 0x11223344ccddeeff);
 
+       mmio_write64(mmio_reg, 0x1122334455667788);
+       /* IMMEDIATE_TO_MEM (c7), 32-bit data, 32-bit address */
+       asm volatile("movl %0, (%%ebx)"
+               : : "i" (0xccddeeff), "b" (mmio_reg));
+       EXPECT_EQUAL(*comm_page_reg, 0x11223344ccddeeff);
+
        mmio_write64(mmio_reg, 0x1122334455667788);
        /* IMMEDIATE_TO_MEM (c7), 32-bit data, mod=1 (disp8), reg=0, rm=3 */
        asm volatile("movl %0, 0x10(%%rbx)"
                : : "i" (0xccddeeff), "b" (mmio_reg - 0x10));
        EXPECT_EQUAL(*comm_page_reg, 0x11223344ccddeeff);
 
+       mmio_write64(mmio_reg, 0x1122334455667788);
+       /* IMMEDIATE_TO_MEM (c7), 32-bit data, 32-bit address */
+       asm volatile("movl %0, 0x10(%%ebx)"
+               : : "i" (0xccddeeff), "b" (mmio_reg - 0x10));
+       EXPECT_EQUAL(*comm_page_reg, 0x11223344ccddeeff);
+
+       mmio_write64(mmio_reg, 0x1122334455667788);
        /* IMMEDIATE_TO_MEM (c7), 32-bit data, mod=2 (disp32), reg=0, rm=3 */
        asm volatile("movl %0, 0x10000000(%%rbx)"
                : : "i" (0xccddeeff), "b" (mmio_reg - 0x10000000));
        EXPECT_EQUAL(*comm_page_reg, 0x11223344ccddeeff);
 
+       mmio_write64(mmio_reg, 0x1122334455667788);
+       /* IMMEDIATE_TO_MEM (c7), 32-bit data, 32-bit address */
+       asm volatile("movl %0, 0x10000000(%%ebx)"
+               : : "i" (0xccddeeff), "b" (mmio_reg - 0x10000000));
+       EXPECT_EQUAL(*comm_page_reg, 0x11223344ccddeeff);
+
        /* MOVB_TO_MEM (88), mod=0, reg=0, rm=3 */
        asm volatile("mov %%al, (%%rbx)"
                : : "a" (0x99), "b" (mmio_reg));
@@ -135,6 +164,12 @@ void inmate_main(void)
                : : "a" (0x12345678), "b" (mmio_reg - 0x10000000));
        EXPECT_EQUAL(*comm_page_reg, 0x12345678);
 
+       mmio_write64(mmio_reg, 0x1122334455667788);
+       /* MOV_TO_MEM (89), 64-bit data, 32-bit address */
+       asm volatile("movq %%rax, 0x10000000(%%ebx)"
+               : : "a" (0x8765432112345678), "b" (mmio_reg - 0x10000000));
+       EXPECT_EQUAL(*comm_page_reg, 0x8765432112345678);
+
        /* MOV_TO_MEM (89), 64-bit data, mod=0, reg=0, rm=4 (SIB) */
        asm volatile("movq %%rax, (%%rbx,%%rcx)"
                : : "a" (0x12345678), "b" (mmio_reg), "c" (0));
-- 
2.16.1

-- 
You received this message because you are subscribed to the Google Groups 
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jailhouse-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to