Changeset 92285 in vbox for trunk/src/VBox/VMM/VMMAll

Timestamp:

Nov 9, 2021 11:20:42 AM (3 years ago)

Author:

vboxsync

Message:

VMM/PGMAll.cpp: Corrected table address calculations for PGMPOOLKIND_EPT_PD_FOR_PHYS, PGMPOOLKIND_64BIT_PD_FOR_PHYS and PGMPOOLKIND_PAE_PD_PHYS. bugref:10142

File:

• trunk/src/VBox/VMM/VMMAll/PGMAll.cpp (modified) (5 diffs)

trunk/src/VBox/VMM/VMMAll/PGMAll.cpp

@@ -1455 +1455 @@
         {
             /* AMD-V nested paging or real/protected mode without paging. */
-            GCPdPt  = (RTGCPTR64)iPdPt << X86_PDPT_SHIFT;
+            GCPdPt  = GCPtr & ~(RT_BIT_64(X86_PDPT_SHIFT) - 1);
             enmKind = PGMPOOLKIND_PAE_PD_PHYS;
         }
-        else
-        {
-            if (CPUMGetGuestCR4(pVCpu) & X86_CR4_PAE)
+        else if (CPUMGetGuestCR4(pVCpu) & X86_CR4_PAE)
+        {
+            if (!(uGstPdpe & X86_PDPE_P))
             {
-                if (!(uGstPdpe & X86_PDPE_P))
-                {
-                    /* PD not present; guest must reload CR3 to change it.
-                     * No need to monitor anything in this case. */
-                    Assert(VM_IS_RAW_MODE_ENABLED(pVM));
-                    GCPdPt  = uGstPdpe & X86_PDPE_PG_MASK;
-                    enmKind = PGMPOOLKIND_PAE_PD_PHYS;
-                    Assert(uGstPdpe & X86_PDPE_P); /* caller should do this already */
-                }
-                else
-                {
-                    GCPdPt  = uGstPdpe & X86_PDPE_PG_MASK;
-                    enmKind = PGMPOOLKIND_PAE_PD_FOR_PAE_PD;
-                }
+                /* PD not present; guest must reload CR3 to change it.
+                 * No need to monitor anything in this case. */
+                Assert(VM_IS_RAW_MODE_ENABLED(pVM));
+                GCPdPt  = uGstPdpe & X86_PDPE_PG_MASK;
+                enmKind = PGMPOOLKIND_PAE_PD_PHYS;
+                Assert(uGstPdpe & X86_PDPE_P); /* caller should do this already */
             }
             else
             {
-                GCPdPt  = CPUMGetGuestCR3(pVCpu);
-                enmKind = (PGMPOOLKIND)(PGMPOOLKIND_PAE_PD0_FOR_32BIT_PD + iPdPt);
+                GCPdPt  = uGstPdpe & X86_PDPE_PG_MASK;
+                enmKind = PGMPOOLKIND_PAE_PD_FOR_PAE_PD;
             }
+        }
+        else
+        {
+            GCPdPt  = CPUMGetGuestCR3(pVCpu);
+            enmKind = (PGMPOOLKIND)(PGMPOOLKIND_PAE_PD0_FOR_32BIT_PD + iPdPt);
         }
 
@@ -1643 +1640 @@
         {
             /* AMD-V nested paging or real/protected mode without paging */
-            GCPdPt  = (RTGCPTR64)iPdPt << X86_PDPT_SHIFT;
+            GCPdPt  = GCPtr & ~(RT_BIT_64(iPdPt << X86_PDPT_SHIFT) - 1);
             enmKind = PGMPOOLKIND_64BIT_PD_FOR_PHYS;
         }
@@ -1740 +1737 @@
      * PML4 level.
      */
-
     PEPTPML4 pPml4 = (PEPTPML4)PGMPOOL_PAGE_2_PTR_V2(pVM, pVCpu, pVCpu->pgm.s.CTX_SUFF(pShwPageCR3));
     Assert(pPml4);
@@ -1754 +1750 @@
         {
             RTGCPTR64 GCPml4 = (RTGCPTR64)iPml4 << EPT_PML4_SHIFT;
-
             rc = pgmPoolAlloc(pVM, GCPml4, PGMPOOLKIND_EPT_PDPT_FOR_PHYS, PGMPOOLACCESS_DONTCARE, PGM_A20_IS_ENABLED(pVCpu),
                               pVCpu->pgm.s.CTX_SUFF(pShwPageCR3)->idx, iPml4, false /*fLockPage*/,
@@ -1793 +1788 @@
     if (!(Pdpe.u & (EPT_E_PG_MASK | EPT_E_READ)))
     {
-        RTGCPTR64 GCPdPt = (RTGCPTR64)iPdPt << EPT_PDPT_SHIFT;
+        RTGCPTR64 const GCPdPt = GCPtr & ~(RT_BIT_64(EPT_PDPT_SHIFT) - 1);
         rc = pgmPoolAlloc(pVM, GCPdPt, PGMPOOLKIND_EPT_PD_FOR_PHYS, PGMPOOLACCESS_DONTCARE, PGM_A20_IS_ENABLED(pVCpu),
                           pShwPage->idx, iPdPt, false /*fLockPage*/,