CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/04/11 09:59:44
Modified files:
sys/arch/amd64/amd64: vmm_machdep.c
Log message:
vmm: Handle reserved bits in debug registers
vmm(4) handles the %dr6 debug register on VMX on its own. It is not
part of the VMCB. The AMD and Intel SDMs mention that a 'MOV DRn'
instruction traps with #GP when any of the upper 32 bits of %dr6/%dr7
is 1. Userland can set arbitrary values in that register, forcing an
Intel machine to crash. An initial bogus %dr7 fails to launch the VM
on both platforms.
Reject such debug register values an all platforms.
ok mlarkin@
Reported-by: [email protected]
