[PATCH 4/4] selftests/x86: Add tests for User-Mode Instruction Prevention

From: Ricardo Neri
Date: Tue Nov 08 2016 - 01:13:29 EST

Next message: Ricardo Neri: "[PATCH 3/4] x86: Enable User-Mode Instruction Prevention"
Previous message: Ricardo Neri: "[PATCH 0/4] x86: enable User-Mode Instruction Prevention"
In reply to: Ricardo Neri: "[PATCH 0/4] x86: enable User-Mode Instruction Prevention"
Next in thread: Ricardo Neri: "[PATCH 3/4] x86: Enable User-Mode Instruction Prevention"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Certain user space programs that run on virtual-8086 mode may utilize
instructions protected by the User-Mode Instruction Prevention (UMIP)
security feature present in new Intel processors: SGDT, SIDT and SMSW. In
such a case, a general protection exception is issued if UMIP is enabled.

For the aforementioned reason, UMIP can be optionally disabled for virtual-
8086 tasks with the umip=novm86 kernel parameter. The purpose of this new
test is to verify whether the impacted instructions can be executed without
causing such #GP. If no #GP exceptions occur, we expect to exit virtual-
8086 mode from INT 0x80; provided umip=novm86 was used in the kernel
parameter.

Cc: Andy Lutomirski <luto@xxxxxxxxxx>
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Cc: Borislav Petkov <bp@xxxxxxx>
Cc: Brian Gerst <brgerst@xxxxxxxxx>
Cc: Chen Yucong <slaoub@xxxxxxxxx>
Cc: Chris Metcalf <cmetcalf@xxxxxxxxxxxx>
Cc: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
Cc: Fenghua Yu <fenghua.yu@xxxxxxxxx>
Cc: Huang Rui <ray.huang@xxxxxxx>
Cc: Jiri Slaby <jslaby@xxxxxxx>
Cc: Jonathan Corbet <corbet@xxxxxxx>
Cc: Michael S. Tsirkin <mst@xxxxxxxxxx>
Cc: Paul Gortmaker <paul.gortmaker@xxxxxxxxxxxxx>
Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: Ravi V. Shankar <ravi.v.shankar@xxxxxxxxx>
Cc: Shuah Khan <shuah@xxxxxxxxxx>
Cc: Vlastimil Babka <vbabka@xxxxxxx>
Signed-off-by: Ricardo Neri <ricardo.neri-calderon@xxxxxxxxxxxxxxx>
---
tools/testing/selftests/x86/entry_from_vm86.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/x86/entry_from_vm86.c b/tools/testing/selftests/x86/entry_from_vm86.c
index d075ea0..6efa6eb 100644
--- a/tools/testing/selftests/x86/entry_from_vm86.c
+++ b/tools/testing/selftests/x86/entry_from_vm86.c
@@ -95,6 +95,11 @@ asm (
"int3\n\t"
"vmcode_int80:\n\t"
"int $0x80\n\t"
+ "umip:\n\t"
+ "sgdt (2052)\n\t"
+ "sidt (2052)\n\t"
+ "smsw (2052)\n\t"
+ "int $0x80\n\t"
".size vmcode, . - vmcode\n\t"
"end_vmcode:\n\t"
".code32\n\t"
@@ -103,7 +108,7 @@ asm (

extern unsigned char vmcode[], end_vmcode[];
extern unsigned char vmcode_bound[], vmcode_sysenter[], vmcode_syscall[],
- vmcode_sti[], vmcode_int3[], vmcode_int80[];
+ vmcode_sti[], vmcode_int3[], vmcode_int80[], umip[];

/* Returns false if the test was skipped. */
static bool do_test(struct vm86plus_struct *v86, unsigned long eip,
@@ -218,6 +223,9 @@ int main(void)
v86.regs.eax = (unsigned int)-1;
do_test(&v86, vmcode_int80 - vmcode, VM86_INTx, 0x80, "int80");

+ /* UMIP -- should exit with INTx 0x80 unless UMIP was not disabled */
+ do_test(&v86, umip - vmcode, VM86_INTx, 0x80, "UMIP tests");
+
/* Execute a null pointer */
v86.regs.cs = 0;
v86.regs.ss = 0;
--
2.7.4

Next message: Ricardo Neri: "[PATCH 3/4] x86: Enable User-Mode Instruction Prevention"
Previous message: Ricardo Neri: "[PATCH 0/4] x86: enable User-Mode Instruction Prevention"
In reply to: Ricardo Neri: "[PATCH 0/4] x86: enable User-Mode Instruction Prevention"
Next in thread: Ricardo Neri: "[PATCH 3/4] x86: Enable User-Mode Instruction Prevention"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]