On 09.03.2017 13:42, Paolo Bonzini wrote: > On 05/03/2017 19:21, Alexander Boettcher wrote: >> the SVM I/O permission bitmap for user-level (ring-3) VM code running in >> SVM seems to be ignored and causes a GP-fault. (Actual the IO permission >> was granted by the kernel via the TSS I/O port permission bitmap). >> >> After some debugging the GP code originates from target/i386/translate.c >> gen_check_io() within the if(s->pe && (s->cpl > s->iopl || s->vm86)) >> condition. However, the actual SVM IO permission bitmap is checked after >> that condition, which succeeds and would permit the access.
> The code as is > written now matches the AMD manual: "Exceptions related to virtual x86 > mode, IOPL, or the TSS-bitmap are checked before the SVM intercept > check. All other exceptions are checked after the SVM intercept check". I see. I will re-check, maybe we're doing things wrong in the VMM. Thanks. -- Alexander Boettcher Genode Labs http://www.genode-labs.com - http://www.genode.org Genode Labs GmbH - Amtsgericht Dresden - HRB 28424 - Sitz Dresden Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
