Handle all exception vectors.

PiperOrigin-RevId: 200144655 Change-Id: I5a753c74b75007b7714d6fe34aa0d2e845dc5c41
author: Adin Scannell <ascannell@google.com> 2018-06-11 17:56:18 -0700
committer: Shentubot <shentubot@google.com> 2018-06-11 17:57:19 -0700
commit: 09b0a9c320bd777bc52384bd0ec91ecfc61e481d (patch)
tree: 6a8370138e46b1439412a8707d103c40eedab86c /pkg/sentry/platform/ring0
parent: ea4a468fbaacd55597ce89e3eabd2bb42746427b (diff)
1 files changed, 4 insertions, 5 deletions
diff --git a/pkg/sentry/platform/ring0/kernel_amd64.go b/pkg/sentry/platform/ring0/kernel_amd64.go
index c828af654..117e86104 100644
--- a/pkg/sentry/platform/ring0/kernel_amd64.go
+++ b/pkg/sentry/platform/ring0/kernel_amd64.go
@@ -162,17 +162,16 @@ func IsCanonical(addr uint64) bool {
 // code that uses IP-relative addressing inside of absolute addresses. That's
 // the case for amd64, but may not be the case for other architectures.
 //
+// Precondition: the Rip, Rsp, Fs and Gs registers must be canonical.
+
+//
 //go:nosplit
 func (c *CPU) SwitchToUser(switchOpts SwitchOpts) (vector Vector) {
-	// Check for canonical addresses.
-	regs := switchOpts.Registers
-	if !IsCanonical(regs.Rip) || !IsCanonical(regs.Rsp) || !IsCanonical(regs.Fs_base) || !IsCanonical(regs.Gs_base) {
-		return GeneralProtectionFault
-	}
 	userCR3 := switchOpts.PageTables.CR3(!switchOpts.Flush, switchOpts.UserPCID)
 	kernelCR3 := c.kernel.PageTables.CR3(true, switchOpts.KernelPCID)
 
 	// Sanitize registers.
+	regs := switchOpts.Registers
 	regs.Eflags &= ^uint64(UserFlagsClear)
 	regs.Eflags |= UserFlagsSet
 	regs.Cs = uint64(Ucode64) // Required for iret.
author	Adin Scannell <ascannell@google.com>	2018-06-11 17:56:18 -0700
committer	Shentubot <shentubot@google.com>	2018-06-11 17:57:19 -0700
commit	09b0a9c320bd777bc52384bd0ec91ecfc61e481d (patch)
tree	6a8370138e46b1439412a8707d103c40eedab86c /pkg/sentry/platform/ring0
parent	ea4a468fbaacd55597ce89e3eabd2bb42746427b (diff)