From b3126bdc11adbde5e20dd462f61fef443b110065 Mon Sep 17 00:00:00 2001
From: Mingqiang Chi <mingqiang.chi@intel.com>
Date: Wed, 16 May 2018 17:28:32 +0800
Subject: [PATCH] hv: Check ept rwx misconfigurations

Check ept rwx misconfigurations when config memory attribute,
if misconfig it will assert.

Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
---
 hypervisor/arch/x86/mmu.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/hypervisor/arch/x86/mmu.c b/hypervisor/arch/x86/mmu.c
index 51007c551..2af507b7c 100644
--- a/hypervisor/arch/x86/mmu.c
+++ b/hypervisor/arch/x86/mmu.c
@@ -947,6 +947,19 @@ static int modify_paging(struct map_params *map_params, void *paddr,
 	}
 
 	attr = config_page_table_attr(map_params, flags);
+	/* Check ept misconfigurations,
+	 * rwx misconfiguration in the following conditions:
+	 * - write-only
+	 * - write-execute
+	 * - execute-only(if capability not support)
+	 * here attr & 0x7, rwx bit0:2
+	 */
+	ASSERT(!((map_params->page_table_type == PTT_EPT) &&
+		(((attr & 0x7) == IA32E_EPT_W_BIT) ||
+		((attr & 0x7) == (IA32E_EPT_W_BIT | IA32E_EPT_X_BIT)) ||
+		(((attr & 0x7) == IA32E_EPT_X_BIT) &&
+		 !cpu_has_vmx_ept_cap(VMX_EPT_EXECUTE_ONLY)))),
+		"incorrect memory attribute set!\n");
 	/* Loop until the entire block of memory is appropriately
 	 * MAP/UNMAP/MODIFY
 	 */