github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-07-04 11:07:51 +00:00
Code Issues Projects Releases Wiki Activity

hv: Check ept rwx misconfigurations

Browse Source 
Check ept rwx misconfigurations when config memory attribute,
if misconfig it will assert.

Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit is contained in:
Mingqiang Chi 2018-05-16 17:28:32 +08:00 committed by lijinxia
parent 25219e29a5
commit b3126bdc11
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
hypervisor/arch/x86/mmu.c
View File

@ -947,6 +947,19 @@ static int modify_paging(struct map_params *map_params, void *paddr,
} }
attr = config_page_table_attr(map_params, flags); attr = config_page_table_attr(map_params, flags);
/* Check ept misconfigurations,
* rwx misconfiguration in the following conditions:
* - write-only
* - write-execute
* - execute-only(if capability not support)
* here attr & 0x7, rwx bit0:2
*/
ASSERT(!((map_params->page_table_type == PTT_EPT) &&
(((attr & 0x7) == IA32E_EPT_W_BIT) ||
((attr & 0x7) == (IA32E_EPT_W_BIT | IA32E_EPT_X_BIT)) ||
(((attr & 0x7) == IA32E_EPT_X_BIT) &&
!cpu_has_vmx_ept_cap(VMX_EPT_EXECUTE_ONLY)))),
"incorrect memory attribute set!\n");
/* Loop until the entire block of memory is appropriately /* Loop until the entire block of memory is appropriately
* MAP/UNMAP/MODIFY * MAP/UNMAP/MODIFY
*/ */