VirtualBox

Changeset 104219 in vbox for trunk/src


Ignore:
Timestamp:
Apr 8, 2024 6:01:43 AM (10 months ago)
Author:
vboxsync
Message:

VMM: bugref:10610 Fixed MSR loading.

Location:
trunk/src/VBox/VMM
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/VBox/VMM/VMMAll/CPUMAllMsrs.cpp

    r100935 r104219  
    17801780{
    17811781    RT_NOREF_PV(idMsr); RT_NOREF_PV(pRange); RT_NOREF_PV(uRawValue);
    1782     pVCpu->cpum.s.Guest.msrSFMASK = uValue;
     1782    /* The high bits are ignored and read-as-zero, writing to them does not raise #GP. See @bugref{10610}.*/
     1783    pVCpu->cpum.s.Guest.msrSFMASK = uValue & UINT32_MAX;
    17831784    return VINF_SUCCESS;
    17841785}
     
    17981799{
    17991800    RT_NOREF_PV(idMsr); RT_NOREF_PV(pRange); RT_NOREF_PV(uRawValue);
    1800     pVCpu->cpum.s.Guest.fs.u64Base = uValue;
    1801     return VINF_SUCCESS;
     1801    if (X86_IS_CANONICAL(uValue))
     1802    {
     1803        pVCpu->cpum.s.Guest.fs.u64Base = uValue;
     1804        return VINF_SUCCESS;
     1805    }
     1806    Log(("CPUM: wrmsr %s(%#x), %#llx -> #GP - not canonical\n", pRange->szName, idMsr, uValue));
     1807    return VERR_CPUM_RAISE_GP_0;
    18021808}
    18031809
     
    18151821{
    18161822    RT_NOREF_PV(idMsr); RT_NOREF_PV(pRange); RT_NOREF_PV(uRawValue);
    1817     pVCpu->cpum.s.Guest.gs.u64Base = uValue;
    1818     return VINF_SUCCESS;
     1823    if (X86_IS_CANONICAL(uValue))
     1824    {
     1825        pVCpu->cpum.s.Guest.gs.u64Base = uValue;
     1826        return VINF_SUCCESS;
     1827    }
     1828    Log(("CPUM: wrmsr %s(%#x), %#llx -> #GP - not canonical\n", pRange->szName, idMsr, uValue));
     1829    return VERR_CPUM_RAISE_GP_0;
    18191830}
    18201831
     
    18331844{
    18341845    RT_NOREF_PV(idMsr); RT_NOREF_PV(pRange); RT_NOREF_PV(uRawValue);
    1835     pVCpu->cpum.s.Guest.msrKERNELGSBASE = uValue;
    1836     return VINF_SUCCESS;
     1846    if (X86_IS_CANONICAL(uValue))
     1847    {
     1848        pVCpu->cpum.s.Guest.msrKERNELGSBASE = uValue;
     1849        return VINF_SUCCESS;
     1850    }
     1851    Log(("CPUM: wrmsr %s(%#x), %#llx -> #GP - not canonical\n", pRange->szName, idMsr, uValue));
     1852    return VERR_CPUM_RAISE_GP_0;
    18371853}
    18381854
  • trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

    r103289 r104219  
    380380        else
    381381        {
    382             ASMWrMsr(MSR_K8_KERNEL_GS_BASE, pCtx->msrKERNELGSBASE);
    383             ASMWrMsr(MSR_K8_LSTAR,          pCtx->msrLSTAR);
    384             ASMWrMsr(MSR_K6_STAR,           pCtx->msrSTAR);
    385             /* The system call flag mask register isn't as benign and accepting of all
    386                values as the above, so mask it to avoid #GP'ing on corrupted input. */
    387             Assert(!(pCtx->msrSFMASK & ~(uint64_t)UINT32_MAX));
    388             ASMWrMsr(MSR_K8_SF_MASK,        pCtx->msrSFMASK & UINT32_MAX);
     382            /* Avoid raising #GP caused by writing illegal values to these MSRs. */
     383            if (   X86_IS_CANONICAL(pCtx->msrKERNELGSBASE)
     384                && X86_IS_CANONICAL(pCtx->msrLSTAR))
     385            {
     386                ASMWrMsr(MSR_K8_KERNEL_GS_BASE, pCtx->msrKERNELGSBASE);
     387                ASMWrMsr(MSR_K8_LSTAR,          pCtx->msrLSTAR);
     388                ASMWrMsr(MSR_K6_STAR,           pCtx->msrSTAR);
     389                /* The system call flag mask register isn't as benign and accepting of all
     390                   values as the above, so mask it to avoid #GP'ing on corrupted input. */
     391                Assert(!(pCtx->msrSFMASK & ~(uint64_t)UINT32_MAX));
     392                ASMWrMsr(MSR_K8_SF_MASK,        pCtx->msrSFMASK & UINT32_MAX);
     393            }
     394            else
     395                AssertMsgFailed(("Incompatible lazily-loaded guest MSR values\n"));
    389396        }
    390397    }
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette