Skip to content

Commit

Permalink
KVM: x86: zero IDT limit on entry to SMM
Browse files Browse the repository at this point in the history 
The recent BlackHat 2015 presentation "The Memory Sinkhole"
mentions that the IDT limit is zeroed on entry to SMM.

This is not documented, and must have changed some time after 2010
(see http://www.ssi.gouv.fr/uploads/IMG/pdf/IT_Defense_2010_final.pdf).
KVM was not doing it, but the fix is easy.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
  • Loading branch information
Paolo Bonzini committed Aug 7, 2015
1 parent fc1a812 commit 18c3626
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions arch/x86/kvm/x86.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6327,6 +6327,7 @@ static void process_smi_save_state_64(struct kvm_vcpu *vcpu, char *buf)
static void process_smi(struct kvm_vcpu *vcpu)
{
struct kvm_segment cs, ds;
struct desc_ptr dt;
char buf[512];
u32 cr0;

Expand Down Expand Up @@ -6359,6 +6360,10 @@ static void process_smi(struct kvm_vcpu *vcpu)

kvm_x86_ops->set_cr4(vcpu, 0);

/* Undocumented: IDT limit is set to zero on entry to SMM. */
dt.address = dt.size = 0;
kvm_x86_ops->set_idt(vcpu, &dt);

__kvm_set_dr(vcpu, 7, DR7_FIXED_1);

cs.selector = (vcpu->arch.smbase >> 4) & 0xffff;
Expand Down

0 comments on commit 18c3626

Please sign in to comment.